Double-spending refers to the risk in digital currencies that someone spends the same money twice. With fiat currencies, banks act as gatekeepers for the transfer of funds in digital format. Each time a bank account holder makes a deposit or withdrawal, the bank updates their balance accordingly. Effectively, the bank maintains a ledger of all user funds.
As the internet evolved and various innovators attempted to create bankless digital cash schemes, they always came up against the same challenge. Digital money is effectively just a digital file, comparable to an image or pdf document. If someone wants to send money to someone else electronically, how do you prevent either of them from merely copying the digital files and spending the funds twice?
When Satoshi Nakamoto invented Bitcoin, it was the first time anyone had come up with a workable solution to the double-spend problem. Bitcoin has now been in operation for over twelve years, and so far, nobody has ever managed to execute the double-spend problem successfully.
To clarify, when we use Bitcoin with a capital “B,” it refers to the Bitcoin blockchain or network of miners. If we use bitcoin with a lower case “b,” it means the currency.
How Does Bitcoin Prevent Double-Spending?
The Bitcoin blockchain is a public and transparent ledger that contains all transactions involving every bitcoin in circulation. We can trust that the transactions are valid because each one has been verified by a decentralized network of nodes who have agreed that the transaction is legitimate – that the person sending the transaction has sufficient balance in their account to cover its value. Once the bitcoin transfers to a new user, it can’t be spent again by the previous owner.
Anyone can verify the balance of each account by tracing transactions back through time. By itself, this makes it difficult to execute a double-spend because anyone can see that it has happened.
The Double Spending Problem Explained
Let’s imagine Alice has just sent Bob 0.1 BTC to buy something from his shop. Each transaction is queued for inclusion in the Bitcoin blockchain in a waiting area called the mempool. A miner will select a group of transactions from the mempool and compete with the other miners on the network to solve the proof-of-work problem.
A miner selects Alice’s transaction and becomes the first miner to solve the proof-of-work problem. Our miner broadcasts their block to all the other miners on the network, who all confirm that the transactions in the block are valid based on the current state of the blockchain. Our miner adds their block of transactions to the blockchain and receives their mining rewards in bitcoin. Once Alice’s transaction is included in the Bitcoin blockchain, it’s publicly available for everyone to see.
Types of Double Spend Attacks
Now, let’s imagine that Alice is a malicious actor who wants to double-spend her 0.1 BTC. How would she manage to pull it off? There are potentially three ways she could execute a double-spend to wriggle out of her debt to Bob. None of them are easy or foolproof, though.
This refers to a scenario where someone manages to take control of more than 50% of the entire network’s hash power. If Alice manages to achieve this, she can simply delete her transaction, meaning that as far as the Bitcoin ledger shows, the 0.1 BTC never left her account. Because the Bitcoin network is highly decentralized with a vast amount of hash power, this attack has never happened. However, it has occurred on other networks, such as Ethereum Classic.
After sending the 0.1 BTC to Bob, Alice quickly sends another transaction for 0.1 BTC to another one of her own addresses. While she tells Bob her debt is settled, her goal is that her second transaction will be the one that gets selected and validated, thus invalidating the first one. Bob won’t get his funds. Assuming he’s already accepted the transaction and let Alice walk out of his shop, he won’t be able to recover his money.
Alice pre-mines one transaction that sends 0.1 BTC to another one of her own addresses into a block but doesn’t broadcast it to the network. She then sends Bob his 0.1 BTC but immediately broadcasts her pre-mined block that confirms her first transaction. The network will reject the transaction that sends her funds to Bob. Once again, if Bob lets Alice leave the shop, he’s lost his funds in this scenario.
In both of the last two cases, Bob can seriously reduce his liability by waiting for the transaction to be confirmed by a miner. In the first scenario, the more time that passes and the more blocks that are confirmed, the more expensive it becomes for Alice to execute a 51% attack.
In the Bitcoin white paper, Satoshi Nakamoto calculated that it would be virtually impossible to successfully pull off a 51% attack after six blocks. Therefore, if Bob is prepared to wait for around six blocks, he can rest assured that Alice will not double-spend his funds.
Was there a Bitcoin double-spend on January 22, 2021?
On January 22, 2021, the “Fork Monitor” feature on BitMEX appeared to indicate that a double-spend had happened. BitMEX tweeted what it believed had occurred, and the crypto press immediately leaped on the news. The BTC price fell to below $30,000 for the first time in the last 20 days, based on an apparent double-spend worth $21 of bitcoin.
So what happened? Unfortunately, it was a case of too many people getting excited about what is a fairly normal event in the course of Bitcoin’s operations. A user had attempted to send a transaction with very low fees, which had been queued in the mempool for several days, most likely because miners were selecting more lucrative transactions to be included in their blocks.
The sender had subsequently attempted to send the transaction again, but with higher fees, presumably in an attempt to get it picked up by a miner. When that didn’t work, they tried again with even higher fees. So three transactions were queued in the mempool.
Eventually, the first and last transactions were picked up by two separate mining pools. Occasionally, two miners will simultaneously solve the proof-of-work puzzle, resulting in two separate versions of the blockchain where miners must decide which version they wish to continue mining. This is fairly common, as the Bitcoin network is comprised of many miners. They generally opt to continue mining on the heaviest block, which is what happened in this case. One of the blocks was rejected as “stale,” and the second transaction was never included in any block once miners realized it was invalid.
As we’ve demonstrated, a double-spend attack isn’t impossible, but the Bitcoin blockchain is engineered to ensure that, provided there are enough miners on the network, it can never happen. In general, a blockchain network’s security depends on the degree of decentralization, explaining why the cryptocurrency community tends to prize decentralization as one of the most critical principles governing blockchains.