addTransaction() method checks for double spending by doing getBalanceOfAddress() check link, but a user can add any number of transactions even if s/he doesnt have the balance. Shouldn't we add the same check for each transaction in the minePendingTransactions() link, so that we can remove the problem of double spending. If this sounds good, I will raise the pull request.

I'm not sure if I understand this correctly.
As far as I see, it's not possible to call addTransaction when you don't have sufficient balance. That is checked here:

To what are you referring when you say "a user can add any number of transactions even if s/he doesnt have the balance" ?

Hey @Savjee

First of all, congrats for your initiative, this repository and yours videos series helped me a lot.

About this issue, I have the same question about double spending and I think that verify only mined transactions in this.getBalanceOfAddress it isn't a good solution for this.

Maybe we should verify the pendingTransactions array too, what do you think?

I'm not sure if I understand this correctly. As far as I see, it's not possible to call addTransaction when you don't have sufficient balance. That is checked here:

SavjeeCoin/src/blockchain.js

Line 195 in 2b9e788

if (this.getBalanceOfAddress(transaction.fromAddress) < transaction.amount) {

To what are you referring when you say "a user can add any number of transactions even if s/he doesnt have the balance" ?

I think I start to understand this issue. When a new transaction is added to the pendingTransactions, these checks are performed:

• "from" and "to" address must be defined
• The transaction must have a valid signature
• The amount must be larger than 0
• You must have a sufficient balance

However, the balance is checked against the balance on chain. Not against what is still pending. So indeed, it's possible to spend more than your balance as there are no checks in "minePendingTransactions".

I see two ways of solving this:

1. Allow people to add these transactions to the list of pending ones and throw them out when mining with minePendingTransactions.
2. Add a check to addTransaction

Fixing this in branch: https://github.com/Savjee/SavjeeCoin/tree/issue-54

I implemented a test for this case here:

And implemented a fix for addTransaction:

Could you check these changes?

That looks like a great solution

Fixing this in branch: https://github.com/Savjee/SavjeeCoin/tree/issue-54

I implemented a test for this case here:

SavjeeCoin/tests/blockchain.test.js

Line 85 in 95b7fe8

describe('minePendingTransactions', function() {

And implemented a fix for addTransaction:

SavjeeCoin/src/blockchain.js

Line 201 in 95b7fe8

const pendingTxForWallet = this.pendingTransactions

Could you check these changes?

Merged in! Thank you both for reporting this (and having the patience for me to understand the issue 😆)