Topic: 1 hour for a safe transaction? (Read 1923 times)

Well, there is a configuration that leaves you very vulnerable to an attack vector.

Researchers were claiming to have reached near 100% confidence that a double spend can be performed.  

 - http://eprint.iacr.org/2012/248.pdf

Of course, they didn't follow the recommended actions ... configure your client to accept no incoming connections and for outgoing to explicitly connect to a well-connected node (or a node operated by a trustworthy party).  

Here are the various double spending attacks:

 - https://en.bitcoin.it/wiki/Double-spending#Race_attack

Blockchain.info likely only has outgoing connections but that doesn't mean that is the best method for a merchant to use for notifications as the attacker might receive a connection from Blockchain and through that connection relay simultaneously to Blockchain.info and to the various mining pools simultaneously.   You want to ensure with certainty that your node does not have a direct connection to or from the attacker.

People lie. This is an example of that.

If zero confirmations is sufficient then why did MyBitcoin fail?  They said that their coins were stolen because of this mistake:


Full quote: https://bitcointalksearch.org/topic/mybitcoincom-press-release-2-34770

In person trying to execute a 0-confirm or finney double spend is even more difficult.  Online the attacker can perfectly time the execution of the attack but real world it is "messy".  The attack could be discovered before the attacker gets the goods, the store may have cameras, (someday) it could just be the attackers bad luck that a cop walked into the store.  In the case of a finney attack the longer the attack is delayed the more the cost to the attacker.

I don't want to undersell the risk.  It is in theory possible.  The risk isn't 0.0% but it is probably far less than the risk of a CC being stolen or the customer committing so called "friendly fraud".  The other thing to consider is there is no "one size fits all" aproach.  If you are selling low value items which have limited resale appeal the risk is very low.  If you are selling gold coins and your average tx size is $5,000 then maybe you get the customer something to drink and wait for 2 confirmations.

As eveoorhees indicated above in time more comprehensive POS systems will likely be developed.  Ones that integrate into backend processing (quickbooks, etc) just like CC terminals.  Given the low risk of "meatspace" double spends potentially we could even see double spend insurance.  Pay x% (say 0.2%) and in the unlikely event you are double spent the insurance company covers it.

Remember Bitcoin is really still in its infancy.  Much of how commerce will be done 10, 20 years from now is still a blank canvas.

Correct. You can really feel "good to go" about a transaction after you see it show up. Waiting for confirmations is unnecessary.  And yes a POS could be just as you describe, though more elegant and even easier solutions will surely be built.

ok, that makes a lot less risk then how people were making it look in chat.


So if a business wanted to take bitcoin; they could simply have a computer screen up and watch blockchain.info as soon as a transaction shows as pending they are fairly safe to let the costumer walk out?

So a POS could just be a tablet set to blockchain.info to watch a singular address. QR code printed and on the counter.  A merchant account just be a MT gox account set to sell as soon as BTC hits the account?

As others have said, waiting for more than 1 or 2 confirmations is overkill unless you have reason to suspect your customer will be willing spend millions on an attack which will be immediately obvious after he executes it. Such an attack has never happened before and is very unlikely to be successfully attempted in the future.

In any case, what other electronic payment systems exist that allow you to securely and irreversibly transfer funds anywhere in the world in less than an hour?

I understand ZipConf tried to address this:
http://bitcoinmagazine.net/zipconf-the-other-side-of-instant/

I've accepted over 6000 transactions at 0 confirms without any problems. I recently made some changes to limit the possible damage, but I still don't expect any trouble. Requiring 6 seems outrageously careful.

I'll take the one hour confirm and near zero chance of a double-spend over one of the larger alternatives:

http://www.paypalsucks.com

A 51% attack isn't needed to rip off a 0 confirm. In fact, in theory no hardware is needed at all. First you spend the coin where you want the good/service from, draining your address, and giving no transaction fee. Then you quickly spend the same amount of coin to an address you control but give a nice transaction fee. The second transaction is included in the blockchain quickly and first, so the second one is rejected.

I say in theory because most miners will pick up the first transaction anyway. In that case, you do need hardware to try to jump in and mine the second transaction to be included before the first.

The few bitcoin businesses I'm part of accept payments at zero confirmations. Meaning, payments are instantaneous. Never have we had a problem with this policy - not once.

If you're selling a house, wait for a few confirmations. If you're selling a car, wait for two. For anything else, 0-1 confirmations is absolutely fine. The notion that you need to wait for 6 for the payment to be "safe" is utterly false.

In theory yes.  Credit cards can be stolen so you always wait 180 days for them to confirm first right?

With 1 confirmation for an attacker to even have a 5% chance of reversing a transaction would require roughly 24% of global hashing power.  Today that would require in excess of $5M in hardware and hundreds of thousands of dollars a month in electrical costs.  It would also take up a small warehouse and require a full time staff of technicians, security guards, electricians, and software developers.

What do you sell that would warrant that kind of expenditure?

Sure if you need 99.999% certainty that a transaction can't be reversed you should likely wait for 6 confirmations.  Most merchants would be fine with 1 confirmation.  Low value transactions like say a $10 game would be fine with 0-confirmations just wait 15-30 seconds to ensure your transaction has propagated the network.

To my knowledge no 1-confirmation malicious double spend has ever occurred and even 0-confirmation double spends are so rare that if one has occurred it would be in the extreme minority of transactions.  


Why do you hold Bitcoin to a higher standard than other payment methods?
Credit cards - reversible for up to 180 days.
Checks - reversible if fraudulent for up to 10 days after depositing.
Cash - potentially counterfeit until verified by the bank as authentic.

I'm assuming you mean a brick and mortar store. An online store has no issues because a customer generally doesn't have an order fulfilled in the hour anyway.

However, for a grocery store, you might have a loyalty/rewards card that allows you to leave immediately. Businesses will like this because they are always trying to get customers to sign up for these things. If a customer does double spend, then they can be contacted and then sent to collections/have their bitcredit rating affected.

If not that, then I can see trusted 3rd parties (green addresses) being used for these purchases. If they see the coins coming from Mt Gox, they trust they will arrive. That sort of thing. I know it's not reasonable now, but when people start to get a reliable income in bitcoin, there will be credit card type things that you will use to spend coins you don't have and then you pay a monthly bill, just like with cash, and probably debit cards that pull coins from your account. Using these will hook you into a trusted network that will not only instantly confirm the coins to the grocer, but begin to mine the transaction with their own system.

with a credit card it is not "fully confirmed" for 3 - 6 months - the time chargeback is possible
seriously 6 Bitcoin confirmations are much quicker - an hour or so (even on a slow day a couple of hours is still less than any months)

there is some illusion that credit cards are quick - ppl really need to find out how stuff works
especially merchants that accept credit cards

>how is this being addressed?

Follow my signature ;>

whats this then?

http://blockchain.info/double-spends

The way I read it some one with hashing power could make it so your transactions never confirms.

Many bitcoin businesses only wait 1 confirmation now.  There has never been a successful double-spend attack, as far as I have heard.  The cost of creating a double spend attack would probably be in the tens of thousands of dollars (or hundreds of thousands to millions if you include hardware acquisition), so it's unlikely someone is going to try to reneg on double-digit amounts of Bitcoins.

Another factor to consider: When a business accepts a credit card, the cardholder can chargeback that payment for 90-180 days.  Yet, businesses  accept CC's without requiring the customer to wait 90+ days to receive their goods. 

How would it ever be Practical for business to accept bitcoin if they need to the customer to wait for 6 confirmations?

Is there any way speed this up?

I've been using bitcoin for awhile but never realized it was that easy to stop a transactions without confirmations if the attacker happens to be a miner.