Jul 27, 2020
A double spend attack is where a person tries to steal from another person or merchant by creating two transactions, one that pays himself and the other that pays the merchant. The idea is that the attacker makes the merchant see the one for him and then tries to get the transaction paying him to be mined.
More details in a longer post about this here.
One myth I definitely want to get rid of is that it is possible, even theoretically, for there to be innovations which eliminate the double spend attack. I see a lot of people have been convinced that this is part of the Avalanche or similar pre-consensus ideas. The truth is that the double spend attack can not be eliminated, even theoretically, for the simple reason that the network is not going to be able to determine which of the two transactions is the right one. Is it the first seen? Not always, because it takes up to 3 seconds before all nodes have seen a transaction. Basic limitation of the speed of light. And you can make some nodes see one before the other based on this too.
A merchant that gets notified that a double-spend attack has been made on an actual withdrawal has to realize that there is an actual attempt to steal from him. This is a basic fact. And the question is how do you recover from this? Do you call the police? Sounds like a sane thing to do. At minimum you make clear that you never want to do business with the person again.
I mean, if you see someone pick your pockets, do you just walk away being happy you caught it and he failed? Or do you want to make clear to yourself and society that this is wrong and attempts to steal should not be just dismissed?
So, imagine you have a guy that tries to buy something. Your wallet states you just got a double-spend proof. Which includes cryptographic proof that the guy tried to steal from you. Do you continue with the transaction and try to complete it, or not?
Because if you don’t want to continue that transaction, then you don’t need preconsensus because you never actually hit that part of the flow-chart.
What would you do? Would you follow the red path in case of a double spend attack?