Pages:
Author

Topic: Instant confirmation, call it "confirmed-by-owner" - page 2. (Read 3105 times)

staff
Activity: 4284
Merit: 8808
Okay - but f you don't pay then do I need to do anything to stop the repayment (am just trying to clearly see how it gets completed without any race condition)?
I can't decode your question. Can you try asking another way or perhaps give an example?  There should be no race condition, so long as the the refund is far enough in the future that you can reliably get the legit spend in before it locks.
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
In the end we if we can come up with a set of rules to accept 0 conf payments with very little risk, that would be very good news for bitcoin payments in person.
Sure, copy the persons photo ID. Limit sales to values that you'd be comfortable losing to shoplifting. Done.

There's a lot of bakeries and coffee shops out there that have found they can go as far as not even having any staff on duty during the day and relying 100% on the honesty of their patrons to actually pay them. One example: http://www.theglobeandmail.com/life/coffee-cookies-but-no-cashiers/article1058362/

Another example is how in many places newspapers are sold in unlocked containers with a slot to voluntarily drop a quarter in. Or for that matter how it's routine for campgrounds and huts in mountainous areas to be unstaffed with just a drop box to collect fees from hikers. Huts are a funny example: parks often find it cheaper to leave them unlocked entirely year-round than to replace windows broken by people who forgot their key or combo, or were in an emergency and needed the shelter.

we can do better then that...

simple rules, tx must have a fee, and look for double spend for 30 seconds, and you appear to have pretty damn good protection, even if a double spend is initiated.

asking for ID is a crappy solution.

Here's a better solution that expects nothing more from all parties than rational economic self-interest: https://bitcointalksearch.org/topic/m.2669189

Its good to know, (atho not surprising), that people are dreaming up solutions to this problem.
but the proposed solution requires some rewrite of the underlying protocol, this method does not, and it dead simple.

the actual effectiveness of this solution is unknown to me tho.

if i require a mining fee, and checked for 30-60 seconds that you didn't try to double spend, before accepting your 0 conf BTC payment.
could you double spend, and have the double spend confirm, before the orginal tx. ( provided you don't have any  hashing power...)
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
I write a transaction paying 10 BTC to a multisignature output that requires me+you.  Without broadcasting that payment, my software contacts your software and asks it to sign a refund transaction which pays the 10 BTC back to me, but locktimed two weeks from now.  After you give me that signature I announce the payment into the escrow.

Now for the next ~2 weeks I can pay you up to 10 BTC out of those funds instantly, with no reversal risk for you.

The restrictions: Funds are locked up, and I have to know who I'm possibly paying in advance.

Okay - but f you don't pay then do I need to do anything to stop the repayment (am just trying to clearly see how it gets completed without any race condition)?
legendary
Activity: 1120
Merit: 1152
In the end we if we can come up with a set of rules to accept 0 conf payments with very little risk, that would be very good news for bitcoin payments in person.
Sure, copy the persons photo ID. Limit sales to values that you'd be comfortable losing to shoplifting. Done.

There's a lot of bakeries and coffee shops out there that have found they can go as far as not even having any staff on duty during the day and relying 100% on the honesty of their patrons to actually pay them. One example: http://www.theglobeandmail.com/life/coffee-cookies-but-no-cashiers/article1058362/

Another example is how in many places newspapers are sold in unlocked containers with a slot to voluntarily drop a quarter in. Or for that matter how it's routine for campgrounds and huts in mountainous areas to be unstaffed with just a drop box to collect fees from hikers. Huts are a funny example: parks often find it cheaper to leave them unlocked entirely year-round than to replace windows broken by people who forgot their key or combo, or were in an emergency and needed the shelter.

we can do better then that...

simple rules, tx must have a fee, and look for double spend for 30 seconds, and you appear to have pretty damn good protection, even if a double spend is initiated.

asking for ID is a crappy solution.

Here's a better solution that expects nothing more from all parties than rational economic self-interest: https://bitcointalksearch.org/topic/m.2669189
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
In the end we if we can come up with a set of rules to accept 0 conf payments with very little risk, that would be very good news for bitcoin payments in person.
Sure, copy the persons photo ID. Limit sales to values that you'd be comfortable losing to shoplifting. Done.

we can do better then that...

simple rules, tx must have a fee, and look for double spend for 30 seconds, and you appear to have pretty damn good protection, even if a double spend is initiated.

asking for ID, and taking on the risk in full, is a crappy solution.

we have near perfect information as to all TX on the network at all times, let us use it!
staff
Activity: 4284
Merit: 8808
There are but they're mildly complicated and have other restrictions.
Can you enlighten us as to how this is possible?
For example, say I want to potentially pay you up to 10 BTC later.

I write a transaction paying 10 BTC to a multisignature output that requires me+you.  Without broadcasting that payment, my software contacts your software and asks it to sign a refund transaction which pays the 10 BTC back to me, but locktimed two weeks from now.  After you give me that signature I announce the payment into the escrow.

Now for the next ~2 weeks I can pay you up to 10 BTC out of those funds instantly, with no reversal risk for you.

The restrictions: Funds are locked up, and I have to know who I'm possibly paying in advance.

If there is some third party that many people trust to not double spend "you" in this protocol could be replaced with the third party to instead relax the requirement that I know who I want to transact with in the future. (e.g. "anyone who trusts Theymos to not doublespend").
staff
Activity: 4284
Merit: 8808
In the end we if we can come up with a set of rules to accept 0 conf payments with very little risk, that would be very good news for bitcoin payments in person.
Sure, copy the persons photo ID. Limit sales to values that you'd be comfortable losing to shoplifting. Done.
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
Currently there is no way to have a valid 0 conf tx. You simply have to trust the sender won't double spend.
There are but they're mildly complicated and have other restrictions.


I wasn't aware of this can you point to where I can read up on this?

Quote
i would agree that any system like this can not say with 100% certainty that it will get confirmed no matter what. but it should make almost all 0 conf. double spend attempts nearly impossible.

If it pays a proper fee and is broadcast first the probability is high that this tx will get included in a block. As far as I'm aware, the probability is in your favour but there is still a chance, albeit small, that it will be double spent.

In the end we if we can come up with a set of rules to accept 0 conf payments with very little risk, that would be very good news for bitcoin payments in person.
full member
Activity: 141
Merit: 100
Currently there is no way to have a valid 0 conf tx. You simply have to trust the sender won't double spend.
There are but they're mildly complicated and have other restrictions.


I wasn't aware of this can you point to where I can read up on this?

Quote
i would agree that any system like this can not say with 100% certainty that it will get confirmed no matter what. but it should make almost all 0 conf. double spend attempts nearly impossible.

If it pays a proper fee and is broadcast first the probability is high that this tx will get included in a block. As far as I'm aware, the probability is in your favour but there is still a chance, albeit small, that it will be double spent.
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
While the tx is broadcast as long as the tx is not confirmed the money is not owned by the receiver. The original owner is still in control of the money and can broadcast different txs with the same input. There is no guarantee the tx that sends the money to you will be confirmed before the other tx. Thus a double spend is possible for any tx that hasn't been confirmed.

there's no way to predict that even if the owner tried to double spend, the original tx would get confirmed?

say you waited 1 min, and saw no double spends, if the owner tried to double spend after that minute, which of the 2 tx will be deemed the valid one?

the first one? how does the network decide which tx is the valid one?

The problem here is that both tx would be valid. Both tx have valid inputs they are just sent to different receiving addresses. Whichever gets confirmed first becomes the "true" valid tx. As the inputs would now be spent the other tx becomes invalid and would never get confirmed. The order in which tx gets mined into a block depends on many variables. The time it was broadcast, how many other txs are waiting to be mined, the priority of the tx, etc..

One trick to double spend a 0 conf tx is to send the first tx with no or an extremely small fee so it stays at the back of the queue for tx waiting to be mined. This increases the probability that it won't get included in a block for a long time. Although this tx is broadcast first it will likely take a very long time to get included in a block hence a second tx can be made minutes after the first and propagate throughout the network. The second tx can be created paying a very high fee to jump in front of the queue of txs waiting to be mined and increasing the probability that it will be mined before the first tx.

Currently there is no way to have a valid 0 conf tx. You simply have to trust the sender won't double spend.

this is the key, if you wait long enough 20-60 seconds?  and require payments to add a mining fee,  you can be reasonably sure the tx will be the one mined, and go ahead and say, " even if it is double spent I will get the confirmation "

that's the idea anyway.

i would agree that any system like this can not say with 100% certainty that it will get confirmed no matter what. but it should make almost all 0 conf. double spend attempts nearly impossible.
legendary
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
There are but they're mildly complicated and have other restrictions.

Can you enlighten us as to how this is possible?
staff
Activity: 4284
Merit: 8808
Currently there is no way to have a valid 0 conf tx. You simply have to trust the sender won't double spend.
There are but they're mildly complicated and have other restrictions.
full member
Activity: 141
Merit: 100
While the tx is broadcast as long as the tx is not confirmed the money is not owned by the receiver. The original owner is still in control of the money and can broadcast different txs with the same input. There is no guarantee the tx that sends the money to you will be confirmed before the other tx. Thus a double spend is possible for any tx that hasn't been confirmed.

there's no way to predict that even if the owner tried to double spend, the original tx would get confirmed?

say you waited 1 min, and saw no double spends, if the owner tried to double spend after that minute, which of the 2 tx will be deemed the valid one?

the first one? how does the network decide which tx is the valid one?

The problem here is that both tx would be valid. Both tx have valid inputs they are just sent to different receiving addresses. Whichever gets confirmed first becomes the "true" valid tx. As the inputs would now be spent the other tx becomes invalid and would never get confirmed. The order in which tx gets mined into a block depends on many variables. The time it was broadcast, how many other txs are waiting to be mined, the priority of the tx, etc..

One trick to double spend a 0 conf tx is to send the first tx with no or an extremely small fee so it stays at the back of the queue for tx waiting to be mined. This increases the probability that it won't get included in a block for a long time. Although this tx is broadcast first it will likely take a very long time to get included in a block hence a second tx can be made minutes after the first and propagate throughout the network. The second tx can be created paying a very high fee to jump in front of the queue of txs waiting to be mined and increasing the probability that it will be mined before the first tx.

Currently there is no way to have a valid 0 conf tx. You simply have to trust the sender won't double spend.
staff
Activity: 4284
Merit: 8808
Would it be possible for nodes to instantly validate a tx, without the help of the network, after all every node has to full tx history, and is actively monitoring the network. they wouldn't actually add a confirmation because they aren't mining, but they can instantly check to see if the tx is valid / not a double spend. and be 100% or 99.99% certain that the tx will get confirmed?
All full nodes already do validate every transaction and will not display one that won't validate or which depends on parents which won't validate. But you can't be sure no matter how much you observe that an alternative double spend won't get mined instead of it.
qwk
donator
Activity: 3542
Merit: 3413
Shitcoin Minimalist
So far, there's still an "official" warning against zero-confirmation.
https://bitcointalksearch.org/topic/serious-vulnerability-related-to-accepting-zero-confirmation-transactions-135985

8.0. was the last time I've seen an improvement regarding this, but I might be missing newer changes.
https://bitcointalksearch.org/topic/bitcoin-qt-bitcoind-version-080-released-145184
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
Would it be possible for nodes to instantly validate a tx, without the help of the network, after all every node has to full tx history, and is actively monitoring the network. they wouldn't actually add a confirmation because they aren't mining, but they can instantly check to see if the tx is valid / not a double spend. and be 100% or 99.99% certain that the tx will get confirmed?

this could  add a level of comfort, or even completely eliminate possibly of double spend for accepting 0 confirmation BTC payments.

just a thought, what do you think? is this possible?

Full nodes have the entire blockchain, so they can verify if a tx is valid and if it doesn't use any spent outputs (that is, it's not a double spend).

But you can't assume that a node has perfect connection to the network, so a double spend is easily possible if you perform the two spends on different parts of the network that are poorly connected. It may take many seconds or even longer for these nodes to synchronize. If you accept 0-conf transactions, you're vulnerable to double spends this way. For small amounts, this isn't a big deal, as the effort required to attemp to double spend isn't worth it typically.

assume the "confirmed-by-owner" program, is done with a super well connected node and waits 60 seconds looking for double spends, b4 saying " it will most likely be confirmed "
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
While the tx is broadcast as long as the tx is not confirmed the money is not owned by the receiver. The original owner is still in control of the money and can broadcast different txs with the same input. There is no guarantee the tx that sends the money to you will be confirmed before the other tx. Thus a double spend is possible for any tx that hasn't been confirmed.

there's no way to predict that even if the owner tried to double spend, the original tx would get confirmed?

say you waited 1 min, and saw no double spends, if the owner tried to double spend after that minute, which of the 2 tx will be deemed the valid one?

the first one? how does the network decide which tx is the valid one?
hero member
Activity: 728
Merit: 500
Would it be possible for nodes to instantly validate a tx, without the help of the network, after all every node has to full tx history, and is actively monitoring the network. they wouldn't actually add a confirmation because they aren't mining, but they can instantly check to see if the tx is valid / not a double spend. and be 100% or 99.99% certain that the tx will get confirmed?

this could  add a level of comfort, or even completely eliminate possibly of double spend for accepting 0 confirmation BTC payments.

just a thought, what do you think? is this possible?

Full nodes have the entire blockchain, so they can verify if a tx is valid and if it doesn't use any spent outputs (that is, it's not a double spend).

But you can't assume that a node has perfect connection to the network, so a double spend is easily possible if you perform the two spends on different parts of the network that are poorly connected. It may take many seconds or even longer for these nodes to synchronize. If you accept 0-conf transactions, you're vulnerable to double spends this way. For small amounts, this isn't a big deal, as the effort required to attemp to double spend isn't worth it typically.
full member
Activity: 141
Merit: 100
While the tx is broadcast as long as the tx is not confirmed the money is not owned by the receiver. The original owner is still in control of the money and can broadcast different txs with the same input. There is no guarantee the tx that sends the money to you will be confirmed before the other tx. Thus a double spend is possible for any tx that hasn't been confirmed.

0 conf tx is not safe because until the tx is confirmed no money has actually moved. Double spend attempts can be made at any point in time from the original tx broadcast until it is confirmed. Until the tx is confirmed the validity of the tx can change so the node can't validate a 0 conf tx.
legendary
Activity: 1904
Merit: 1037
Trusted Bitcoiner
Would it be possible for nodes to instantly validate a tx, without the help of the network, after all every node has to full tx history, and is actively monitoring the network. they wouldn't actually add a confirmation because they aren't mining, but they can instantly check to see if the tx is valid / not a double spend. and be 100% or 99.99% certain that the tx will get confirmed?

this could  add a level of comfort, or even completely eliminate possibly of double spend for accepting 0 confirmation BTC payments.

just a thought, what do you think? is this possible?





If a TX (with a miners fee), is broadcast, and no double spends accourcs 60 seconds after this TX has been broadcast, we can assume this TX will be confirmed, EVEN if a double spend is initiated after the 60 seconds. because when a miner is validating TXs he will see the first tx ( the one that occurred 60 seconds before the double spend attack) as the valid one.


so....

if you get a payment, make sure it has a miners fee, and look for double spends for 60 seconds, and you see no double spends, you can be sure it will get confirmed, even if a double spend is initiated later.


thats the idea. i understand this is an ugly solution, but if it works.... "Safely accept 0 conf. BTC payments in 60 seconds!"  Grin
Pages:
Jump to: