A weakness has been identified in Bitcoin's protocol which allows users to double-spend their funds, threatening its small merchant userbase.
A weakness has been found in the Bitcoin code which apparently makes it possible to spend BTC transactions twice.
By taking advantage of Bitcoin’s RBF feature (Replace By Fee), a user can effectively send BTC to a merchant and then immediately recall it.
The Replace By Fee feature was created to allow BTC users to speed up their transactions on the network. If a transaction takes too long, a user can re-send their original payment but with a higher fee. This replaces the original transaction, and kicks it further up the queue to be included in the next block.
But a problem arises when another of BTC’s features comes into play – ‘zero-conf’ transactions. Zero-confirmation transactions make it so BTC payments don’t have to be confirmed in a block.
This is particularly useful for merchants who wish to accept Bitcoin payments, but who can’t reasonably ask customers to wait twenty minutes for confirmation. Coffee shops would be a typical example.
However, it has been shown that by exploiting the gap between RBF and zero-conf transactions, a user can buy coffee and still keep their money.
The video below shows Hayden Otto, CEO of BitcoinBCH.com, enact a double-spend on Bitcoin.
Business are urged to immediately upgrade to Bitcoin Cash (BCH), and cease accepting Bitcoin (BTC). If your business is accepting Bitcoin BTC, also known as Bitcoin Core, you are exposing yourself to grave security risks.
Readers should be aware that Otto supports BTC’s ideological enemy – Bitcoin Cash. However, Otto’s appraisal of Bitcoin’s security risk is shared by many other voices in the cryptocurrency space.
As early as 2013 the zero-conf/RBF problem was already being hotly debated on the Bitcointalk forums. The discussion continued for the next six years.
Yet, today a four-step instructional guide can be found which shows how to easily double-spend a Bitcoin transaction. In brief:
Luckily, users and merchants can elect not to use RBF and zero-conf if they choose. However, for small merchants this could mean having to refuse Bitcoin transactions altogether.
Here, Bitcoin’s utility as a day-to-day payment method is drawn into serious question. High fees, long confirmation times, and slippery features like those described above suggest there’s work to be done before BTC can reliably replace fiat currency.
This article was edited by Samburaj Das.
Last modified: January 22, 2020 11:40 PM UTC