Double spending is a type of attack that would allow a cybercriminal to use the same coins multiple times, a fact that affects cryptocurrency technology due to its decentralization and for which developers have created various protection mechanisms.

CWith the implementation and development of decentralized money, a problem known as double spending. And is that the double expense is known as the risk of a digital currency being duplicated and used on more than one occasion. This is an attack that can affect cryptocurrencies due to its decentralized nature.

Like the fiat money is exposed to counterfeit banknotes, cryptocurrencies they are also prone to this fraudulent act. A simple example of a double expense would be the following:

A person has € 100 euros in the bank and knowing this he takes his checkbook to make some purchases. Using these checks, he buys something for a value of € 100 at two different sites and, as payment, issues a check with said amount. In this way, the first person to arrive at the bank will be able to collect the money, while the other person will see that there are no funds to pay. With this malicious action, whoever has paid has successfully made a double expense.

Cryptocurrencies are decentralized digital currencies, a kind of digital archive of money. Thus, they are liable to be cloned and introduced as counterfeit coins to the network if they do not have the appropriate control measures. Therefore, the act of counterfeiting can be carried out with relative ease, since the digital files of these can be reproduced more easily in relation to the physical currencies.

How does a double spending attack work?

Double spending occurs when a user wants to use the same coins multiple times. To achieve this, the user carries out two transactions at the same time to buy the products from the sellers. At that time, the network miners begin to generate the blocks and to validate transactions. But at one point, one of the blocks will be transmitted to more nodes faster, while the other does not. So only one block will be confirmed. This gives rise to a double-spending problem, which is also known as race attack or race attack.

However, at present, there are other variables of the double-spending attack, such as the famous 51% attack. This attack consists of a user being able to possess and manipulate more than 50% of the power of the hash (mining) of a network. Hence its attack name of 51%. Although this attack, for the moment, is more theoretical than practical, if certain conditions exist, it can be very easy to carry out by a cybercriminal.

Remember that the nature of cryptocurrencies is based on decentralization, so there is no central entity that controls them. Thus, it becomes necessary for a network of interconnected nodes to reach a consent. All this to fulfill the function of generating and validating the blocks with the transactions carried out. Which will later be included in the blockchain, and where all the nodes will keep an exact copy of it. So, by achieving control of 51% of the nodes, the user can manipulate it, and it would be able to mine and validate blocks much faster than the rest of the users. With which you can execute a double expense with a high probability of success.

As a curious fact, it is important to mention that there are other types of double-spending attacks, such as brute force attack, el finney attack or the Vector 76.

Who was the first to discover this attack?

Bitcoin It was the first cryptocurrency successfully created and launched on the market. But the first attempts to create a digital currency took place in the early 80s. David Chaum created the first digital currency, known as e-Cash. It was this currency that gave rise to the concept of electronic money and the possibility that it could be duplicated. However, in his proposal Chaum included a system that prevented a double-spending attack.

David Chaum was the one who discovered double spending on decentralized currency systems

This system was a cryptographic mechanism, known as blind or opaque signatures, which prevented the issuer from knowing the origin of the money. And it maintained a central server to control the currencies and to avoid double spending. However, this server was the weak point of said system. Being centralized meant that attacking that server and taking control of it exposed e-Cash users.

Then, with the proposal and implementation of Bitcoin, Satoshi Nakamoto He proposed replacing the centralized system with one based on consensus. Where multiple nodes connected to the network are responsible for performing validations and confirmations of operations. This technology is what we know today as blockchain. And for the work done, the nodes receive a reward that encourages them to work honestly. Thus, if a rogue node wants to carry out a double-spending attack, it has to compete for the hashing power of the other connected nodes. And the more the network grows, the more difficult it will be to execute an attack.

How much do you know, cryptonuta?

Is protection against double spending a key to the success of cryptocurrency technology?


Thanks to the development of methods that help to avoid carrying out double-spending attacks, it was essential for the successful development of cryptocurrencies. Without this, cryptocurrencies would not be a safe means of handling money due to the risk of counterfeiting that would exist in them.

How are cryptocurrencies protected from these double-spending attacks?

Bitcoin and other cryptocurrencies operate under blockchain technology, which has two mechanisms to prevent fraudulent double-spending attacks. First, a validation and registration of all the transactions carried out is carried out. In the case of Bitcoin, it is an open, verifiable and auditable record. Secondly, a verification is carried out to verify the authenticity of each operation by applying an instrument known as Proof of Work (PoW).

Each record added to the blockchain maintains a consecutive and ascending order, and each added block is linked by cryptographic techniques to the previous block. With which an inalterability of the data and, therefore, of the network is guaranteed. This mechanism also allows confirming the transactions carried out, and once this occurs, the greater the number of confirmations an operation has, it will be practically impossible to duplicate or falsify it.

In the same way, each time the network grows and more nodes join it, it becomes more robust and the mining process becomes much more complicated. Therefore, more computational power is required to carry out one of these attacks successfully. And this would imply a huge energy expenditure that makes it unattractive.

It is important to mention that the Bitcoin network is particularly prone to suffering a double-spending attack at the time transactions are made and they have 0 confirmations. So it is always recommended to wait at least 6 confirmations from the network to consider a transaction completed, without running the risk that it will be reversed.