A double spend is the act of using the same digital money twice, sending it to two different recipients so that one of them ends up with nothing. It’s the core problem that Bitcoin and other cryptocurrencies were designed to solve. In physical cash, double spending is impossible because handing someone a bill means you no longer have it. Digital information, however, can be copied, which means a digital payment system needs a way to prove that funds were actually spent and can’t be reused.
Blockchain technology prevents double spending under normal conditions by maintaining a shared, tamper-resistant ledger that every participant on the network can verify. But “prevents” doesn’t mean “makes impossible.” Several attack strategies exploit timing gaps or raw computing power to spend the same coins twice, and some have succeeded against real networks.
Why Digital Money Has This Problem
When you send a file to someone, your computer doesn’t delete its own copy. Digital data is inherently duplicable. If digital currency worked the same way, you could send a coin to a merchant and simultaneously send a perfect copy of that same coin to your own second wallet. Both recipients would believe they received a valid payment.
Traditional payment systems solve this with a central authority. Your bank keeps a single ledger and decides which transaction is valid. Cryptocurrencies replace the bank with a decentralized network of nodes that all agree on one version of the transaction history. This agreement process, called consensus, is what makes a blockchain resistant to double spending. Every transaction gets broadcast to the network, bundled into a block, and added to the chain. Once confirmed, it becomes part of the shared record that thousands of computers independently verify.
The vulnerability window exists before confirmation. Between the moment you broadcast a transaction and the moment it gets mined into a block, there’s a gap. Most double-spend attacks target that gap, or attempt to rewrite the chain after the fact.
How a Race Attack Works
A race attack is the simplest form of double spending. The attacker sends two conflicting transactions at nearly the same time: one paying a merchant and one sending the same funds back to themselves. Both transactions are valid on their own, but only one can ultimately be confirmed. The attacker hopes the merchant sees the payment, delivers the goods, and then the network confirms the self-payment instead.
This only works against merchants who accept unconfirmed transactions, meaning they hand over a product or service the instant they see the payment broadcast rather than waiting for it to be mined into a block. It’s roughly equivalent to accepting a check without waiting for it to clear. The defense is straightforward: wait for at least one confirmation before considering a payment final.
How a Finney Attack Works
A Finney attack requires the attacker to also be a miner. The attacker pre-mines a block containing a transaction that sends coins to their own wallet. They don’t broadcast this block yet. Instead, they go to a merchant, make a purchase with those same coins, and as soon as the merchant accepts the unconfirmed payment, the attacker releases the pre-mined block to the network. Because the block is already complete and valid, it gets accepted, and the transaction inside it (the self-payment) overrides the merchant payment.
Like race attacks, Finney attacks rely entirely on unconfirmed transactions. The window of opportunity is small because the attacker has to time the purchase precisely with the pre-mined block. Both attack types can be mitigated by rejecting transactions that haven’t been validated by the blockchain.
The 51% Attack: Rewriting History
A 51% attack is fundamentally different from race and Finney attacks because it can reverse transactions that have already been confirmed. Blockchain nodes always accept the longest valid chain of blocks as the true version of history. If an attacker controls more than half the network’s total mining power, they can build an alternative chain faster than the rest of the network and eventually present a longer chain that replaces the existing one.
Here’s how it plays out. The attacker makes a large payment to an exchange and waits for it to be confirmed, perhaps several blocks deep. Meanwhile, they’re secretly mining their own parallel version of the blockchain that doesn’t include that payment. Because they have majority computing power, their secret chain grows faster than the public one. Once they’ve received whatever they bought with the original payment, they release their longer chain. Every node on the network performs what’s called a chain reorganization: deactivating the old blocks and adopting the new longer chain. The original payment transaction becomes invalid. It’s as if it never happened, but the attacker already walked away with the goods.
This is the most dangerous form of double spending because it defeats the confirmation system that’s supposed to make blockchain transactions permanent. The more confirmations a transaction has, the more blocks the attacker needs to secretly outpace, which is why high-value transactions often require six or more confirmations before being considered settled.
What It Costs to Attack a Network
The feasibility of a 51% attack depends almost entirely on the size of the network. Larger networks with more miners require astronomically more computing power to overpower.
Current estimates from Crypto51 illustrate the gap clearly. Attacking Bitcoin for a single hour would cost roughly $1.6 million, reflecting the massive global mining infrastructure securing the network. Bitcoin Cash, a much smaller network using the same mining algorithm, costs about $10,920 per hour to attack. Ethereum Classic comes in around $3,000 per hour. Dash, a smaller proof-of-work chain, could theoretically be attacked for as little as $329 per hour.
These numbers explain why 51% attacks have only succeeded against smaller cryptocurrencies. Bitcoin Gold, which split from Bitcoin in 2017, suffered a 51% attack in January 2020 that resulted in over $72,000 worth of tokens being double spent, according to MIT’s Digital Currency Initiative. The attack was economically viable because Bitcoin Gold’s network had far less mining power than Bitcoin itself.
For an attacker, the math is simple: if the cost of renting enough hash power for a few hours is less than the value of the transactions you can reverse, the attack is profitable. This makes low-hashrate proof-of-work coins perpetually vulnerable.
How Networks Defend Against Double Spending
The first and most basic defense is confirmations. Each new block added on top of the block containing your transaction makes it exponentially harder to reverse. One confirmation means a race or Finney attack is no longer possible. Six confirmations is the standard threshold for large Bitcoin transactions, because at that depth, reversing the chain would require sustained majority control of the network for an extended period.
Network size itself is a defense. The more independent miners competing to add blocks, the more expensive it becomes for any single entity to dominate. This is why Bitcoin, with its enormous global mining network, has never suffered a successful 51% attack despite being the oldest and most targeted blockchain.
Some networks have adopted additional protections. Proof-of-stake systems, which select block producers based on how much cryptocurrency they’ve locked up rather than how much computing power they control, change the economics of attacks entirely. An attacker would need to acquire and stake a massive amount of the currency itself, meaning a successful attack would crash the value of their own holdings. Other chains use checkpoint systems that prevent reorganizations beyond a certain depth, effectively making older transactions irreversible regardless of computing power.
Exchanges and merchants also play a role. Most major exchanges require more confirmations for deposits of coins with smaller networks, and some delist coins that have been successfully attacked. This practical layer of caution reduces the profitability of attacks even when they’re technically feasible.