There is no such thing as first. The network is non-deterministic. Trying to enforce that rule would simply make it trivial to fork the blockchain.
Scenario:
Attacker creates two tx A & B. Tx A pays merchants, Tx B sends same coins back to attacker. To execute a 0-confirm double spend the merchant must know about TX A ("see it on the network") however the attacker will also send Tx B to some nodes. Now at this point the network lacks consensus. Some % of nodes believe tx A is "first" and thus "valid", they will drop tx B and not relay it. For some % of nodes the opposite is true. Now say a miners solves a block, with either A or B. By your proposed rules some % of the network would see that block as invalid. The network would split. If there are mining nodes on each half of the split then they will extend their chains
TL/DR version:
proposals like this always fail because they look at the "network" like it is a single entity. There is no "network," that is merely an abstraction. There is only a collection of independent connected nodes. At right now at this very second, all the nodes of the network are NOT in consensus. They have differing tx in their memory pool. Due to various relay/drop rules related to fees some nodes may NEVER know of a tx until it is included in a block. In the case of a double spend (accidental or intentional) some nodes have incompatible transactions they each see as "valid".
The purpose of mining is to force a consensus among the nodes. Period. Thus mining has to be deterministic. Given a block all nodes must ALWAYS reach the same conclusion on its validity. If they don't then an unintentional hard fork will occur.
Topic: Miners have too much power when deciding about tx inclusion (Read 1042 times)
Yes, there is no such thing, truly, as "first"...
EG, If I conduct the same transaction from the USA, TAIWAN, AUSTRALIA, and EGYPT... at exactly the same time... (Like that is even possible...)
They will arrive at "network-delayed" times that are irrelevant to the actual transaction-time... However, only one of those recipients will "win"... The rest will be invalidated.
There is no "legitimate" double-spends, unless they BOTH went to the SAME recipient, from the SAME ORIGIN. In THAT CASE, the winner is always the same. Only in the above case, which is never a legitimate transaction in the first place, is there a "theft-winner". At that point, it doesn't matter who the winner is, because it is the previous owner who is the looser for those non-legitimate transactions. Again, it is not the "bitcoin networks issue". That is a security issue of the sender.
Banks and CC exchanges work the same way. However, they kindly use "additional security", and "trust", and "law enforcement", with "proof", to "reverse or nullify fraudulent transactions"... However, the actual transaction itself is NEVER reversed, nullified, or altered... They just make a new transaction, returning misrouted funds, or negating funds.
As for tx inclusion... That is our (the miners) right to accept or deny transactions. If YOU (the sender), don't want to pay for OUR (miners) power/time/processing, we have every right to send you to the back of the list, and let some charity-miner process your transaction. It is our loss, if that inclusion would have resulted in US (the miners), having gotten a bitcoin-solution... (eg, resulted in a "found" mining hash)
As for abuse... well, no-one has that much control of any significant block, or the ability to coordinate such an abuse. Even with all the pooling. You would have to coordinate thousands and thousands of individuals to produce such an attack/invasion/hack. The end-result would be a correction, by the thousands and thousands and thousands of others, who were not part of the coordinated attack. There is more money in simply processing and discovery, than there will ever be, in theft. Theft is only profitable if it has only one person to reap the rewards. Paying thousands and thousands would require millions to be stolen, and than those would still have to be sold, which would instantly degrade the value beyond being a "reward" to the thieves. (Or a real loss to those who it was stolen from.)
EG, If I conduct the same transaction from the USA, TAIWAN, AUSTRALIA, and EGYPT... at exactly the same time... (Like that is even possible...)
They will arrive at "network-delayed" times that are irrelevant to the actual transaction-time... However, only one of those recipients will "win"... The rest will be invalidated.
There is no "legitimate" double-spends, unless they BOTH went to the SAME recipient, from the SAME ORIGIN. In THAT CASE, the winner is always the same. Only in the above case, which is never a legitimate transaction in the first place, is there a "theft-winner". At that point, it doesn't matter who the winner is, because it is the previous owner who is the looser for those non-legitimate transactions. Again, it is not the "bitcoin networks issue". That is a security issue of the sender.
Banks and CC exchanges work the same way. However, they kindly use "additional security", and "trust", and "law enforcement", with "proof", to "reverse or nullify fraudulent transactions"... However, the actual transaction itself is NEVER reversed, nullified, or altered... They just make a new transaction, returning misrouted funds, or negating funds.
As for tx inclusion... That is our (the miners) right to accept or deny transactions. If YOU (the sender), don't want to pay for OUR (miners) power/time/processing, we have every right to send you to the back of the list, and let some charity-miner process your transaction. It is our loss, if that inclusion would have resulted in US (the miners), having gotten a bitcoin-solution... (eg, resulted in a "found" mining hash)
As for abuse... well, no-one has that much control of any significant block, or the ability to coordinate such an abuse. Even with all the pooling. You would have to coordinate thousands and thousands of individuals to produce such an attack/invasion/hack. The end-result would be a correction, by the thousands and thousands and thousands of others, who were not part of the coordinated attack. There is more money in simply processing and discovery, than there will ever be, in theft. Theft is only profitable if it has only one person to reap the rewards. Paying thousands and thousands would require millions to be stolen, and than those would still have to be sold, which would instantly degrade the value beyond being a "reward" to the thieves. (Or a real loss to those who it was stolen from.)
2) Include as many tx in the block as you can.
This would be impossible to enforce...
There are no "not-legitimate" transactions. Just ones that end up in the chain and ones that don't.
Yes, there is. The tx which was broadcasted first is legitimate and any other transaction that is broadcasted later is non-legitimate.And the network knows which one was broadcast first through what mechanism exactly?
In our universe, there are limits to the speed that information can travel. Which means that "first" is not a globally meaningful concept, only a local one. The blockchain is an attempt to achieve a global ordering using only local information.
If a user is concerned that they might be dealing with someone who would try to back out of paying then they should use Bitcoin's built in solution, wait for confirmations.
There are use cases where you don't want to wait for confirmations.
Bummer.
There are no "not-legitimate" transactions. Just ones that end up in the chain and ones that don't.
Yes, there is. The tx which was broadcasted first is legitimate and any other transaction that is broadcasted later is non-legitimate.If a user is concerned that they might be dealing with someone who would try to back out of paying then they should use Bitcoin's built in solution, wait for confirmations.
There are use cases where you don't want to wait for confirmations.
What if the first tx was to an invalid account? Is it still legitimate? A double spend in this case would not be fraudulent.
The short comings of BTC is there is no instant confirmation, and thus you have to wait for confirmations .. LTC is shorter, but you still have to wait.
There are no "not-legitimate" transactions. Just ones that end up in the chain and ones that don't.
Yes, there is. The tx which was broadcasted first is legitimate and any other transaction that is broadcasted later is non-legitimate.If a user is concerned that they might be dealing with someone who would try to back out of paying then they should use Bitcoin's built in solution, wait for confirmations.
There are use cases where you don't want to wait for confirmations.
There are no "not-legitimate" transactions. Just ones that end up in the chain and ones that don't.
If a user is concerned that they might be dealing with someone who would try to back out of paying then they should use Bitcoin's built in solution, wait for confirmations.
If a user is concerned that they might be dealing with someone who would try to back out of paying then they should use Bitcoin's built in solution, wait for confirmations.
I've given some thoughts about what nasty things an evil miner could do, and I think I found two problems that I'd like to share:
First of all, a miner is supposed to follow the following rules when including transactions (ordered by priority in descending order):
1) In case of a double-spending attack, the oldest tx is the legitimate one. Only include the legitimate tx in the block.
2) Include as many tx in the block as you can.
3) Maximize your profits by prefering tx with higher fees over tx with lower fees.
And here's the problem. Miners should follow rules 1 and 2 even if they could make more money by braking them. I do think that eventually, miners will show up who have different priorities.
First, 0-confirmation double spendings aren't new. However, I'm afraid that eventually, some rogue miners will show up and create a market for double-spending attacks. I mean, solo miners who try to put wrong transactions into the blockchain are one thing. Now imagine what would happen if several rogue miners got together and exchanged wrong transactions with each other. It would combine their hashrate and increase their profits because now, they wouldn't have to mine blocks for their rogue confirmations themselves, they can also buy wrong confirmations from other miners. This would be dangerous for the network as a whole because it would decrease the costs of confirming a non-legitimate transaction.
The second issue is that miners could artificially slow down transaction confirmation. The confirmation process is supposed to be a competitive market. Supply is limited by the maximum block size; Miners will always prefer those transactions which include the highest tx fees, however they will also try to include as many tx as possible in order to maximize their profits. However - there's a weakness in the system: Miners can reduce supply artificially by mining smaller blocks. This way, users would have to pay higher transaction fees in order to have their transactions cleared. A small transaction fee increase may appear acceptable. And we might hope that this guy doesn't have enough market power to reduce network-wide supply to the point where it increases his profits. However, there are cases where a user doesn't want to wait for the block after the block after the next block that will finally include his transaction; Instead, the user may want the transaction to clear NOW. And now, let's look where we can buy "transaction inclusion in the next block". We can buy that service only from exactly ONE miner. We don't know who's going to mine the next block before it's happened and each time it's someone else. Yet, there is always only one miner who is going to mine the next block. This situation is called a monopoly. Rogue miners could exploit it - they could require excessive transaction fees from those users who want to get their tx confirmed ASAP. When a user refuses to pay the inflated tx fee, the tx would have to wait until a sensible miner creates a block.
The combination of both scenarios is another problem. If there are too many miners around who refuse to include legitimate tx we have a higher chance that a non-legitimate tx might make it into the blockchain because now there are SEVERAL miners who have the opportunity to include wrong transactions.
Bottom line: At any time, there is only one miner who is going to create the next block. This miner is a central authority which has the (temporary) monopoly on tx inclusion and the authority to make almost-final decisions about double-spending transactions. Even though the powers of this central authority are passed around all the time, it is still an issue in the above scenarios.
As a solution, I think that we need double-spending safeguards that relieve users from the need to rely on the moral integrity of a particular miner.
First of all, a miner is supposed to follow the following rules when including transactions (ordered by priority in descending order):
1) In case of a double-spending attack, the oldest tx is the legitimate one. Only include the legitimate tx in the block.
2) Include as many tx in the block as you can.
3) Maximize your profits by prefering tx with higher fees over tx with lower fees.
And here's the problem. Miners should follow rules 1 and 2 even if they could make more money by braking them. I do think that eventually, miners will show up who have different priorities.
First, 0-confirmation double spendings aren't new. However, I'm afraid that eventually, some rogue miners will show up and create a market for double-spending attacks. I mean, solo miners who try to put wrong transactions into the blockchain are one thing. Now imagine what would happen if several rogue miners got together and exchanged wrong transactions with each other. It would combine their hashrate and increase their profits because now, they wouldn't have to mine blocks for their rogue confirmations themselves, they can also buy wrong confirmations from other miners. This would be dangerous for the network as a whole because it would decrease the costs of confirming a non-legitimate transaction.
The second issue is that miners could artificially slow down transaction confirmation. The confirmation process is supposed to be a competitive market. Supply is limited by the maximum block size; Miners will always prefer those transactions which include the highest tx fees, however they will also try to include as many tx as possible in order to maximize their profits. However - there's a weakness in the system: Miners can reduce supply artificially by mining smaller blocks. This way, users would have to pay higher transaction fees in order to have their transactions cleared. A small transaction fee increase may appear acceptable. And we might hope that this guy doesn't have enough market power to reduce network-wide supply to the point where it increases his profits. However, there are cases where a user doesn't want to wait for the block after the block after the next block that will finally include his transaction; Instead, the user may want the transaction to clear NOW. And now, let's look where we can buy "transaction inclusion in the next block". We can buy that service only from exactly ONE miner. We don't know who's going to mine the next block before it's happened and each time it's someone else. Yet, there is always only one miner who is going to mine the next block. This situation is called a monopoly. Rogue miners could exploit it - they could require excessive transaction fees from those users who want to get their tx confirmed ASAP. When a user refuses to pay the inflated tx fee, the tx would have to wait until a sensible miner creates a block.
The combination of both scenarios is another problem. If there are too many miners around who refuse to include legitimate tx we have a higher chance that a non-legitimate tx might make it into the blockchain because now there are SEVERAL miners who have the opportunity to include wrong transactions.
Bottom line: At any time, there is only one miner who is going to create the next block. This miner is a central authority which has the (temporary) monopoly on tx inclusion and the authority to make almost-final decisions about double-spending transactions. Even though the powers of this central authority are passed around all the time, it is still an issue in the above scenarios.
As a solution, I think that we need double-spending safeguards that relieve users from the need to rely on the moral integrity of a particular miner.
Jump to: