Topic: The math behind confirmations? - page 2. (Read 361 times)

He is showing an example: q = probability the attacker finds the next block.
You get a table for q=0.1, so basically an attacker with 10% of the hashrate, and the probability of catching up with the real chain of depth z.

He sampled the same table for q=0.3 (30% of the hashrate) as well.

The last part shows if you want this probability to be under 0.1%, with an attacker that has 10% of the hashrate, you need to wait for 5 confirmations, or if an attacker has 30% of the hashrate you need 24 confirmations and so on.

I'd say that it's fairly close to the figure 5 that is needed if we assume there is a miner or pool with 10% of the hashrate, so that's probably the assumption made when deciding for number 6, as well as it being easy to remember since 6 blocks in Bitcoin take exactly one hour on average.

2 confirmations is more than enough for the bitcoin network, unless you are talking about millions of dollars.

When you make a transaction, that transaction is recorded in the blockchain.  Each subsequent block that is mined adds one more confirmation  to that transaction.

A successful attacker will need to mine all blocks again since your transaction. It is considered  permanent and practically impossible for an attacker to mine 6 blocks faster than the whole network. This is why 6 confirmations is enough.

If you are talking about altcoins, like bch or brg which have significant lower hashrate, the 6 confirmation rule is not enough.

Can you guys help me understand the math behind 6 confirmations? I have read that at 6 confirmations there is less than a 0.1% chance of a successful attack but I cannot remember where I read that. I have always wondered why the standard of waiting for confirmations to prevent a double spend attack was always 6 confirmations. I am aware that some places do allow at least 1 confirmation but if you accept 1 confirmation what percentage difference compared to 6 confirmations would I be taking a big risk by accepting 1 confirmations compared to 6?.

I've searched around the internet and most just say that it reduces the chances but the exact numbers haven't been declared. For someone who might be developing a Bitcoin payment system or accepting Bitcoin on their website or for a service this should probably be more clear than it is. We should not blindly trust because it is the standard. I do not doubt that the standard has solid reasons I am more intrigued on why we have come up with that magic number. Does 6 confirmations reduce an attack by >99%?

I ask because the wiki is no longer up to date but this information was answered before on there. Take this quote as an example:

The only problem with this quote is that it talks about more confirmations preventing an attack which I understand but it talks about up to 60 confirmations to fully mitigate the attack so why are we using a 6 confirmation standard when there is still a chance of an attack succeeding is it because it is so low chance that it realistically will never happen?

The reference https://people.xiph.org/~greg/attack_success.html returns a error and does not have the information any more.


The Bitcoin whitepaper has this information which I assume is related to confirmations but this does not make any sense to me. What is Satoshi trying to say here?