: Automated payment processors or exchanges with low confirmation thresholds.
: It relies on the deliberate creation of a fork where the exchange is kept on the "losing" side of the chain for just enough time to process a withdrawal.
The (also known as a one-confirmation attack) is a sophisticated form of double-spending in Bitcoin that exploits the way nodes handle "orphaned" blocks and transaction confirmations. It allows an attacker to trick a recipient (often an exchange) into accepting a transaction that will ultimately be invalidated. How the Vector76 Attack Works Bitcoin_Fake_Transaction_Vector76_attack_Full_V...
: The exchange sees the transaction to Address C and then sees the attacker's block arrive. Because the block is valid, the exchange's node may count the transaction to Address C as having one confirmation , even though that transaction is not actually in the block.
: The attacker connects to a well-connected node (like an exchange's node) and a mining pool. They mine a block containing a transaction that sends coins from Address A to Address B (both controlled by the attacker) but do not broadcast it immediately. : Automated payment processors or exchanges with low
: Once the exchange credits the account based on that one confirmation, the attacker withdraws the funds. Meanwhile, the rest of the network follows a different chain (where the original block was orphaned), and the transaction to the exchange is ultimately rejected as a double spend. Technical Context & Mitigation
: High; requires significant hash power and precise timing. It allows an attacker to trick a recipient
: This attack primarily targets services that accept one confirmation for high-value deposits.