How to detect double spending?

[myohmy81]

Hi everyone 

i have a question

How to detect double spending?

I think
Some site detecting double spending (etc luckybit or satoshibones)

Because they give it a reward for betting 0 confirm transaction

help me buddy

[nuno12345]

There is no bullet proof way but you can prevent them with some techniques.
1-Check for transaction fee, if 0 and amount is small, assume its a double spend.
2-Use some service like blocktrail and check the double_spend flag (not working in some cases).
3-If its eg. gambling related, accept 0 confs and allow the user to gamble, but only withdraw after the minconfs.
3-Implement your own double spend prevention, assuming your running a full node+rpc:
3a-After you get the desired tx start a loop of lets say 1min.
3b-Use getrawmempool and grab every transaction in the mem pool.
3c-Parse each transaction and check if any of the VIN's matches your original transaction VIN.
3d-If after 1min no other transactions match the VIN, you can say its not a double spend.

With any of the above methods your still vulnerable to finney attacks (blockchain forks) and some race attacks, but your dramatically reduce your chances of getting attacked.

Hope this helps.

[lophie]

There is no bullet proof way but you can prevent them with some techniques.
1-Check for transaction fee, if 0 and amount is small, assume its a double spend.
2-Use some service like blocktrail and check the double_spend flag (not working in some cases).
3-If its eg. gambling related, accept 0 confs and allow the user to gamble, but only withdraw after the minconfs.
3-Implement your own double spend prevention, assuming your running a full node+rpc:
3a-After you get the desired tx start a loop of lets say 1min.
3b-Use getrawmempool and grab every transaction in the mem pool.
3c-Parse each transaction and check if any of the VIN's matches your original transaction VIN.
3d-If after 1min no other transactions match the VIN, you can say its not a double spend.

With any of the above methods your still vulnerable to finney attacks (blockchain forks) and some race attacks, but your dramatically reduce your chances of getting attacked.

Hope this helps.

A successful double spend of $10000 happened hours during the hard fork of v0.8 (or was it v0.6). The right answer is never detailed in my opinion. The right answer should be "It depends on how big the amount is and what state the network is". Relative security is the ultimate answer.... relative security.

Currently even for significantly large amounts the majorty would trust 3 confirmations not to be double spent.

[Muhammed Zakir]

AFAIK check whether input(s) of transaction you received is really UTXO(s) i.e. check whether input of the transaction is spent in another transaction. If yes, then second transaction is a double spend.

Transactions which got 1 confirmation is hard to double spend but as a matter of security, atleast 2 confirmation for deposits is recommended.

[redsn0w]

AFAIK check whether input(s) of transaction you received is really UTXO(s) i.e. check whether input of the transaction is spent in another transaction. If yes, then second transaction is a double spend.

Transactions which got 1 confirmation is hard to double spend but as a matter of security, atleast 2 confirmation for deposits is recommended.

Second or first , it depends of how much fee will you put in those transactions. If you want to "play" or better do some double spend, try this site : http://gangsta.strangled.net/  (create new addresses, don't use your personal bitcoin daily address).

[Muhammed Zakir]

Second or first , it depends of how much fee will you put in those transactions. If you want to "play" or better do some double spend, try this site : http://gangsta.strangled.net/  (create new addresses, don't use your personal bitcoin daily address).

My bad! Thank you!

I didn't know about that site but I don't like importing keys to such walllets, so bitundo.com is doing a better job except for Brand New members.

[myohmy81]

There is no bullet proof way but you can prevent them with some techniques.
1-Check for transaction fee, if 0 and amount is small, assume its a double spend.
2-Use some service like blocktrail and check the double_spend flag (not working in some cases).
3-If its eg. gambling related, accept 0 confs and allow the user to gamble, but only withdraw after the minconfs.
3-Implement your own double spend prevention, assuming your running a full node+rpc:
3a-After you get the desired tx start a loop of lets say 1min.
3b-Use getrawmempool and grab every transaction in the mem pool.
3c-Parse each transaction and check if any of the VIN's matches your original transaction VIN.
3d-If after 1min no other transactions match the VIN, you can say its not a double spend.

With any of the above methods your still vulnerable to finney attacks (blockchain forks) and some race attacks, but your dramatically reduce your chances of getting attacked.

Hope this helps.

Really thanks buddy

[myohmy81]

AFAIK check whether input(s) of transaction you received is really UTXO(s) i.e. check whether input of the transaction is spent in another transaction. If yes, then second transaction is a double spend.

Transactions which got 1 confirmation is hard to double spend but as a matter of security, atleast 2 confirmation for deposits is recommended.

Really Thanks very much

[gdassori]

Second or first , it depends of how much fee will you put in those transactions. If you want to "play" or better do some double spend, try this site : http://gangsta.strangled.net/  (create new addresses, don't use your personal bitcoin daily address).

My bad! Thank you!

I didn't know about that site but I don't like importing keys to such walllets, so bitundo.com is doing a better job except for Brand New members.

hi, developer here, keys are imported client side and never exposed, code is open.
also, you can download the source from github (https://github.com/gdassori/gangsta) and run it locally, since the hosted version could be compromised.

as advised, the tool is unstable and just for playing, I'm not responsible if you, let's say, spend 1 BTC in fees because of software failure.

[virtualx]

There is no bullet proof way but you can prevent them with some techniques.
1-Check for transaction fee, if 0 and amount is small, assume its a double spend.
2-Use some service like blocktrail and check the double_spend flag (not working in some cases).
3-If its eg. gambling related, accept 0 confs and allow the user to gamble, but only withdraw after the minconfs.
3-Implement your own double spend prevention, assuming your running a full node+rpc:
3a-After you get the desired tx start a loop of lets say 1min.
3b-Use getrawmempool and grab every transaction in the mem pool.
3c-Parse each transaction and check if any of the VIN's matches your original transaction VIN.
3d-If after 1min no other transactions match the VIN, you can say its not a double spend.

With any of the above methods your still vulnerable to finney attacks (blockchain forks) and some race attacks, but your dramatically reduce your chances of getting attacked.

Hope this helps.

Why is there no bullet proof way? What are the chances of getting attacked? What happens if it is a double spend?

[achow101_alt]

Why is there no bullet proof way? What are the chances of getting attacked? What happens if it is a double spend?

There is no bullet proof way because anyone can send two transactions with the same inputs without anything stopping them.  The chances of being attacked depends on the person you are dealing with, and generally, accepting 0 confirmations with large transactions have a high risk of a double spend. If there is a double spend, either the seller sees that a double spend happened and doesn't send the goods, or the buyer gets the goods and keeps his money. The seller can protect himself by waiting for a couple confirmations to ensure that another transaction to double spend cannot be accepted by the network.

[Troonetpt]

They is no way stop double spending if the confirmation less than 1. If we could, we can make the confirmation time to zero second.