Topic: A question about unconfirmed transactions... (Read 1192 times)

better to have 6 confirmations, to negate every attack, 51% it's still possible, but mitigated

there are other type of attack at 3-4-5 confirmations, which lead in double spend

I assume you are asking about the "well distributed nodes" part of the statements? (since "transaction has been received", and "no competing transactions" seems to be pretty self explanatory).

Bitcoin is a peer-to-peer system.  This means there is no "official" entity that is in charge of determining what has happened on the system.  You can't just ask "the bitcoin corporation" which transactions have occurred and which haven't.  Everything that your wallet knows about bitcoin transactions it hears about from the peer nodes that it is connected to.

Lets imagine for a moment that your wallet is connected to ONLY one peer node.  How do you know that you can trust that node?  Perhaps you are about to be a victim of an attack, and the attacker has managed to get his malicious node to connect to your wallet.  Now your wallet won't know anything about what is going on in the rest of the bitcoin network.  The attacker's node could send a transaction to your wallet and NOT send it to anywhere else on the network.  If your wallet isn't connected to any other node, then your wallet won't know that the rest of the network hasn't heard about the transaction.  Meanwhile the attacker could send a completely different transaction to the rest of the network.  This different transaction would spend the same bitcoins, but they wouldn't be going to your address.  The attacker might even manage to mine a block (or even a few blocks) and have them sent ONLY to your wallet and not the rest of the network.  Now your wallet believes that the transaction has multiple confirmations.  Eventually the attacker manages to get whatever "thing of value" they are trying to steal and they shut down their node.  Your wallet now discovers some other node on the bitcoin network and learns about the longer chain that does not include your transaction.  Poof.  The transaction disappears out of your wallet and you have nothing.

To prevent this sort of isolation attack, you would want to be running software that connects to multiple peers.  You'd want to be relatively confident that those peers are communicating with a substantial portion of the bitcoin network.  Then if an attacker sends you a transaction, and transmits a competing transaction to the rest of the network, you'll immediately hear about the competing transaction from one of the other peer nodes.  Your software can then alert you to the fact that something unusual is occurring. 

So there are three parts to makinging sure that your wallet hasn't been isolated by an attacker.

1. Make sure that you are communicating with several well distributed and well connected nodes. If you are only connected to a few nodes and they are all run by the same entity, then the attacker could either be that entity, or could just isolate that entity.

2. Make sure that none of those well distributed and well connected nodes have received a competing transaction from elsewhere on the bitcoin network.  If they have, then the transaction paying you might not be the one to get confirmed and you should NOT exchange anything of value.

3. Make sure that the transaction paying you hasn't just been received from a single node.  That single node could be an attacker.  You can't be confident that any other nodes on the network have the transaction until you've heard about the transaction from additional nodes.  You'll want those additional nodes that tell you about the transaction to be well distributed and well connected so that the attacker won't be able to isolate your wallet and so you can be confident that most of the network is aware of the transaction.

If you can verify the 4 things I listed on my previous post, then the only attack that can prevent you from receiving your bitcoins is a mining attack.  The attacker would have to have access to a substantial amount of mining power to mine a block sooner than the rest of the network.  Purchasing and operating all of this mining hardware would be expensive.  The more they spend the better their chance of successfully mining their own block with a competing transaction.  This makes it relatively safe to accept unconfirmed transactions for inexpensive items.  It is extremely unlikely that someone is going to spend hundreds of thousands of dollars in an attempt to steal a cup of coffee.

Sorry for the stupid. Can you please explain these two? Thank you!

I rarely wait for a confirmation any longer.

If I owned a coffee shop, I'd have software able to verify the following immediately upon receiving a bitcoin transaction:

• The transaction includes a reasonable transaction fee.
• All inputs to the transaction are already confirmed
• There are no competing transactions received from any of several well distributed nodes
• The transaction has been received from several well distributed nodes

As long as those 4 conditions were met, I'd be pretty comfortable with immediately accepting any transaction up to about $1000 in value.

If the transaction failed any of those checks, then I'd inform the customer that there is a problem with the transaction and that they have a choice...

• They can step out of the queue, and they'll receive their purchase as soon as the transaction receives at least 1 confirmation
• They can send a new transaction that does not have any of these problems, and provide me with a bitcoin address where I can send their funds from the first transaction back to them, in which case they can immediately receive their purchase

I'm not sure someone would double spend against a coffee shop though. Maybe only require confirmations for high value purposes or something which wouldn't be the norm at a coffee shop unless buying a lot of stuff or a gift card.

Not exactly. It's reliant on whether or not your transaction remains part of the permanent blockchain. There are a few ways it may not, even when appearing valid at first. As a rule of thumb the deeper a transaction is buried in the blockchain the more likely it is to be permanently valid. A simple way to think of it is, 0 confs is fine for trivial amounts you don't care about being reversed, say a dollar or two. Higher amounts should have at least 1 conf, which is about 1 million times safer than 0 confs. Each additional block adds several degrees more safety, and after 6 it's safe to consider the transaction permanent (under normal network circumstances).

To understand more you'd need to know a bit about networking and Sybil attacks, as well as how mining works. The problem is you can't call VISA to determine if a txn is valid. A computer network provides all arbitration, and there are ways clever thieves can manipulate that situation to their advantage. It's not generally worth it for a cup of coffee, but for higher amounts it could be. That said, if you have a connection to blockchain.info, which seems well connected, and see a valid txn come through you can be relatively sure it's okay and will confirm, especially for smaller amounts. There are projects (like greenaddress.it) looking to make 0 confs quite safe, by being based on something other than normal blockchain txns.

Why not post your unconfirmed txid here first, or you can search the forum, unconfirmed transactions had been discussed a lot.

Ultimately all that matters is the mining node that confirms either one of the transactions sees the legit transaction first before the double spend transaction. From a statistical standpoint, the more nodes that see the legit transaction first the less likely the double spend will succeed.

mm....I think I need to know the maths of this a bit better. So the possibility of a double spend is reliant on time?

I guess somebody would have to do some kind of Monte Carlo simulation with double spends from different points of the Bitcoin network. Then you might be able to say something like "with the current network propagation delay a double spend made 10 seconds after the initial legit transaction has a 0.5% (or whatever %) chance to succeed". They you can adjust your business model to accommodate your risk.

Why 30 seconds? How long after you scan the QR code or whatever would you see a problem? Would 10 seconds be enough? Or should it be 2 minutes? I am not selling coffee, I am just thinking from the point of view of a consumer standing in a coffee queue, or at a petrol pump or at a bookstore counter....30 seconds is a damn long time if they have a queue.

If it were my coffee shop I would accept standard unconfirmed transactions with no detected double-spends after a 30 second monitoring period.

Oh hi Seo Nice to meet the man behind the drop

It was just a general query, not anything specifically to do with luckybit. But thanks for your reply

Can I ask then, from the point of view of, say, my local coffee shop taking bitcoin for takeaway coffees.....is it generally safe for them to take an unconfirmed transaction?

You mentioned blockchain wallet (which I use), Seo - is this a special case? Or is it that double-spending is too hard to do unless it's a large amount?

Ist/

Hi Istaria.

I'm moderator at luckybit. we don't wait always for 1 confirmation to play your bets, most of the bets will play instant.

The problem of unconfirmed transactions is the double spend bitcoins, when a user do a double spend only one of the 2 transactions get confirmations.The engine have a system to avoid this, and that is why some times you need to wait more for your bets.

If you use blockchain wallet to bet, you will be able to bet unconfirmed btc, but some times the site wait the past transactions get a confirmations before play the bet.

If you have any other question about the site, please send a mail to [email protected]

If a transaction has enough fee it's expensive to double spend it so I guess it would be relatively safe to take small deposits without confirmations if they meet some requirements

Technically an unconfirmed amount of btc can be spent again which would nullify the transaction. It would take a high level of skill and luck to pull it off. It isn't something you or I will ever see done successfully but there is always a chance. Some businesses do it because the odds are low and you might choose them over someone else if you don't want to wait for confirmations.

Edited for spelling error

Hello again.
This should be helpful. https://en.bitcoin.it/wiki/Confirmation

Hello all,

To preface, I am a newb

Can someone explain to me how unsafe unconfirmed transactions are please? What is the vulnerability? I have very little experience in this arena, but it seems like some sites (luckybit) can take an unconfirmed transaction and let you bet it on a drop, and other sites require a similarly small transaction to be confirmed.

Why?