Author: Stefan Thomas 2011-08-04 22:10:59
Published on: 2011-08-04T22:10:59+00:00
One way to detect double spends is by connecting to numerous clients. If all of them send the same transaction, then it is unlikely to be a double spend. However, if some don't send the transaction or send a conflicting one, then it is likely a double spend in progress. This method can be easily realized as a service, just like mining. A proof of concept for this is available on http://www.transactionradar.com/. Although network support like MSG_DOUBLESPEND seems like a better option, the reality of Transaction Radar makes it clear that it may not be necessary. The service can connect to thousands of random nodes and push the probabilities of missing a double spend "in the wild" to near zero. It could also connect directly to important miners/pools as suggested by others. However, this detection method is not effective against double spends where the attacker does their own mining. In such cases, neither MSG_DOUBLESPEND nor the above detection method would work. Hence, network support for double spends is potentially damaging and unnecessary given the added network load. The author believes that DoS is more concerning than non-instant transactions. It's worth noting that an attacker attempting this method will be exposed to some randomness, and few attackers will buy 100 televisions, newspaper subscriptions or MP3s to get one for free. Hence, this method is only a problem for liquid goods with tiny spreads like any investment or stored value instrument.
Updated on: 2023-05-26T20:02:49.687278+00:00