Pages:
Author

Topic: Double Spending for BTC businesses - Best practice Solutions ? (Read 1452 times)

edd
donator
Activity: 1414
Merit: 1002
Would you trust a "no name" retailer holding your money for you while you shopped (for much smaller businesses)?

If a shop is processing many large ticket transactions per hour, they've probably already established themselves as reputable.
sr. member
Activity: 266
Merit: 250
If bitcoin were to catch on enough then it would be possible for there to be 5 or 10 people in a row for example to be issued a claim ticket waiting for transactions to confirm.

A semi centralized service like greenaddress, circle or coinbase could solve the issue, as the store could advise customers to send their bitcoin to their account at one of the above services when they enter, then TX gets confirmed by the network while they shop, then the customer pays for their merchandise via their account at one of the above, then withdraws their coins back to their wallet that they did not spend.

It still wouldn't be necessary to involve a third party. Businesses could require their own pre-paid gift cards for  big ticket items. Simply load it with bitcoins before you leave the house and they're confirmed by the time you get to the store. Unspent funds can be refunded by the cashier.

This would be true for bigger companies/retailers that you can "trust" with your funds for a short time.

If you were buying from Best Buy or Target this would work perfectly.

Would you trust a "no name" retailer holding your money for you while you shopped (for much smaller businesses)?
edd
donator
Activity: 1414
Merit: 1002
If bitcoin were to catch on enough then it would be possible for there to be 5 or 10 people in a row for example to be issued a claim ticket waiting for transactions to confirm.

A semi centralized service like greenaddress, circle or coinbase could solve the issue, as the store could advise customers to send their bitcoin to their account at one of the above services when they enter, then TX gets confirmed by the network while they shop, then the customer pays for their merchandise via their account at one of the above, then withdraws their coins back to their wallet that they did not spend.

It still wouldn't be necessary to involve a third party. Businesses could require their own pre-paid gift cards for  big ticket items. Simply load it with bitcoins before you leave the house and they're confirmed by the time you get to the store. Unspent funds can be refunded by the cashier.
sr. member
Activity: 266
Merit: 250
- Wonder how Coinbase instantly validates?
 

Because you would be paying with your coinbase account, so they are really controlling
the funds.  They are the trusted third party.   This is another LAYER.  Essentially, you are telling
coinbase to pay them, and the merchant is assuming coinbase won't double spend.  Hope that
makes sense.   



Both coinbase and greenaddress would be good to be sure that payment will be received with dealing with high value items.

If you are only selling low value items (a few dollars) you should not worry about double spending attacks as they are generally expensive to execute.

But that would require both consumer and merchant to have accounts with the same service.

In any case, if it was a high value item, why would you mind waiting for one confirmation?

You should not mind, in general.

The issue would come into play when you are selling high volume items in masse. Say for example someone is buying  a computer at Best Buy, the buyer would not mind waiting 10 minutes for the TX to confirm, but the seller (Best Buy) likely would. Now a transaction that could take 30 seconds to a minute will take, on average 10 minutes (if it gets confirmed in the next block), meanwhile everyone in line will need to wait, making their employees less efficient.

For a transaction like that, I imagine the clerk would put your purchased items to the side, issue a claim ticket and move on to the next customer. Once the first confirmation goes through, the items are released.

Alternatively, the cashier can verify an adequate transaction fee was included (to minimize the risk) and obtain ID so that, in the event of a (still very unlikely) successful double spend at least the perpetrator can be prosecuted.

Brick and mortar businesses already accept a certain amount of risk with current payment methods. IMO, bitcoins are still less likely to be spent fraudulently and a few precautions practically eliminates the possibility of falling victim to a double spend without inconveniencing customers more than they already are.


Anyway, I believe the OP wishes to operate a site that somehow will allow users to conduct business with high values of BTC extremely quickly and possibly anonymously without any risk whatsoever. I think that's asking a little too much of Bitcoin this early in the game. We're still in beta, remember?  Wink

If bitcoin were to catch on enough then it would be possible for there to be 5 or 10 people in a row for example to be issued a claim ticket waiting for transactions to confirm.

A semi centralized service like greenaddress, circle or coinbase could solve the issue, as the store could advise customers to send their bitcoin to their account at one of the above services when they enter, then TX gets confirmed by the network while they shop, then the customer pays for their merchandise via their account at one of the above, then withdraws their coins back to their wallet that they did not spend.
edd
donator
Activity: 1414
Merit: 1002
- Wonder how Coinbase instantly validates?
 

Because you would be paying with your coinbase account, so they are really controlling
the funds.  They are the trusted third party.   This is another LAYER.  Essentially, you are telling
coinbase to pay them, and the merchant is assuming coinbase won't double spend.  Hope that
makes sense.   



Both coinbase and greenaddress would be good to be sure that payment will be received with dealing with high value items.

If you are only selling low value items (a few dollars) you should not worry about double spending attacks as they are generally expensive to execute.

But that would require both consumer and merchant to have accounts with the same service.

In any case, if it was a high value item, why would you mind waiting for one confirmation?

You should not mind, in general.

The issue would come into play when you are selling high volume items in masse. Say for example someone is buying  a computer at Best Buy, the buyer would not mind waiting 10 minutes for the TX to confirm, but the seller (Best Buy) likely would. Now a transaction that could take 30 seconds to a minute will take, on average 10 minutes (if it gets confirmed in the next block), meanwhile everyone in line will need to wait, making their employees less efficient.

For a transaction like that, I imagine the clerk would put your purchased items to the side, issue a claim ticket and move on to the next customer. Once the first confirmation goes through, the items are released.

Alternatively, the cashier can verify an adequate transaction fee was included (to minimize the risk) and obtain ID so that, in the event of a (still very unlikely) successful double spend at least the perpetrator can be prosecuted.

Brick and mortar businesses already accept a certain amount of risk with current payment methods. IMO, bitcoins are still less likely to be spent fraudulently and a few precautions practically eliminates the possibility of falling victim to a double spend without inconveniencing customers more than they already are.


Anyway, I believe the OP wishes to operate a site that somehow will allow users to conduct business with high values of BTC extremely quickly and possibly anonymously without any risk whatsoever. I think that's asking a little too much of Bitcoin this early in the game. We're still in beta, remember?  Wink
sr. member
Activity: 448
Merit: 250
It's Money 2.0| It’s gold for nerds | It's Bitcoin
- Wonder how Coinbase instantly validates?
 

Because you would be paying with your coinbase account, so they are really controlling
the funds.  They are the trusted third party.   This is another LAYER.  Essentially, you are telling
coinbase to pay them, and the merchant is assuming coinbase won't double spend.  Hope that
makes sense.   



Both coinbase and greenaddress would be good to be sure that payment will be received with dealing with high value items.

If you are only selling low value items (a few dollars) you should not worry about double spending attacks as they are generally expensive to execute.

But that would require both consumer and merchant to have accounts with the same service.

In any case, if it was a high value item, why would you mind waiting for one confirmation?

You should not mind, in general.

The issue would come into play when you are selling high volume items in masse. Say for example someone is buying  a computer at Best Buy, the buyer would not mind waiting 10 minutes for the TX to confirm, but the seller (Best Buy) likely would. Now a transaction that could take 30 seconds to a minute will take, on average 10 minutes (if it gets confirmed in the next block), meanwhile everyone in line will need to wait, making their employees less efficient.
edd
donator
Activity: 1414
Merit: 1002
- Wonder how Coinbase instantly validates?
 

Because you would be paying with your coinbase account, so they are really controlling
the funds.  They are the trusted third party.   This is another LAYER.  Essentially, you are telling
coinbase to pay them, and the merchant is assuming coinbase won't double spend.  Hope that
makes sense.   



Both coinbase and greenaddress would be good to be sure that payment will be received with dealing with high value items.

If you are only selling low value items (a few dollars) you should not worry about double spending attacks as they are generally expensive to execute.

But that would require both consumer and merchant to have accounts with the same service.

In any case, if it was a high value item, why would you mind waiting for one confirmation?
sr. member
Activity: 448
Merit: 250
It's Money 2.0| It’s gold for nerds | It's Bitcoin
- Wonder how Coinbase instantly validates?
 

Because you would be paying with your coinbase account, so they are really controlling
the funds.  They are the trusted third party.   This is another LAYER.  Essentially, you are telling
coinbase to pay them, and the merchant is assuming coinbase won't double spend.  Hope that
makes sense.   



Both coinbase and greenaddress would be good to be sure that payment will be received with dealing with high value items.

If you are only selling low value items (a few dollars) you should not worry about double spending attacks as they are generally expensive to execute.
full member
Activity: 224
Merit: 100
for double-spending invalidate method, use 3 criterias to valid the real payment :
- bitcoin-QT server with instant verification
- blockchain.info instant verification (with blockr.io in backup or on main verification)
- bitcoinj verification (bitcoin android wallet)[/color]

when customer send bitcoin ... the cashier must see the 3 criterias at GREEN statut after max 10 seconds.

Brilliant! ty Sir,

Suggestions on here are great  Smiley

Will forward to our engineer for assessment/integration.

legendary
Activity: 1512
Merit: 1012
for double-spending invalidate method, use 3 criterias to valid the real payment :
- bitcoin-QT server with instant verification
- blockchain.info instant verification (with blockr.io in backup or on main verification)
- bitcoinj verification (bitcoin android wallet)

when customer send bitcoin ... the cashier must see the 3 criterias at GREEN statut after max 10 seconds.
full member
Activity: 224
Merit: 100
- No checking software available?

There is, it's called the Bitcoin protocol.

Seriously, this is the purpose of mining - to relay and validate transactions.



- Wonder how Coinbase instantly validates?

Same way everyone else does.





- Don't really want to create a bias implementing "Limits" / We want to be just as rapid for larger volume transactions. 

You are limited by the network. Is one confirmation really too long to wait?

Nice one Edd, don't get me wrong mate - Love the Bitcoin protocol and have massive respect for the time and effort honest miners sacrifice. They're Legends in my book.

1 Confirmation may work for our model
full member
Activity: 224
Merit: 100
- Wonder how Coinbase instantly validates?
 

Because you would be paying with your coinbase account, so they are really controlling
the funds.  They are the trusted third party.   This is another LAYER.  Essentially, you are telling
coinbase to pay them, and the merchant is assuming coinbase won't double spend.  Hope that
makes sense.   



I see, guess their model is more akin to a brokerage. Handling FIAT, I would assume that have adequate anti-fraud, charge-back assessments, insurance with there affiliate banking partner. Actually does anyone know who that is?

Well explained - Thanks btw
full member
Activity: 224
Merit: 100
I can't believe there is no service or software available to check duplicate(/multiple) transaction requests. Obviously, our system would then invalidate the transaction.

It is probably good there is no such service.  It would be rather trivial to make a service like that however double spend detection alone can't guarantee a tx won't be double spent (technically neither can confirmations).  Double spend detection can provide a reasonable assurance that your transaction has "won the race" (propagated the network) and ensure that no honest miner is working against you.  However a Finney attack can't be detected until after it has occurred by monitoring the network.  Likewise a thief could defraud you by working directly with a malicious pool.  There is no requirement that transactions have to be sent over the network (and no way to enforce that requirement if there was).  So a thief conspiring with a miner/pool doesn't have to broadcast the double spend, and this means there is nothing to detect.  Your first indication would be when the dishonest miner broadcasts a block with the double spend and your 0-confirm payment becomes invalid.

All of these factors depend heavily on what you are selling, how anonymous it is, how convertable it is to a thief, how much it is worth, etc.  There is no magic or simple "oh if you do this you will be safe".  It would not be difficult for a competent developer to code up a detection network but it should be part of a larger risk analysis.  Some services will simply always need confirmations or a way to secure alternate payment.  One example of this would be a grocery store.  Grocery store already accepts credit cards (and the associated risk).  If the store wanted to accept 0-confirm transactions for fast checkout line payment they could have users register a credit card and sign an agreement that if their bitcoin payment doesn't confirm the backup card will be charged.  The store is not taking any more risk.  If a thief has a stolen credit card and willingness to use it in person they would simply pay with the stolen credit card rather than try to perform a double spend.  So there are a lot of potential solutions but it will be very business specific.  What works for one business will not necessarily work for another.  Having a cookie cutter solution almost guarantees that naive businesses will be defrauded.

D&T appreciate your valuable feedback! PM'ed
full member
Activity: 224
Merit: 100
I see, thanks mate - wondering if Double Spending problem can be negated with 0 Confirmations?

No.  If it could then we wouldn't need confirmations, blocks, mining, and the massive expenditure of hardware and energy that goes along with it.   "Mining" is forcing a consensus on the network as to the ordering of transactions.  You "may" be able to accept 0-confirm txs with no or an acceptable rate of fraud but everything will depend on what you are selling, how much a theft is worth, if it is repeatable, how convertable would it be for a thief, how traceable, etc.

Nobody can say "in 100% of scenarios you must use X confirmations".  Well they can say it but they would be wrong.

To give you an example at one time Tangible Cryptography sold mobile phone reloads for Bitcoins.  For phone codes (which could be used to recharge any phone) we required 1 confirmation (sometimes 2 if we experienced a large amount of volume).  For direct reloads (where the user supplies a phone number and the time/value is directly added to their account) we didn't require any confirmations*.  Since the purchase was linked to a phone account the risk of a double spend was reduced and the repeatability of the attack was also reduced.  For BitSimple (a direct broker/dealer in Bitcoins) we require 3 confirmations as some of the withdraw methods as irreversible.

It all comes down to risk management.



*It is important to understand how you can detect double spends on the network using multiple nodes (listening nodes).  This doesn't guarantee a double spend (the thief could have a secret deal with one or more miners) but it does ensure you will not lose a "race" which ensures honest miners won't be working against you simply because they encountered the double spend first.  You should not accept 0-confirm transactions unless you understand the risks involved.  This means understanding how tx are relayed, what can prevent tx from being relayed, how an attacker could work directly with a miner, how a "Finney Attack" works and why it can't be detected. 

Excellent! Will bring to our Dev's attention
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
- Wonder how Coinbase instantly validates?
 

Because you would be paying with your coinbase account, so they are really controlling
the funds.  They are the trusted third party.   This is another LAYER.  Essentially, you are telling
coinbase to pay them, and the merchant is assuming coinbase won't double spend.  Hope that
makes sense.   

edd
donator
Activity: 1414
Merit: 1002
- No checking software available?

There is, it's called the Bitcoin protocol.

Seriously, this is the purpose of mining - to relay and validate transactions.



- Wonder how Coinbase instantly validates?

Same way everyone else does.





- Don't really want to create a bias implementing "Limits" / We want to be just as rapid for larger volume transactions. 

You are limited by the network. Is one confirmation really too long to wait?
donator
Activity: 1218
Merit: 1079
Gerald Davis
I can't believe there is no service or software available to check duplicate(/multiple) transaction requests. Obviously, our system would then invalidate the transaction.

It is probably good there is no such service.  It would be rather trivial to make a service like that however double spend detection alone can't guarantee a tx won't be double spent (technically neither can confirmations).  Double spend detection can provide a reasonable assurance that your transaction has "won the race" (propagated the network) and ensure that no honest miner is working against you.  However a Finney attack can't be detected until after it has occurred by monitoring the network.  Likewise a thief could defraud you by working directly with a malicious pool.  There is no requirement that transactions have to be sent over the network (and no way to enforce that requirement if there was).  So a thief conspiring with a miner/pool doesn't have to broadcast the double spend, and this means there is nothing to detect.  Your first indication would be when the dishonest miner broadcasts a block with the double spend and your 0-confirm payment becomes invalid.

All of these factors depend heavily on what you are selling, how anonymous it is, how convertable it is to a thief, how much it is worth, etc.  There is no magic or simple "oh if you do this you will be safe".  It would not be difficult for a competent developer to code up a detection network but it should be part of a larger risk analysis.  Some services will simply always need confirmations or a way to secure alternate payment.  One example of this would be a grocery store.  Grocery store already accepts credit cards (and the associated risk).  If the store wanted to accept 0-confirm transactions for fast checkout line payment they could have users register a credit card and sign an agreement that if their bitcoin payment doesn't confirm the backup card will be charged.  The store is not taking any more risk.  If a thief has a stolen credit card and willingness to use it in person they would simply pay with the stolen credit card rather than try to perform a double spend.  So there are a lot of potential solutions but it will be very business specific.  What works for one business will not necessarily work for another.  Having a cookie cutter solution almost guarantees that naive businesses will be defrauded.
full member
Activity: 224
Merit: 100
Hi,

From what i know on this (very little) by the first confirm the opertunity for double spending has already passed.

I see, thanks mate - wondering if Double Spending problem can be negated with 0 Confirmations?

It is relatively easy to successfully double-spend with 0 confirmations. If a customer double-spends, then there is roughly a 50% chance that the merchant will see his transaction, and 50% chance that it will not be added to the block chain.

There are ways for both the merchant and the scammer to increase their odds. For example, a merchant with a better connection to the network is more likely to see both transactions and detect the attempted double-spend. The scammer can omit the transaction fee on the merchant's transaction, reducing the likelihood that it will be the one that is confirmed.

This was my main concern - Our potential engineer said he's tested and was easy to do.

I can't believe there is no service or software available to check duplicate(/multiple) transaction requests. Obviously, our system would then invalidate the transaction.
legendary
Activity: 4466
Merit: 3391
Hi,

From what i know on this (very little) by the first confirm the opertunity for double spending has already passed.

I see, thanks mate - wondering if Double Spending problem can be negated with 0 Confirmations?

It is relatively easy to successfully double-spend with 0 confirmations. If a customer double-spends, then there is roughly a 50% chance that the merchant will see the legitimate transaction, and 50% chance that it will not be added to the block chain.

There are ways for both the merchant and the scammer to increase their odds. For example, a merchant with a better connection to the network is more likely to see both transactions and detect the attempted double-spend. The scammer can omit the transaction fee on the merchant's transaction, reducing the likelihood that it will be the one that is confirmed.
full member
Activity: 224
Merit: 100
I see, thanks mate - wondering if Double Spending problem can be negated with 0 Confirmations?

No.  If it could then we wouldn't need confirmations, blocks, mining, and the massive expenditure of hardware and energy that goes along with it.   "Mining" is forcing a consensus on the network as to the ordering of transactions.  You "may" be able to accept 0-confirm txs with no or an acceptable rate of fraud but everything will depend on what you are selling, how much a theft is worth, if it is repeatable, how convertable would it be for a thief, how traceable, etc.

Nobody can say "in 100% of scenarios you must use X confirmations".  Well they can say it but they would be wrong.

Clear and Concise, cheers man!
Pages:
Jump to: