: The exchange sees the transaction to Address C and then sees the attacker's block arrive. Because the block is valid, the exchange's node may count the transaction to Address C as having one confirmation , even though that transaction is not actually in the block.
: The attacker connects to a well-connected node (like an exchange's node) and a mining pool. They mine a block containing a transaction that sends coins from Address A to Address B (both controlled by the attacker) but do not broadcast it immediately.
: Automated payment processors or exchanges with low confirmation thresholds. Bitcoin_Fake_Transaction_Vector76_attack_Full_V...
The attack combines elements of a and a Race attack by leveraging a pre-mined block.
: The merchant/exchange loses the goods or currency, while the attacker retains their original Bitcoin on the main chain. : The exchange sees the transaction to Address
The (also known as a one-confirmation attack) is a sophisticated form of double-spending in Bitcoin that exploits the way nodes handle "orphaned" blocks and transaction confirmations. It allows an attacker to trick a recipient (often an exchange) into accepting a transaction that will ultimately be invalidated. How the Vector76 Attack Works
: It relies on the deliberate creation of a fork where the exchange is kept on the "losing" side of the chain for just enough time to process a withdrawal. They mine a block containing a transaction that
: Immediately after, the attacker broadcasts their pre-mined block to the network.