Double Spend
A double spend is completely what the name suggests. It is the act of, or attempt to, spend the same money twice in two different places. In a fiat currency this isn’t possible because only a certain amount of cash exists and is verified; you can’t spend the same bank note in two different places at the same time. However, you could theoretically send the same digital code and signature to two different people at exactly the same time – this is the Double Spend Problem.
Solution to the Double Spend Problem
The best way to describe Bitcoin’s defence is to first look at the common fiat cash “model”.
With fiat, the governing body prints a finite quantity which are verified with features such as watermarks, holograms and sequence numbers on the notes themselves. There’s also the impracticability of giving the same bank note to two people at the same time, unless one has been forged. Banks will not send the same money to two people from your account, because the transactions are processed in a linear fashion, with your balance being checked before each payment completes.
Bitcoin and the “blockchain” works in a similar way. When you want to send bitcoin to another person or institution you submit the transaction to the blockchain for verification. The verification is the mathematical process of checking the entire history of that particular coin and making sure that it is genuine and has not been spent before or artificially created. This is akin to checking the account balance and scrutinising the note before it is processed.
So, if someone were to try and perform a double spend, or it were to happen by accident (very unlikely) then whichever transaction was first to be added to the blockchain would be deemed to be the correct transaction. So, it’s a race to see which transaction gets the prize.
Now, say, two transactions for the same coin are added at virtually the same time, two different blockchains exist, one with transaction A and one with transaction B for the same coin. More transactions come down the line and need adding to the blockchain. One of A or B is chosen by the node or miner – not both – thus another race starts.
In a similar way to which a fork works, one of the chains will win out over the other. If, say, 80% are added to the A-chain and 20% to the B-chain, future transactions are then much more likely to be added to the A-chain. As more and more transactions are added, soon the B-chain becomes obsolete and transaction A becomes the “winner”.
This is how the bitcoin model is able to determine that there is not a double spend of the same bitcoin.
Deliberate attempts at a Double Spend
With the possibility of doubling your money, there exists a potential for people to try and exploit the ‘problem’ for their own gain, these are known as “Double Spend Attacks”. However, it is worth noting that at the time of writing there has never been a successful double spend attack on the Bitcoin blockchain.
51% attack
A 51% attack is where some person or organisation is able to validate both of their own transactions. To do this successfully they would need to hold over 50% of the nodes on the blockchain otherwise the majority would reject the attempt.
This style of attack is incredibly impractical as the resources needed to control over half of the nodes are astronomical, and simply not cost effective.
Race attack
A race attack is a far more practical form of attack. As explained above, two transactions that happen at the same time enter a race to get verified first. If the attacker is able to receive the product they were paying for before the race is over, then they can, in theory, use their payment twice. It is similar to an athlete in a 100 meter race getting a gold medal for winning the first 10 meters, then a second racer getting another gold medal once the race has finished at 100 meters.
This scenario is only possible however if the receiver of the transaction is willing to give their part of the transaction without a proper full-length verification. In our 100 meter race analogy, if everyone waits until the end of the race, there can be only one gold medal.
How to stay safe from a Double Spend attack.
You cannot defend yourself from a 51% attack. This happens on the block chain as a whole, so you need to trust in the security of the blockchain.
The trick to staying safe with race attacks lies with the number of verifications. As discussed, there is a small chance that the first verification of two simultaneous transactions could happen at the same time. The chance of this is tiny. Therefore the chance of them then both getting the second verification at the same time as well is even smaller. The more transactions you wait for, the smaller the chance of a double spend problem.
It is generally recommended that you wait for at six verifications to come through before a transaction is considered complete and you give/receive the goods in return for the payment. However, if the value is higher or lower than normal (buying a yacht or a coffee), you may want fewer or more. See the guide to Bitcoin Confirmations for more details.