Instant transaction means that both parties will trust each other.
Without a third-party guarantee, if it is cheated, the chance of getting it back is not very high.
All transactions need to be careful.
Topic: Bitcoin instant transactions are less secure (Read 352 times)
Well, 1 confirmation is more than enough for even $100k now I guess as the network is quite more mature now.
The maturity of the network is irrelevant. There still exists a possibility of an attacker being able to reverse a 1 block deficit, even without 51% of the hashrate. Even an attacker with only 10% of the hash rate has a 20% chance of reversing a single confirmation. We still get stale blocks even without any active attacks on the network (although these rarely result in successful double spends, the possibility still exists). If $100k is small change to you, then sure, accept 1 confirmation. But if $100k is a significant amount of money to you, I'd be waiting for 3-6 confirmations.I think that is one of the biggest problems that we re are facing with bitcoin, lets say you are a shop owner who is trying to make bitcoin a payment system, how do you go about accepting transactions, for goods do you wait for confirmations before giving the goods, do you demand you customers to pay higher transaction fees in order to speed up the transaction, or do you personally cover it
Credit card transactions do not result in money reaching the merchant for 3-5 working days, and can be reversed for 90-180 days after the transaction, and yet almost everywhere accepts credit card transactions because the majority of people are honest and will not try to scam. It is entirely reasonable for merchants to accept zero confirmations for transactions which are not that valuable, pay a reasonable fee, and are not opted in to RBF. If they are uncomfortable doing that, then they can open a Lightning channel. As you know, each Bitcoin transaction usually takes a few seconds, and confirmation of the same transaction starts ten minutes after that. During this time, interaction is permitted and may also be reversible. Deceptive users try to cheat. If you can't wait for approval, request a small transaction fee or use the Unsafe Interactions Detection System, which can enhance security. For higher amounts, e.g. US$1,000, it makes sense to wait for 6 confirmations or more. Any confirmation can reduce the risk of reverse transactions exponentially.
I think that is one of the biggest problems that we re are facing with bitcoin, lets say you are a shop owner who is trying to make bitcoin a payment system, how do you go about accepting transactions, for goods do you wait for confirmations before giving the goods, do you demand you customers to pay higher transaction fees in order to speed up the transaction, or do you personally cover it, i feel like there is more work need to make paying for day to day things more efficient. 
The confirmations are very important for a reason, but I have never seen a bitcoin transaction reversed before. Maybe there are big companies, that runs wallet and owns a mining farm that may be able to do that, but I have not seen or heard that it was reversed before. That aside, the transaction fees that you’re paying for the transactions you’re making with bitcoin are what determines how fast your transaction is going to be. When you’re doing this transaction you have three options and the highest option there which is priority tries to make sure that your transaction is in the next block and gets confirmed immediately.
There's no reverse actually but there's double spend in which you can use the same input for creating two transactions where the later one (likely) will be confirmed as you are going to pay a higher fee for that transaction. Thus, the prior one is invalid and you can successfully have spent the same input twice. Well, 1 confirmation is more than enough for even $100k now I guess as the network is quite more mature now.Which fee options are you talking about? I guess you are talking about blockchain wallet which is quite misleading in terms of the actual fee model. You generally pay fee per byte.
As you know, each Bitcoin transaction usually takes a few seconds, and confirmation of the same transaction starts ten minutes after that. During this time, interaction is permitted and may also be reversible. Deceptive users try to cheat. If you can't wait for approval, request a small transaction fee or use the Unsafe Interactions Detection System, which can enhance security. For higher amounts, e.g. US$1,000, it makes sense to wait for 6 confirmations or more. Any confirmation can reduce the risk of reverse transactions exponentially.
The confirmations are very important for a reason, but I have never seen a bitcoin transaction reversed before. Maybe there are big companies, that runs wallet and owns a mining farm that may be able to do that, but I have not seen or heard that it was reversed before. That aside, the transaction fees that you’re paying for the transactions you’re making with bitcoin are what determines how fast your transaction is going to be. When you’re doing this transaction you have three options and the highest option there which is priority tries to make sure that your transaction is in the next block and gets confirmed immediately. Furthermore (if I remember my maths correctly, but correct me if I'm wrong on this one) your calculation isn't ONLY for the probability of finding a block within 2 minutes of the previous block. It's also the probability that a block will be found in the NEXT 2 MINUTES, no matter how long you've already been waiting. So, after 10 minutes of waiting since the most recently found block, there's still an 18.1% probability that the next block will show up in the NEXT 2 MINUTES. After an hour of waiting since the most recently found block, there's still an 18.1% probability that the next block will show up in the NEXT 2 MINUTES.
Everything you have written is correct, but I wanted to expand on this last point. The probability of the next 2 minutes is always the same, but the probability of a specific 2 minutes changes.For example. Let's say I am interested in a block being mined between minutes 10 and 12. I calculate the probability of mining a block in the next 12 minutes, and I calculate the probability of mining a block in the next 10 minutes, and I subtract the two. The probability, then, of finding a block between minutes 10 and 12 works out to 6.7%.
However, by the time we get to the 10 minute mark, that probability is now 18.1%. Obviously this makes sense when you think about it, as every 2 minute bracket can't have a probability of 18.1%, or else we would rapidly end up with >100% chance.
Bitcoin mining is a memoryless process. It doesn't matter what came before - it is always 10 minutes on average until the next block.
While i agree that the network is more volatile (mainly due to popularity of opt-in RBF), there are still few ways to accept 0-conf transaction. For example,
1. On casino, you can't withdraw your coin before all deposit have at least 1 confirmation.
Actually, I remember I used to hear that certain gambling sites were implementing this before but eventually stopped doing this. An attack vector for this would be to deposit funds > If loss = Double spend, else confirm. The tactic was exploited through GHash.io previously, but I recall there were more instances of this happening and eventually it was stopped altogether or at least available only for non-optinRBF Txes. 1. On casino, you can't withdraw your coin before all deposit have at least 1 confirmation.
0-conf TXes at low amounts would still be feasible in the case that the attacker exposes their identity in the first place and makes it easy to persecute if needed. Else, then it really doesn't make sense and even with $3 TXes, I never had the chance to get instant TXes anymore.
So, as I said above, the probability of finding a block in 2 minutes is therefore 1-e-0.2 = 18.1%.
An interesting effect of the maths involved that MANY people get wrong is:
No matter how long you've been waiting for a block, if a block isn't found yet, you will always have an average of 10 more minutes to wait.
If a block has just been found, then the average wait until the next block will be 10 minutes.
If you've been waiting 5 minutes since the last block was found, then the average wait until the next block is found will be 10 minutes.
If you've been waiting 20 minutes since the last block was found, then the average wait until the next block is found will be 10 minutes.
If you've been waiting an hour since the last block was found, then the average wait until the next block is found will be 10 minutes.
Furthermore (if I remember my maths correctly, but correct me if I'm wrong on this one) your calculation isn't ONLY for the probability of finding a block within 2 minutes of the previous block. It's also the probability that a block will be found in the NEXT 2 MINUTES, no matter how long you've already been waiting. So, after 10 minutes of waiting since the most recently found block, there's still an 18.1% probability that the next block will show up in the NEXT 2 MINUTES. After an hour of waiting since the most recently found block, there's still an 18.1% probability that the next block will show up in the NEXT 2 MINUTES.
and it's certainly that more blocks will be found shorter than 10 minutes or at least shorter than average time before most of difficulty retargets.
The average block time over the entirety of bitcoin's existence is actually 9 minutes 32 seconds. If you replace 600 with 572 in my equations above, they come very close to the observed rates.If every transaction has an opt-in RBF, then chances are, there would be an inherent degree of risk to every of your transactions and it isn't sufficient cushioning for most merchants.
If every transaction was opted-in to RBF, then the only situation in which it would reasonable to accept zero confirmation transactions in my opinion would be situations where you trust the other party to make good on a promise. If you wouldn't accept an "IOU" or someone verbally telling you that they'll pay you at a later date, then you shouldn't accept a zero confirmation transaction from that person.However, given that we've gotten so many off-chain solutions, I don't really think it is necessary for merchants to still be undertaking these risks with their transactions.
Completely agree. If you want to accept payments instantly or make payments instantly, then just open a Lightning channel. There are plenty of wallets out there now which will do all the heavy lifting so to speak for you if you really can't be bothered to open a channel yourself.and was easily broken into by hackers
Bitcoin has never been "broken into by hackers". If you're talking about 0-conf transaction, you should choose how much risk you're willing to accept. DannyHamilton posted brief idea about it.
I used to think heuristics are sufficient to prevent fraud but that isn't really that applicable as time goes by. If every transaction has an opt-in RBF, then chances are, there would be an inherent degree of risk to every of your transactions and it isn't sufficient cushioning for most merchants. Bitpay used to have a pretty neat zero-conf for loads of TXes but I haven't had it in the recent years. The network has become more volatile and unpredictable so losses from these zero-conf TXes are potentially going to occupy a larger percentage.The risk is of course, relative and that the measures taken are all valid. However, given that we've gotten so many off-chain solutions, I don't really think it is necessary for merchants to still be undertaking these risks with their transactions.
There is a slight skew away from "greater than 10 minutes" towards blocks being a bit faster than 10 minutes. This is due to the fact that the average block time is almost always under 10 minutes due to the constantly increasing hash rate.
It is due to the fact that the Bitcoin difficulty retarget (or adjustment) is set for each 2016 block (~ 14 days). Most of retargets in history are positive that is what you implied. Hashrate increases first, blocks within 14 days will be found faster than before, and it's certainly that more blocks will be found shorter than 10 minutes or at least shorter than average time before most of difficulty retargets.
From real data, it's what I get.
Perfect. Thanks for the verification.We can use the formula I gave above to calculate the probability with a specific time frame as you have. So, for example, if we are interested in the 11 - 20s bracket, we would calculate the probability of finding a block within 20 seconds, the probability of finding a block within 10 seconds, and then subtract the two. Given this, then for the brackets you have used then numbers look like this:
Bracket
Actually, more often than you might think. Mining blocks is a Poisson process, and so the probability of finding a block within the next x seconds can be given by the equation: From real data, it's what I get.1-e(-x/600) I you set x to be 2 minutes (120 seconds), then you'll find that 18.1% of blocks, almost one fifth, are found within 2 minutes of the last block. To drop below the "1% of blocks" range, you have to lower your time limit to only 6 seconds.
   Details All time Code: Summary for variables: blocktime_diff 2020 Code: Summary for variables: blocktime_diff 2021 Code: blocktime_cat | N mean sd p50 p25 p75 min max Best secure tx method with full wallet control is Grin s tx style ,even prevents rookie users to send wrong adress. https://medium.com/@brandonarvanaghi/grin-transactions-explained-step-by-step-fdceb905a853 As you know, each Bitcoin transaction usually takes a few seconds, and confirmation of the same transaction starts ten minutes after that. During this time, interaction is permitted and may also be reversible. Deceptive users try to cheat. If you can't wait for approval, request a small transaction fee or use the Unsafe Interactions Detection System, which can enhance security. For higher amounts, e.g. US$1,000, it makes sense to wait for 6 confirmations or more. Any confirmation can reduce the risk of reverse transactions exponentially. Do you mean zero-confirmation transactions when you say 'instant' transactions? They are indeed unsafe and can be manipulated, but I think they're also the future of true global adoption (we just need to set a reasonable max limit for a transaction like this, and prosecute the cheaters when possible). That's because you don't need to wait, and you don't have to pay crazy fees, and these two are essential if we're dreaming of a future where you can pay with BTC at a supermarket. That being said, I've never seen anyone accept such transactions so far (at least one confirmation is a requirement for local exchanges I use, for instance). -snip- Your numbers are wrong and also irrelevant.It doesn't matter who controls what hash power, as long as the total hash power is roughly the same as it was at the last difficulty retarget and so the average block time is still close to 600 seconds. If this is not the case, then you can adjust the numbers in the equation I gave above. We are considering the entire network here, not individual miners. As I stated above, bitcoin mining is a Poisson process. You can read about this here: https://en.wikipedia.org/wiki/Poisson_point_process You can model the distribution using the equation (as given on the linked page above): P{N = n} = Λn * e-Λ / n! If you take n to equal 0 (i.e. you won't find a block), and take lambda (Λ) to equal the number of blocks you would expect to find in a given time frame, then you can simplify that equation to P = Λ0 * e-Λ / 0! P = 1 * e-Λ / 1 P = e-Λ Therefore, the probability of not finding a block when you would expect to find Λ blocks is equal to e-Λ. For example, the probability of not finding a block in 10 minutes, when you would ordinarily expect to find 1 block in 10 minutes, is e-1 = 36.8% Given the equation P = e-Λ, then we can take the inverse to find the probability of finding a block: 1-P = 1-e-Λ. So the probability of finding a block in 10 minutes is 1-e-1 = 63.2%. So, as I said above, the probability of finding a block in 2 minutes is therefore 1-e-0.2 = 18.1%.
Programmers and excutives of this currency haven't made stricter securities as a matter of fact . you could only safely purchase these coins but that doesn't guarantee them being 100% secured for now
Some times, in a same 14D period, two blocks can be found within seconds or a few minutes shorter than 10 mins. However, it does not happen too often. Actually, more often than you might think. Mining blocks is a Poisson process, and so the probability of finding a block within the next x seconds can be given by the equation:1-e(-x/600) I you set x to be 2 minutes (120 seconds), then you'll find that 18.1% of blocks, almost one fifth, are found within 2 minutes of the last block. To drop below the "1% of blocks" range, you have to lower your time limit to only 6 seconds. um no.. you really are going wrong alot this month what it is, is this imagine there are 20 pools one with 15exa nine with 5exa each ten with 3 exa each totalling 90exa the big pool(15exa) can go through the entire nonce sequence in 50 minutes the nine pools(5exa) each go through the nonce range in 150minutes each the ten pools(3exa) each go through the nonce range in 500minutes each the odds of big pool getting a block in 10 minutes is ~20% the odds of one of the nine (5xa) is ~6.6% the odds of one of the ten(3exa) is 4% and it plays out like this (using excel and rand function) block 1 pool 15exa 37 (rand*50) pool 5exa 147 (rand*150) pool 5exa 84 (rand*150) pool 5exa 127 (rand*150) pool 5exa 13 (rand*150) pool 5exa 49 (rand*150) pool 5exa 31 (rand*150) pool 5exa 113 (rand*150) pool 5exa 61 (rand*150) pool 5exa 93 (rand*150) pool 3exa 95 (rand*250) pool 3exa 28 (rand*250) pool 3exa 123 (rand*250) pool 3exa 21 (rand*250) pool 3exa 164 (rand*250) pool 3exa 224 (rand*250) pool 3exa 51 (rand*250) pool 3exa 82 (rand*250) pool 3exa 63 (rand*250) pool 3exa 211 (rand*250) block 2 pool 15exa 6 pool 5exa 52 pool 5exa 111 pool 5exa 109 pool 5exa 74 pool 5exa 59 pool 5exa 38 pool 5exa 22 pool 5exa 54 pool 5exa 128 pool 3exa 130 pool 3exa 172 pool 3exa 11 pool 3exa 64 pool 3exa 36 pool 3exa 140 pool 3exa 152 pool 3exa 225 pool 3exa 156 pool 3exa 50 and if you run it enough times you see that its no where even close to 18% of pools getting a block nearly at the same time. what you do work out is the 'fastest first' of each block if you add it all up and average it over 2016 times is that the average works out as a block ~ every 10 minutes. where by the big pool(15exa) gets more blocks on average than the other pools Some times, in a same 14D period, two blocks can be found within seconds or a few minutes shorter than 10 mins. However, it does not happen too often. Actually, more often than you might think. Mining blocks is a Poisson process, and so the probability of finding a block within the next x seconds can be given by the equation:1-e(-x/600) I you set x to be 2 minutes (120 seconds), then you'll find that 18.1% of blocks, almost one fifth, are found within 2 minutes of the last block. To drop below the "1% of blocks" range, you have to lower your time limit to only 6 seconds. As you know, each Bitcoin transaction usually takes a few seconds, and confirmation of the same transaction starts ten minutes after that. During this time, interaction is permitted and may also be reversible. Deceptive users try to cheat. If you can't wait for approval, request a small transaction fee or use the Unsafe Interactions Detection System, which can enhance security. For higher amounts, e.g. US$1,000, it makes sense to wait for 6 confirmations or more. Any confirmation can reduce the risk of reverse transactions exponentially. Double spend attacks are no longer easy to carry out, and most sites already can detect the moment the spender tries to doublespend the coins. Even with RBF flagged sites will invalidate the original transactin. I think these days even 1 confirmation is enough but most sites require just 3, I haven't seen 6 confirmations in a very long time now:) Jump to:
|
