Last updated

Double-spending is a potential flaw in a digital cash scheme in which the same single digital token can be spent more than once. Unlike physical cash, a digital token consists of a digital file that can be duplicated or falsified. [1] [2] As with counterfeit money, such double-spending leads to inflation by creating a new amount of copied currency that did not previously exist. This devalues the currency relative to other monetary units or goods and diminishes user trust as well as the circulation and retention of the currency. Fundamental cryptographic techniques to prevent double-spending, while preserving anonymity in a transaction, are blind signatures and, particularly in offline systems, secret splitting. [2]


Centralized currencies

Prevention of double-spending is usually implemented using an online central trusted third party that can verify whether a token has been spent. [2] This normally represents a single point of failure from both availability and trust viewpoints.

Decentralized currencies

In a decentralized system, the double-spending problem is significantly harder to solve. To avoid the need for a trusted third party, many servers must store identical up-to-date copies of a public transaction ledger, but as transactions (requests to spend money) are broadcast, they will arrive at each server at slightly different times. If two transactions attempt to spend the same token, each server will consider the first transaction it sees to be valid, and the other invalid. Once the servers disagree, there is no way to determine true balances, as each server's observations are considered equally valid. Most decentralized systems solve this with a consensus algorithm, a way to bring the servers back in sync. Two notable types of consensus mechanisms are proof-of-work and proof-of-stake.

By 2007, a number of distributed systems for the prevention of double-spending had been proposed. [3] [4]

The cryptocurrency Bitcoin implemented a solution in early 2009. Its cryptographic protocol used a proof-of-work consensus mechanism where transactions are batched into blocks and chained together using a linked list of hash pointers (blockchain). Any server can produce a block by solving a computationally difficult puzzle (specifically finding a partial hash collision) called mining. The block commits to the entire history of bitcoin transactions as well as the new set of incoming transactions. The miner is rewarded some bitcoins for solving it.

The double-spending problem persists, however, if two blocks (with conflicting transactions) are mined at the same approximate time. When servers inevitably disagree on the order of the two blocks, they each keep both blocks temporarily. As new blocks arrive, they must commit to one history or the other, and eventually a single chain will continue on, while the other(s) will not. Since the longest (more technically "heaviest") chain is considered to be the valid data set, miners are incentivized to only build blocks on the longest chain they know about in order for it to become part of that dataset (and for their reward to be valid).

Transactions in this system are therefore never technically "final" as a conflicting chain of blocks can always outgrow the current canonical chain. However, as blocks are built on top of a transaction, it becomes increasingly unlikely/costly for another chain to overtake it.

51% attack

The total computational power of a decentralized proof-of-work system is the sum of the computational power of the nodes, which can differ significantly due to the hardware used. Larger computational power increases the chance to win the mining reward for each new block mined, which creates an incentive to accumulate clusters of mining nodes, or mining pools. Any pool that achieves 51% hashing power can effectively overturn network transactions, resulting in double spending.

One of the Bitcoin forks, Bitcoin Gold, was hit by such an attack in 2018 and then again in 2020. [5]

Another fork, Bitcoin SV, suffered a 51% attack on June 24, 2021 and then again on July 1, 6 and 9, 2021. [6] Another attack was suffered on August 3-4, 2021. [7]

A given cryptocurrency's susceptibility to attack depends on the existing hashing power of the network since the attacker needs to overcome it. For the attack to be economically viable, the market cap of the currency must be sufficiently large to justify the cost to rent hashing power. [8] [9]

In 2014, mining pool obtained 51% hashing power in Bitcoin which raised significant controversies about the safety of the network. The pool has voluntarily capped their hashing power at 39.99% and requested other pools to follow in order to restore trust in the network. [10]

See also

Related Research Articles

Proof of work (PoW) is a form of cryptographic zero-knowledge proof in which one party proves to others that a certain amount of a specific computational effort has been expended. Verifiers can subsequently confirm this expenditure with minimal effort on their part. The concept was invented by Cynthia Dwork and Moni Naor in 1993 as a way to deter denial-of-service attacks and other service abuses such as spam on a network by requiring some work from a service requester, usually meaning processing time by a computer. The term "proof of work" was first coined and formalized in a 1999 paper by Markus Jakobsson and Ari Juels. Proof of work was later popularized by Bitcoin as a foundation for consensus in permissionless blockchains and cryptocurrencies, in which miners compete to append blocks and mint new currency, each miner experiencing a success probability proportional to their computational effort expended. PoW and PoS are the two best known Sybil deterrence mechanisms. In the context of cryptocurrencies they are the most common mechanisms.

Bitcoin () is a decentralized digital currency, without a central bank or single administrator, that can be sent from user to user on the peer-to-peer bitcoin network without the need for intermediaries. Transactions are verified by network nodes through cryptography and recorded in a public distributed ledger called a blockchain. The cryptocurrency was invented in 2008 by an unknown person or group of people using the name Satoshi Nakamoto. The currency began use in 2009 when its implementation was released as open-source software.

Cryptocurrency Encrypted medium of digital exchange

A cryptocurrency, crypto-currency, or crypto is a binary data designed to work as a medium of exchange wherein individual coin ownership records are stored in a ledger existing in a form of a computerized database using strong cryptography to secure transaction records, to control the creation of additional coins, and to verify the transfer of coin ownership. Some crypto schemes use validators to maintain the cryptocurrency. In a proof-of-stake model, owners put up their tokens as collateral. In return, they get authority over the token in proportion to the amount they stake. Generally, these token stakers get additional ownership in the token over time via network fees, newly minted tokens or other such reward mechanisms. Cryptocurrency does not exist in physical form and is typically not issued by a central authority. Cryptocurrencies typically use decentralized control as opposed to a central bank digital currency (CBDC). When a cryptocurrency is minted or created prior to issuance or issued by a single issuer, it is generally considered centralized. When implemented with decentralized control, each cryptocurrency works through distributed ledger technology, typically a blockchain, that serves as a public financial transaction database.

Litecoin is a peer-to-peer cryptocurrency and open-source software project released under the MIT/X11 license. Litecoin was an early bitcoin spinoff or altcoin, starting in October 2011. In technical details, Litecoin is nearly identical to Bitcoin.

Bitcoin network Peer-to-peer network that processes and records bitcoin transactions

The bitcoin network is a peer-to-peer payment network that operates on a cryptographic protocol. Users send and receive bitcoins, the units of currency, by broadcasting digitally signed messages to the network using bitcoin cryptocurrency wallet software. Transactions are recorded into a distributed, replicated public database known as the blockchain, with consensus achieved by a proof-of-work system called mining. Satoshi Nakamoto, the designer of bitcoin, claimed that design and coding of bitcoin began in 2007. The project was released in 2009 as open source software.

Zerocoin is a privacy protocol proposed in 2013 by Johns Hopkins University professor Matthew D. Green and his graduate students, Ian Miers and Christina Garman. It was designed as an extension to the Bitcoin protocol that would improve Bitcoin transactions' anonymity by having coin-mixing capabilities natively built into the protocol. Zerocoin is not currently compatible with Bitcoin.

Proof of stake (PoS) protocols are a class of consensus mechanisms for blockchains that work by selecting validators in proportion to their quantity of holdings in the associated cryptocurrency. Unlike a proof of work (PoW) protocol, PoS systems do not incentivize extreme amounts of energy consumption. The first functioning use of PoS for cryptocurrency was Peercoin in 2012. The biggest proof-of-stake blockchain by market capitalization is Cardano.

Ethereum Open-source blockchain computing platform

Ethereum is a decentralized, open-source blockchain with smart contract functionality. Ether is the native cryptocurrency of the platform. Amongst cryptocurrencies, it is second only to Bitcoin in market capitalization.

Dash (cryptocurrency) Cryptocurrency

Dash is an open source cryptocurrency. It is an altcoin that was forked from the Bitcoin protocol. It is also a decentralized autonomous organization (DAO) run by a subset of its users, which are called "masternodes".

Blockchain Distributed data store for digital transactions

A blockchain is a growing list of records, called blocks, that are linked together using cryptography. It's also described as a "trustless and fully decentralized peer-to-peer immutable data storage" that is spread over a network of participants often referred to as nodes. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data. The timestamp proves that the transaction data existed when the block was published in order to get into its hash. As blocks each contain information about the block previous to it, they form a chain, with each additional block reinforcing the ones before it. Therefore, blockchains are resistant to modification of their data because once recorded, the data in any given block cannot be altered retroactively without altering all subsequent blocks.

Ethereum Classic Open source blockchain computing platform

Ethereum Classic is an open source, blockchain-based distributed computing platform featuring smart contract (scripting) functionality. It supports a modified version of Nakamoto consensus via transaction-based state transitions executed on a public Ethereum Virtual Machine (EVM).

Vic Coin is a purely peer-to-peer version of digital currency that would allow online Settlements to be sent directly from one party to another without going through a Central counter party. Part of the solution lies with the digital signatures, but the main benefits are lost if a central counter party is still required to prevent public viewing. Vic Coin suggest a solution to the public-viewing problem using a peer-to-peer network. The system network time stamps all transactions by hashing Vic Coin into an ongoing chain of hash-based proof-of-work to form a record that cannot be changed without doing the proof-of-work all over again. The longest chain not only serves as proof of the sequence of events witnessed, but proof that it came from the largest pool of CPU power. As long as master nodes that are not cooperating to attack the network control a majority of CPU power, Vic Coin will generate the longest chain and outpace attackers. The network itself requires minimal structure. Messages are broadcast on a best effort basis, and master nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while Vic Coin were gone.

Firo (cryptocurrency) Cryptocurrency

Firo, formerly known as Zcoin, is a cryptocurrency aimed at using cryptography to provide better privacy for its users compared to other cryptocurrencies such as Bitcoin.

Bitcoin scalability problem Scaling problem in bitcoin processing

The Bitcoin scalability problem refers to the limited capability of the Bitcoin network to handle large amounts of transaction data on its platform in a short span of time. It is related to the fact that records in the Bitcoin blockchain are limited in size and frequency.

Bitcoin Cash Cryptocurrency that is a fork of Bitcoin

Bitcoin Cash is a cryptocurrency that is a fork of Bitcoin. Bitcoin Cash is a spin-off or altcoin that was created in 2017.

Segregated Witness, or SegWit, is the name used for an implemented soft fork change in the transaction format of Bitcoin.

Bitcoin Gold Cryptocurrency

Bitcoin Gold (BTG) is a cryptocurrency. It is a hard fork of Bitcoin, the open source cryptocurrency. It is an open source, decentralized digital currency without a central bank or intermediary that can be sent from user to user on the peer-to-peer Bitcoin Gold network.

IOTA (technology) Open-source distributed ledger and cryptocurrency

IOTA is an open-source distributed ledger and cryptocurrency designed for the Internet of things (IoT). It uses a directed acyclic graph to store transactions on its ledger, motivated by a potentially higher scalability over blockchain based distributed ledgers. IOTA does not use miners to validate transactions, instead, nodes that issue a new transaction on the network must approve two previous transactions. Transactions can therefore be issued without fees, facilitating microtransactions. The network currently achieves consensus through a coordinator node, operated by the IOTA Foundation. As the coordinator is a single point of failure, the network is currently centralized.

A blockchain is a shared database that records transactions between two parties in an immutable ledger. Blockchains document and confirm pseudonymous ownership of all existing coins within a cryptocurrency ecosystem at any given time through cryptography. After a transaction is validated and cryptographically verified by other participants or nodes in the network, it is made into a "block" on the blockchain. A block contains information about the time the transaction occurred, previous transactions, and details about the transaction. Once recorded as a block, transactions are ordered chronologically and cannot be altered. This technology rose to popularity after the creation of Bitcoin, the first application of blockchain technology, which has since catalyzed other cryptocurrencies and applications.

Nano (NANO) is a peer-to-peer digital currency. It is a decentralized, open-source cryptocurrency based on directed acyclic graph (DAG) architecture with an Open Representative Voting (ORV) consensus mechanism. It operates without intermediaries by using a distributed ledger with a block-lattice data structure.


  1. The Double Spending Problem and Cryptocurrencies. Banking & Insurance Journal. Social Science Research Network (SSRN). Accessed 24 December 2017.
  2. 1 2 3 Mark Ryan. "Digital Cash". School of Computer Science, University of Birmingham. Retrieved 2017-05-27.
  3. Jaap-Henk Hoepman (2008). "Distributed Double Spending Prevention". arXiv: 0802.0832v1 [cs.CR].
  4. Osipkov, I.; Vasserman, E. Y.; Hopper, N.; Kim, Y. (2007). "Combating Double-Spending Using Cooperative P2P Systems". 27th International Conference on Distributed Computing Systems (ICDCS '07). p. 41. CiteSeerX . doi:10.1109/ICDCS.2007.91. S2CID   8097408.
  5. Canellis, David (2020-01-27). "Bitcoin Gold hit by 51% attacks, $72K in cryptocurrency double-spent". Hard Fork | The Next Web. Retrieved 2020-02-29.
  6. "What Is Going On With Bitcoin SV?" . Retrieved 2021-09-17.
  7. "BSV Suffers 51% Attack: Report" . Retrieved 2021-09-17.
  8. "Cost of a 51% Attack for Different Cryptocurrencies | Crypto51". Retrieved 2020-02-29.
  9. Varshney, Neer (2018-05-24). "Why Proof-of-work isn't suitable for small cryptocurrencies". Hard Fork | The Next Web. Retrieved 2018-05-25.
  10. "Popular Bitcoin Mining Pool Promises To Restrict Its Compute Power To Prevent Feared '51%' Fiasco". TechCrunch. Retrieved 2020-02-29.