Ethereum: Possible to create a double spend attack by replacing a Tx in the merkle tree?
Creating a double -use attack: a threat to Ethereum’s safety
Like all other blockchain networks, Ethereum is based on encryption techniques that prevent attacks, such as dual costs. However, a special threat may possibly take advantage of the safety of these mechanisms.
The attack on Bitcoin is a kind of attack in which an attacker finds a certain contribution (role models) that creates a particular start -S -hash (y). To avoid this, the Bitcoin network uses the encryption function called Sala-256 to create the X Hash. The challenge is to find two different income “and” y “so that” hash (x) == hash (y) “.
Ethereum’s Merkle Tree -based work certificate consensus mechanism has a similar problem. By creating a new event (TX), it must be prevented from ensuring its uniqueness and preventing attacks such as dual costs.
Replacement of TX to Merkle tree: Double expenditure attack
The question of crypto.se shows a potential threat to replace the block (or event) in Merkle in the other. This can possibly create a double -out attack, where the attacker creates two separate events, both of which use the same input and departure.
This could work:
- The attacker finds an existing event on the
TXEthereum network.
- The attacker replaces the ‘TX’ with a new event ‘TX’ ‘, which has the same income but different outputs.
- Merkle tree is updated to reflect on TX
change.
- Another user, "U, would like to spend your ether (
eth)tx.
Because both events use the same income and departure, another event applies to the network validation process. As a result, “U” will receive two separate ETH awards to celebrate the ether twice.
Why this threat is
In Ethereum, each block is connected to its predecessor’s unique hash (“Merkle root”). Merkle wood allows developers to create cumulative evidence for owners by diversifying events in a row. However, if the attacker replaces the event with Merkle, he may be able to create a new branch that branch from the original block.
If this replaced event has been printed, the network will confirm it as valid as both its input and departure -Hhashes are responsible for the Hash to the original event. This creates a dual -expense scenario, where two users are rewarded to give their ether twice.
Edited by this threat
Although this dual -expenditure attack is a significant threat to the safety of Ethereum, it is theoretically possible but difficult to perform without extended knowledge of encryption technology and Blockchain mechanics.
To alleviate this risk, the development team behind Ethereum has taken several measures:
- Merkle -Tree structure
: Merkle tree ensures that each block is connected to its predecessor’s unique hash.
2
- Consistent Salgorithm : Ethereums-Work Consensus-Salgorithm (POW) contains a solution of complex mathematical equations, which makes the attacker mathematically impossible to replace the block without identifying.
In summary, it is theoretical, although a double expenditure attack is possible, the theoretical threat due to the solid security measures implemented by the Ethereum group.