July 14, 2021

What is double spending?

July 14, 2021

What is double spending?

Definition

Double spending is the risk that a digital currency can be spent twice, undermining trust in the network and essentially making the currency worthless.

Understanding the problem of Double Spending

Double spending is one of the main challenges faced by all cryptocurrencies. It is essentially where a unit of crypto can potentially be spent twice, meaning false and illegitimate transactions could occur.

If double spending was to occur successfully, it would completely undermine the security & trust of the entire network, destroying any value that digital currency had.

This problem is why digital currencies like Bitcoin use Blockchain technology combined with complex cryptographic algorithms to secure and uphold their ledger of transactions & balances. In order to fully understand how cryptocurrency solves the double spending problem, it helps to have a grasp of what the Blockchain is, which you can learn about here.

Why is double spending a problem?

Since Bitcoin and other cryptocurrencies are actually digital files, they are easier to duplicate than money, and theoretically someone could pay for two separate things with the same unit of cryptocurrency.

Bitcoin was the first digital currency to solve the problem of double spending through its Blockchain’s Proof of Work mechanism, more commonly known as ‘Bitcoin mining’.

A simplified explanation of solving double spending

To understand how Bitcoin’s Blockchain’s solves the problem of double spending, a basic knowledge of Bitcoin mining, timestamps and hash functions is recommended. However, if you just want a high-level overview of how it works, here’s a very simplified explanation:

  1. On any Blockchain, there are many nodes (computers) constantly communicating with each other, creating a peer-to-peer network
  2. If I send you 0.2 of one Bitcoin, for example, that information (and the time of the transaction) is sent to all the nodes on the Bitcoin network
  3. Every node on the network will then save the information that you now have 0.2 Bitcoin, and I no longer possess it
  4. If I was to try to spend that 0.2 Bitcoin I just gave you again (double spending), the network would block this transaction as it knows that I already gave you that 0.2 Bitcoin BEFORE I made the second transaction
  5. Thus, the double spending problem is solved through the magic of Blockchain’s peer-to-peer network!

While this is a highly simplified version of how double spending is solved, it’s enough to get a basic understanding of how it works. For a slightly deeper dive into how it all works, let’s see what goes on behind the scenes.

Bitcoin Mining – the ingenious solution to double spending

Bitcoin Mining involves ‘miners’ all around the world solving complex mathematical puzzles with powerful computers in order to serve two primary purposes:

  1. To validate the legitimacy of a transaction, helping to avoid fraudulent transactions & the problem of double spending
  2. To create new Bitcoin, rewarding miners in newly created Bitcoin for performing the previous task

Whichever miner solves this puzzle (and validates their group of transactions) first will be allowed to bundle their transactions into a ‘block’ and broadcast their solution or ‘Proof of Work’ to the entire network, so it can be checked by everyone else.

If the majority of nodes/miners in the network agree that the solution to the puzzle is correct and the transactions are valid and coherent with the previous version of the ledger, the block of validated transactions are cryptographically hashed to the previous block and added to the ledger.

I know this can be a little confusing, so let’s breakdown exactly how the problem of double spending is solved by the Blockchain’s Proof of Work system.

How does Blockchain prevent double spending?

To prove that no attempts to double spend have occurred, Bitcoin’s Blockchain provides a way for all miners/nodes in the network to be aware of every transaction. With a network like Bitcoin’s, all transactions are publicly announced to everyone in the network so they can then agree on a single history of the ledger and the order in which transactions were received. The order is key here.

  • Given that all transactions made are time-stamped and cryptographically ‘hashed’ to previous blocks, you can’t simply change the record as all new blocks must contain the correct ‘hash’ (a unique code) from the previous block.
  • To change a single block of transactions you would have to change ALL the blocks in the chain, which would be incredibly time consuming and not viable.
  • Essentially, Blockchain’s solution to double spending is based on the fact that if the majority of the nodes in the network agree which transaction was first to be received, any later attempts to double spend or attack the network will be quickly found out and voided from the network.

From the very start of the Bitcoin network, there has been a complete record of every transaction ever made. As all transactions are agreed upon by the majority of the network and then cryptographically hashed to the previous block, this makes changing the record or putting through a false transaction virtually impossible.

EXAMPLE

Let’s say that you are an attacker wanting to double spend a entire Bitcoin.

  1. First you make a purchase with that Bitcoin to one of the many merchants that accept Bitcoin, let’s say you buy something from Shopify.

  2. Now, what if you attempted to send the same Bitcoin to another Bitcoin address that belonged to a friend? In theory this would work as there is nothing stopping you from submitting two transactions like this on the network. 
  3. However, once submitted, as always, both your transactions would go into a pool of ‘unconfirmed transactions’. And this is where Blockchain works its magic.
  4. Your first transaction (for Shopify) would be validated and then put into a block and broadcasted to the entire network
  5. It would then be confirmed by Bitcoin miners all around the world and added to the next verified block
  6. As this transaction would be stored with a timestamp and a ‘hash’ from the previous block, when your second transaction came through it would be seen as invalid as it would not line up with the order of events that took place
  7. The entire network would know that you no longer own this Bitcoin, so your second transaction would not be confirmed and processed by the network which would swiftly discard it. Pretty neat, right?
Are there any flaws to Blockchain’s solution to double spending?

While Blockchain’s Proof of Work system deals with the issue of double spending, there are two minor issues that remain:

Anticipated currency that never arrives

Despite the intended recipient of the second (double spend) transaction having done nothing wrong on their end, they would still not receive the digital currency they had anticipated. For this reason, recipients/merchants often wait for at least 6 confirmations (meaning 6 new blocks of transactions have been added to the chain AFTER the transaction in question).

Note: Generally, after about 6 new blocks have been confirmed and added, it is safe for the recipient/merchant to assume that the transaction is indeed valid and that the digital currency they received wasn’t double spent.

A 51% attack

While the Blockchain successfully solves the problem of double spending by using cryptography and a majority consensus to verify if a transaction is valid, there remains some vulnerability to the system in the form of a 51% attack. For instance, if someone was able to control the majority, or 51%, of the network they would essentially have the power to commit double spending and all sorts of malicious activity and get away with it.

However, for a single person or group to control more than half the mining power of an entire network is no easy task, especially for a humungous network like Bitcoin’s. The bigger the network in size, the stronger the protection against attacks and data corruption. Thus, a 51% attack on Bitcoin or other large cryptocurrencies is extremely unlikely due to the size and mining power (aka hash rate) of the network. Once a Blockchain becomes sufficiently established, the chances of a single group or person having enough computing power to launch a 51% attack becomes very low.

Additionally, changing the previously confirmed blocks gets more difficult as the chain grows, because the blocks are all linked and cryptographically hashed to the previous block, forming one long chain & history of transactions. In order to alter a single transaction or block successfully you would have to alter all the blocks in the chain which is virtually impossible. For this reason, the Bitcoin network has never been successfully hacked.

Key Takeaways

  • Double spending is one of the main challenges that all digital currencies face
  • Double spending is where the same unit of cryptocurrency can be spent twice
  • Successful double spending would completely undermine the security & trust of the entire network, making the digital currency worthless
  • Bitcoin was the first digital currency to solve the problem of double spending through its Blockchain’s cryptographic algorithm and Proof of Work system (aka Bitcoin mining)
  • To prevent double spending, a Blockchain requires everyone on the network to be aware of all transactions & agree on the order in which they are received
  • The bigger the network, the more secure it is. And the longer the chain of transactions & blocks, the harder it is to tamper with
  • Merchants often wait for 6 ‘confirmations’ (6 subsequent blocks added to the chain) before assuming the transaction is valid & accepting the payment
 
Has Bitcoin ever been hacked or double spent?

Nope. Never. However, while Bitcoin has NEVER been penetrated by double spending or any kind of attack, other cryptocurrencies with less robust networks have been double spent through 51% attacks. These attacks generally target exchanges with large holdings as they aren’t cheap to mount.

Attackers need to be able to successfully double spend more than the cost of the attack in order to make a profit, which makes these kinds of attacks risky in themselves and not at all viable for robust networks.

What are some other types of double spending attacks?

Double spending attacks come in three main forms: Race attacks, Finney attacks and 51% attacks (as mentioned above).

Race Attacks

A race attack is a double spend attack where two transactions are sent in quick succession and only one is confirmed on the Blockchain. The goal is to purchase something with the unconfirmed transaction and then invalidate it before it has been confirmed. However, this is only possible if the recipient or merchant accepts an unconfirmed transaction – which is why merchants generally wait for more blocks to be added to the chain before accepting the transaction!

Finney Attack

A Finney attack is an attack perpetrated by a miner. To execute a Finney attack, a miner with significant resources or a very large mining pool needs to pre-mine one transaction into a block without broadcasting it to the network. Then, the miner spends those same funds in a second transaction but instead broadcasts the previously mined block from the first transaction. Similar to a race attack, a Finney attack is only possible if the recipient/merchant accepts an unconfirmed transaction. Additionally, a Finney attack requires a more unlikely and specific sequence of events to occur, making it less of a practical threat than other attacks.

What are some other ways to solve the double spending problem?

While many cryptocurrencies that came after Bitcoin rely on what is fundamentally the same system, newer and more efficient & sustainable methods of securing Blockchain networks have arisen since then. The two main ones include:

  1. Proof of Stake (PoS) – Used by Cardano, Stellar, Algorand, Tezos, Raydium and eventually Ethereum (and many more)
  2. Ripple Consensus Process (RCP) Used by Ripple