The General Double-Spending Attack: The Race Attack
Explore what a race attack is and the probability of a successful double-spending attack
Setting up a double-spending attack
To do a double-spending attack, an attacker sends two conflicting transactions in rapid succession into the network and thus will start a double-spend race against the rest of the network by secretly mining an alternate blockchain with the intent to create a longer chain than the authoritative one in order to replace the last blocks. This kind of attack is called a race attack.
Race attack
A race attack is released if an attacker sends two conflicting transactions in rapid succession into the network.
We outline the steps of this attack. Let’s assume that there’s a merchant who accepts a cryptographic currency in exchange for goods, while Mallory is a customer who intends to use the vulnerability of the blockchain algorithm. We assume that the block is the latest block of the blockchain. The attacker, Mallory, follows these steps (
-
Mallory sends a transaction to the network that moves coins from one of his addresses to one of the merchant’s addresses.
-
The merchant waits for the transaction to appear in the block that has to block as its predecessor. Knowing that the security of the transaction grows in lengths of descendant blocks, he is looking for the -th confirmation of the transaction, so he waits for the block , as shown in Figure 1.
-
The merchant sends the goods to Mallory.
-
Now, Mallory starts the double-spending attack as shown in Figure 2: Mallory initiates a conflicting transaction that moves the coins from his address to a new address that also belongs to him and creates a new block which has to block as predecessor and confirms . Now, he releases a chain of new blocks (since the network of honest miners also created new blocks in the meanwhile and he needs to outpace them) in order to go one block ahead of the authoritative chain.
-
Since the newly-mined chain now maintains one block more than the alternative one, Mallory’s attacking chain becomes the new authoritative chain, whereas the blocks of the alternative chain get orphaned.
-
The transaction isn’t part of the authoritative chain any longer and thus it’s considered as if it never happened, whereby the conflicting transaction is now considered as the valid one. Mallory has now both the good and his coins.
Figure 1
Get hands-on with 1400+ tech skills courses.