Double-spending is an issue that has existed ever since Bitcoin’s (BTC) inception, and according to a recent report from ZenGo, it still persists across cryptocurrency wallets such as BRD, Ledger Live and Edge.
Although these companies have updated their product offerings since ZenGo pointed out this discrepancy, it is speculated that millions of crypto users could have been exposed to this particular exploit, dubbed BigSpender. Ledger, one of the impacted crypto wallet firms, even claimed that this vulnerability is only a user experience flaw.
What is double-spending?
Double-spending is a flaw that arises across digital cash platforms wherein a single digital token can be spent more than once. Although this is not a weakness that is unique to blockchain and cryptocurrency, it becomes a very significant issue for crypto users. With centralized currencies, this issue is solved by having a trusted third party in place that verifies if the token has already been spent.
With decentralized currencies such as Bitcoin, the unique selling point is that they offer a system that is not linked to any central bank, with the double-spend issue attempting to be solved by having many servers store up-to-date copies of the public transaction ledger.
The hurdle faced by this approach is that once broadcasted, transactions will reach each server at slightly different times, and if two transactions attempt to spend the same token, each server will consider the first to be valid and void the second transaction. If these two servers were to disagree then there would be no way to reconcile the true balance, as each server’s observation is considered valid. Cointelegraph spoke about the matter with Bilal Hammoud, founder and CEO of NDAX — a cryptocurrency exchange based in Canada — who said that despite recurring issues, Bitcoin does have a prevention system in place:
“Bitcoin network utilized multiple measures to prevent such attacks such as time to produce 1 block which averages about 10 minutes and recommendation of 6 confirmation which makes it near impossible to reverse a transaction unless the attacker owns a significant network hash power.”
Legitimate and fraudulent ways
There are myriad ways that a crypto user or an entity can double-spend. While some of these methods are legitimate, most are, unsurprisingly, fraudulent. Some of the well-known double-spending techniques are race attacks, Finney attacks, Vector76 attacks, the aforementioned BigSpender attack and the main threat to the Bitcoin network, 51% attacks.
A race attack — also known as a replace-by-fee, or RBF, attack — happens when the merchant or receiving party accepts a transaction with zero confirmations. It is the most common double-spend, where a user sends a transaction to a merchant, and once the transaction has been accepted and goods are delivered, the attacker sends a conflicting transaction to another address with a higher transaction fee, forcing it to be validated before the original transaction. On this kind of attack, Hammoud commented:
“These kinds of transactions are not always fraudulent. Exchanges like NDAX typically carry out these transactions as they control a Bitcoin node with a method that is called RBF (replace by fee) to reverse a transaction whereby the transaction fee was low and they need the transaction to go faster or if the user of the exchange sent to the wrong address and exchange attempt to reverse the transaction.”
A Finney attack, however, is a fraudulent double-spend that relies heavily on network hash rate and requires participation from a miner. This type of attack is extremely rare in the current scenario, as it requires Bitcoin’s hash rate to be extremely low. A Vector76 attack is also a rare attack that is a combination of Finney and race attacks.
The main threat to the Bitcoin network is a 51% attack, which could happen if a group of miners that control more than 51% of the network’s hashing power agrees to reorganize the transaction. This allows attackers to prevent new transactions from being confirmed by interrupting payments between some or even all users on that network. This attack also makes it possible to reverse transactions that were already completed, thus contributing to the double-spend issue.
One of Bitcoin’s forks, Bitcoin Gold (BTG), was hit by such an attack twice, in 2018 and 2020. On this particular type of attack and attackers, Hammoud stated that Bitcoin is unlikely to be affected by it: “This type of attack is very unlikely as it threatens the entire network integrity, such an attack can only be coordinated if miners decide to destroy the entire bitcoin value rendering useless.”
Solutions in crypto
The way that crypto firms/wallets detect attempts to double-spend is through the use of hashes. A hash is created using an algorithm and is essential to blockchain management in cryptocurrency, as these long strings of numbers serve as proof-of-work. When a given set of data is run through a hash function, there can only be one unique hash that is generated. Any tiny change to the data will create a totally unrecognizable hash when compared with the one generated originally. The algorithms used to create such hashes are called consensus algorithms.
Despite the use of these consensus algorithms on blockchain networks, there have been several instances of double-spends that have been detected where either the users or the firms themselves have been impacted. Gregory Klumov, founder and CEO of Stasis — an issuer of a euro-backed stablecoin — spoke to Cointelegraph on why the issue is still ongoing:
“There are centralized and decentralized risks. In the first case, there are several points of failure hacking into which you can take ownership or take assets or whatever else. In the case of a decentralized network, most of it must be taken under control to carry out attacks. There is no alternative, so debates are happening which model will be sustainable in the longer run.”
However, some believe this to be an inherent flaw in the system. While speaking to Cointelegraph, Evgen Verzun, founder of decentralized cloud platform Hypersphere, revealed: “This is one of the basic flaws, so system creators should always remember about it and design their consensus algorithm in a way to avoid it.” Hammoud, however, holds a more liberal view on the nature of double-spends, holding the attackers more liable than the system itself:
“Double spend is not necessarily an issue or a design flaw. The majority of users use double-spend for legitimate reasons. [...] Unfortunately, some bad actors do take advantage of that and by simply following the rules above like waiting for the necessary confirmations and disabling incoming connections to a merchant node can simply stop 95% of these attacks.”
What can crypto wallet firms do?
Since crypto wallets could be considered merely a door to the blockchain or an access interface, there are only limited efforts that can be taken to negate the risk of double-spending, according to Hammoud, who said that wallets can implement rules that forbid setting low transaction fees or setting up a ledger system that places funds on hold. He added: “But unfortunately, there is no wallet that can be foolproof as an attacker can simply run their own node or extract their seed from wallet providers and use a third-party to execute the attack.”
Since the current talk of the town is the recent RBF attack on various crypto wallet firms dubbed “BigSpender,” there are actions that merchants, users and firms can take to reduce the chances of these attacks in the future. Hammoud echoed the suggestions made by Verzun, noting: “Another measure would be also to implement a cool-down period where the wallet provider prevents users from exporting their private seed within 20 mins of sending a transaction or payment,” adding that:
“Merchants and users can stop these attacks by waiting for 6 confirmation on the blockchain. Some merchants and companies can also accept less than 6 confirmation, by disabling incoming network connection and making sure they are connected to a well established node.”
Though these solutions are simple in concept, they are often extremely difficult to implement. It’s now up to the security innovation processes of wallet firms, merchants and users alike to determine the chance of these double-spend fiascos happening in the future. These innovations should be a priority for all parties involved, given the monetary and, more importantly, reputational risks that impact merchants and ultimately the whole blockchain industry.