IACR News item: 14 September 2021
Nicholas Stifter, Aljosha Judmayer, Philipp Schindler, Edgar Weippl
In this paper we outline a novel form of attack we refer to as Opportunistic Algorithmic Double-Spending (OpAl ). OpAl attacks not only avoid equivocation, i.e., do not require conflicting transactions, the attack is also carried out programmatically. Algorithmic double-spending is facilitated through transaction semantics that dynamically depend on the context and ledger state at the time of execution. Hence, OpAl evades common double-spending detection mechanisms and can opportunistically
leverage forks, even if the malicious sender itself is not aware of their existence. Furthermore, the cost of modifying a regular transaction to opportunistically perform an OpAl attack is low enough to consider it a viable default strategy for most use cases. Our analysis suggests that while Bitcoins stateless UTXO model is more robust against OpAl, designs with expressive transaction semantics, especially stateful smart contract platforms such as Ethereum, are particularly vulnerable.
Additional news items may be found on the IACR news page.