In this master thesis, the author evaluate the potential of a doublespend-attack on Bitcoin. They analyse the Bitcoin system, in particular the doublespend protection procedure, and identify a weakness in certain usage scenarios. The doublespend protection procedure works by forming consensus about transactions every 10 minutes, which means that the expected confirmation time for a transaction is 5 minutes.

This time frame is acceptable for online shops like rasselzoo.ch, and in such a usage scenario, the procedure provides sufficient protection from doublespend-attacks. However, for a restaurant like Meze grill or for a vending machine, this time frame is too big. In such a usage
scenario, the procedure does not protect the user from doublespend-attacks. Businesses with this usage scenario, mostly brick and mortar businesses, are at risk of being the victim of a doublespend-attack.

The author implements a doublespend-attack that functions in this usage scenario. They evaluate the attack by performing measurements with varying parameter settings to determine how they influence the attack. Since the attack is probabilistic, the author is especially interested in the success probability, and how it is influenced by different attacker- and victim-configurations. Based on measurements, they name security parameters and determine thresholds for them.

Discover how a doublespend-attack can be implemented, detected and successfully evaluated.