Topic: An idea to speed up bitcoin transactions (Read 2448 times)

As far as I understand it, you can send out two transactions for the same bitcoin, it's just that only one of them will be confirmed by the network.

No.  When a miner adds a block to the blockchain they get the block reward (currently 50 BTC, soon to be 25 BTC) AND all the transaction fees for the transactions that they include in the block they created.  The protocol is designed to make sure that this process always takes approximately 10 minutes.  If many new faster miners start mining and creating blocks speeds up, then the protocol requires that the difficulty target on the new blocks be increased so that it still takes about 10 minutes. If a bunch of miners suddenly quit mining and it starts taking more than 10 minutes for all the processing power in the network to create the next block, then the protocol requires that the difficulty be decreased so that it still takes about 10 minutes.

So, as you can see, miners don't get the new coins unless they create a block of transactions.  Reducing the reward doesn't make it more profitable for miners to process transactions, it makes it less profitable.  But that doesn't matter as far as the time for transactions to be "confirmed", because if miners quit when the profitability drops, then the difficulty will drop, keeping the confirmations around 10 minutes.

It could, but then it wouldn't be bitcoin, it would be litecoin.  Bitcoin is intentionally designed for confirmations to take 10 minutes.  As more processing power is added to the network, the protocol adjusts the difficulty to ensure that it continues to take about 10 minutes per block.
 
Transactions are already made nearly instantly.  Then, every ten minutes or so those almost instantly created transactions are collected together and a mathematical process that includes those transactions is worked out.  It is the difficulty and slowness of this process that prevents an attacker from modifying past transactions in the blockchain.

Because this process is very difficult and takes the entirety of all bitcoin miners approximately 10 minutes to complete, it becomes pretty much impossible for any individual person who does not have as much processing power as total of all the miners on the network to replace any of those transactions with a new block of their own.  Each new block contains a portion of the previous block in its mathematical process.  Therefore, to change a transaction in the past, the attacker would have to be able to recreate valid blocks to replace all the past blocks back to the one with the transaction they want to replace faster than the rest of the miners are creating new blocks.  Since the difficulty adjusts to keep the block creation near 10 minutes, this means that the attacker would have to maintain more processing power than the entire network for an extended time so that they could create each of these blocks before the rest of the network can.

The difficulty and slowness of the "mathematical problem" is the reason that bitcoin works.  It is called "proof of work" and is used to prevent people from spending digital copies of the same output (coin) more than once.

No, it will not: even if you pay a big transaction fee the block still come every 10 minutes (on average) so it tooks at least 10-20 minutes to have one  confirm to the transaction.
Only way to speed up blocks is to modify the protocol and mine 1 block every 5 minutes (halving the reward in consequence).

Yes that was kind of the idea, that someone would provide this kind of service and charge a fee for it. And the idea was then that people would think it was worth it, that the extra speed provided would be worth the fee, so the whole thing would be a business idea. But, well, reading the replies here and thinking about it a bit more I realize that it probably isn't the case. Also it is probably already built in to bitcoin from the start, because miners can earn a fee for confirming transactions. At least something like that, I'm not 100% sure how it works either...


I agree. Maybe this will change with the coming reward drop from 50 BTC to 25 BTC for generated blocks, because it would be more profitable for miners to expedite transactions rather than mine new bitcoins. Could this be the case?

Hi limikael,

With your solution there is a middle man, who probably want money for the service. (nobody wants a middleman)

I'm just saying something without the full knowledge of how bitcoin works.
But maybe bitcoin could be speed up, like they did with http://litecoin.org/
It's strange that bitcoin got so much computing power and use it to solve a mathematical problem, while that power could be used to make transactions instantly, in my humble opinion.

So let's say the merchant uses the Bitcoin.org client and has it properly configured (no incoming transactions, has an outgoing connection to a well-connected node).  The success of a race attack double spend is maybe one in twenty (5%) (this is a wild ass guess, ... it is probably below an order of magnitude of that even.)  

So if I am a thief, I then have to buy 19 meals (at $100 each) in order to steal the 20th meal (using the unverified estimate that on average, one out of twenty attempts succeed).

I think the restaurant might just encourage this practice, since margins at a restaurant are often much better than 5%.  

As far as the other double spending threat, the Finney Attack, an attempt of this for stealing from a restaurant doesn't work well.  The thief can't wait for the restaurant to process the charge, instead the thief needs to have the timing down exactly.  As soon as the miner has a block the thief then needs to get the merchant to process the payment in seconds and upon doing so the thief needs to runs off immediately as the merchant will discover the double spend seconds later.

With the Finney attack, each second the miner holds onto the block costs just about ten dollars worth of bitcoins, so if this takes more than ten seconds the miner loses money in gaining a $100 food bill.  

And both of these are silly thought games anyway.

Why wouldn't the thief just walk out the restaurant without paying rather than mess with this double spending approach?

[Edit: On second thought, concerns about the risks are valid, just that they seem to be easily blown out of proportion because there is so little actual bricks-and-mortar types of activity so far to know which types of situations have risk and which don't.]

Yes I think trusting unconfirmed transactions (or low confirmation transactions) opens up possibility of double spend attack depending on which blockchain the network ultimately agrees upon.  Anyone care to elaborate?

At least here in Italy, if you pay with a credit card in a shop you can't reverse the transaction: you sign the receipt and shop keeper check that the credit card is hold by the issuer checking a document of identity.

It sends the same coins (plus winnings) back to the recipient in one tx.  If you double spend your bet, you double spend your winnings too.  Technically one could selectively only double spend only the losing bets.  As I pointed out it is much much much harder than most people think to pull off a double spend against a properly hardened merchant.  Against an uninformed merchant the chance is higher but I doubt SD has a non-optimal network configuration.  

The biggest threat against SD would be a Finney Attack but if it became a problem there is a small change they could make which would make that attack very difficult and risky for the attacker.  I am sure that the SD developers are already aware of it.

A D&T PSA:
Before I leave this thread let me make it clear; one shouldn't casually dismiss the risk of a double spend.   That wasn't my intent, rather each merchant should realize there is no one size fits all.  A merchant doing millions a week in irreversible transactions is completely different than a brick and mortar shop which is different than a hypothetical Bitcoin vending machine selling candybars for bitcents.   Still as a rule of thumb double spends are hard and low value tx are unlikely to be worth the effort.  It probably is wise for new merchants to err on the side of caution but the "everyone needs 6 confirms" or they will be robbed overnight is just nonsense.   It would be like saying all merchants need to wait 180 days before delivering goods paid by credit card.  Sure that would be safe but it is overkill.   Could you imagine how unpopular Steam would be if you could pay for a game today and it would unlock in six months?

What does SatoshiDice do to avoid doublespending attacks?

Does he accept credit cards?  Does he wait 180 days before delivering goods?


Agreed.  One option is a green address.  Escrow is another option.  

A third option is to get miners to bond transactions and thus allow the merchant to "stack the deck" if you will.   A major pool(s) could post a bond (as in surety bond) and offer a contract to merchants guaranteeing their tx will not be replaced in any block the pool solves.  Merchants can check if a tx is in the pool's memory pool and once the pool confirm it is, the pool guarantees that if they solve a block it will contain that tx.  If the pool fails to live up to the guarantee it reimburses the merchant for its failure (hence the reason for posting a surety bond).    Now a merchant might not be able to get a guarantee by 100% of hashing power but even a sizable fraction makes the low risk of a double spend even lower.  In time you may even seen processing companies wrap all this up and simply insure the transaction (collecting  profit between actual risk and the premium charged).

You forgot brick 'n mortar shops: for a shop that sell in bitcoin is a risk to accept a 0 confirmation transaction, and wait 30-45 minutes for 3-4 confirm can be too long for costumer. This execption was rasied by a friend that has a cell phone shop to which I propose the bitcoin as payment form.
He sell objects that can arrive easily at 300-500$ of value and he can't risk a double spend attack.
But even a restaurant/pub can risk (a dinner for 4 can easily be over 100$).

The ideal way will be IMHO to use an escrow based system: when you enter in the shop you transfer the money you think to spend to the  address so it start to be confirmed, but transaction can be fixed only after you confirm the receipt of the goods (just before you leave).
Is possible to implement that kind of escrow without rely on a third part. There is an example here: https://blockchain.info/wallet/escrow
In the example Bob is both the shop keeper and the third part , Alice the customer.

True however the same can be done with credit cards and a chargeback is trivially easy compared to a double spend.  Still I was thinking more along the lines of allowing a small amount of the funds available so the player can play the first couple hands while funds clear.  Nobody does this but eventually I could see it as a competitive advantage.

i.e. you deposit 100 BTC and the site grants you 5 BTC on 0-confirm and the rest once the funds confirm.  You can start playing right away in SECONDS.   The marketing aspect is IMHO worth the marginal risk.  "Instant Play Poker Room.  Pull up a chair and get dealt in within seconds!".    

Of course this assumes the merchant is well aware of double spend (and Finney Attack) risks.  Sets up network connections to minimize the risk and actively checks for fraud.  No one can't simply be "stupid" and hope for the best.  

Ah I see, this makes sense.

On a separate not however, when you talk about a poker room deposit, how is that not a risk? What if someone deposits some money into a poker room account and then loses all the bitcons to someone else, and then it turns out the coins were double spent?

The merchant keeps your money.  If you have multiple games attached to a single account (aka steam) then steam bans your entire account (losing all prior purchased games).    Bitcoin doesn't need to be 0 fraud, trying to make it 0 fraud is making "perfect" the enemy of "good".  If Bitcoin has LESS fraud and LESS cost than credit cards it will rapidly displace that form of payment.

I honestly think the "double spender" around every corner is way overblown.   We routinely sell prepaid cellular refills and only require 1 confirmation and often give repeat customers the code after 0 confirms.

How many people on the forum have been a victim of double spending? 
How many people of the forum have been a victim of CC/PayPal/ebay fraud (so called "friendly fraud")?

Still if one is ultra-paranoid the system the OP described already exists.   It is called a green address.  If the funds come from a third party and you trust the third party then you can trust there is no double spend.  In this case the largest such "trusted third party" is MtGox.   Very few merchants check and deliver based on green addresses though.   The risk really isn't there OR if the merchandise is very high value one is better off waiting for confirmations rather than trusting MtGox.

Depends. What is the consequence of getting caught doublespending, assuming no real names are attached to the address?

That already exists.  It is called Green Addresses.  MtGox has a green address for example.  IF a merchant trusts MtGox not to double spend they can delivery on 0-confirm tx coming from MtGox green address.  It hasn't really caught on though. 

There are a couple of reasons:
1) if the tx is low value you likely don't need confirmations.  Who is going to risk getting caught in a double spend for a $5 steam game?
2) if the tx takes longer than an hour to deliver you are waiting anyways (i.e. mailed goods)
3) if the tx can be revoked the merchant has no risk (i.e. MMORPG subscription, or poker room deposit)

So essentially the only people who are really hindered by confirmations are merchants who sell high value transactions which are delivered digitally and are irreversible.  Despite the gnashing of teeth the reality is almost no commerce falls into the category except maybe exchanges.

I get your point, I was replying to payb.tc and his assertion unconfirmed transactions are safe to consider as "paid".

Your plan is basically sound but as far as I see it depends on having a central clearinghouse for all transactions. So you'd need to put full trust in them, and they'd likely charge a fee for their service too. Bitcoin's idea is to move away from central clearinghouse and towards a peer-to-peer infrastructure.

So yes, it probably works, but it's not in the spirit of what most people are looking for in Bitcoin.

Hm, no I think you are missing my point.

The point would be to first transfer the bitcoins to a third party service, and let the transactions confirm. So I transfer say 10 bitcoins to the third party service, so I charge my account there. Then, when I want to pay 1 bitcoin to address XYZ, I use a webinterface of the third party service to pay to XYZ. Then the owner of the address XYZ would be able to confirm with the third party service that my payment is on the way. The owner of address XYZ would then just have to trust the third party service to not double spend the bitcoins. And if that third party service would become a "recognized name", and if the business idea of that service would be to facilitate this kind of transactions, then that third party service could be trusted.

See what I mean?