CWith the implementation and development of decentralized money, a problem known as double spending. And is that the double expense is known as the risk of a digital currency being duplicated and used on more than one occasion. This is an attack that can affect cryptocurrencies due to its decentralized nature.
Like the fiat money is exposed to counterfeit banknotes, cryptocurrencies they are also prone to this fraudulent act. A simple example of a double expense would be the following:
A person has € 100 euros in the bank and knowing this he takes his checkbook to make some purchases. Using these checks, he buys something for a value of € 100 at two different sites and, as payment, issues a check with said amount. In this way, the first person to arrive at the bank will be able to collect the money, while the other person will see that there are no funds to pay. With this malicious action, whoever has paid has successfully made a double expense.
Cryptocurrencies are decentralized digital currencies, a kind of digital archive of money. Thus, they are liable to be cloned and introduced as counterfeit coins to the network if they do not have the appropriate control measures. Therefore, the act of counterfeiting can be carried out with relative ease, since the digital files of these can be reproduced more easily in relation to the physical currencies.
How does a double spending attack work?
Double spending occurs when a user wants to use the same coins multiple times. To achieve this, the user carries out two transactions at the same time to buy the products from the sellers. At that time, the network miners begin to generate the blocks and to validate transactions. But at one point, one of the blocks will be transmitted to more nodes faster, while the other does not. So only one block will be confirmed. This gives rise to a double-spending problem, which is also known as race attack or race attack.
However, at present, there are other variables of the double-spending attack, such as the famous 51% attack. This attack consists of a user being able to possess and manipulate more than 50% of the power of the hash (mining) of a network. Hence its attack name of 51%. Although this attack, for the moment, is more theoretical than practical, if certain conditions exist, it can be very easy to carry out by a cybercriminal.
Remember that the nature of cryptocurrencies is based on decentralization, so there is no central entity that controls them. Thus, it becomes necessary for a network of interconnected nodes to reach a consent. All this to fulfill the function of generating and validating the blocks with the transactions carried out. Which will later be included in the blockchain, and where all the nodes will keep an exact copy of it. So, by achieving control of 51% of the nodes, the user can manipulate it, and it would be able to mine and validate blocks much faster than the rest of the users. With which you can execute a double expense with a high probability of success.
As a curious fact, it is important to mention that there are other types of double-spending attacks, such as brute force attack, el finney attack or the Vector 76.
Who was the first to discover this attack?
Bitcoin It was the first cryptocurrency successfully created and launched on the market. But the first attempts to create a digital currency took place in the early 80s. David Chaum created the first digital currency, known as e-Cash. It was this currency that gave rise to the concept of electronic money and the possibility that it could be duplicated. However, in his proposal Chaum included a system that prevented a double-spending attack.
This system was a cryptographic mechanism, known as blind or opaque signatures, which prevented the issuer from knowing the origin of the money. And it maintained a central server to control the currencies and to avoid double spending. However, this server was the weak point of said system. Being centralized meant that attacking that server and taking control of it exposed e-Cash users.
Then, with the proposal and implementation of Bitcoin, Satoshi Nakamoto He proposed replacing the centralized system with one based on consensus. Where multiple nodes connected to the network are responsible for performing validations and confirmations of operations. This technology is what we know today as blockchain. And for the work done, the nodes receive a reward that encourages them to work honestly. Thus, if a rogue node wants to carry out a double-spending attack, it has to compete for the hashing power of the other connected nodes. And the more the network grows, the more difficult it will be to execute an attack.