research-article

Misbehavior in Bitcoin: A Study of Double-Spending and Accountability

Authors:

Ghassan O. Karame,

Elli Androulaki,

Marc Roeschlin,

Arthur Gervais,

Srdjan ČapkunAuthors Info & Claims

ACM Transactions on Information and System Security (TISSEC), Volume 18, Issue 1

Article No.: 2, Pages 1 - 32

https://doi.org/10.1145/2732196

Published: 27 May 2015 Publication History

Abstract

Bitcoin is a decentralized payment system that relies on Proof-of-Work (PoW) to resist double-spending through a distributed timestamping service. To ensure the operation and security of Bitcoin, it is essential that all transactions and their order of execution are available to all Bitcoin users.

Unavoidably, in such a setting, the security of transactions comes at odds with transaction privacy. Motivated by the fact that transaction confirmation in Bitcoin requires tens of minutes, we analyze the conditions for performing successful double-spending attacks against fast payments in Bitcoin, where the time between the exchange of currency and goods is short (in the order of a minute). We show that unless new detection techniques are integrated in the Bitcoin implementation, double-spending attacks on fast payments succeed with considerable probability and can be mounted at low cost. We propose a new and lightweight countermeasure that enables the detection of double-spending attacks in fast transactions.

In light of such misbehavior, accountability becomes crucial. We show that in the specific case of Bitcoin, accountability complements privacy. To illustrate this tension, we provide accountability and privacy definition for Bitcoin, and we investigate analytically and empirically the privacy and accountability provisions in Bitcoin.

References

[1]

Elli Androulaki and Ghassan Karame. 2014. Hiding transaction amounts and balances in Bitcoin. In Proceedings of the International Conference on Trust and Trustworthy Computing (TRUST).

Digital Library

[2]

Elli Androulaki, Ghassan Karame, and Srdjan Capkun. 2013. Evaluating user privacy in Bitcoin. In Proceedings of Financial Crypto 2013. http://eprint.iacr.org/2012/596.pdf.

[3]

Elli Androulaki, Mariana Raykova, Shreyas Srivatsan, Angelos Stavrou, and Steven M. Bellovin. 2008. PAR: Payment for anonymous routing. In Proceedings of the 8th International Symposium on Privacy Enhancing Technologies (PETS’08). 219--236.

Digital Library

[4]

Moshe Babaioff, Shahar Dobzinski, Sigal Oren, and Aviv Zohar. 2011. On Bitcoin and red balloons. ACM SIGecom Exhanges 10, 3, 5--9.

Digital Library

[5]

Simon Barber, Xavier Boyen, Elaine Shi, and Ersin Uzun. 2012. Bitter to better—how to make Bitcoin a better currency. In Financial Cryptography and Data Security. Lecture Notes in Computer Science, Vol. 7397. Springer, 399--414.

[6]

Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. 2014. Zerocash: Practical decentralized anonymous e-cash from Bitcoin. In Proceedings of the 2014 IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA.

Digital Library

[7]

Bitcoin. 2013. Introduction. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Introduction.

[8]

BitcoinCharts. 2013. Bitcoin Charts. Retrieved April 2, 2015, from http://bitcoincharts.com.

[9]

BitcoinDoS. 2013. Weaknesses. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Weaknesses.

[10]

BitcoinExplorer. 2013. Bitcoin Block Explorer. Retrieved April 2, 2015, from http://blockexplorer.com.

[11]

BitcoinFAQ. 2013. FAQ. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/FAQ.

[12]

BitcoinMyths. 2013. Myths. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Myths#Point&lowbar;of&lowbar;sale&lowbar;with&lowbar;bitcoins&lowbar;isn.27t&lowbar;possible&lowbar;because&lowbar;of&lowbar;the&lowbar;10&lowbar;minute&lowbar;wait&lowbar;for&lowbar;confirmation.

[13]

BitcoinProtocol. 2013. Protocol Documentation. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Protocol&lowbar;specification.

[14]

BitcoinRules. 2012. Protocol Rules. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Protocol&lowbar;rules.

[15]

BitcoinTrade. 2013. Trade. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Trade.

[16]

BitcoinWiki. 2014. Double-Spending. Retrieved April 2, 2015, from https://en.bitcoin.it/Double-spending.

[17]

BitcoinXT. 2014. Bitcoin XT. Retrieved April 2, 2015, from https://github.com/bitcoinxt/bitcoinxt.

[18]

BlockChain. 2013. 200 Double Spends. Retrieved April 2, 2015, from https://blockchain.info/double-spends.

[19]

Joseph Bonneau, Arvind Narayanan, Andrew Miller, Jeremy Clark, Joshua A. Kroll, and Edward W. Felten. 2014. Mixcoin: Anonymity for Bitcoin with accountable mixes. In Proceedings of Financial Crypto 2014.

[20]

Stefan Brands. 1995. Electronic cash on the Internet. In Proceedings of the Symposium on Network and Distributed System Security. 64--84.

Digital Library

[21]

Jan Camenisch, Susan Hohenberger, and Anna Lysyanskaya. 2005. Compact e-cash. In Advances in Cryptology—EUROCRYPT 2005. Lecture Notes in Computer Science, Vol. 3494. Springer, 302--321.

Digital Library

[22]

David Chaum, Amos Fiat, and Moni Naor. 1990. Untraceable electronic cash. In Proceedings of Advances in Cryptology (CRYPTO’88). 319--327.

Digital Library

[23]

CNN. 2011. CNN: Bitcoin’s Uncertain Future as Currency. Retrieved April 2, 2015, from https://www.youtube.com/watch&quest;v=75VaRGdzMM0.

[24]

CoinJoin. 2013. CoinJoin: Bitcoin Privacy for the Real World. Retrieved April 2, 2015, from https://bitcointalk.org/index.php&quest;topic=279249.0.

[25]

Connectivity. 2013. Satoshi Client Node Connectivity. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Satoshi&lowbar;Client&lowbar;Node&lowbar;Connectivity.

[26]

Christian Decker and Roger Wattenhofer. 2013. Information propagation in the Bitcoin network. In Proceedings of the 13th IEEE International Conference on Peer-to-Peer Computing.

[27]

Deepbit. 2011. Deepbit. Retrieved April 2, 2015, from https://deepbit.net.

[28]

Claudia Diaz, Stefaan Seys, Joris Claessens, and Bart Preneel. 2002. Towards measuring anonymity. In Proceedings of the Privacy Enhancing Technologies Workshop (PET’02).

Digital Library

[29]

DoubleSpending. 2014. Observed Double-Spends. Retrieved April 2, 2015, from http://respends.thinlink.com.

[30]

Elias. 2011. Bitcoin: Tempering the Digital Ring of Gyges or Implausible Pecuniary Privacy. Retrieved April 2, 2015, from http://papers.ssrn.com/sol3/papers.cfm&quest;abstract&lowbar;id=1937769.

[31]

Finney. 2013. Weaknesses. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Weaknesses#The&lowbar;.22Finney.22&lowbar;attack.

[32]

Matthias Franz, Bernd Meyer, and Andreas Pashalidis. 2007. Attacking unlinkability: The importance of context. In Privacy Enhancing Technologies. Lecture Notes in Computer Science, Vol. 4776. Springer, 1--16.

Digital Library

[33]

Christina Garman, Matthew Green, Ian Meiers, and Aviel Rubin. 2014. Rational zero: Economic security for zerocoin with everlasting anonymity. In Proceedings of the Financial Cryptography and Data Security Conference.

[34]

Arthur Gervais, Srdjan Capkun, Ghassan O. Karame, and Damian Gruber. 2014a. On the privacy provisions of Bloom filters in lightweight Bitcoin clients. In Proceedings of the 30th Annual Computer Security Applications Conference (ACSAC’14). 326--335.

Digital Library

[35]

Arthur Gervais, Ghassan Karame, Srdjan Capkun, and Vedran Capkun. 2014b. Is Bitcoin a decentralized currency&quest; IEEE Security and Privacy 12, 3, 54--60.

[36]

Ghassan Karame, Aurelien Francillon, and Srdjan Čapkun. 2011. Pay as you browse: Microcomputations as micropayments in Web-based services. In Proceedings of the 20th International Conference on World Wide Web (WWW’11). 307--316.

Digital Library

[37]

Ghassan O. Karame, Elli Androulaki, and Srdjan Capkun. 2012. Double-spending fast payments in Bitcoin. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’12). ACM, New York, NY, 906--917.

Digital Library

[38]

Philip Koshy, Diana Koshy, and Patrick McDaniel. 2014. An analysis of anonymity in Bitcoin using p2p network traffic. In Proceedings of Financial Crypto 2014.

[39]

Bradley Malin. 2008. K-unlinkability: A privacy protection model for distributed data. Data and Knowledge Engineering 64, 1, 294--311.

Digital Library

[40]

Sarah Meiklejohn, Marjori Pomarole, Grant Jordan, Kirill Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. 2013. A fistful of Bitcoins: Characterizing payments among men with no names. In Proceedings of the Internet Measurement Conference (IMC’13). ACM, New York, NY, 127--140.

Digital Library

[41]

Ian Miers, Christina Garman, Matthew Green, and Aviel D. Rubin. 2013. Zerocoin: Anonymous distributed e-cash from Bitcoin. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[42]

Mining. 2013. Comparison of Mining Pools. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Comparison&lowbar;of&lowbar;mining&lowbar;pools.

[43]

MiningHardware. 2013. Mining Hardware Comparison. Retrieved April 2, 2015, from https://en.bitcoin.it/wiki/Mining&lowbar;hardware&lowbar;comparison.

[44]

Andreas Pfitzmann and Marit Hansen. 2008. Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management: A consolidated proposal for terminology. Fachterminologie Datenschutz und Datensicherheit 2008, 111--144. http://dud.inf.tu-dresden.de/literatur/Anon&lowbar;Terminology&lowbar;v0.18.pdf.

[45]

ProofWiki. 2013. Definition:Geometric Distribution/Shifted. Retrieved April 2, 2015, from https://proofwiki.org/wiki/Definition:Geometric&lowbar;Distribution/Shifted.

[46]

Fergal Reid and Martin Harrigan. 2011. An analysis of anonymity in the Bitcoin system. arXiv:1107.4524.

[47]

Ronald Rivest. 2004. Peppercoin micropayments. In Financial Cryptography. Lecture Notes in Computer Science, Vol. 3110. Springer, 2--8.

[48]

Dorit Ron and Adi Shamir. 2013. Quantitative analysis of the full Bitcoin transaction graph. In Proceedings of Financial Crypto 2013.

[49]

Tim Ruffing, Pedro Moreno-Sanchez, and Aniket Kate. 2014. CoinShuffle: Practical decentralized coin mixing for Bitcoin. In Computer Security—ESORICS 2014. Lecture Notes in Computer Science, Vol. 8713. Springer, 345--364.

[50]

Satoshi Nakamoto. 2009. Bitcoin: A Peer-to-Peer Electronic Cash System. Retrieved April 2, 2015, from https://bitcoin.org/bitcoin.pdf.

[51]

Sandra Steinbrecher and Stefan Koepsell. 2003. Modelling unlinkability. In Privacy Enhancing Technologies. Lecture Notes in Computer Science, Vol. 2760. Springer, 32--47.

[52]

Syed and Syed 2011. Bitcoin Gateway, A Peer-to-Peer Bitcoin Vault and Payment Network. Retrieved April 2, 2015, from http://arimaa.com/bitcoin/.

[53]

Nguyen Xuan Vinh, Julien Epps, and James Bailey. 2009. Information theoretic measures for clusterings comparison: Is a correction for chance necessary&quest; In Proceedings of the 26th Annual International Conference on Machine Learning (ICML’09).

Digital Library

[54]

Nguyen Xuan Vinh, Julien Epps, and James Bailey. 2010. Information theoretic measures for clusterings comparison: Variants, properties, normalization and correction for chance. Journal of Machine Learning Research 11, 2837--2854.

Digital Library

[55]

Znort987. 2013. Znort987/Blockparser. (2013). Retrieved April 2, 2015, from https://github.com/znort987/blockparser.

Cited By

Melo DPomares-Hernández SRodríguez-Henríquez LPérez-Sansalvador J(2024)DiFastBit: Transaction Differentiation Scheme to Avoid Double-Spending for Fast Bitcoin PaymentsMathematics10.3390/math1216248412:16(2484)Online publication date: 11-Aug-2024
https://doi.org/10.3390/math12162484
Mišić VNaderi Mighan SMišić JChang X(2024)Decentralization Is Good or Not? Defending Consensus in Ethereum 2.0Blockchains10.3390/blockchains20100012:1(1-19)Online publication date: 23-Jan-2024
https://doi.org/10.3390/blockchains2010001
Maoneke PFlowerday S(2024)Sustainable crypto-currency blockchain defence against security attacksComputer Fraud & Security10.12968/S1361-3723(24)70002-52024:1Online publication date: Jan-2024
https://doi.org/10.12968/S1361-3723(24)70002-5
Show More Cited By

Index Terms

Misbehavior in Bitcoin: A Study of Double-Spending and Accountability

Recommendations

Double-spending fast payments in bitcoin
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Bitcoin is a decentralized payment system that relies on Proof-of-Work (PoW) to verify payments. Nowadays, Bitcoin is increasingly used in a number of fast payment scenarios, where the time between the exchange of currency and goods is short (in the ...
Double-spending prevention for Bitcoin zero-confirmation transactions

Zero-confirmation transactions, i.e. transactions that have been broadcast but are still pending to be included in the blockchain, have gained attention in order to enable fast payments in Bitcoin, shortening the time for performing payments. Fast ...
Is Bitcoin Future as Secure as We Think? Analysis of Bitcoin Vulnerability to Bribery Attacks Launched through Large Transactions
Bitcoin uses blockchain technology to maintain transactions order and provides probabilistic guarantees to prevent double-spending, assuming that an attacker’s computational power does not exceed 50% of the network power. In this article, we design a ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Information and System Security

ACM Transactions on Information and System Security Volume 18, Issue 1

June 2015

126 pages

ISSN:1094-9224

EISSN:1557-7406

DOI:10.1145/2786062

Editor:
Gene Tsudik
University of California at Irvine, USA

Issue’s Table of Contents

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 May 2015

Accepted: 01 February 2015

Revised: 01 December 2014

Received: 01 December 2013

Published in TISSEC Volume 18, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

147
Total Citations
View Citations
2,563
Total Downloads

Downloads (Last 12 months)81
Downloads (Last 6 weeks)14

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Melo DPomares-Hernández SRodríguez-Henríquez LPérez-Sansalvador J(2024)DiFastBit: Transaction Differentiation Scheme to Avoid Double-Spending for Fast Bitcoin PaymentsMathematics10.3390/math1216248412:16(2484)Online publication date: 11-Aug-2024
https://doi.org/10.3390/math12162484
Mišić VNaderi Mighan SMišić JChang X(2024)Decentralization Is Good or Not? Defending Consensus in Ethereum 2.0Blockchains10.3390/blockchains20100012:1(1-19)Online publication date: 23-Jan-2024
https://doi.org/10.3390/blockchains2010001
Maoneke PFlowerday S(2024)Sustainable crypto-currency blockchain defence against security attacksComputer Fraud & Security10.12968/S1361-3723(24)70002-52024:1Online publication date: Jan-2024
https://doi.org/10.12968/S1361-3723(24)70002-5
Mohanty STripathy S(2024)Flexichain: Flexible Payment Channel Network to Defend Against Channel Exhaustion AttackACM Transactions on Privacy and Security10.1145/368747627:4(1-26)Online publication date: 8-Aug-2024
https://dl.acm.org/doi/10.1145/3687476
Zou YFan WMa Z(2024)Unveiling Vulnerabilities in Bitcoin's Misbehavior-Score Mechanism: Attack and DefenseProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664509(1-12)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664509
Ebrahimpour GHaghighi M(2024)Is Bitcoin Future as Secure as We Think? Analysis of Bitcoin Vulnerability to Bribery Attacks Launched through Large TransactionsACM Transactions on Privacy and Security10.1145/364154627:2(1-22)Online publication date: 18-Jan-2024
https://dl.acm.org/doi/10.1145/3641546
Wahrstätter AErnstberger JYaish AZhou LQin KTsuchiya TSteinhorst SSvetinovic DChristin NBarczentewicz MGervais AChua TNgo CKa-Wei Lee RKumar RLauw H(2024)Blockchain CensorshipProceedings of the ACM Web Conference 202410.1145/3589334.3645431(1632-1643)Online publication date: 13-May-2024
https://dl.acm.org/doi/10.1145/3589334.3645431
Liu JZhang SWei LXiong RRen W(2024)A Iterative Method to Analyze Misbehavior in Blockchain by Transaction Graph Matrix2024 4th International Conference on Information Communication and Software Engineering (ICICSE)10.1109/ICICSE61805.2024.10625680(6-10)Online publication date: 10-May-2024
https://doi.org/10.1109/ICICSE61805.2024.10625680
Farokhnia SGoharshady A(2024)Options and Futures Imperil Bitcoin's Security2024 IEEE International Conference on Blockchain (Blockchain)10.1109/Blockchain62396.2024.00029(157-164)Online publication date: 19-Aug-2024
https://doi.org/10.1109/Blockchain62396.2024.00029
Fan SIlk NKumar AXu RZhao J(2024)Blockchain as a trust machine: From disillusionment to enlightenment in the era of generative AIDecision Support Systems10.1016/j.dss.2024.114251182(114251)Online publication date: Jul-2024
https://doi.org/10.1016/j.dss.2024.114251
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents