Double-spending

Last updated

Double-spending is a fundamental flaw in a digital cash protocol in which the same single digital token can be spent more than once. Due to the nature of information space, in comparison to physical space (as in: valuable physical resources), a digital token (like a file) is inherently almost infinitely duplicable or falsifiable, [1] [2] leading to ownership of said token itself being undefinable unless declared so by a chosen authority. As with counterfeit money, such double-spending leads to inflation by creating a new amount of copied currency that did not previously exist. Like all increasingly abundant resources, this devalues the currency relative to other monetary units or goods and diminishes user trust as well as the circulation and retention of the currency.

Contents

Fundamental cryptographic techniques to prevent double-spending, while preserving anonymity in a transaction, are the introduction of an authority (and hence centralization) for blind signatures and, particularly in offline systems, secret splitting. [2]

Centralized currencies

Prevention of double-spending is usually implemented using an online central trusted third party that can verify whether a token has been spent. [2] This normally represents a single point of failure from both availability and trust viewpoints.

Decentralized currencies

In a decentralized system, the double-spending problem is significantly harder to solve. To avoid the need for a trusted third party, many servers must store identical up-to-date copies of a public transaction ledger, but as transactions (requests to spend money) are broadcast, they will arrive at each server at slightly different times. If two transactions attempt to spend the same token, each server will consider the first transaction it sees to be valid, and the other invalid. Once the servers disagree, there is no way to determine true balances, as each server's observations are considered equally valid.

Most decentralized systems solve this problem with a consensus algorithm, a way to bring the servers back in sync. Two notable types of consensus mechanisms are proof-of-work and proof-of-stake.

By 2007, a number of distributed systems for the prevention of double-spending had been proposed. [3] [4]

The cryptocurrency Bitcoin implemented a solution in early 2009. Its cryptographic protocol used a proof-of-work consensus mechanism where transactions are batched into ovals and chained together using a linked list of hash pointers (blockchain). Any server can produce a block by solving a computationally difficult puzzle (specifically finding a partial hash collision) called mining. The block commits to the entire history of bitcoin transactions as well as the new set of incoming transactions. The miner is rewarded some bitcoins for solving it.

The double-spending problem persists, however, if two blocks (with conflicting transactions) are mined at the same approximate time. When servers inevitably disagree on the order of the two blocks, they each keep both blocks temporarily. As new blocks arrive, they must commit to one history or the other, and eventually a single chain will continue on, while the other(s) will not. Since the longest (more technically "heaviest") chain is considered to be the valid data set, miners are incentivized to only build blocks on the longest chain they know about in order for it to become part of that dataset (and for their reward to be valid).

Transactions in this system are therefore never technically "final" as a conflicting chain of blocks can always outgrow the current canonical chain. However, as blocks are built on top of a transaction, it becomes increasingly costly and thus unlikely for another chain to overtake it.

51% attack

Due to the nature of a decentralized blockchain, and in lack of a central authority to do so, the correct succession of transactions is defined only by the dominating consensus. This leads to the possibility of one actor gaining majority control over the entities deciding said consensus, to force their own version of events, including alternative and double transactions. Due to information propagation delays, 51% attacks are temporarily possible for a localized subset of actors too.

The total computational power of a decentralized proof-of-work system is the sum of the computational power of the nodes, which can differ significantly due to the hardware used. Larger computational power increases the chance to win the mining reward for each new block mined, which creates an incentive to accumulate clusters of mining nodes, or mining pools. Any pool that achieves 51% hashing power can effectively overturn network transactions, resulting in double spending.

One of the Bitcoin forks, Bitcoin Gold, was hit by such an attack in 2018 and then again in 2020. [5]

A given cryptocurrency's susceptibility to attack depends on the existing hashing power of the network since the attacker needs to overcome it. For the attack to be economically viable, the market cap of the currency must be sufficiently large to justify the cost to rent hashing power. [6] [7]

In 2014, mining pool Ghash.io obtained 51% hashing power in Bitcoin which raised significant controversies about the safety of the network. The pool voluntarily capped their hashing power at 39.99% and requested other pools to follow in order to restore trust in the network. [8]

Related Research Articles

Proof of work (PoW) is a form of cryptographic proof in which one party proves to others that a certain amount of a specific computational effort has been expended. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Moni Naor and Cynthia Dwork in 1993 as a way to deter denial-of-service attacks and other service abuses such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. The concept was adapted to digital tokens by Hal Finney in 2004 through the idea of "reusable proof of work" using the 160-bit secure hash algorithm 1 (SHA-1).

<span class="mw-page-title-main">Bitcoin</span> Decentralized digital currency

Bitcoin is the first decentralized cryptocurrency. Nodes in the peer-to-peer bitcoin network verify transactions through cryptography and record them in a public distributed ledger, called a blockchain, without central oversight. Consensus between nodes is achieved using a computationally intensive process based on proof of work, called mining, that requires increasing quantities of electricity and guarantees the security of the bitcoin blockchain.

<span class="mw-page-title-main">Cryptocurrency</span> Digital currency not reliant on a central authority

A cryptocurrency, crypto-currency, or crypto is a digital currency designed to work as a medium of exchange through a computer network that is not reliant on any central authority, such as a government or bank, to uphold or maintain it.

<span class="mw-page-title-main">Bitcoin protocol</span> Rules that govern the functioning of Bitcoin

The Bitcoin protocol is the set of rules that govern the functioning of Bitcoin. Its key components and principles are: a peer-to-peer decentralized network with no central oversight; the blockchain technology, a public ledger that records all Bitcoin transactions; mining and proof of work, the process to create new bitcoins and verify transactions; and cryptographic security.

Zerocoin is a privacy protocol proposed in 2013 by Johns Hopkins University professor Matthew D. Green and his graduate students, Ian Miers and Christina Garman. It was designed as an extension to the Bitcoin protocol that would improve Bitcoin transactions' anonymity by having coin-mixing capabilities natively built into the protocol. Zerocoin is not currently compatible with Bitcoin.

Proof-of-stake (PoS) protocols are a class of consensus mechanisms for blockchains that work by selecting validators in proportion to their quantity of holdings in the associated cryptocurrency. This is done to avoid the computational cost of proof-of-work (POW) schemes. The first functioning use of PoS for cryptocurrency was Peercoin in 2012, although the scheme, on the surface, still resembled a POW.

<span class="mw-page-title-main">Ethereum</span> Open-source blockchain computing platform

Ethereum is a decentralized blockchain with smart contract functionality. Ether is the native cryptocurrency of the platform. Among cryptocurrencies, ether is second only to bitcoin in market capitalization. It is open-source software.

In the context of cryptocurrency mining, a mining pool is the pooling of resources by miners, who share their processing power over a network, to split the reward equally, according to the amount of work they contributed to the probability of finding a block. A "share" is awarded to members of the mining pool who present a valid partial proof-of-work. Mining in pools began when the difficulty for mining increased to the point where it could take centuries for slower miners to generate a block. The solution to this problem was for miners to pool their resources so they could generate blocks more quickly and therefore receive a portion of the block reward on a consistent basis, rather than randomly once every few years.

A blockchain is a distributed ledger with growing lists of records (blocks) that are securely linked together via cryptographic hashes. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data. Since each block contains information about the previous block, they effectively form a chain, with each additional block linking to the ones before it. Consequently, blockchain transactions are irreversible in that, once they are recorded, the data in any given block cannot be altered retroactively without altering all subsequent blocks.

A decentralised application is an application that can operate autonomously, typically through the use of smart contracts, that run on a decentralized computing, blockchain or other distributed ledger system. Like traditional applications, DApps provide some function or utility to its users. However, unlike traditional applications, DApps operate without human intervention and are not owned by any one entity, rather DApps distribute tokens that represent ownership. These tokens are distributed according to a programmed algorithm to the users of the system, diluting ownership and control of the DApp. Without any one entity controlling the system, the application is therefore decentralised.

A distributed ledger is the consensus of replicated, shared, and synchronized digital data that is geographically spread (distributed) across many sites, countries, or institutions. In contrast to a centralized database, a distributed ledger does not require a central administrator, and consequently does not have a single (central) point-of-failure.

<span class="mw-page-title-main">Ethereum Classic</span> Blockchain computing platform

Ethereum Classic is a blockchain-based distributed computing platform that offers smart contract (scripting) functionality. It is open source and supports a modified version of Nakamoto consensus via transaction-based state transitions executed on a public Ethereum Virtual Machine (EVM).

Segregated Witness, or SegWit, is the name used for an implemented soft fork change in the transaction format of Bitcoin.

A cryptocurrency wallet is a device, physical medium, program or an online service which stores the public and/or private keys for cryptocurrency transactions. In addition to this basic function of storing the keys, a cryptocurrency wallet more often offers the functionality of encrypting and/or signing information. Signing can for example result in executing a smart contract, a cryptocurrency transaction, identification, or legally signing a 'document'.

<span class="mw-page-title-main">Bitcoin Gold</span> Cryptocurrency

Bitcoin Gold (BTG) is a cryptocurrency. It is a hard fork of Bitcoin, the open source cryptocurrency. It is an open source, decentralized digital currency without a central bank or intermediary that can be sent from user to user on the peer-to-peer Bitcoin Gold network.

<span class="mw-page-title-main">IOTA (technology)</span> Open-source distributed ledger and cryptocurrency

IOTA is an open-source distributed ledger and cryptocurrency designed for the Internet of things (IoT). It uses a directed acyclic graph to store transactions on its ledger, motivated by a potentially higher scalability over blockchain based distributed ledgers. IOTA does not use miners to validate transactions, instead, nodes that issue a new transaction on the network must approve two previous transactions. Transactions can therefore be issued without fees, facilitating microtransactions. The network currently achieves consensus through a coordinator node, operated by the IOTA Foundation. As the coordinator is a single point of failure, the network is currently centralized.

A blockchain is a shared database that records transactions between two parties in an immutable ledger. Blockchain documents and confirms pseudonymous ownership of all transactions in a verifiable and sustainable way. After a transaction is validated and cryptographically verified by other participants or nodes in the network, it is made into a "block" on the blockchain. A block contains information about the time the transaction occurred, previous transactions, and details about the transaction. Once recorded as a block, transactions are ordered chronologically and cannot be altered. This technology rose to popularity after the creation of Bitcoin, the first application of blockchain technology, which has since catalyzed other cryptocurrencies and applications.

Nano is a cryptocurrency characterized by a directed acyclic graph data structure and distributed ledger, making it possible for Nano to work without intermediaries. To agree on what transactions to commit, it uses a voting system with weight based on the amount of currency an account holds.

Colored Coins is an open-source protocol built on the Bitcoin 2.0 that allows users to represent and manipulate immutable digital resources on top of Bitcoin transactions. They are a class of methods for representing and maintaining real-world assets on the Bitcoin blockchain, which may be used to establish asset ownership. Colored coins are bitcoins with a mark on them that specifies what they may be used for. Colored coins are also considered the initial step toward NFTs built on top of the Bitcoin network.

Nervos Network is a proof-of-work blockchain platform which consists of multiple blockchain layers that are designed for different functions. The native cryptocurrency of this layer is called CKB. Smart contracts and decentralized applications can be deployed on the Nervos blockchain. The Nervos Network was founded in 2018.

References

  1. The Double Spending Problem and Cryptocurrencies. Banking & Insurance Journal. Social Science Research Network (SSRN). Accessed 24 December 2017.
  2. 1 2 3 Mark Ryan. "Digital Cash". School of Computer Science, University of Birmingham. Retrieved 2017-05-27.
  3. Jaap-Henk Hoepman (2008). "Distributed Double Spending Prevention". arXiv: 0802.0832v1 [cs.CR].
  4. Osipkov, I.; Vasserman, E. Y.; Hopper, N.; Kim, Y. (2007). "Combating Double-Spending Using Cooperative P2P Systems". 27th International Conference on Distributed Computing Systems (ICDCS '07). p. 41. CiteSeerX   10.1.1.120.52 . doi:10.1109/ICDCS.2007.91. S2CID   8097408.
  5. Canellis, David (2020-01-27). "Bitcoin Gold hit by 51% attacks, $72K in cryptocurrency double-spent". Hard Fork | The Next Web. Retrieved 2020-02-29.
  6. "Cost of a 51% Attack for Different Cryptocurrencies | Crypto51". www.crypto51.app. Retrieved 2020-02-29.
  7. Varshney, Neer (2018-05-24). "Why Proof-of-work isn't suitable for small cryptocurrencies". Hard Fork | The Next Web. Retrieved 2018-05-25.
  8. "Popular Bitcoin Mining Pool Promises To Restrict Its Compute Power To Prevent Feared '51%' Fiasco". TechCrunch. 16 July 2014. Retrieved 2020-02-29.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.