What is double spending

What is double spending?

Double spending is a potential problem in a digital monetary system where the same funds can be spent twice in the same time interval. Without adequate countermeasures, a protocol that does not address this issue is vulnerable to this type of activity—users simply cannot be sure that their funds were not spent elsewhere.

In the crypto space, limiting the duplication of certain units is of utmost importance. If Alice could receive 10 units and then copy and paste them 10 times to get 100 units, the entire system would crash. The system would also not work if the same 10 units were sent to Boris and Katya at the same time. Thus, for digital money to function, mechanisms must be created to limit such possibilities.

How can you prevent double spending?

Centralized approach

The centralized type of system is much easier to implement, as opposed to decentralized alternatives. Basically, it involves the presence of one entity or organization that manages the system and controls the issue and distribution of new units. A good example of a centralized solution to the double spending problem is David Chaum's eCash.

To issue users a digital asset that mimics cash (capable of anonymous and peer-to-peer exchange), a bank may use blind signatures—as described by cryptographer David Chaum in his 1982 paper “Blind Signatures for Untraceable Payments.”

For example, if a user (let's call him Denis) wants to receive $100 in digital currency, he must first inform the bank about this. If there is a balance in the account, it generates one random number or several numbers for smaller denominations. Let's say it produces five numbers, each assigned a value of $20. To prevent the bank from tracking the currency units, Denis hides the random numbers by adding a blinding factor to each of them.

He then transmits the information to the bank, which debits his account for $100 and then signs messages confirming that each of the five pieces of information is exchangeable for $20. Now Denis can spend the funds issued by the bank. He goes to Irina's restaurant and buys food, which costs $40.

Denis can remove the blinding factor to use a random number associated with the digital currency on the check, which will serve as a unique identifier for each item (similar to a serial number). He reveals two of them to Irina, who must now immediately activate them in the bank so that Denis cannot spend the same money elsewhere. The bank will check the signatures and, if everything goes well, will credit Irina’s account with $40.

Once activated, used checks are burned, and if Erin wants to spend her new balance again, she will need to obtain new checks in the same way.

Chaum's eCash may be convenient for private financial transactions, but the approach is not very reliable since the bank is a central point of failure. The issued check itself is worth nothing, since its value is determined solely by the bank's willingness to exchange the check for dollars. At the same time, customers are at the mercy of the bank and must rely on it to be able to spend money, which is precisely the problem that cryptocurrency aims to correct.

Decentralized approach

Ensuring that funds cannot be double-spended in an ecosystem without a third-party oversight body is more challenging. In this case, equally powerful participants would have to agree on certain rules to prevent fraud and incentivize all users to act honestly.

The biggest innovation presented in the Bitcoin whitepaper was the solution to the problem of double spending. Although it is not mentioned as such, Satoshi's proposed data structure is now widely known as blockchain.

Blockchain is a database with a set of unique properties. Network participants (called nodes) use specialized software to synchronize a copy of the database with other participants. As a result, all network participants can check the history of each transaction, starting from the genesis block. Thanks to the public nature of the blockchain, fraudulent activities such as double-spending transactions can be easily detected and prevented.

When a user broadcasts a transaction, it is not immediately added to the blockchain: first, it must be included in the block through mining. The recipient will consider the transfer valid only after adding the block with the transaction to the chain. Otherwise, the recipient risks not receiving the promised funds, since the sender could spend the same coins elsewhere.

Once the transaction is confirmed, the coins cannot be spent twice, since ownership is transferred to the new user and the entire network can verify this. It is for this reason that many recommend waiting until you receive several confirmations before accepting a payment. Each subsequent block increases the amount of effort required to change or rewrite the chain (as in a 51% attack).

Let's take the restaurant example again. Denis returns to the restaurant and notices an advertisement that this establishment accepts payment for services in Bitcoin. He liked the dishes he had last time, so he orders them again. It will cost 0.005 BTC.

Irina provides her public address to which he should send funds. Denis broadcasts the transaction, which is essentially a signed message that Denis's 0.005 BTC is now being transferred to Irina. Anyone who is presented with Denis's signed transaction can verify that he was indeed the owner of the coins and therefore had the right to send them.

As we already said, a transaction is only valid if it is included in a confirmed block. Accepting unconfirmed transactions is much like receiving $40 in eCash from the previous example without cashing the check at the bank in a timely manner, allowing the sender to spend the same amount elsewhere. Therefore, Irina should wait for at least six block confirmations (about one hour) before accepting Denis’s payment.

Double Spending on the Bitcoin Network

Bitcoin's mechanism prevents double-spending attacks, at least as long as the protocol works properly. That is, if someone is waiting for transactions in a block to be confirmed, it will not be easy for the sender to reverse them. To accomplish this, the blockchain needs to be reversed, but this will require a huge amount of hashing power.

However, there are several double-spending attacks that target unconfirmed transactions. For example, when making purchases at a low price, the seller may not want to wait for transactions to be included in the block. A fast food restaurant overloaded with orders will also not be able to function properly with such a long processing time for each purchase. Thus, if a business relies on instant payments, it becomes vulnerable to double spending. Someone could order a hamburger, pay for it, and then immediately send the same funds to their address. A new transaction with a higher fee will most likely be confirmed first and subsequently abort the validation of the previous one.

There are three popular methods for implementing double spending:

• A 51% attack occurs when an entity or organization manages to take control of more than 50% of the entire network hashrate, allowing transactions to be eliminated or their order changed. Such an attack is unlikely in the case of Bitcoin, but can occur in relation to other blockchain networks.

• A race attack occurs when two conflicting transactions are broadcast at the same time using the same means, but only one of them is confirmed. The attacker's goal is to invalidate the validation by confirming only the transaction he wants (for example, sending the same funds to his address). The condition for such an attack is the seller's permission to pay for the goods through unconfirmed transactions.

• Finney attacks occur when an attacker pre-mines a block with his transaction without immediately broadcasting it to the network. Instead, it spends the coins again, but as part of a different transaction, and only then broadcasts the previous block, canceling the transfer to the seller. Finney attacks require a specific sequence of events and also depend on the recipient's willingness to accept unconfirmed transactions.

As we can see, a seller who waits for a block to be confirmed has a significantly lower risk of becoming a victim of double spending.

Summary

Double spending allows you to use the digital money system for financial gain by spending the same amount more than once. The lack of adequate solutions to this problem hinders further progress in this area.

Fortunately, the advent of blind signatures has solved many of the problems of centralized financial systems. And the creation of Proof of Work mechanisms and blockchain technology gave birth to Bitcoin, a powerful form of decentralized money that has inspired many users to create thousands of other cryptocurrency projects.