Unbeknownst to many, over the past few months, there has been a sharp increase in the # of those that have attempted to defraud other users on the chain via 'double-spending' attacks.
Before diving into what's really going on, we need to clarify a few terms first (and do some light review of Bitcoin protocol fundamentals).
Understanding the Concept of Double Spending
As an online currency that is not controlled, minted, pegged or under the explicit authority of a government, Bitcoin represents the manifestation of a concept once thought impossible.
The reason why Bitcoin was considered impossible is due to the nature of the internet and online payments.
Stark Difference Between Cash and Digital Payments
When it comes to cash payments, we are able to physically appraise the value of the cash that we are receiving.
Our only responsibility is to ensure that we have not received a fraudulent / counterfeit bill.
informationRecent reports from various jurisdictions around the world suggest that the practice of passing off counterfeit bills, overall, has declined significantly:
Thus, physical money provides the immediate apparent benefit of instant verifiability.
Why Bitcoin is Different
Bitcoin, as a construct and an idea,must without the benefits imbued to other currencies, such as backing by a nation's military / government, widespread social acceptance, or a federal reserve of some sort that can exercise various monetary and fiscal tools in order to ensure its economy continues to thrive.
Bitcoin Must Be Trustless
Without this being the case, there is no plausible reason to use Bitcoin - and this is due to the nature of the internet itself.
Since there is no treasury to imbue special markings or other intracacies (i.e., watermarks, special material for paper), we are left without any objective assurance to provide a guarantee that the money that we are receiving is legitimate.
Of course, there is the obvious solution of assigning some entity authority over balancing the ledger between two parties as they are transacting with one another - but then those two parties (and anyone else trading with said currency) must have some plausible trust that the overseer can be relied on.
This Goes Further Than Integrity
Often times, many devolve the word "trust" to mean 'honesty' and while that is a valid meaning for this term, it is far from encompassing within the context of Bitcoin and blockchain.
If Amy and Bob are transacting with one another, for instance, and they delegate Jessica to be the neutral 3rd-party responsible for keeping a ledger between the two parties, then Amy and Bob must not only trust Jessica's integrity but also trust that:
A) Jessica remains in good health (if she were to die spontaneously, then Amy and Bob would be out of luck)
B) The accuracy of Jessica's calculations - she's only human being, so mistakes are bound to happen. But if we're relying on Jessica, then we are implicitly trusting that her records are mistake-free
informationJessica is Essentially Fulfilling the Role of Visa, Mastercard, Capital One, etc.
When we boil things down to their root, Jessica is fulfilling a role that is no different than that of already existing financial institutions.
And since Jessica has far less resource than said institutions (with no FDIC insurance to boot), all we will have done by placing Jessica in charge is create an exponentially degraded version of a financial system that already exists.
Making Bitcoin Trustless
The way the Bitcoin protocol is implemented ensures that nothing needs to be inherently "trusted".
informationThat means that there must be some objective means of checking information (hence why the ledger is public and not private; this is not a design flaw)
The way that Bitcoin facilitates this trustlessness is via:
- Cryptography (secp256k1 / ecdsa for private / public key pairs, SHA256, crc32 checksums, ripemd160 all iterated in one protocol for consistency and standardization of certain things)
- A stateless wallet creation scheme (i.e., one's wallet can be created entirely offline, no connection to anything
- The entire network of nodes is distributed globally. This makes the protocol asynchronous
- Proof of Work (the biggest staple) creates an arms race among other miners on the network to "solve" the next block via finding the correct nonce value. The incentive for doing so is the 'coinbase' reward produced by the blockchain.
- The block header must be included in the next block before all the transactions are hashed out and turned into merkle trees + distributed to the network for verification. This creates a hashed chain from the last block to the next. Also, since the blocks are hashed and the 'difficulty' algorithm is tied into the hash algorithm itself (i.e., how long it takes to hash a certain value), the Proof of Work is established in the way that any alteration to a prior block will change the hash output of every subsequent block (thus invalidating said block - which is aside from the fact that the merkle tree proofs in those blocks will become invalid at that point)
- Each node independently verifies the blocks that they receive (without discrimination on who is sending them the blocks) and first ensures that there are no violations of protocol rule that have occurred (i.e., mining an invalid transaction)
- Since full nodes are required to keep a record of the entire ledger - from 'Genesis' (the first block ever created) to present, they are able to verify whether or not anything has been double spent. They adhere religiously to a universal rule which accepts any blockchain submitted to them that is valid, with the greatest Proof of Work.
- Bernoulli's + Poisson distribution allow the difficulty to be gauged by the amount of time it would take the entire network, collectively to derive the winning nonce value (versus one attempting to do so on their own). Therefore, an attacker that represents 25% of the network's total hash rate will find that the difficulty has increased by 400%+ if they attempt to solve said blocks alone.
There's considerable more information that will be included within the greater compendium addressing this very topic