Why double-spend matters
Email a photo and everyone keeps a copy. Early “digital cash” behaved the same: you could replay the same token unless a central server blocked it. Banks fix that with one master ledger. Bitcoin fixes it by making the ledger public, noisy about edits, and settled by strangers who share rules instead of trust.
Double-spend is the core failure mode for money without a hall monitor. If a network can’t stop you from reusing the same coin, the money is worthless. Bitcoin’s answer is to make history expensive to rewrite and obvious when someone tries. The “who do we trust?” question gets replaced by “can anyone cheaply fake this?”
| Step | What happens | Why it stops replays |
|---|---|---|
| 1 | Tx spends prior output, signed by key | Signature proves control; prevents arbitrary spend |
| 2 | Tx enters mempool; miners pick it up | Conflicting txs can’t both survive checks |
| 3 | Block includes tx; header links prev hash | Hash link snaps if tx changes |
| 4 | Proof-of-work makes block costly to forge | Redo work for this block to alter history |
| 5 | New blocks pile on (confirmations) | Attacker must outpace entire network to replace |
How Bitcoin blocks stop it
Each transaction spends older outputs and creates new ones, all signed with private keys. Miners collect these transactions into a block; the header locks in the previous block’s hash. A change to one transaction would alter the block hash, which would break the link to the next block, and so on. The block hash is effectively a fingerprint of the entire block and its place in the chain.
Proof-of-work makes that break loud and costly. To rewrite a settled block, you must redo the work for that block and every block after it—and produce the longer chain before honest miners add more weight. That race burns real electricity, so “just edit the ledger” is no longer free. The more confirmations a transaction has, the taller the wall you must scale.
Attack routes (and why they’re rare)
Race the merchant (zero-conf): Try to hand a vendor one transaction while broadcasting a conflicting one that pays you instead. Mitigation: wait for confirmations. Many merchants want 1–3 confirmations for small purchases, more for larger amounts.
51% attack: Control majority hashpower, mine a hidden fork, then publish it to replace recent blocks. This is expensive: you compete with the entire network and only rewrite from the point you attack forward, not the entire history. It’s a cash-burning stunt, not a sustainable business.
Selfish mining games: With slightly less than 50% hashpower, attackers can try to strategically release blocks to waste honest miners’ work. Even then, the gains are slim, the risks are high, and protocol-level tweaks plus miner diversity make it unattractive on Bitcoin.
“Truth becomes expensive, not impossible to challenge, but costly to fake.”
Confirmations and cost
One confirmation just says “it’s in a block.” More confirmations force an attacker to redo more work and extend their fork further. That’s why exchanges wait multiple confirmations: each added block increases the time, money, and hashpower required to fake history from that depth. Six confirmations is common for higher-value payments because it would take a costly sprint to overtake six honest blocks in a row.
Why this matters beyond Bitcoin
Any public chain needs a way to make edits loud and costly—proof-of-work on Bitcoin, proof-of-stake on others. The double-spend problem is the litmus test for whether a chain’s consensus is real or just a marketing claim. If you can cheaply replay or replace transactions, it’s not money; it’s a scoreboard with no referee.