Double-spending prevention for Bitcoin zero-confirmation transactions

  • Cristina Pérez-Solà
  • Sergi Delgado-Segura
  • Guillermo Navarro-Arribas
  • Jordi Herrera-Joancomartí
Regular Contribution


Zero-confirmation transactions, i.e. transactions that have been broadcast but are still pending to be included in the blockchain, have gained attention in order to enable fast payments in Bitcoin, shortening the time for performing payments. Fast payments are desirable in certain scenarios, for instance, when buying in vending machines, fast food restaurants, or withdrawing from an ATM. Despite being quickly propagated through the network, zero-confirmation transactions are not protected against double-spending attacks, since the double-spending protection Bitcoin offers relies on the blockchain and, by definition, such transactions are not yet included in it. In this paper, we propose a double-spending prevention mechanism for Bitcoin zero-confirmation transactions. Our proposal is based on exploiting the flexibility of the Bitcoin scripting language together with a well-known vulnerability of the ECDSA signature scheme to discourage attackers from performing such an attack.


Double-spending Bitcoin Cryptocurrency Blockchain ECDSA 

Mathematics Subject Classification




This work is partially supported by the Spanish ministry under grant number TIN2014-55243-P and the Catalan Agència de Gestió d’Ajuts Universitaris i de Recerca (AGAUR) Grant 2014SGR-691.

Compliance with ethical standards

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.


  1. 1.
    Karame, G.O., Androulaki, E., Capkun, S.: In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 906–917. ACM (2012)Google Scholar
  2. 2.
    Karame, G.O., Androulaki, E., Roeschlin, M., Gervais, A., Čapkun, S.: Misbehavior in Bitcoin: a study of double-spending and accountability. ACM Trans. Inf. Syst. Secur. 18(1), 21 (2015). CrossRefGoogle Scholar
  3. 3.
    GAP600: Gap600 bitcoin transactions guaranteed. (2017). Accessed 12 Nov 2018
  4. 4.
    Bamert, T., Decker, C., Elsen, L., Wattenhofer, R., Welten, S.: In: Proceedings of the IEEE International Conference on Peer-to-Peer Computing (P2P). Trento (2013)Google Scholar
  5. 5.
    Biryukov, A., Khovratovich, D., Pustogarov, I.: In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 15–29. ACM (2014)Google Scholar
  6. 6.
    Biryukov, A., Pustogarov, I.: Security and Privacy (SP), 2015 IEEE Symposium on, pp. 122–134. IEEE (2015)Google Scholar
  7. 7.
    Kroll, J.A., Davey, I.C., Felten, E.W.: In: The Twelfth Workshop on the Economics of Information Security (WEIS, 2013) (2013)Google Scholar
  8. 8.
    Bentov, I., Kumaresan, R.: In: International Cryptology Conference, pp. 421–439. Springer (2014)Google Scholar
  9. 9.
    Poon, J., Dryja, T.: The Bitcoin Lightning Network: Scalable Off-chain Instant Payments. Technical Reports. (2015). Accessed 12 Nov 2018
  10. 10.
    Bentov, I., Kumaresan, R., Miller, A.: In: Theory and Application of Cryptology and Information Security, pp. 410–440. Springer (2017)Google Scholar
  11. 11.
    David, B., Dowsley, R., Larangeira, M.: In: Proceedings of the 2018 International Conference on Financial Cryptography and Data Security (2018)Google Scholar
  12. 12.
    Park, S., Kwon, A., Fuchsbauer, G., Gazi, P., Alwen, J., Pietrzak, K.: In: Proceedings of the 2018 International Conference on Financial Cryptography and Data Security (2018)Google Scholar
  13. 13.
    Ruffing, T., Kate, A., Schröder, D.: In: Proceedings of the 22Nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, pp. 219–230. ACM (2015)Google Scholar
  14. 14.
    Antonopoulos, A.M.: In: Mastering Bitcoin: Unlocking Digital Cryptocurrencies, Chap. 5. O’Reilly Media, Inc. (2014)Google Scholar
  15. 15.
    Certicom Research: Sec 2: Recommended Elliptic Curve Domain Parameters. Technical Reports, Certicom Corp (2010)Google Scholar
  16. 16.
    Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)CrossRefGoogle Scholar
  17. 17.
    Paar, C., Pelzl, J.: Understanding Cryptography: A Textbook for Students and Practitioners. Springer, Berlin (2009)zbMATHGoogle Scholar
  18. 18.
    Nguyen, P.Q., Shparlinski, I.E.: The insecurity of the digital signature algorithm with partially known nonces. J. Cryptol. 15(3), 151 (2002)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Bellare, M., Goldwasser, S., Micciancio, D.: In: Annual International Cryptology Conference, pp. 277–291. Springer (1997)Google Scholar
  20. 20.
    Schneider, N.: Recovering Bitcoin private keys using weak signatures from the blockchain. Retrieved from (2013)
  21. 21.
  22. 22. Android security vulnerability. (2013). Accessed 12 Nov 2018
  23. 23.
    Pornin, T.: Deterministic usage of the digital signature algorithm (DSA) and elliptic curve digital signature algorithm (ECDSA). In: RFC 6979, Internet Request for Comments, The Internet Society (2013)Google Scholar
  24. 24.
    Clark, J., Essex, A.: In: Keromytis A.D. (eds) Financial Cryptography and Data Security, Lecture Notes in Computer Science, vol. 7397, pp. 390–398. Springer, Berlin (2012). CrossRefGoogle Scholar
  25. 25.
    Decker, C.: Data propagation: How fast does information move in the network? (2017). Accessed 12 Nov 2018

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Department of Information Engineering and CommunicationsUniversitat Autònoma de BarcelonaBellaterraSpain
  2. 2.CYBERCAT-Center for Cybersecurity Research of CataloniaTarragonaSpain

Personalised recommendations