Double-spending can cost your exchange millions!
One of the first phenomena we discovered years ago is that CEXs lose an extortionate amount of money due to double spending, - but don't even realise.
While Blockchain is immutable, apps aren't. When your app interacts with your custodian - there is room for error.
Why?
1. Application Error - your app believes that the transaction failed - but in reality, it was successful. Your retry mechanism initiates a new one, causing you to pay the client twice
2. Blockchain Congestion - let's take a look at the Terra Luna case study:
When the Terra ecosystem collapsed in May 2022, the Terra blockchain suffered severe congestion and temporarily halted. The Terra Luna token and TerraUDD stablecoin were collapsing too, and there were an overwhleming number of transactions on the network. The network could not handle this load and nodes failed to synchronise their transaction histories. Some nodes recorded transactions as confirmed, while others did not, meaning the CEXs were left with contradictory or incorrect transaction statuses and records.
Some users exploited this - withdrawing their Terra assets on CEXs, which recorded the transactions as confirmed, users then spent the same assets again on the Terra blockchain.
This is just one example of a large scale double-spending case. ANY Blockchain Congestion, especially involving temporary halting, can cause big damage to CEXs.
The double spending event easily became a legal issue with the client, and the compliance team were also involved in the issue.
Over the years Nominis’ anomaly detection feature was able to detect over 10,000 cases of potential double-spending.
Our platform detected examples of double spending while screening 1000s of exchanges and entities, over just 5 hours:
- 150+ cases demonstrating a pattern of double-spending with less confidence.
however these are notable and relevant as they may contribute to future exposure of certain issues on the relevant exchanges, such as:
Inadequate smurfing detection measures - allowing users to withdraw many "small" transactions over a few minutes to bypass compliance tests
Inadequate UI/UX design or withdrawal flow, causing the user to accidentally click on an action more than once
Those cases appear in different types of exchanges - starting from small exchanges with 1,000 transactions a month and reaching the top exchanges in the world.
The balance of your exchange doesn't make sense?
You might be a victim of Double-Spending...
