Bitcoin

Protocol – How possible is a double spend attack?

Each information source covering this issue states that this type of fraud is at best basically impossible and, at worst, highly improbable. From my (very limited) understanding, the success of this attack really depends on timing and luck, not requiring 51% control of the hashing compute. Here’s the scenario I’ve been thinking about:

Initial states and assumptions:

  1. All nodes are at block height 𝑛
  2. Fork does not exist. All nodes are in consensus
  3. Each new block takes 10 minutes to check the overall normal distribution.
  4. In the case below, the ‘fraud block’ contains a transaction signed by a malicious actor to himself or a colluding partner in order to consume unspent inputs, preventing the ‘real’ transaction from verifying the ‘real’ recipient. Yes – advise the ‘real’ recipient to wait until enough block confirmations have occurred, making the attack pointless. But let’s say someone scams you into handing over goods/services/digital assets based on a ‘real’ transaction being submitted. On hold. I want to focus more on how technology explains the possibility of problems rather than human intuition and intervention.

Fraudulent block submission:

  1. The attacker successfully mines the fraudulent block 𝑛+1 and propagates it through the network. This block contains a double-spend attack transaction, leaving the ‘real’ transaction in the mempool where it is rejected because it is considered a spent transaction and excluded from the new block.
  2. Within a minute or two, most networks will receive and verify this block.
  3. The node recognizes 𝑛+1 as the longest chain and switches to mining on it.

Mined block 𝑛+2:

  1. Assume that after 𝑛+1 is approved, the next block 𝑛+2 takes a full (normally distributed) 10 minutes to mine.
  2. Given that propagation times are typically less than 2 minutes, within the first 5 minutes, almost all nodes would have received block 𝑛+1, verified it, and started working on it.

Given these conditions, here’s how the scenario unfolds:

Propagation of block 𝑛+1:

  1. Once block 𝑛+1 is propagated throughout the network and verified, all honest nodes switch to the chain ending with 𝑛+1.

Mined block 𝑛+2:

  1. When all nodes work on the new longest chain, block 𝑛+2 is mined on top of 𝑛+1.
  2. The network reaches a consensus that block 𝑛+1 is part of the main chain, so all new blocks (including 𝑛+2) are built on top of 𝑛+1.

In this scenario, assuming that the fraudulent block 𝑛+1 propagates and is accepted as the longest chain by most networks, all subsequent blocks (e.g. 𝑛+2) are actually built on this chain. to sum up:

  1. Propagation and Verification: Block 𝑛+1 is propagated and verified quickly (within 2 minutes), causing all nodes to switch to this chain.
  2. Network consensus: From a 10-minute block interval to 5 minutes, all nodes will mine on the 𝑛+1 chain, which is approved as the longest chain.
  3. Subsequent blocks: The next block 𝑛+2 is likely to be mined above 𝑛+1 because the entire network considers 𝑛+1 to be part of the longest chain.

So, assuming the above case is true, it seems like a double spend attack is quite possible, at least under the right conditions. So what are the other safeguards?

  1. Prevent this from happening
  2. Released if there are multiple block confirmations afterward

Related Articles

Back to top button