What is nonce in Ethereum? How does it prevent double spending?
recently I got fascinated by blockchain, and started learning Ethereum. I came across the concept of the nonce in Ethereum.
After researching I found out that nonce is used for two purposes.
a. To keep transaction related to an account in order. i.e if there is a transaction with nonce 3 related to some account in the txpool and some transaction will nonce 4 arrived then that transaction won't be mined until and unless transaction with nonce 3 is mined.
I understand this.
But I have some question that I am not able to find?
i) nonce value is related to an address, right? So two address can have same nonce at the same time i.e. account with Address A can have the latest nonce 2 similarly account with address B can also have latest nonce 2.
ii) Do all nodes in the network will have same latest nonce value for all accounts available in the network?
That is, if there are three accounts and 2 miners then and nonce value for three accounts are 1,2,3 respectively, then both miner will have the same nonce.
Assumption: Both miners are in sync
b) how is nonce used to prevent a double spend?
All you need is here : https://myetherwallet.groovehq.com/knowledge_base/topics/what-is-nonce
I ended up having to look at Bitcoin's UTXO design vs Ethereum's balances design to really understand the nonce. It made sense when I read about Ethereum alone, but I kept wondering why Bitcoin didn't need it.
What is nonce in Ethereum?
If you refer to the Glossary at Github Wiki, there are two types of nonce used in Ethereum.
- Account nonce - It's simply the transaction count of an account
Account nonce: a transaction counter in each account. This prevents replay attacks where a transaction sending eg. 20 coins from A to B can be replayed by B over and over to continually drain A's balance.
- Proof of work nonce - The random value in a block that was used get the proof of work satisfied (depending on the difficulty at the time).
Proof of work nonce: a meaningless value in a block which can be adjusted in order to try to satisfy the proof of work condition
Here you are referring to the account nonce, which is the transaction count from that account.
i)Nonce value is related to an address right? So two address can have same nonce at the same time i.e account with Address A can have latest nonce 2 similarly account with address B can also have latest nonce 2.
Yes as explained above, it's the transaction count and hence it's related to the account. As it's an incrementing number two accounts can have the same nonce at the same time.
ii)Does all node in the network will have same latest nonce value for all accounts available in the network?
When the nodes get synced with blockchain, eventually they will. Since a node accepts the longest valid chain there's no issue of all the nodes not getting updated with latest nonce value at the very moment a transaction is mined. Once synced, they will have the same nonce value for the account. (It's obvious because in a blockchain all the nodes are supposed to have the same block data. So after a certain amount of time you can be pretty much sure that the transaction is confirmed, hence the nonce value)
b)nonce is used to prevent double spend how?
Avoiding double spend means to stop using the same amount twice. If the nonce is set to the same only one of the transactions will be mined and most of the time that can be the one with higher gas price, but however no double spend will happen as only one transaction will take place at the end in either case.
Another trick avoided by nonce is using higher gas prices to get a transaction sent later be mined before an earlier one from the same account.
Consider a situation where A sends a transaction of X ETH to B as a payment and A's account has only that X ETH in his account. Once the transaction was sent to be mined A can send another transaction of X ETH with a higher gas price to one of his other account letting the first transaction sent to be mined later by getting a higher priority in the pending transaction queue. But since Ethereum takes nonce into consideration this is not allowed as the nonce of the later transaction is higher than the previous one.
You may refer this question as well.
Assuming the first transaction has been confirmed x number of times, right? Otherwise, what prevents me from broadcasting the doublespend with higher gas price, and with the same nonce?
Regarding: "Account nonce - It's simply the transaction count of an account" This is not quite true - the nonce is incremented every time a CREATE opcode is executed, since a single transaction may emit many CREATE instructions this number may be significantly higher than the number of transactions.
"Account nonce: a transaction counter in each account. This prevents replay attacks where a transaction sending eg. 20 coins from A to B can be replayed by B over and over to continually drain A's balance." this is what github glossary says. Do you have any source to refer?
If nonces did not exist, replay would be possible without front-running. No gas manipulation would be needed. The reason is that, for purposes of legitimately allowing the same amount to be sent twice from one account to another, an honest verifier would have to accept multiple transactions with the same from/to/amount tuple. As such, an adversary would simply be able to re-send the same transaction. The nonce asks the sender to sign a new message when the same amount is transferred to the same account, and thus the verifier can now safely drop transactions that are simply re-transmitted.