Topic: How can you detect a risky transaction before a single confirmation? (Read 741 times)

Transaction Inputs are interesting. Is there an easy way to view this via bitcoin-cli without having to loop and make many calls? Or would it be best practice to just loop through the vins and check if they're confirmed?

Everyone needs to decide for themselves how much risk they are willing to accept.

If you are going to accept an unconfirmed transaction, then you should take the time to learn what the risks are, as well as what can be done to reduce those risks.

For example, if you have an alternative method of collecting money (or retrieving whatever you have provided) from the payor (credit card on file, bank account ACH, court system, enforcer with a baseball bat, etc), then it is a lower risk to accept the unconfirmed transaction, since you can always use your backup method whenever the transaction fails to confirm.

If you are just asking about the technical details of a bitcoin transaction, then there are a few things to look at when determining risk...

1) Value of transaction.  It is MUCH riskier to accept a single 10 BTC transaction with no confirmations than it is to accept ten 0.0001 BTC transactions with no confirmations.

2) Transaction inputs. It is MUCH riskier to accept, with no confirmations, a transaction that has unconfirmed inputs than it is to accept a transaction that exclusively uses confirmed inputs.

3) Transaction fee. It is MUCH riskier to accept, with no confirmations, a transaction that doesn't include any transaction fee. The larger the transaction fee, the lower the risk.

4) Competing transactions.  It is MUCH riskier to accept, with no confirmations, a transaction that uses inputs which are also used in one or more other unconfirmed transactions.

5) Node isolation. It is MUCH riskier to accept (even confirmed) transactions when your nodes are completely isolated from the rest of the bitcoin network by a single entity.

Is there an efficient way to detect wallets that are from exchanges etc?

If exchanges publish their addresses, maybe. They don't normally do this except for maybe their cold storage addresses, and usually they only do so if there has been some noise about a particular address because it has a large number of coins in it.

Is there an efficient way to detect wallets that are from exchanges etc?

Is there an efficient way to detect wallets that are from exchanges etc?

Yeah, you can. Some big sites like bustabit.com do this. Actually I originally authored the code, and it has been very successful. To all the people who think it's not possible, make a deposit on bustabit and try defraud the system. I'll wait 

However there's two things you to keep in mind to make it work

a) Charge for the service. It's really important people can't attempt to defraud you for free.  (For instance bustabit charges 1% for the precredit service, that way it costs money to try abuse the system. i.e. you need to be able to defraud them more than 1 or 2% of the time to be profitable).

b) Have a fallback for transactions without high enough enough confidence (i.e. accept a lot of false negatives)


---

The very first thing you need to do, is check if the transaction opts into bip125. If so, then it's never going to be safe prior to confirmations. Then assuming it's not bip125, what you want to do is make sure the transaction hasn't been raced. So have quite a few nodes in different spaced around the world, ideally with slightly different bitcoin core versions. Then wait a few seconds, and only precredit the transaction if every node has the transaction and it's got a decent fee rate.

Then if you want to get fancy, you can also monitor for double-spend attempts (but this is a pain in the ass, as you have to modify core) and they can report to you if they have seen an attempt.

And then most importantly, have a good system that notifies you (And possibly pulls the plug) if you get defrauded. Make sure you never precredit more than {uperBound} of bitcoin at any time, to cap your total risk.


--

Also keep in mind that it's perfectly possible to do now. HOWEVER tomorrow it might not be possible. If a small mining pool decided to (privately) accept double spends, you'd be irreparably screwed. So make sure your business model doesn't depend on "pre-crediting" or you could find yourself out of business overnight. (But it's a super cool nice-to-have to make an experience better).

I didn't say that your scenario is impossible. I only said that it's not 100% risk free. There can be some blocks found very quick, there can be low fee transactions included in them (CPFP for example), ... which can spoil the plans of the attacker. However, his chances are still very high indeed.
We are on the same page: private (proper) wallets are not to be trusted for 0-confirmation funding.

If you broadcast a tx 9.5 mins after the last block, it might cost 10 sat/byte to get your tx confirmed in the next block but if no blocks are found in the next hour and a half, it might cost 70 sat/byte to get your tx confirmed in the next block and this amount may stay elevated for some time.

In the scenario I am describing, an attacker could make a deposit 1 second after the last block was found, if a block is found within 10 minutes, they could just withdraw their deposit, but if no blocks are found for say an hour, they could make a high probability bet and attempt to withdraw if it is a loosing bet. In this scenario the market cost to get a tx confirmed will have increased due to a lower supply of block space (even if this is temporary). 

If you broadcast a tx 9.5 mins after the last block, it might cost 10 sat/byte to get your tx confirmed in the next block but if no blocks are found in the next hour and a half, it might cost 70 sat/byte to get your tx confirmed in the next block and this amount may stay elevated for some time.

In the scenario I am describing, an attacker could make a deposit 1 second after the last block was found, if a block is found within 10 minutes, they could just withdraw their deposit, but if no blocks are found for say an hour, they could make a high probability bet and attempt to withdraw if it is a loosing bet. In this scenario the market cost to get a tx confirmed will have increased due to a lower supply of block space (even if this is temporary). 

Yup. That's why I suggested OP to allow 0-conf to certain (custodian) wallets which don't allow users do rbf at all.


The previous number of minutes between blocks doesn't necessarily give a hint for the number of minutes until the next block, so it's not risk free. It may reduce the risk (debatable), but doesn't make it risk free.

a non-rbf tx can still be "replaced" (double spent) without the assistance of a miner. If there are many unconfirmed txs competing with each other (such as what happened in late 2017), an unconfirmed tx may eventually get 'dropped' by most nodes, including the nodes the miners use, which would make it trivial to double spend one of the inputs as long as you use a sufficiently high tx fee.

An attacker may for example, broadcast a tx immediately after a block is found, and if it has been at least xx minutes since the tx was broadcast, make the risk free bet

Not accepting marked rbf transactions (like suggested above) might minimize those attempts since it will be troublesome or costly to contact a pool that's willing to include the double-spend tx instead of the 1st one.
And IMO, that's too much for a "risk free bet".

He can also, set a maximum allowed instant deposit, anything higher will require 1 confirmation.

Note: non-rbf tx aren't "replaceble" by default. The gambler needs to directly contact a pool operator or a solo miner to include the new tx.

It's pretty simple actually.
Most of those site do not enable withdrawals if any of the deposit transactions didn't have 6 confirmations.
Even if the client decided to double spend his pending deposit, he won't be able to withdraw his winnings/pre-credited balance.

Nothing goes in -> Nothing goes out
Couple it with a strict terms and conditions and you're good to accept instant deposits.

I did.

But all it takes is a bit of social engineering to try to get them to contact an engineer to push through a double spend...

Or even someone in the inside could try doing something with some of the exchanges hot wallet. While it's unlikely you have to assess each exchange and see how likely that would be to happen and then difficulty is added. Also if you decide to delist an exchange from your service people are going to be greatly peeved that they used to get a confirmation quickly and now have to wait 20 minutes.

It's probably worth op doing some field research and buying some stuff from different sites to see how it works. If you sell goods but don't have fast delivery then some services accept an unconfirmed tx and then wait for confirmations before dispatching, similar to what a lot of gambling sites do as stated above.