Let’s revisit the definition of a Double Spend attack.
It means being able to successfully spend the same value more than once.
Keep this in mind as we go through the attacks in the following slides.
Imagine this scenario: in the year 2099, I’m an old lady, and I want to buy the new iPhone 92XCS from Rustie on the black market.
I’m offering a whopping 100 bitcoins, but I doesn’t actually want to give up my money.
#hodl.
So how can I double spend on Rustie? Well, it all depends on how early Rustie’s willing to give me the iPhone.
We’ll explain what that means right away.
Suppose Rustie is very naive and trusting.
The moment he sees a valid transaction from me, he sends me the iPhone.
This is before the transaction even enters a block — he makes the assumption that if the transaction is floating around the network, it will eventually make its way into a block and he’ll get paid.
I can take advantage of that.
I can trick him by sending him a valid transaction and sending the rest of the network a conflicting transaction.
While Rustie has the impression that I am sending the UTXO to his own address, I tell the rest of the network that I want to send that same UTXO to a different address, which is actually another address that I control.
I can incentivize miners to choose the second transaction by making the transaction fee for that higher as well.
It’s possible, then, that Rustie sends me the iPhone but I get to keep my money.
I just successfully double spent on Rustie through a race attack.
It’s called a race attack because the timing of transactions affects the outcome.
The transaction to Rustie doesn’t go through because it’s beat by the second transaction that spends from the same UTXO.
The second transaction making its way into the blockchain prevents poor Rustie from ever getting his bitcoins.