BSV user allegedly films himself twice as he spends his crypto on a 0-conf transaction

Bitcoin Cash SV (BSV), the altcoin that was born after the fork of Bitcoin Cash, doesn’t seem to be as secure as Craig Wright says, as a few hours ago a user was doubling their coins in a “0-conf transaction” could.

Double spend is an attack in which a user manages to repeatedly spend their cryptocurrencies by exploiting vulnerabilities inherent in the nature of consensus algorithms. In general, the most likely causes that could allow duplicate spending are a 51% attack or a race attack.

So far, there is no record of such an attack on the Bitcoin (BTC) network, which is even more difficult when merchants are practically waiting for multiple confirmations or rely on payment processors.

However, given the nature of 0-conf transactions, such an attack is also possible, although difficult, and a user with the pseudonym “Reizu” uploaded a video to Vimeo filming an effective double issuance of his BSV tokens:

Reizu explains what he did (and how twice his BSV was spent)

The user also wrote about this vulnerability on a blog on Honest.cash explaining how they carried out the attack (for educational purposes).

According to his statement, the main reason that FSIO is so vulnerable is its centralization. He took advantage of this situation and sent several outputs through the various nodes that enabled him to prove that the danger was real:

Then I had an idea. What if I send a unique transaction to each node? Instead of a double issue, it would be some sort of four hundred and fifty issues, one for each node on the BSV network … could see which transaction is the one that was tied down in the next block. That way it would help me identify the mining nodes.

In fact, I discovered this after a few mined blocks the transactions that were torn down were almost always sent to the same nodes. I also confirmed what we already knew that Bitcoin SV mining is very centralized. Special:

  • 34% of the hashrate is only 1 node.
  • 59% of the hashrate is 2 nodes.
  • 68% of the hashrate is 3 nodes.
  • 75% of the hashrate is 4 nodes.

So if there are 450 nodes in the BSV network; Transaction T1 could be sent to 446 nodes, transaction T2 to 4 nodes, and the likelihood of transaction T2 being torn down would be 75%.

Reizu pointed out that in his view, in order to avoid the possibility of this attack, “nodes need to communicate with each other when they receive a double-expense transaction (sending a proof), there is no point in silently ignoring it.” He explained that other solutions are just less convenient.

After this news broke, some Twitter users wrote to Craig Wright asking for an explanation. Weight simply dismissed the rumors, with no further logical or technical answers to his words

https://twitter.com/ProfFaustus/status/1071511001026228225

https://twitter.com/ProfFaustus/status/071456894416490497

Comments are closed.