Withhold Attack

• A kind of Double Spend attack
• From this post by FlatOutCrypto (14-6-2018):

"A withhold attack builds upon the Finney and Race attacks, as it can succeed even if the merchant waits for confirmations. An attacker would send a tx to the merchant, as in the race attack, but would also send a duplicate tx to themselves. However, unlike with the race attack, the attacker would instead send the tx on a private alternative blockchain fork that they were mining.

The merchant would release the goods after waiting for the requisite number of confirmations. At this point the attacker would be able to publish their chain to the wider network. If the attacker has been able to find more blocks than the wider network has been able to this point then their chain becomes the legitimate chain and as such the tx sent to the merchant would be deemed invalid. The attacker would again hold both goods and original funds.

The withhold attack is more resource intensive than the previous two attacks, as the malicious actor would need to have a significant amount of the network hashpower. The Bitcoin whitepaper (section 11) sets out the likelihood of success an attacker can expect, determined by the proportion of hashpower controlled and the number of confirmations the merchant requires (the more confirmations required, the more hashpower is needed).

For example, possessing 20% of the hashpower with a merchant requiring three confirmations would give the attacker a 10% chance of success. Two confirmations sees that rise to 20%. Even if a user waits for the advised six confirmations an actor with 20% of the hashpower would still have a 1.5% chance of success – a slim chance, but a chance nonetheless."