Author

Topic: How to detect double spending? (Read 2008 times)

sr. member
Activity: 322
Merit: 250
May 19, 2015, 08:44:32 AM
#12
They is no way stop double spending if the confirmation less than 1. If we could, we can make the confirmation time to zero second.
sr. member
Activity: 268
Merit: 258
May 18, 2015, 07:23:45 PM
#11
Why is there no bullet proof way? What are the chances of getting attacked? What happens if it is a double spend? Huh
There is no bullet proof way because anyone can send two transactions with the same inputs without anything stopping them.  The chances of being attacked depends on the person you are dealing with, and generally, accepting 0 confirmations with large transactions have a high risk of a double spend. If there is a double spend, either the seller sees that a double spend happened and doesn't send the goods, or the buyer gets the goods and keeps his money. The seller can protect himself by waiting for a couple confirmations to ensure that another transaction to double spend cannot be accepted by the network.
hero member
Activity: 672
Merit: 508
LOTEO
May 18, 2015, 05:06:56 PM
#10
There is no bullet proof way but you can prevent them with some techniques.
1-Check for transaction fee, if 0 and amount is small, assume its a double spend.
2-Use some service like blocktrail and check the double_spend flag (not working in some cases).
3-If its eg. gambling related, accept 0 confs and allow the user to gamble, but only withdraw after the minconfs.
3-Implement your own double spend prevention, assuming your running a full node+rpc:
3a-After you get the desired tx start a loop of lets say 1min.
3b-Use getrawmempool and grab every transaction in the mem pool.
3c-Parse each transaction and check if any of the VIN's matches your original transaction VIN.
3d-If after 1min no other transactions match the VIN, you can say its not a double spend.

With any of the above methods your still vulnerable to finney attacks (blockchain forks) and some race attacks, but your dramatically reduce your chances of getting attacked.

Hope this helps.

Why is there no bullet proof way? What are the chances of getting attacked? What happens if it is a double spend? Huh
hero member
Activity: 980
Merit: 1002
May 18, 2015, 03:30:20 PM
#9
Second or first , it depends of how much fee will you put in those transactions. If you want to "play" or better do some double spend, try this site : http://gangsta.strangled.net/  (create new addresses, don't use your personal bitcoin daily address).

My bad! Thank you!

I didn't know about that site but I don't like importing keys to such walllets, so bitundo.com is doing a better job except for Brand New members.

hi, developer here, keys are imported client side and never exposed, code is open.
also, you can download the source from github (https://github.com/gdassori/gangsta) and run it locally, since the hosted version could be compromised.

as advised, the tool is unstable and just for playing, I'm not responsible if you, let's say, spend 1 BTC in fees because of software failure.

sr. member
Activity: 462
Merit: 251
March 19, 2015, 08:00:24 PM
#8
AFAIK check whether input(s) of transaction you received is really UTXO(s) i.e. check whether input of the transaction is spent in another transaction. If yes, then second transaction is a double spend.

Transactions which got 1 confirmation is hard to double spend but as a matter of security, atleast 2 confirmation for deposits is recommended.

Really Thanks very much Smiley
sr. member
Activity: 462
Merit: 251
March 19, 2015, 07:55:37 PM
#7
There is no bullet proof way but you can prevent them with some techniques.
1-Check for transaction fee, if 0 and amount is small, assume its a double spend.
2-Use some service like blocktrail and check the double_spend flag (not working in some cases).
3-If its eg. gambling related, accept 0 confs and allow the user to gamble, but only withdraw after the minconfs.
3-Implement your own double spend prevention, assuming your running a full node+rpc:
3a-After you get the desired tx start a loop of lets say 1min.
3b-Use getrawmempool and grab every transaction in the mem pool.
3c-Parse each transaction and check if any of the VIN's matches your original transaction VIN.
3d-If after 1min no other transactions match the VIN, you can say its not a double spend.

With any of the above methods your still vulnerable to finney attacks (blockchain forks) and some race attacks, but your dramatically reduce your chances of getting attacked.

Hope this helps.

Really thanks buddy Smiley
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
March 19, 2015, 12:47:35 PM
#6
Second or first , it depends of how much fee will you put in those transactions. If you want to "play" or better do some double spend, try this site : http://gangsta.strangled.net/  (create new addresses, don't use your personal bitcoin daily address).

My bad! Thank you!

I didn't know about that site but I don't like importing keys to such walllets, so bitundo.com is doing a better job except for Brand New members.
legendary
Activity: 1778
Merit: 1043
#Free market
March 19, 2015, 12:31:33 PM
#5
AFAIK check whether input(s) of transaction you received is really UTXO(s) i.e. check whether input of the transaction is spent in another transaction. If yes, then second transaction is a double spend.

Transactions which got 1 confirmation is hard to double spend but as a matter of security, atleast 2 confirmation for deposits is recommended.

Second or first , it depends of how much fee will you put in those transactions. If you want to "play" or better do some double spend, try this site : http://gangsta.strangled.net/  (create new addresses, don't use your personal bitcoin daily address).
hero member
Activity: 560
Merit: 509
I prefer Zakir over Muhammed when mentioning me!
March 19, 2015, 12:21:50 PM
#4
AFAIK check whether input(s) of transaction you received is really UTXO(s) i.e. check whether input of the transaction is spent in another transaction. If yes, then second transaction is a double spend.

Transactions which got 1 confirmation is hard to double spend but as a matter of security, atleast 2 confirmation for deposits is recommended.
hero member
Activity: 924
Merit: 1001
Unlimited Free Crypto
March 19, 2015, 09:35:25 AM
#3
There is no bullet proof way but you can prevent them with some techniques.
1-Check for transaction fee, if 0 and amount is small, assume its a double spend.
2-Use some service like blocktrail and check the double_spend flag (not working in some cases).
3-If its eg. gambling related, accept 0 confs and allow the user to gamble, but only withdraw after the minconfs.
3-Implement your own double spend prevention, assuming your running a full node+rpc:
3a-After you get the desired tx start a loop of lets say 1min.
3b-Use getrawmempool and grab every transaction in the mem pool.
3c-Parse each transaction and check if any of the VIN's matches your original transaction VIN.
3d-If after 1min no other transactions match the VIN, you can say its not a double spend.

With any of the above methods your still vulnerable to finney attacks (blockchain forks) and some race attacks, but your dramatically reduce your chances of getting attacked.

Hope this helps.

A successful double spend of $10000 happened hours during the hard fork of v0.8 (or was it v0.6). The right answer is never detailed in my opinion. The right answer should be "It depends on how big the amount is and what state the network is". Relative security is the ultimate answer.... relative security.

Currently even for significantly large amounts the majorty would trust 3 confirmations not to be double spent.
sr. member
Activity: 276
Merit: 284
March 19, 2015, 09:12:56 AM
#2
There is no bullet proof way but you can prevent them with some techniques.
1-Check for transaction fee, if 0 and amount is small, assume its a double spend.
2-Use some service like blocktrail and check the double_spend flag (not working in some cases).
3-If its eg. gambling related, accept 0 confs and allow the user to gamble, but only withdraw after the minconfs.
3-Implement your own double spend prevention, assuming your running a full node+rpc:
3a-After you get the desired tx start a loop of lets say 1min.
3b-Use getrawmempool and grab every transaction in the mem pool.
3c-Parse each transaction and check if any of the VIN's matches your original transaction VIN.
3d-If after 1min no other transactions match the VIN, you can say its not a double spend.

With any of the above methods your still vulnerable to finney attacks (blockchain forks) and some race attacks, but your dramatically reduce your chances of getting attacked.

Hope this helps.
sr. member
Activity: 462
Merit: 251
March 19, 2015, 03:12:43 AM
#1
Hi everyone  Grin

i have a question

How to detect double spending?

I think
Some site detecting double spending (etc luckybit or satoshibones)

Because they give it a reward for betting 0 confirm transaction

help me buddy

Jump to: