Misbehavior in Bitcoin: A study of double-spending and accountability

Ghassan O. Karame, Elli Androulaki, Marc Roeschlin, Arthur Gervais, Srdjan Čapkun

    Research output: Contribution to journalArticlepeer-review

    Abstract

    Bitcoin is a decentralized payment system that relies on Proof-of-Work (PoW) to resist double-spending through a distributed timestamping service. To ensure the operation and security of Bitcoin, it is essential that all transactions and their order of execution are available to all Bitcoin users. Unavoidably, in such a setting, the security of transactions comes at odds with transaction privacy. Motivated by the fact that transaction confirmation in Bitcoin requires tens of minutes, we analyze the conditions for performing successful double-spending attacks against fast payments in Bitcoin, where the time between the exchange of currency and goods is short (in the order of a minute). We show that unless new detection techniques are integrated in the Bitcoin implementation, double-spending attacks on fast payments succeed with considerable probability and can be mounted at low cost. We propose a new and lightweight countermeasure that enables the detection of double-spending attacks in fast transactions. In light of such misbehavior, accountability becomes crucial. We show that in the specific case of Bitcoin, accountability complements privacy. To illustrate this tension, we provide accountability and privacy definition for Bitcoin, and we investigate analytically and empirically the privacy and accountability provisions in Bitcoin.

    Original languageEnglish
    JournalACM Transactions on Information and System Security
    Volume18
    Issue number1
    DOIs
    Publication statusPublished - 1 May 2015

    Keywords

    • Bitcoin
    • Design
    • Distributed computing
    • Double-spending
    • Economics
    • Experimentation
    • K.4.1 [computers and society]: public policy issues - privacy
    • K.4.4 [computers and society]: electronic commerce - payment schemes, security
    • Monetization
    • Privacy
    • Security
    • Security

    Fingerprint

    Dive into the research topics of 'Misbehavior in Bitcoin: A study of double-spending and accountability'. Together they form a unique fingerprint.

    Cite this