The Finney attack explained
400 sats \ 2 comments \ @softglitter2d 30 May bitcoin_beginners
This is my lecture of the day and learned something. I made a draw in order to understand it better.
Recently I learned about the Finney Attack which was very interesting in theory but today it's a little hard to do it. So, let's say there's a guy (named Troll Finney) who has the best decentralized protocol, the internet of money named FinCoin (FIC), so let's go buy stuff with Troll who has bad intentions.

Finney Attack explained
So, in this example, we have: two shops, two transactions, two miners and one coin1. Let's go shopping and make an attack to the network.
  1. Let's say you want to buy...a coffee. You get there and your payment method is FIC.
  2. But at the same time, you're selling a bag of tea to someone. This fren will pay you also in FIC.
  3. Here's come the tricky part. Previous to pay the coffee Mr. Troll made a copy of the same coin he received. So now he has one FIC and a copy of tha same coin.
  4. Troll send the coin to shop 1 and shop 2 at the same exact time.
  5. The first bitcoin to broadcast the transaction will be the winner. Since both shops have the same coin, one shop won't have nothing.
So, as a result, SHOP X or SHOP Y will win? Even if Troll told you he made the transaction, someone won't get the coin. Yes, the miner with lower hashrate will lose obviously but it's not that simple to perform since most exchanges (in case you want to trade) requires a 2 or 3 confirmations before make the deposit in their platforms.

Footnotes
  1. One coin to rule them all!
write
preview
related posts
145 sats \ 0 replies \ @nullcount 30 May
According to page 8 of the Bitcoin whitepaper, if a single miner has more than 45% of hashpower (as Antpool likely does). We should be requiring upwards of 300 block confirmations to reduce the probability of a reorg to 0.1% for that transaction.
Since there are miners with ~50% hashrate, anyone who only accepts a tx after only 3-6 confs is still facing a 20-30% probability that their tx could be undone by the miner (if the miner wanted to).
Therefore, Bitcoin is not a trustless system. Because most users trust the largest miner to not reorg. Under current circumstances, using bitcoin in a trustless way would require waiting almost 2 days after a tx confirms (roughly 300 blocks) before calling the tx finalized.
reply
0 sats \ 0 replies \ @dollarparity 30 May
The Finney Attack is a good example of early double-spend exploits. While it's true that modern security measures like multiple confirmations make it harder to execute, it's still an important concept to understand for comprehending blockchain vulnerabilities. Here's some more info on it: Finney Attack Explanation.
reply