**1. Introduction**

Blockchain technology has been widely used in various distributed system contexts, including content distribution networks [1], smart grid systems [2], e-healthcare [3], real estate [4,5], e-finance [6], e-education [7], supply chains, e-voting, smart homes [8,9], smart cities [10] and smart industries [11,12]. The advent of blockchain technology has affected the global financial system through digital currencies. In 2008, Satoshi Nakamoto invented a revolutionary electronic cash system called Bitcoin (a digital currency) that made peerto-peer electronic transactions possible. This peer-to-peer digital currency system was designed to eliminate the need for third parties in financial transactions between unknown parties in a trustworthy and verifiable way [13]. In January 2009, the same group created software as an open-source code and introduced the first digital currency in history [14]. As the fundamental technology of Bitcoin, blockchain consists of a transparent and immutable list of chained blocks of transactions. In the peer-to-peer network, each peer maintains a copy of the blockchain known as the distributed ledger.

Blockchain acts as a decentralised public ledger for recording data as blocks, which constitute a connected list data structure used to indicate logical relationships between the

**Citation:** Akbar, N.A.; Muneer, A.; ElHakim, N.; Fati, S.M. Distributed Hybrid Double-Spending Attack Prevention Mechanism for Proof-of-Work and Proof-of-Stake Blockchain Consensuses. *Future Internet* **2021**, *13*, 285. https:// doi.org/10.3390/fi13110285

Academic Editor: Ahad ZareRavasan

Received: 9 October 2021 Accepted: 4 November 2021 Published: 12 November 2021

**Publisher's Note:** MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

**Copyright:** © 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/).

data added to the blockchain. The data blocks can be retained without the involvement of a centralised agency or intermediary. In another alternative, data blocks are copied and exchanged throughout the entire blockchain network, thereby eliminating device failure, data managemen<sup>t</sup> and cyber-attacks. The two most important processes of blockchain are block mining and block validation. The mining process involves adding a new block or transaction to the public global ledger. The new block or transaction is then validated in a process known as block validation. To understand how blockchain operates, we need to understand its four underlying layers. At the lowest layer are peers sign transactions, which represent an agreemen<sup>t</sup> between two parties, such as exchanging physical or digital property or completing a task. To ensure the absence of corrupt branches and divergences [15], the nodes must agree on which transactions should be kept in the blockchain, which is the responsibility of the consensus layer. The third layer is the compute interface. Through the compute interface, the blockchain is able to provide increased functionality. Blockchain maintains a record of each transaction undertaken by a user so that by calculating the balance of each user, the overall balance may be determined. The last layer, governance, extends the blockchain architecture to human interaction in the physical realm. Therefore, the popularity of blockchain is inevitable because the technology can provide desirable features by replacing the centralised communication architectures of today. The core protocol of blockchain, particularly in blockchain-based cryptocurrencies, refers to the consensus protocol. The consensus protocol enables all peers to agree on every block inclusion in the distributed ledger [16]. As a result of a consensus mechanism, all truthful nodes establish mutual agreemen<sup>t</sup> on a consistent ledger in asynchronous, untrusted networks [17]. The consensus protocols are well-defined, but inputs from various stakeholders are also considered, which affects the blockchain's authenticity. Incorporating new methods for improving consensus protocols and/or patching systems is therefore essential to the development of blockchains.

Different consensus mechanisms are required to ensure the security of digital transactions due to the varying types of blockchain technology [18]. A common consensus mechanism is proof-of-work (PoW), in which the parties must demonstrate their rights to add a node by solving an increasingly complicated computational problem to ensure authentication and compliance, including identifying thresholds for harm, such as leading zeros [19]. Given that the PoW protocol needs tremendous computing power to solve the block complexity in Bitcoin [20], another consensus protocol called proof-of-stack (PoS) was proposed to overcome the problems of the PoW protocol. Despite the high complexity of the PoS consensus, this protocol may be vulnerable to stack problems if more than half of the network is manipulated to prevent a new block from being distributed to confirm transactions [21]. A PoS protocol separates stake blocks according to the relative hashing rates of miners (i.e., their computational power) in relation to the resource capacity of existing miners [22]. This approach makes the choice fair and prevents the richest participant from dominating the network. Many blockchains, such as Ethereum [23], opt for PoS because power consumption and scalability are greatly reduced. Several consensus approaches, including Byzantine fault tolerance (BFT) and its variants, are also available [24].

However, despite the application of consensus protocols, which prevent many security breaches, several malicious attacks have occasionally hampered the growth of blockchain technology. For example, certain attacks, such as Eclipse, Sybil, BGP deterrence, and 51%, are triggered as a result of attempts to penetrate the blockchain network. Amongst these attacks, the 51% attack has received the least attention from researchers due to its high costs. However, recent security incidents have demonstrated that 51% attacks can be carried out against various contemporary cryptocurrencies [25]. Compared with other consensus protocols, PoW immediately challenges 51% attacks, where recent attacks have mainly focused on PoW-dependent cryptocurrencies [26]. This is one of the most severe dangers associated with a PoW-based cryptocurrency because it assumes that if a fraudulent peer network is allowed to obtain more than 50% of the network assets (i.e., computing power), its members become the majority of the network's decision makers. Peers with superior

processing skills could dominate the network because they have the capability to mine numerous blocks as peers compete for fast access. They can easily exploit the blockchain by creating fake transactions, and the fraud perpetrated by other users may result in large-scale financial losses.

To prevent this attack, researchers have performed various studies. The majority of them recommended combining two or more resource proofs into a hybrid protocol to combat this attack [27–31]. However, mixing two or more existing protocols (hybrid protocol) makes the network resistant to this attack. Therefore, the recent implementation of hybrid protocols has other challenges and drawbacks that need to be addressed. For example, several have added voting systems, ticket delivery systems, fines, special nodes and block validator groups to deter malicious behaviour [32]. These measures are successful in protecting the network against 51% attacks. However, their primary weakness is in rewarding block mining to investors, which pertains to the number of Bitcoins you receive if you are successful in mining a block. Undoubtedly, the investor invests his hard-earned money in a cryptocurrency to reap the benefits of his investment. These benefits may be derived from the block mining reward. In this scenario, the accuracy of the block generation time interval is crucial in ensuring that this benefit is delivered to the appropriate consumer at the appropriate time. However, the voting, ticket and other systems are not time-controlled, and no consistent distribution of benefits occurs over the block reward generation intervals. Another major issue is the diversification of peers by establishing special committees and validation groups that violate the P2P network's principle.

Hence, this study proposes a hybrid consensus protocol that integrates PoW and PoS to control block generation time in two ways. Firstly, our proposed model uses the PoW mining method for the first time to prevent the block generation time from exceeding a specified threshold. Secondly, the generated block is validated by the PoS consensus without any need for voting or commission approval. In the proposed model, each block is validated by the entire network. Hybridisation is one of the aspects that make our study unique and novel compared with previous studies. In addition to being able to handle the 51% attack, the framework ensures a standardised distribution of mining rewards to stakeholders and investors by maintaining a precise block generation interval with difficulty adjustment in PoW mining and stakeholder probability calculation based on their mature stake balance. This study proposes a hybrid algorithm that combines the PoW and PoS mechanisms to ensure a fair mining reward between the miner and validator by controlling the block generation time. To ensure long-term sustainability, the proposed model entails a complexity analysis. The important contributions of this work can be summarised as follows:


This paper is structured as follows. Section 2 presents a background of the topic and related work wherein blockchain and previous attempts are described and investigated. Section 3 provides an overview of the methodology adopted in this study and a description of the experiment's algorithms. The analysis and results are given in Section 4, and the conclusions and future work directions are presented in Section 5.
