Published on: 2014-05-12T13:04:47+00:00
In an email thread between Tom Harding and some Bitcoin developers, a correction was made to the calculation of the cost of double-spending. The new approximation requires the rule-following minority to find the next two blocks, resulting in a lower bound cost of .0025 BTC for one transaction. If a miner includes a seasoned double-spend despite the rule, he still loses at least .25 BTC, which is about 1000x the typical "double-spend premium." Christophe Biocca commented that the current rule is unenforceable in a discussion about Bitcoin's double-spend problem. Biocca explained that no miner would wait before mining on the longest chain, which would be a rational move. In a scenario where a miner decided to include a "seasoned" double-spend in his block, despite the rule, the expected cost of including the respend would be any revenue loss from doing so. If only 1% of hashpower follows the rule, the miner would still lose at least .25 BTC. This amount is about 1000x the typical "double-spend premium." Biocca questioned whether the greedy-rational miner would decide to include the earlier spend instead.In a discussion about Bitcoin's transaction confirmation time, Christophe Biocca suggests that it is easy to split the network into two halves by ordering transactions in a specific way. However, Tom Harding points out that this is not a practical solution and proposes a consensus rule to prevent double-spending attacks. This rule states that blocks containing a transaction (tx2) that spends an output of another locally accepted transaction (tx1) should not be accepted if the timestamp of tx2 minus the timestamp of tx1 is greater than T. The use of this rule would help prevent 50% of nodes from misidentifying respend attempts.A proposal was made on bitcointalk.org to address the issue of double-spending and lack of consensus in the blockchain. The proposal involves associating a timestamp with every transaction and adding a consensus rule that rejects blocks containing a transaction that respends an output spent by another locally accepted transaction if the time difference between the two transactions is greater than a certain threshold (T). The suggested threshold is T = 7.4 seconds, which would result in misidentification of the second spend by less than 1% of nodes. However, this proposal could potentially fork the network permanently since there is no magic way to achieve consensus, making it easy to split the network into two halves. To avoid this, a way to reconcile the split is necessary, such as accepting the offending block once it's two or more deep. But since the rule isn't enforceable, miners are likely to continue mining on the longest chain, rendering the proposal ineffective. The proposal presents the first consensus rule that anticipates less than 100% agreement, but the parameters can be chosen to remain conservative. Additionally, a fail-safe condition was suggested to drop the rule if a block has six confirmations to prevent a fork in unusual network circumstances.On February 14, 2011, a user named "Joe" suggested a new idea for blockchain technology in the Bitcointalk forum. Currently, nodes decide which of several conflicting transactions to accept and which is a double-spend, but there is no incorporation of these collective judgments into the blockchain. Joe proposed that nodes should associate a timestamp with every transaction upon first seeing it and add a consensus rule to reject blocks containing a transaction that respends an output spent by another locally accepted transaction after a certain amount of time has passed. The value of T, or the time threshold, was calculated based on the assumption that if a double-spender introduces both transactions from the same node, the median propagation time for recent transactions is 1.3 seconds, and the propagation times are distributed exponentially with a median of 1.3 seconds, then the above consensus rule would result in the misidentification of the second spend by less than 1% of nodes if T is set to 7.4 seconds. If transactions are introduced in mutually time-distant parts of the network, a population of nodes in between would be able to accept either transaction as they can today. However, the attacker still needs to introduce them at close to the same time, or the majority of the network will confirm the one introduced earlier. The merchant is also able to watch for double-spending attempts and gain confidence quickly if he is likely to be double-spent.The proposed consensus rule would be the first to anticipate less than 100% agreement, but the parameters could be chosen so that it remains conservative. Joe also suggested a fail-safe condition: drop the rule if the block has six confirmations to prevent a fork in unusual network circumstances. The first step towards implementing this solution is to share data broadly by relaying first double-spend attempts.
Updated on: 2023-08-01T09:11:42.920921+00:00