One of the primary concerns of any cryptocurrency developer is the issue of double-spending. This refers to the incidence of an individual spending a balance of that cryptocurrency more than once, effectively creating a disparity between the spending record and the amount of that cryptocurrency available, as well as the way that it is distributed.
The issue of double-spending is a problem that cash does not have; if you pay for a sandwich with a $10 bill, turning that bill over to the maker of the sandwich, you cannot turn around and spend that same $10 elsewhere. A transaction using a digital currency like bitcoin, however, occurs entirely digitally. This means that it is possible to copy the transaction details and rebroadcast it such that the same BTC could be spent multiple times by a single owner. Below, we’ll examine how cryptocurrency developers have insured that double spending cannot happen.
- A technical issue that arises with the notion of a digital currency is the ability for somebody to duplicate the digital money and spend it simultaneously at two or more places.
- This ‘double-spend’ problem is prevented in blockchain-based cryptocurrencies such as Bitcoin by using a consensus mechanism known as proof-of-work (PoW).
- This PoW is carried out by a decentralized network of ‘miners’ who not only secure the fidelity of the past transactions on the blockchain’s ledger but also detect and prevent double-spending.
The blockchain which undergirds a digital currency like bitcoin is not able to prevent double-spending on its own. Rather, all of the different transactions involving the relevant cryptocurrency are posted to the blockchain, where they are separately verified and protected by a confirmation process. In the case of bitcoin and many other cryptocurrencies, transactions that have been confirmed in this way become irreversible; they are posted publicly and maintained in perpetuity.
Bitcoin was the first major digital currency to solve the issue of double spending. It did so by implementing this confirmation mechanism and maintaining a common, universal ledger system. In this way, the bitcoin blockchain retains records of time-stamped transactions going back to the founding of the cryptocurrency in 2009.
In Bitcoin terms, a “block” is a file of permanently recorded data. All recent transactions are written into blocks, much like a stock transaction ledger on an exchange. Information from blocks is added to the ledger every few minutes; all nodes on the network maintain a copy of the blockchain ledger. Users are able to navigate the blockchain for bitcoin and review transactions in terms of quantity only. Details about the identities of the buyer and seller in any transaction are protected by high-level encryption, which also protects the ledger from tampering by outside sources. When the blockchain ledger is updated, so too are all bitcoin wallets.
Imagine that you have 1 BTC and you attempt to spend it twice in two separate transactions. You could attempt to do this by sending the same BTC to two separate bitcoin wallet addresses. Both of these transactions will then go into the pool of unconfirmed transactions. The first transaction would be approved via the confirmation mechanism and then verified into the subsequent block. However, the second transaction would be recognized as invalid by the confirmation process and would not be verified. If both transactions are pulled from the pool for confirmation simultaneously, the transaction with the highest number of confirmations will be included in the blockchain, while the other one will be discarded.
While this effectively deals with the issue of double spending, it is not without its issues. For example, the intended recipient of the second (failed) transaction would not have part in the transaction itself failing, and yet that person would not receive the bitcoin he or she had anticipated. Many merchants wait for at least 6 confirmations of a transaction (meaning that 6 subsequent blocks of transactions were added to the blockchain after the transaction in question). At this point, the merchant can safely assume that the transaction is valid.
There remain other vulnerabilities in this system which could allow double-spend attacks to take place. For example, if an attacker is somehow able to control at least 51% of the has power of the network, he or she can commit double spending. If an attacker were somehow able to get control of this much computational power, he or she could reverse transactions and create a separate, private blockchain. However, the rapid growth of bitcoin has virtually insured that this type of attack is impossible.
Now let’s get a little more technical. The way that users detect tampering such as an attempt to double-spend in practice is through hashes, long strings of numbers that serve as proof of work (PoW). Put a given set of data through a hash function (bitcoin uses SHA-256), and it will only ever generate one hash. Due to the “avalanche effect,” however, even a tiny change to any portion of the original data will result in a totally unrecognizable hash. Whatever the size of the original data set, the hash generated by a given function will be the same length. The hash is a one-way function: it cannot be used to obtain the original data, only to check that the data that generated the hash matches the original data.
Generating just any hash for a set of bitcoin transactions would be trivial for a modern computer, so in order to turn the process into “work,” the bitcoin network sets a certain level of “difficulty.” This setting is adjusted so that a new block is “mined” – added to the blockchain by generating a valid hash – approximately every 10 minutes. Setting difficulty is accomplished by establishing a “target” for the hash: the lower the target, the smaller the set of valid hashes, and the harder it is to generate one. In practice, this means a hash that starts with a long string of zeros: the hash for block #429818, for example, is 000000000000000004dd3426129639082239efd583b5273b1bd75e8d78ff2e8d. That block contains 2,012 transactions involving just over 1,000 bitcoin, as well as the header of the previous block. If a user changed one transaction amount by 0.0001 bitcoin, the resultant hash would be unrecognizable, and the network would reject the fraud.
Since a given set of data can only generate one hash, how do miners make sure they generate a hash below the target? They alter the input by adding an integer, called a nonce (“number used once”). Once a valid hash is found, it is broadcast to the network, and the block is added to the blockchain.
Mining is a competitive process, but it is more of a lottery than a race. On average, someone will generate acceptable proof of work every ten minutes, but who it will be is anyone’s guess. Miners pool together to increase their chances of mining blocks, which generates transaction fees and, for a limited time, a reward of newly-created bitcoins.
Proof of work makes it extremely difficult to alter any aspect of the blockchain, since such an alteration would require re-mining all subsequent blocks. It also makes it difficult for a user or pool of users to monopolize the network’s computing power, since the machinery and power required to complete the hash functions are expensive.