The double-spend problem is a potential problem in the digital cash system, which means that the same fund is paid to two payees at the same time. Without appropriate countermeasures, the protocol alone cannot completely solve this problem. After all, users have no way to verify whether the funds they receive have been paid to others.
In the field of digital cash, it is necessary to ensure that specific currency units cannot be copied. If Alice could receive 10 currency units, copy and paste them 10 times, and then have 100 currency units herself, the whole system would fall apart. Likewise, if she could send the same 10 currency units to Bob and Carol at the same time, the system would not work either. Therefore, there must be mechanisms in place to prevent this from happening to ensure the proper functioning of digital currencies.
A centralized approach is easier to implement than a decentralized solution, which usually requires a supervisor to manage the system and control the issuance and issuance of currency units. David Chaum’s eCash solves the double-spending problem through a centralized approach.
Banks can use blind signatures to issue imitation cash digital assets to users (anonymous peer-to-peer transactions are possible). This is detailed in the 1982 paper "Blind Signature Techniques for Untraceable Payments" by cryptographer David Chaum.
In this case, if user Dan wants to receive $100 in digital cash, he must first notify the bank. If there is a balance in his account, a random number will be generated (more if the denomination is smaller). Suppose five random numbers are generated, each worth $20. To prevent banks from tracking specific currency units, Dan confuses the situation by adding a blinding factor to each random number.
He then gives the data to the bank, which deducts the $100 balance from his account and signs the message, proving five pieces of information Each can be redeemed for $20. At this time, Dan can use digital cash issued by the bank. He went to Erin's restaurant for a meal and spent $40.
Dan can eliminate the blinding factor and disclose the random number associated with each digital cash "banknote". A unique identifier for a currency unit (roughly equivalent to a serial number). He discloses two of the random numbers to Erin, who must immediately exchange the funds with the bank to prevent Dan from paying to other merchants. The bank will verify whether the signature is valid, and if it is correct, it will deposit $40 into Erin's account.
The used "banknotes" are immediately destroyed. If Erin wants to use the account balance in the same way, more banknotes must be issued. .
The Chaumian eCash mechanism is extremely valuable for private transfers. However, the eCash mechanism itself has no resistance. Since banks are centralized nodes, once the system goes wrong, everyone will suffer. Bank-issued banknotes have no value in themselves; their value comes entirely from the bank's willingness to exchange the banknotes for U.S. dollars. Customers are subject to the bank and must rely on the bank's reputation to operate funds. This is exactly the problem that cryptocurrencies aim to solve.
It is more challenging to avoid the double-spend problem in an ecosystem without a supervision mechanism. Participants with equal power must coordinate with each other according to the same set of rules to prevent fraud and incentivize all users to act with integrity.
The biggest innovation presented in the Bitcoin white paper is the solution to the double-spending problem. Satoshi Nakamoto proposed an unprecedented data structure now known as blockchain.
A blockchain is really just a database with some unique properties. Network participants (called nodes) run specialized software that allows them to synchronize their own copies of the database with each other. In this way, the entire network can audit transaction history dating back to the genesis block. Since the blockchain is publicly viewable, it will be easier to detect and prevent fraud, such as identifying attempted double-spend transactions.
When a user publishes a transaction, it is not immediately added to the blockchain and must be mined before the block can be loaded. Therefore, only when the block is entered into the chain can the payee confirm that the transaction is valid. Otherwise, the recipient will risk losing funds if the sender pays the same token elsewhere.
Once the transaction is confirmed, token ownership is assigned to the new user and verified by the entire network, so the tokens may no longer be used Double flower. For this reason, many people recommend waiting for multiple confirmations before accepting a valid payment. Each subsequent block significantly increases the amount of work required to modify or rewrite the chain (such as in the case of a 51% attack).
Let’s go back to the restaurant situation. Dan returned to the restaurant and this time noticed the sticker on the window saying "This store supports Bitcoin payment". He couldn't forget his last meal and ordered the same food again, costing 0.005 Bitcoins.
Erin shows Dan the public address, which is the transfer address. Dan's announcement of the transaction is essentially a signed message announcing that the 0.005 Bitcoins he owns are now owned by Erin. Without going into too much detail, anyone who sees Dan's signed transaction can confirm that the tokens are indeed his, and therefore Dan has the authority to send them.
However, as mentioned before, the transaction is only valid after being loaded into the block and confirmed. Receiving an unconfirmed transaction is like receiving $40 in eCash previously. If it is not immediately cashed through the bank, the sender can spend the funds elsewhere. Therefore, Erin should wait at least 6 block confirmations (approximately one hour) before accepting payment from Dan.
Bitcoin is carefully designed to prevent double spending Attack, at least if the protocol usage is as expected. That is, if someone is waiting for a transaction to get block confirmation, the sender will not be able to easily reverse the transaction. Only by “reversing” the blockchain can a transaction be reversed, which requires enormous amounts of hashing power.
However, some double-spend attacks specifically target users who accept unconfirmed transactions. For example, with small purchases, merchants don’t want to wait until the transaction is included in the block. Busy fast-food restaurants may not be able to wait as long as the network takes to process each transaction. Therefore, if a merchant has "instant" payments enabled, they may face a double-spending problem. Someone can order a burger and pay for it, then immediately send the same funds back to their own address. As long as the handling fee of the later transaction is higher, it may be confirmed first, causing the previous transaction to become invalid.
There are currently three common double-spend attacks:
51% attack: A single entity or organization manages to control more than 50% of the hash rate in order to delete or modify the order of transactions. This type of attack is extremely unlikely to occur on the Bitcoin network, but it has occurred on other networks.
Race attack: Two conflicting transactions are published in succession using the same funds, but only one transaction is confirmed. The attacker's goal is to invalidate another payment by validating a transaction in their favor. For example, sending funds to an address he controls. A race attack typically involves the recipient accepting an unconfirmed transaction as payment.
Finney attacks: The attacker pre-mines a transaction and puts it into the block, but does not immediately publish it to the network . Instead, he paid the same token into another transaction before publishing a previously mined block, thereby invalidating the payment. The necessary conditions for a Fenney attack are that events occur in a specific order, and success also depends on whether the recipient accepts the unconfirmed transaction.
As we can see, merchants can greatly reduce their risks by simply waiting patiently for block confirmations , to avoid becoming a victim of double spending.
Users can use double-spend attacks to tamper with the peer-to-peer electronic cash system and use the same funds multiple times to seek unjust gains. In the past, because this problem had to be solved well, the development of this field has been stagnant.
Fortunately, however, the use of blind signatures has become an eye-catching solution in centralized financial solutions. Subsequently, the development of proof-of-work mechanism and blockchain technology gave birth to Bitcoin, a powerful form of decentralized currency, which in turn provided inspiration for thousands of cryptocurrency projects.