Passer au contenu

Bitcoin accepté au paiement  |  Expédié depuis Laval, QC, Canada  |  Soutien expert depuis 2016

Vector76 Attack

Network & Protocol

Definition

The Vector76 attack, also called the one-confirmation attack, is a double-spend strategy that combines elements of the Finney Attack and the Race Attack. It targets merchants and services that release goods after just a single block confirmation, exploiting the brief moment when the network has not yet agreed on which of two competing blocks wins. It is named after the BitcoinTalk user ("vector76") who first described it in 2011.

How it works

The attacker pre-mines a block in secret that includes a transaction paying the victim — classically a hosted service or exchange that credits deposits at one confirmation. The attacker withholds this block and waits. The moment they hear that a competing block has been found elsewhere on the network, they immediately push their own pre-mined block directly to the victim's node, ideally through a direct peer connection established in advance. The victim sees the deposit transaction confirmed in a valid block and credits the account; the attacker instantly withdraws. But because a competing block of the same height exists, the rest of the network may build on the other chain, orphaning the attacker's block — and with it the deposit — while a conflicting transaction in the surviving chain returns the coins to the attacker. The victim is left having paid out real value against a deposit that, as far as the canonical chain is concerned, never happened.

What the attack costs

Vector76 is expensive and uncertain, which is why it is rare. The attacker must actually mine a block — real hashpower, real electricity — and then gamble it: if the network happens to adopt the attacker's block as canonical, the deposit stands and the attack earns nothing (though nothing is lost but the withheld block's timing). If the competing chain wins, the attack succeeds, but the attacker forfeited the block reward they could have claimed by publishing honestly. The economics only work against targets that release substantial, irreversible value at one confirmation, quickly — which is why analyses of it focus on exchanges, payment processors, and Bitcoin ATMs rather than coffee shops. Success probability also depends on network topology and propagation timing, since the attacker must deliver their block to the victim before the competing block arrives.

Defense

Vector76 sits at a precise point on the double-spend spectrum, and placing it there clarifies the whole family. A race attack needs no mining at all but only works against zero-confirmation acceptance; a Finney attack needs one withheld block and also targets zero-conf; Vector76 needs one withheld block plus deliberate network positioning and defeats one confirmation; and beyond that lies majority-hashrate territory, where an attacker who can consistently out-mine the network can unwind arbitrary depth. Each step up the ladder multiplies cost and shrinks the pool of plausible attackers. That geometry is exactly why confirmation count works as a risk dial: every additional block forces an attacker into the next, dramatically more expensive class of attack.

The clean defense is confirmation depth: waiting for even two confirmations kills the attack outright, since the attacker would need to secretly extend their own chain — escalating into a majority-hashrate problem — and the merchant-standard six confirmations for high-value transfers puts it far out of reach. Services can also harden against the delivery mechanism by not accepting inbound blocks solely from unsolicited direct peers and by watching the mempool for conflicting spends before crediting. The general lesson generalizes across the whole double-spend family: a transaction's visibility in a block is not finality — depth in the chain the network agrees on is. Confirmation policy should scale with the value at stake and the irreversibility of what you hand over.

In Simple Terms

The Vector76 attack, also called the one-confirmation attack, is a double-spend strategy that combines elements of the Finney Attack and the Race Attack. It targets…

Explore the Full Glossary

Browse all Bitcoin mining terms from A to Z. Whether you are a beginner or expert, deepen your understanding of the mining ecosystem.

Glossaire du minage

ASIC Miner Database

Compare 500+ miners with real-time profitability data, home mining scores, and detailed specs.

Comparer les mineurs