Modeling and Verification of the Bitcoin Protocol

TL;DR

This paper formalizes the Bitcoin protocol using UPPAAL to analyze its correctness and assesses the probability of successful double spending attacks under malicious behavior.

Contribution

It provides a formal UPPAAL model of Bitcoin and evaluates the likelihood of double spending attacks, highlighting vulnerabilities under malicious conditions.

Findings

Double spending can occur with certain probabilities under malicious behavior.

The UPPAAL model helps analyze attack success likelihood.

The protocol's robustness depends on computational power of attackers.

Abstract

Bitcoin is a popular digital currency for online payments, realized as a decentralized peer-to-peer electronic cash system. Bitcoin keeps a ledger of all transactions; the majority of the participants decides on the correct ledger. Since there is no trusted third party to guard against double spending, and inspired by its popularity, we would like to investigate the correctness of the Bitcoin protocol. Double spending is an important threat to electronic payment systems. Double spending would happen if one user could force a majority to believe that a ledger without his previous payment is the correct one. We are interested in the probability of success of such a double spending attack, which is linked to the computational power of the attacker. This paper examines the Bitcoin protocol and provides its formalization as an UPPAAL model. The model will be used to show how double spending can be done if the parties in the Bitcoin protocol behave maliciously, and with what probability double spending occurs.