Sand you are already somewhat familiar with the world of cryptocurrencies, perhaps you already know one of the most important characteristics in them, we are talking about the irreversible transaction. This means that, as a general rule, There is no way to go back a transaction, you cannot call any authority or the police to cancel a transaction already confirmed.
But surely you wonder, How is this possible ?, and Is a system interesting without the possibility of canceling transactions ?. To this and a few more questions we will answer in this article. As we know, every time a cryptocurrency transaction is made it is transmitted to the network of miners. They are the ones who will be in charge of validating it and for this they will take our transaction together with others and add them in a block. Once the block is generated and validated, the transaction can be said to have been committed.
Additionally, this process is repeated as new blocks are generated and added to the verified history of the blockchain. What's more, each new block created is a new commit received by previously committed transactions. It is precisely this incremental process of confirmations, and how the blockchain is structured, that makes the transactions irreversible.
But a transaction with a single confirmation can be reversed if you have the computing power necessary to do so. So How many confirmations do I have to wait to consider an irreversible transaction? For example, in the case of Bitcoin, It is recommended to wait 5 to 6 confirmations to safely consider a transaction. Once this point is reached, we can say that the Bitcoin network has irreversibly validated our transaction. Other cryptocurrencies also have a similar process, such as the case of Ethereum where it is recommended to wait for the 20 confirmations to make sure of the irreversibility of the transaction that we have made.
Why are transactions irreversible?
If we take a look at some articles related to the development of decentralized electronic money, we can see that one of the biggest problems that arose was the double spending. This is a type of attack where people could use and spend the same amount of money on more than one occasion.
The creation of Bitcoin was a challenge to avoid this type of attack because it is digital money. To avoid this attack Satoshi Nakamoto He developed several protection schemes creating the blockchain, which thanks to elements such as proof of work or dynamic difficulty of testing, gave this result.
Nakamoto explained that while there could be certain attacks that could surpass the security of the Bitcoin blockchain, waiting for a series of confirmations by the network would give full assurance that the transaction cannot be reversed.
The idea of waiting for more confirmations to ensure the irreversibility of a transaction became more apparent with the discovery of certain attacks. Below we will explain some of them, how they work and how to protect ourselves from them.
Types of Attacks against irreversibility of transactions
When we make or receive a transaction in Bitcoin with 0 number of confirmations, the operation can still be reversed. This attack occurs when two transactions are made from the same funds, that is, the same amount of money is sent to two different people. But only one of them will receive the funds, while the other will not.
For example, the attacker can send 2 transactions, one for you and one for him, and in which he goes to put a higher commission for the miners. Normally miners will prioritize the transaction with the highest commission, overriding the other.
To protect themselves and reduce the risk of this type of fraud, users and merchants can choose to disable inbound connections and only choose specific outbound connections. Although this measure does not eliminate the risk completely, it can reduce the possibility of being the subject of one. In this way, the fact that it is an irreversible transaction can be protected.
This is another type of attack that we can be exposed to if unconfirmed transactions are accepted. Although the finney attackDue to its complexity, it is quite expensive and difficult to carry out and must be executed by a miner once a new block is generated. Since it must add repeated transactions continuously to the block. However, as with the race attack, users and merchants should consider the risk of accepting payments with yet unconfirmed transactions. Hence, again the importance of accepting transactions with 6 or more confirmations to see them as an irreversible transaction.
Vector Attack 76
Also know as confirmation attackThis consists of the combination of the Run attack and the Finney attack, where the executor can still reverse a transaction with a single commit. And so use the funds twice. Although users and merchants can reduce the risk of suffering this attack with the same measures explained in the career attack. Disabling incoming connections and using only specific outgoing connections, in addition to considering a secure payment that with 5 or 6 confirmations.
Brute Force Attack
This attack can be executed even when the receiver has decided to wait for a certain amount of confirmations. It consists of an attacker making a transaction to a user as payment for a product. And simultaneously look for a variation of the blockchain where to include the fraudulent transaction. After the receiver receives a certain amount of confirmations about the received transaction, he ships the product. And if at that point the attacker has received more confirmations than the merchant, he breaks the variation of the blockchain and recovers his funds.
It is important to note that the execution of this attack is extremely expensive, and its chance of success is quite low without sufficient hashing speed and power. So it is only possible to carry out the attack on a theoretical plane.
51% attack (majority)
And famous 51% attack, consists of a person or a coalition achieving 51% (more than 50%) of the hash power of the network. With which he would manage to control her. Thus, for example, carrying out a brute force attack would be 100% feasible.
This is because the attacker would have control over the network and could generate blocks more frequently than the rest. Preserving its variation of the blockchain until it is longer than the original. Although theoretically the possibility exists, in practice many believe that in Bitcoin it is practically impossible to execute this type of attack today.
How do you make a transaction irreversible?
Once the transactions are added within a valid block on the blockchain, it is updated and reflects the new data. Thus, the added data is mathematically related and linked to the previous records integrated in the blockchain, so they cannot be modified.
In addition, cryptocurrencies being a decentralized system, do not have a central entity that operates, controls and verifies them. Rather, it employs a consensus among all nodes connected that are guided by the same protocol and a Proof of Work (PoW). Thus, any modification made will be detected by all the other connected nodes and rejected immediately.
Blockchain technology also operates under a set of algorithms that ensure that the recording of transactions is carried out transparently and continuously. In addition, this registry is organized chronologically from the beginning and is available to all nodes on the network. Bitcoin's protocol is also open source. So anyone who wants to can review it, audited it and check that it works as it should be.
The fact that the transactions of cryptocurrencies such as Bitcoin are irreversible, does not represent an impediment for this system to be used as a means of payment. So it does not represent a problem for a merchant or a user.
As a first option you can use a custody service. Where a certain amount of money will be guarded by a third party, and released once certain conditions are met. They can also be used together with multi-signature smart contracts. Where the keys of several users are required to authorize a transaction.
Finally, it is possible to reach an agreement with a merchant to make a money back. This, if any external inconvenience occurs that prevents the user from receiving a purchased product. For example, if Juan wants to buy a product, he makes a Bitcoin transfer to the store. The store owner expects a certain number of confirmations, and when he receives them, he sends the product to Juan through an agency.
But the agency suffers an inconvenience for which the product is not delivered to Juan, he reports it to the store and prepares the compensation. So the store contacts Juan, explains what happened and proposes that he wait or give him money back. Juan accepts the return, so the store immediately returns the amount paid. So Juan has his bitcoins back.