Recently i received a lot of questions about the double-spending ,so today i want to talk about what exactly is the double-spending .
The double spending problem is a potential problem in the digital cash system, which means that the same amount of money is paid to two recipients at the same time. If there is no appropriate countermeasure, the agreement alone cannot completely solve the problem. After all, users cannot verify whether the funds they have received have been paid to others.
In the field of digital cash, it is necessary to ensure that specific currency units cannot be copied. If Alice can receive 10 units, copy and paste 10 times, and then own 100 currency units, then the entire system will fall apart. Similarly, if she can send the same 10 currency units to Bob and Carol at the same time, then the system will also not work. Therefore, there must be a suitable mechanism to prevent this from happening to ensure the normal operation of the digital currency.
SO How to prevent double spending problem?
Centralized methods are easier to implement than decentralized solutions. This usually requires a supervisor to manage the system and control the issuance and issuance of currency units.Banks can use Pseudo to issue cash-like digital assets to users (anonymous peer-to-peer transactions are possible).In this case, if the user Dan wants to receive 100 US dollars in digital cash, he must first notify the bank. If his account has a balance, a random number will be generated (multiple for smaller denominations). Suppose that five random numbers are generated, and the value of each number is 20 dollars. To prevent the bank from tracking a specific currency unit, Dan confuses the public by adding a blinding factor to each random number.
Then, he gave the data to the bank, and the bank deducted the balance of $100 from his account and signed the message, proving that each of the five pieces of information can be exchanged for $20. At this time, Dan can use the digital cash issued by the bank. He went to eat in Erin’s restaurant, which cost $40.
Dan can eliminate the blind factor and disclose the random number associated with each digital cash “banknote”. The random number is the unique identifier of each currency unit (roughly equivalent to the serial number). He disclosed two of the random numbers to Erin, and Erin must immediately exchange the funds with the bank to prevent Dan from paying other merchants. The bank will verify that the signature is valid, and if the verification is correct, it will deposit $40 into Erin’s account.
The Chaumian eCash mechanism is extremely valuable for private transfers. However, the eCash mechanism itself is not resistant. Since the bank is a centralized node, once the system goes wrong, everything will be lost. The banknotes issued by the bank have no value in themselves, and the value is entirely derived from the bank’s willingness to convert the banknotes into U.S. dollars. Clients are controlled by the bank and must rely on the bank’s reputation to operate funds. This is exactly the problem that cryptocurrency aims to solve.
Decentralized method
It is more challenging to avoid the double-spending problem in an ecosystem without a monitoring mechanism. Participants with equal rights must coordinate with each other in accordance with the same set of rules to prevent fraud and encourage all users to act with integrity.
The biggest innovation presented in the Bitcoin white paper is the solution to the double-spending problem. Satoshi Nakamoto proposed an unprecedented data structure, which is now widely known as the blockchain.
Blockchain is actually just a database with certain unique properties. Network participants (called nodes) run specialized software that allows nodes to synchronize their own database copies with each other. In this way, the entire network can audit transaction history records that can be traced back to the genesis block. Since the blockchain can be viewed publicly, it becomes easier to detect and prevent fraud, such as identifying transactions that attempt to double spend.
When a user publishes a transaction, it will not be added to the blockchain immediately, and the block must be loaded through mining first. Therefore, only when the blockchain enters the chain can the recipient confirm that the transaction is valid. Otherwise, if the sender pays the same token to other places, the recipient will face the risk of losing funds.
Once the transaction is confirmed, the ownership of the token will be allocated to the new user and verified by the entire network, so the token cannot be double spent. For this reason, many people recommend waiting for multiple confirmations before accepting a valid payment. Each subsequent block will greatly increase the workload of modifying or rewriting the chain (for example, in the case of a 51% attack)
Let’s return to the situation of the restaurant. Dan returned to the restaurant and this time noticed the sticker on the window “This shop supports Bitcoin payment”. He was obsessed with the last meal and ordered the same food again for 0.005 bitcoins.
Erin shows Dan the public address, which is the transfer address. Dan’s announcement of the transaction is essentially a signed message announcing that his 0.005 bitcoins are now owned by Erin. Without too much detail, anyone who sees Dan’s signature transaction can verify that the token is indeed owned by him, so Dan has the right to send it.
However, as mentioned earlier, the transaction is only valid after the block is loaded and confirmed. Receiving unconfirmed transactions is the same as receiving eCash for $40. If it is not cashed in the bank immediately, the sender can spend the funds elsewhere. Therefore, Erin should wait at least 6 block confirmations (about one hour) before accepting Dan’s payment.
Bitcoin’s double spending problem
Bitcoin has been carefully designed to prevent double-spending attacks, at least if the protocol usage meets expectations. In other words, if someone is waiting for a block confirmation for a transaction, the sender will not be able to easily cancel the transaction. Only by “reversing” the blockchain can the transaction be reversed, which requires immense hash power.
However, some double-spending attacks specifically target users who accept unconfirmed transactions. Such as small purchases, merchants do not want to wait until the transaction is loaded into the block. Fast-food restaurants that are so busy may not be able to wait as long as the network needs to process each transaction. Therefore, if merchants enable “instant” payments, they may face double spending problems. Someone can send the same amount of funds back to their address immediately after ordering a burger and paying. As long as the processing fee for the latter transaction is higher, it may be confirmed first, and then the previous transaction will become invalid.
There are currently three common double-spending attacks:
51% attack: A single entity or organization manages to control a hash rate exceeding 50% in order to delete or modify the order of transactions. The chance of this kind of attack happening on the Bitcoin network is minimal, but it has happened on other networks.
Race attack: Use the same funds to issue two conflicting transactions in a row, but only one transaction is confirmed. The attacker’s goal is to invalidate another payment by verifying a transaction that is beneficial to him. For example, sending funds to an address under his own control. Competitive attack。
Finney attacks: The attacker mines a transaction in advance and puts it into a block, but does not immediately publish it to the network. Instead, he pays the same token into another transaction, and then releases the previously mined block, thus invalidating the payment. The necessary condition for the Finney attack is that the events occur in a specific order, and the success also depends on whether the recipient accepts the unconfirmed transaction.
Summarize
Users can use the double-spending attack to tamper with the peer-to-peer electronic cash system, and use the same funds multiple times for improper gains. In the past, this problem had to be solved very well, and the development of this field has been stagnant.
