Double-spending is a potential flaw in a digital cash scheme in which the same single digital token can be spent more than once. This is possible because a digital token consists of a digital file that can be duplicated or falsified.
As with counterfeit money, such double-spending leads to inflation by creating a new amount of fraudulent currency that did not previously exist. This devalues the currency relative to other monetary units, and diminishes user trust as well as the circulation and retention of the currency. Fundamental cryptographic techniques to prevent double-spending while preserving anonymity in a transaction are blind signatures and particularly in offline systems, secret splitting.
Decentralized currencies that rely on blockchain are vulnerable to the 51% attack, in which a malicious actor can rewrite the ledger if they control enough of the computational work being done. For instance, one could theoretically spend cryptocurrency then erase the transaction so it appears it never happened. In May 2018 this double-spending technique was used against cryptocurrency Bitcoin Gold to defraud cryptocurrency exchanges of millions of dollars. In response, exchanges repeatedly raised the threshold needed to confirm a transaction, but the criminal had enough computing power to exceed those thresholds and continued double-spending for three days.
The prevention of double-spending has taken two general forms: centralized and decentralized.
This is usually implemented using an online central trusted third party that can verify whether a token has been spent. This normally represents a single point of failure from both availability and trust viewpoints.
By 2007, a number of distributed systems for double-spending prevention had been proposed.
The cryptocurrency Bitcoin (BTC) implemented a solution in early 2009. It uses a cryptographic protocol called a Proof-of-Work (PoW) system to avoid the need for a trusted third party to validate transactions. Instead, transactions are recorded in a public ledger called a blockchain. A transaction is considered valid when it is included in the blockchain that contains the most amount of computational work. This makes double-spending more difficult as the size of the overall network grows. Other cryptocurrencies also have similar features.