Topic: Collaboration between pools could make accepting 0-confirmation transaction safe (Read 2368 times)

Instead of saying your idea is wrong, maybe I can contribute to it.

One of the things gmaxwell pointed out was that mining pools may be around now but there is no guarantee they will be around later, in fact he thinks they probably won't. So depending on them as fundamental architecture is probably a bad idea all around.

But imagine miners (both solo and pools) included a IP:Port calling card in the coinbase of their block. The calling card would convey the message: I am a miner, you can contact me via udp directly at (ip:port), send me your transaction, and if it looks valid, I will give you a signed promise (signed by coinbase key) that I accept and plan to confirm this transaction.

One would know what percentage of the mining pool any given calling card represents just by the number of recent blocks containing it.

Someone wanting a miner commitment on a transaction would blast out that transaction via UDP to all of the miners whose calling cards appear in the last 1000 blocks.  That sounds extreme, but we're only talking a few hundred kilobytes total, with the total going to each miner being under 1-2KB.

By using UDP instead of TCP, one could blindly blast out a bunch of simultaneous requests into the internet on a "best effort" basis with low overhead, knowing most of them will arrive and many won't and that that's OK.  The responses would arrive the same way.

Either the sender or the recipient of a transaction could immediately contact thousands of miners with a blast of udp packets and rapidly get an accurate feel for how much mining power supporting the transaction has just by gauging the udp responses that come back within the following 10 seconds.

If it is a supermajority you have success.

Such could be the standard practice for accepting zero conf transactions.  It could be an excellent revenue generator for the mining community as a whole in the form of a for-pay service (example, all miners could stipulate that this UDP confirmation service is only available if transaction fee [in the transaction being zero-confirmed] is meets a far more generous criterion than the satoshi client minimum)

To address gmaxwell's rightfully placed fear that I could pay "you" and then use the premium service to pay the doublespend to myself... if getting zero-conf is a fee-based service paid by the payer, then "you" could demand, as a condition of giving me goods with zero conf, that I include a fee big enough to ensure that you can click a button in your client and enjoy the confirmation service yourself, prepaid.

Please keep in mind that the "valid block policy" only concerns blocks with "illegal" contents (double-spends concerning previous blocks, wrong signatures, syntax problems etc). There's no policy concerning which transactions a miner will accept, or on top of which block he'll mine.

But this split can go on for days. If I pay 50% of the miners and then release my double spend block the split will continue until the miners I paid build a longer chain because they will never accept the chain of the other miners who included my block.
By paying nodes not to include certain blocks we change their valid block policy you can't compare that to todays splits which are caused by block propagation lag.

Splits happen from time to time, that's not working against the network. Plus, why would you generate a block and pay the majority of the miners to overrun it? You'd be throwing away all the reward of the block by doing so.

Lol what the hell kind of country is that!

Well, in my country, robbers blow ATMs up with dynamite, get as much untainted cash as they manage to, and run away, all that in less than 2 min. AFAIK most of the time they're not caught.

So, yeah, you'd better protect yourself against double-spending!

Lol, thief can engineer a double spend, but not wear gloves. Lucky for us!

About the con that you mentioned:

If 50% of the network know about your contract and a solominer that doesn't mines on the longest chain, then he's wasting his work because all the major pools are still working on an older block.
So with your proposal you are bribing the major pools to work against the rest of the network if there's a double spend to your transaction. That doesn't sound like a good thing and it also decreases the income of the normal miners and lowers the overall security of the network.

Hm I think it is. Let's say i pay the biggest pools to not accept double spends of my transaction. Then I create a block including the double spend and broadcast it. That will result in a network split were the miners i've paid are still mining on the old block and the miners i didn't pay will work on the new block because its a legal block.

I suppose the fee for such a guaranteed transaction shouldn't be too much which means that it's pretty cheap to split the network (well you still need some mining power but around 100Gh/s should be enough to cause one split a day)

It's not really "working against the rest of the network".

ATMs have cameras and since cash is involved I am pretty sure you could in fact call the cops with some success.

The ATM might also say require your fingerprint, just in case!

Would YOU risk robbing an ATM with max 10. of a head start from the cops?

If your attack is detected make that head start smaller.


Even should you succeed you likely would get a maximum of 10k$, trivial compared to bitcoinicas loss and considering the expertise the thieves would have to posses. + your fingerprints are now on police file.

About the con that you mentioned:
So with your proposal you are bribing the major pools to work against the rest of the network if there's a double spend to your transaction. That doesn't sound like a good thing and it also decreases the income of the normal miners and lowers the overall security of the network.

ATMs have cameras and since cash is involved I am pretty sure you could in fact call the cops with some success.

The ATM might also say require your fingerprint, just in case!

Would YOU risk robbing an ATM with max 10. of a head start from the cops?

Sure you could steal a micro-payment unlocked article that I would unlock with 0-conf. but then after 10 minutes I would ban your IP forever/call the cops and have lost a total of 0.01 BTC.

Sure, you can't execute Finney attack for in store purchase, but for over internet purchase that's not a problem

I'm not too worried about double spends; the time frame you have to run away with your product, the loops you have to jump through and the small amounts people will only accept with 0 confs... just not worth it.

OP, in what is that better than Green Addresses?
In both models there's trust in a third party, and Green Addresses are probably cheaper (so far they're free, aren't them?)

With the rise of asic mining making miners with single GPUs insignificant I expect to see mining move towards decentralized pooling techniques like p2pool, or the eligius memorypool mode.