{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,3]],"date-time":"2026-05-03T11:01:22Z","timestamp":1777806082904,"version":"3.51.4"},"reference-count":39,"publisher":"SAGE Publications","issue":"3","license":[{"start":{"date-parts":[[2019,5,9]],"date-time":"2019-05-09T00:00:00Z","timestamp":1557360000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/journals.sagepub.com\/page\/policies\/text-and-data-mining-license"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Journal of Computer Security"],"published-print":{"date-parts":[[2019,6,10]]},"abstract":"<jats:p>In Bitcoin network, the distributed storage of multiple copies of the block chain opens up possibilities for double-spending, i.e., a payer issues two separate transactions to two different payees transferring the same coins. While Bitcoin has inherent security mechanism to prevent double-spending attacks, it requires a certain amount of time to detect the double-spending attacks after the transaction has been initiated. Therefore, it is impractical to protect the payees from suffering in double-spending attacks in fast payment scenarios where the time between the exchange of currency and goods or services is shorten to few seconds. Although we cannot prevent double-spending attacks immediately for fast payments, decentralized non-equivocation contracts have been proposed to penalize the malicious payer after the attacks have been detected. The basic idea of these contracts is that the payer locks some coins in a deposit when he initiates a transaction with the payee. If the payer double-spends, a cryptographic primitive called accountable assertions can be used to reveal his Bitcoin credentials for the deposit. Thus, the malicious payer could be penalized by the loss of deposit coins. However, such decentralized non-equivocation contracts are subjected to collusion attacks where the payer colludes with the beneficiary of the depoist and transfers the Bitcoin deposit back to himself when he double-spends, resulting in no penalties. On the other hand, even if the beneficiary behaves honestly, the victim payee cannot get any compensation directly from the deposit in the original design.<\/jats:p>\n                  <jats:p>To prevent such collusion attacks, we design fair time-locked deposits for Bitcoin transactions to defend against double-spending. The fair deposits ensure that the payer will be penalized by the loss of his deposit coins if he double-spends and the victim payee\u2019s loss will be compensated within a locked time period. We start with the protocols of making a deposit for one transaction. In particular, for the transaction with single input and output and the transaction with multiple inputs and outputs, we provide different designs of the deposits. We analyze the performance of deposits made for one transaction and show how the fair deposits work efficiently in Bitcoin. We also provide protocols of making a deposit for multiple transactions, which can reduce the burdens of a honest payer. In the end, we extend the fair deposits to non-equivocation contracts for other distributed systems.<\/jats:p>","DOI":"10.3233\/jcs-191274","type":"journal-article","created":{"date-parts":[[2019,5,10]],"date-time":"2019-05-10T10:43:47Z","timestamp":1557485027000},"page":"375-403","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":2,"title":["Collusion attacks and fair time-locked deposits for fast-payment transactions in Bitcoin"],"prefix":"10.1177","volume":"27","author":[{"given":"Xingjie","family":"Yu","sequence":"first","affiliation":[{"name":"School of Information Systems, Singapore Management University, Singapore. E-mails:\u00a0,\u00a0,\u00a0,\u00a0"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael Shiwen","family":"Thang","sequence":"additional","affiliation":[{"name":"School of Information Systems, Singapore Management University, Singapore. E-mails:\u00a0,\u00a0,\u00a0,\u00a0"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yingjiu","family":"Li","sequence":"additional","affiliation":[{"name":"School of Information Systems, Singapore Management University, Singapore. E-mails:\u00a0,\u00a0,\u00a0,\u00a0"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Robert Huijie","family":"Deng","sequence":"additional","affiliation":[{"name":"School of Information Systems, Singapore Management University, Singapore. E-mails:\u00a0,\u00a0,\u00a0,\u00a0"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"179","published-online":{"date-parts":[[2019,5,9]]},"reference":[{"key":"ref001","doi-asserted-by":"crossref","unstructured":"M.Andrychowicz, S.Dziembowski, D.Malinowski and L.Mazurek, Secure multiparty computations on bitcoin, in: Security and Privacy (SP), 2014 IEEE Symposium on, IEEE, 2014, pp. 443\u2013458. doi:10.1109\/SP.2014.35.","DOI":"10.1109\/SP.2014.35"},{"key":"ref002","unstructured":"M.Andrychowicz, S.Dziembowski, D.Malinowski and \u0141.Mazurek, How to deal with malleability of bitcoin transactions, 2013, arXiv preprint arXiv:1312.3230."},{"key":"ref003","doi-asserted-by":"crossref","unstructured":"G.Asharov, Y.Lindell and H.Zarosim, Fair and efficient secure multiparty computation with reputation systems, in: Advances in Cryptology \u2013 ASIACRYPT 2013, Springer, 2013, pp. 201\u2013220. doi:10.1007\/978-3-642-42045-0_11.","DOI":"10.1007\/978-3-642-42045-0_11"},{"issue":"3","key":"ref004","first-page":"263","volume":"6","author":"Balamurugan B.","year":"2014","journal-title":"Journal of emerging technologies in web intelligence"},{"key":"ref005","doi-asserted-by":"crossref","unstructured":"M.Belenkiy, M.Chase, C.C.Erway, J.Jannotti, A.K\u00fcp\u00e7\u00fc and A.Lysyanskaya, Incentivizing outsourced computation, in: Proceedings of the 3rd International Workshop on Economics of Networked Systems, ACM, 2008, pp. 85\u201390. doi:10.1145\/1403027.1403046.","DOI":"10.1145\/1403027.1403046"},{"key":"ref006","doi-asserted-by":"crossref","unstructured":"I.Bentov and R.Kumaresan, How to use bitcoin to design fair protocols, in: Advances in Cryptology \u2013 CRYPTO 2014, Springer, 2014, pp. 421\u2013439. doi:10.1007\/978-3-662-44381-1_24.","DOI":"10.1007\/978-3-662-44381-1_24"},{"key":"ref007","unstructured":"Bitcoin Project, Bitcoin developer guide. https:\/\/bitcoin.org\/en\/developer-guide#stratum."},{"key":"ref008","unstructured":"Bitcoin Wiki, Providing a deposit. https:\/\/en.bitcoin.it\/w\/index.php?title=Contracts&oldid=50633\\sharpExample_1:_Providing_a_deposit."},{"key":"ref009","unstructured":"V.Buterin, A next-generation smart contract and decentralized application platform. https:\/\/github.com\/ethereum\/wiki\/wiki\/White-Paper."},{"key":"ref010","unstructured":"coindesk, 6 Cool Machines that Accept Bitcoin. https:\/\/www.coindesk.com\/6-cool-machines-accept-bitcoin\/."},{"key":"ref011","unstructured":"N.T.Courtois, On the longest chain rule and programmed self-destruction of crypto currencies, 2014, arXiv preprint arXiv:1405.0534."},{"key":"ref012","unstructured":"C.Darryn Pollock, Japan\u2019s Electronics Marketplace Starts Adopting Bitcoin. https:\/\/cointelegraph.com\/news\/japans-electronics-marketplace-starts-adopting-bitcoin."},{"key":"ref013","doi-asserted-by":"crossref","unstructured":"C.Decker and R.Wattenhofer, Information propagation in the bitcoin network, in: IEEE P2P 2013 Proceedings, IEEE, 2013, pp. 1\u201310.","DOI":"10.1109\/P2P.2013.6688704"},{"key":"ref014","doi-asserted-by":"publisher","DOI":"10.20533\/ijds.2040.2570.2016.0137"},{"key":"ref015","unstructured":"A.Dorri, S.S.Kanhere, R.Jurdak and P.Gauravaram, Lsb: A lightweight scalable blockchain for iot security and privacy, 2017, arXiv preprint arXiv:1712.02969."},{"key":"ref016","doi-asserted-by":"crossref","unstructured":"J.Garay, A.Kiayias and N.Leonardos, The bitcoin backbone protocol: Analysis and applications, in: International Conference on the Theory and Applications of Cryptographic Techniques, 2015, pp. 281\u2013310.","DOI":"10.1007\/978-3-662-46803-6_10"},{"key":"ref017","doi-asserted-by":"crossref","unstructured":"A.Gervais, V.Capkun, S.Capkun and G.O.Karame, Is bitcoin a decentralized currency? 2014.","DOI":"10.1109\/MSP.2014.49"},{"key":"ref018","doi-asserted-by":"crossref","unstructured":"P.Golle and I.Mironov, Uncheatable distributed computations, in: Topics in Cryptology \u2013 CT-RSA 2001, Springer, 2001, pp. 425\u2013440. doi:10.1007\/3-540-45353-9_31.","DOI":"10.1007\/3-540-45353-9_31"},{"key":"ref019","unstructured":"B.K.Helms, South Africa\u2019s Second Largest Supermarket Chain Pick n Pay Trials Bitcoin Payments. https:\/\/news.bitcoin.com\/south-africas-second-largest-supermarket-chain-pick-n-pay-trials-bitcoin-payments\/."},{"key":"ref020","doi-asserted-by":"crossref","unstructured":"G.O.Karame, E.Androulaki and S.Capkun, Double-spending fast payments in bitcoin, in: ACM Conference on Computer and Communications Security, 2012, pp. 906\u2013917.","DOI":"10.1145\/2382196.2382292"},{"key":"ref021","doi-asserted-by":"crossref","unstructured":"A.Kosba, A.Miller, E.Shi, Z.Wen and C.Papamanthou, Hawk: The blockchain model of cryptography and privacy-preserving smart contracts, Technical report, Cryptology ePrint Archive, Report 2015\/675, 2015. http:\/\/eprint.iacr.org.","DOI":"10.1109\/SP.2016.55"},{"key":"ref022","unstructured":"J.A.Kroll, I.C.Davey and E.W.Felten, The economics of bitcoin mining, or bitcoin in the presence of adversaries, in: Proceedings of WEIS, Vol. 2013, Citeseer, 2013."},{"key":"ref023","doi-asserted-by":"crossref","unstructured":"R.Kumaresan and I.Bentov, How to use bitcoin to incentivize correct computations, in: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, ACM, 2014, pp. 30\u201341.","DOI":"10.1145\/2660267.2660380"},{"issue":"7","key":"ref024","first-page":"8","volume":"112","author":"Langaliya C.","year":"2015","journal-title":"International Journal of Computer Applications"},{"issue":"4","key":"ref025","first-page":"231","volume":"15","author":"Lee C.-C.","year":"2013","journal-title":"IJ Network Security"},{"key":"ref026","unstructured":"B.I.S.J.Lin, A caf\u00e9 opened in Singapore that accepts bitcoin instead of cash and has a cryptocurrency ATM for people running low. https:\/\/www.businessinsider.com\/cashless-bitcoin-cafe-singapore-2017-12\/?IR=T."},{"key":"ref027","doi-asserted-by":"crossref","unstructured":"M.M\u00f6ser, R.B\u00f6hme and D.Breuker, Towards risk scoring of bitcoin transactions, in: Financial Cryptography and Data Security, Springer, 2014, pp. 16\u201332.","DOI":"10.1007\/978-3-662-44774-1_2"},{"key":"ref028","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2738601"},{"key":"ref029","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2015.2405905"},{"key":"ref030","unstructured":"PELICOIN, Bitcoin Vending Machines: The Next Bitcoin Machine You\u2019ll See Everywhere. https:\/\/www.pelicoin.com\/blog\/bitcoin-vending-machines."},{"key":"ref031","unstructured":"B.J.Redman, The Evolution of the Bitcoin Vending Machine. https:\/\/news.bitcoin.com\/evolution-bitcoin-vending-machine\/."},{"key":"ref032","unstructured":"M.Rosenfeld, Analysis of bitcoin pooled mining reward systems, 2011, arXiv preprint arXiv:1112.4980."},{"key":"ref033","unstructured":"RT Question More, First restaurant in Russian capital accepts payment in bitcoin. https:\/\/www.rt.com\/business\/394406-russian-restaurant-accepts-bitcoin\/."},{"key":"ref034","doi-asserted-by":"crossref","unstructured":"T.Ruffing, A.Kate and D.Schr\u00f6der, Liar, liar, coins on fire!: Penalizing equivocation by loss of bitcoins, in: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, ACM, 2015, pp. 219\u2013230.","DOI":"10.1145\/2810103.2813686"},{"key":"ref035","unstructured":"T.Ruffing, A.Kate and D.Schr\u00f6der, Implementation of accountable assertion scheme. http:\/\/crypsys.mmci.unisaarland.de\/projects\/PenalizingEquivocation\/."},{"key":"ref036","unstructured":"SpendBitcoins, Fast Food Restaurants that accept bitcoin in United States. http:\/\/spendbitcoins.com\/places\/c\/fast-food\/."},{"key":"ref037","doi-asserted-by":"crossref","unstructured":"P.Xu, S.He, W.Wang, W.Susilo and H.Jin, Lightweight searchable public-key encryption for cloud-assisted wireless sensor networks, in: IEEE Transactions on Industrial Informatics, 2017.","DOI":"10.1109\/TII.2017.2784395"},{"key":"ref038","doi-asserted-by":"crossref","unstructured":"X.Yu, M.S.Thang, Y.Li and R.H.Deng, Fair deposits against double-spending for bitcoin transactions, in: IEEE Conference on Dependable and Secure Computing, 2017.","DOI":"10.1109\/DESEC.2017.8073796"},{"key":"ref039","unstructured":"S.W.Zheng and L.Fan, Credit model based on p2p electronic cash system bitcoin, Information Security and Communications Privacy 3 (2012), 040."}],"container-title":["Journal of Computer Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JCS-191274","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.3233\/JCS-191274","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/JCS-191274","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T20:45:18Z","timestamp":1777495518000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.3233\/JCS-191274"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,5,9]]},"references-count":39,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2019,6,10]]}},"alternative-id":["10.3233\/JCS-191274"],"URL":"https:\/\/doi.org\/10.3233\/jcs-191274","relation":{},"ISSN":["0926-227X","1875-8924"],"issn-type":[{"value":"0926-227X","type":"print"},{"value":"1875-8924","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,5,9]]}}}