Topic: bitcoin is failing in replacing fiat in physical shops - page 6. (Read 8607 times)

There's already a grocery store in Vancouver that accepts zero-confirm transactions.  I doubt it's the only one in the world.  We also have restaurants, pubs and coffee shops that accept zero-confirm on-chain transactions too.  I already find paying with bitcoin less annoying than using my debit card.  



Most brick-and-mortar (and online) merchants that accept bitcoin already use a payment processor such as BitPay or Coinbase.  These payment processors are innovating as we speak, both "on" and "off" chain to make things easier for customers.  Payment processors like BitPay and Coinbase are also cheaper than Visa (fees <1%) and allow the merchant to remove all bitcoin volatility, should they desire.  



Coinbase already has a great feature that I learned from the Chicago Sun-Times Paywall Experiment: if you pay a Coinbase invoice using a Blockchain.info wallet, the transaction takes place "on chain" as you'd expect.  However, if you pay a Coinbase invoice with a Coinbase wallet, the transaction takes place "off chain" in an automatic and seamless way, and without a miner's fee.  I think we will see continued innovation in this direction: open payment systems that support off-chain streamlining when possible, but still allow on-chain transaction when necessary.    



I get the feeling that a lot of people have never actually purchased anything with their bitcoins before.  Go to Gyft.com and buy even a large $1000 Amazon gift card.  The BitPay receipt will say "paid" nearly as soon as your phone sends the transaction, and the gift card will be loaded and transferred to your Gyft account instantly.  

The existing technology is already pretty slick and very fast.  No typing in your credit card numbers!

and how long will pass before visa/mastercard start loaning your bitcoins out to other people without telling you? (exactly like commercial banks do today with fractional reserve lending).
the day people accept visa bitcoins is the day bitcoin dies because it effectively means visa can create as many bitcoins as it wants and businesses will accept them just as well as they accept real bitcoins from the blockchain.

This is a subject where most crypto'ers understanding leaves quite a lot to be desired.

First of all, if crypto ever gets near a coffee shop of supermarket, FORGET blockchain transactions. We will not be using 'real' cryptocurrency transactions for day to day purchases any more than banks use 'real' banks transfers for fiat transactions today. Even a 20 second confirmation time is 5 times to slow for point of sale purposes.

Has anyone on here ever bought and sold any cryptocurrencies on a cryptocurrency exchange ? (Such as BTC-e, Bitstamp etc).

Those trades are instant. They don't depend on blockchain clearing time or confirmations, because if they did, everything would grind to an immediate halt. Moreover, the blockchain doesn't remotely support the functionality required for point of sale systems, such as refunds, discounts, reversals, approvals, points reward schemes, cashback - whatever. Those are all handled by payment processors such as Visa and Mastercard who "buffer" the transaction to get the trade out of the way for the customer and then later process it through the clearing banks for the associated accounts (that part may take the best part of a day).

If crypto's ever "get big", that's exactly how it will happen. You'll only use the blockchain to "charge" your Visa / Mastercard account. Spending will be done through accounts (just as on the exchanges at the moment). That's possibly why payment processors aren't too worried about crypto's because they don't care what's "behind" the account - could be fiat, could be crypto. They already deal in a diversity of currencies, so cryptocurrencies are just another number. They won't loose any business.

So don't worry about blockchain clearing times or confirmations. It won't be a problem. A half hour confirmation time will still be 5 times faster than what we have today as far as the "clearing" element of the trade goes (the part the customer doesn't see).

Presently, the global bitcoin hashrate is approximately 25,000,000 GH/s (http://blockchain.info/charts/hash-rate).

The market value of 1 GH/s is approximately $16 (https://www.cex.io).

In your example, you suggested that it may be worth acquiring 6% of global hashrate to double spend on groceries.  Let's do the math:

6% of global hashrate = 0.06 * 25,000,000 = 1,500,000 Gh/s

Market value of this 6% = 1,500,000 x $16 = $24,000,000.

So, yes, with a $24 million dollar investment you'll be able to fraudulently acquire groceries 6 - 12% of the time, until you eventually get caught and have your $24 million in mining equipment siezed.  

might not be worth it for coffee, could very well be worth it for products 100$ and above in price (e.g groceries).

the fraudster doesn't need a miner that controls 30% of the hash rate.
see table on page 10 of https://bitcoil.co.il/Doublespend.pdf

with 6 percent of the hash rate i can double spend successfully 12 percent of the time (with only one confirmation).
so if a group of fraudsters sets up a small mining operation they can get a 12% fraud discount on all products sold in physical stores, that seems unacceptable to me.

If you ignore the nuance related to malleability, then zero-confirm transactions are highly secure: here in Vancouver several brick-and-mortar merchants accept bitcoin via BitPay.  It is standard to consider the invoice paid when the network picks up the transaction as valid.  This typically occurs in a fraction of second--faster than a credit card.  

The double-spend problem, to most users and vendors, most of the time, is academic.  Let's consider how you could double-spend against a coffee shop here in Vancouver:

DOUBLE SPEND ATTEMPT #1: (fails)

1-A.  You walk up to the counter and ask for your coffee.  The sales girl generates the BitPay invoice, you scan the QR code, and press "send" on your iPhone.  The BitPay app picks up the transaction on the network in a fraction of a second, and the invoice suddenly says "PAID."  You grab your coffee and leave.

1-B.  But you're sneaky: you quickly run into your car where you've already generated a raw transaction with the same coins you used to pay for your coffee, but in this fraudulent transaction you instead send the coins to an address you control (you used the brainwallet.org "transactions" page) .  You broadcast this transaction using blockchain.info's pushtx service (https://blockchain.info/pushtx).  What you will realize is that by the time you got back to your car, the original transaction has already propagated across the network.  This means that nodes will not relay this new fraudulent transaction and miners will not add it to their memory pool since they know that these coins were already spent.  Double-spend attempt #1 fails.  

DOUBLE SPEND ATTEMPT #2: (fails)

2-A.  Discouraged by your failure, you head back to your evil lair where you continue your plot to get free coffee.

2-B.  You decide that you need to broadcast both transactions at roughly the same time in order to have a better chance of success.  You need to do this *inside* the coffee shop, but all you have access to while inside the store is your blockchain.info app for iPhone.  So, you jail-break your phone and hire an iOS expert to create you a custom double-spend app.  This app by design sends out the transaction to the coffee shop, but also sends out a transaction to an address that you control.

2-C.  So you order your coffee and test out your app.  But the BitPay invoice never says "paid."  When the sales girl checks at blockchain.info, she sees a big red "DOUBLE SPEND DETECTED" warning beside the transaction.

2-D.  You don't get your coffee and leave the store with everyone thinking that you are a thief.  

DOUBLE SPEND ATTEMPT #3: (succeeds once and a while)

3-A.  Back at the lair, you realize that your quest for free coffee is more difficult than you actually thought.  You call up some nefarious miner that controls 30% of the global hash power.  You tell him that when you give him the signal, he should add your fraudulent transaction to his memory pool of unconfirmed transactions.  You pay your iPhone hacker to modify your app to send the evil miner a special signal when you buy your coffee.

3-B.  You go to the coffee shop and buy your coffee.  Your new app sends the signal to the evil miner that you're in cahoots with.  The miner adds your fraudulent transaction, while the real transaction propagates across the network.

3-C.  Since the evil miner controls 30% of the global hash power, your coffee is free 30% of the time.  

3-D.  Finally, you succeed!  You also decide it is a lot less work to just pay for your coffee normally...

i wrote in 16pt font because i think it is easier to read, i can use the same logic and say that writing "OLD THINKING" in bold is also trolling.
forget malleability the problem is more general about double spending in physical stores.

if and when physical stores try to adopt bitcoin there is absolutely nothing to stop fraudsters from double spending, because obviously no physical store will force its clients to wait 10min for a confirmation.
unlike in the fiat system where you have a credit card company that will stop someone from reversing every single transaction they make, bitcoin has no way of throttling fraud.

i believe this is a serious limitation that will prevent any large scale adoption of bitcoin in brick and mortar shops.

Bitcoin is supposed to be a currency controlled by predefined algorithms, the rational behind using bitcoin is that traditional fiat currencies are getting devalued by governments and gold is hard to verify and transport.
if by services created over bitcoin to provide instant payment you mean a third party company that clears transactions then we might as well just use fiat money, because this clearing company can now print bitcoins out of thin air just like banks do today.
if the transaction is not processed and verified on the blockchain there is no point in using bitcoin.

Obviously the coffee shop will only accept transactions whose inputs are real, that is, in the block chain. If they aren't in the block chain, in general it can't be sure those input transactions were even submitted to the network.

A problem only arises if the coffee shop wants to let the customer use the change from a prior transaction at the same coffee shop. Which is a bit of a bodge, and unnecessary. The bodge doesn't help in the case where the customer buys coffee from one shop and then tries to use the change to buy a paper from the newsagents next door. To cope with the two-shops case, the customer's wallet needs to make sure it never tries to spend unconfirmed transaction outputs; and that also works in the one-shop case. There's no good reason to treat unconfirmed change differently to other unconfirmed transaction outputs.

It seems like a total non-issue to me, even if malleability isn't fixed.

not a problem.
miner problem.

update miner strategy.

What you wrote is correct for the malled transaction.  The edge-case concern is if you quickly build a second transaction using unconfirmed change from the first transaction (that got malled).  The reliability of this second transaction becomes questionable during malleability attack, until it receives 1 confirmation.  There's a long-term solution to this edge-case (eliminate malleability entirely), and a short-term work-around (disallow wallets from creating transactions using unconfirmed change).    

I discussed this in more detail a few posts earlier.

Um, no it doesn't? Malleability merely renames a transaction. The transaction itself is essentially unchanged. It still has the same inputs, outputs and amounts.  Renaming a transaction does not enable double-spending, nor does it allow bitcoin funds to be re-directed. It doesn't matter if the renamed transaction gets accepted by the network instead of the original, because they are the same. They just have different names. It's only a problem for exchanges that use the wrong name to lookup the transaction in the block chain. Coffee shops don't have to make that mistake.

Explain to me how you would use transaction malleability to defraud a coffee shop that allows zero confirmations.

If anything, the coffee shop is less affected, because the customer is not waiting around to ask for (or be asked for) a refund if the transaction is renamed, accepted, then not recognised under its new name. By the time transaction mutability comes into play, they'll be 10-minutes gone.

I've always thought of Bitcoin as an improvement upon, or a replacement for, SWIFT and other similar settlement and large-scale remittance systems, as well as a secure way to pay for higher-value goods such as real estate or vehicles, which don't necessarily require instantaneous settlement. Good for purchasing rack servers, lambos, or even commodities forward contracts, not so good for a morning Starbucks.

As others have mentioned, Bitcoin may be a 'foundation' upon which other payment gateways may be built.

visa is just a database in that case.
paypal is just a database in that case.

what im trying to point out is that bitcoin does not have to be the ultimate solution. businesses can build services ontop of bitcoin. research escrow!

Edit: looks like bittburger explained my point better

The malleability attack has given posters a lot of yummy troll food [writing in 16 pt font is strong evidence of trollishness, argument notwithstanding].  These posters will now attempt to muddle the malleabilty issue, stretching its consequences beyond all reason.

Here is a great synopsis of what you need to know about malleability, written by an expert: https://bitcointalksearch.org/topic/what-the-average-user-needs-to-know-about-transaction-mutability-460944

OLD THINKING:

Zero-confirm transactions between customer and merchant are highly reliable provided the transaction is accepted by the network and no double spends are detected.  

To invalidate the transaction, the customer would have to be in cahoots with a nefarious miner in order to add a fradualent transaction to the miner's memory pool without the knowledge of the network.  This is a lot of work for coffee, and will only be successful in proportion to the amount of hash power the nefarious miner controls.

NEW THINKING (until malleability is eliminated):

Zero-confirm transactions between customer and merchant are highly reliable provided the transaction is accepted by the network and no double spends are detected and provided the transaction does not use unconfirmed change outputs when the network is under malleability attack.

The malleability attack has revealed a vulnerability of a certain subset of zero-confirm transactions, namely ones built using unconfirmed change inputs.  While the core developers work to eventually eliminate malleability entirely, new wallets will disallow transactions that could potentially cause confusion.  

Bitcoin is and will continue to be suitable for zero-confirm payments for low-value purchases.  

Bitcoin is a protocol which can be built on top of.

Bitcoin is not the end-all be-all to its own functionality. 

Services can be created on top of the Bitcoin protocol which provide instant transactions necessary for different types of commerce.

We need to stop thinking of Bitcoin itself as the "whole package". 

It is a foundational layer like TCP/IP.  On top of that layer, you've got Ebay, Monster, Esurance, Napster (lol)...etc

On top of Bitcoin you've already got MasterCoin Foundation, Gyft, and even insurance services guaranteeing the security of your wallets.

Much more is coming.

-B-

when you pay online the website you're paying to most likely doesn't accept 0 conf transactions, and customers have no problem waiting for 10 minutes at home on their computer for the payment to clear,
this will not work in a physical shop where you expect the payment to clear within 1 min maximum time.

the reason there is no double spending fraud happening in the physical world is because bitcoin is not widespread in physical stores yet.

frankly i don't see a solution to this problem we might just have to accept that bitcoin only has the advantage over the existing system in places where its acceptable to wait for at least 10 minutes for a payment to clear, which means it will probably never be accepted in starbucks or mcdonalds types of places.

i only fear that eventually we could end up doing all transactions offchain which will be the end of bitcoin as it will allow fractional reserve banking and return us to the corrupt system we already have in place today.

Assuming that the transactionID is not modified by any peers, unconfirmed transactions (0 confirms) can be spent.  I have one this on multiple occasions.  If the transactionID is modified by a peer, then the transaction can be spent as soon as it has its first confirmation.  Of course, if that confirmation is from a block that gets orphaned, and the resulting transaction is then modified by a peer, then it would be safer to wait for 2 confirmations.  The more confirmations you wait for, the lower the risk that the transaction is in a block that will become orphaned.  Given this, at what point can you "spend them"?

Bitcoin is arguably the #1 form of 'currency' online criminals now use. To think no has ever thought of or attempted some sort of wallet that double spends everything is quite absurd.  If this was a real issue it would already have started to pop up somewhere out there in online world, there's simply too much money to be made for it not to have.

You're talking about a hypothetical that doesn't even seem very likely at all.  If someday something like that were to occur there are again things in place that could be done to help mitigate the threat.  Again, I view it as a non issue.  The 1% flat fee (or less depending on payment plan) that bitcoin payment providers are currently providing seems more than reasonable to maintain a healthy profit while still taking on the limited risk of double spending.

Ie you can spend them.