Topic: Undo button for transactions - page 2. (Read 769 times)
I'll say it's a great solution for those who can't spend few seconds to confirm that the details of their transactions is correct instead of going through the stress of signing transaction here and there. I would say I see no decentralization from this method. Instead of that, why not use a centralized wallet that sends sends confirmation email with transaction details before broadcasting the TX. Much better that way. We don't need and undo button because this is not a bank.
All-in-all, it seems like a massively over-engineered solution for the problem of not double checking the address you enter. Why would I go through all this effort when I could instead just spend 10 seconds to make sure the address is correct? Not to mention that your transaction is now entirely dependent on a third party.
The first and foremost part is that it involves a third party vendor to initiate a transaction.
Why would we compromise our bitcoins with a third party just so that we don't have to double check the address we are sending our bitcoins to.
I think it's just lame and also it hinders the motive of bitcoin to be used as peer to peer payment method.
Any point where we have to use a third party destroys the motive of bitcoin.
Very complicated.
Much easier solution would be to have some easy way to double check and confirm address of recipient before sending.
One way would also be to save this address in wallet addressbook before sending it.
Much easier solution would be to have some easy way to double check and confirm address of recipient before sending.
One way would also be to save this address in wallet addressbook before sending it.
I always do this thing whenever I'm about to send some BTC to another address. I think every BTC holders have developed this idea of double-checking before sending BTC. No need for the undo button, instead, we must not forget this very important step. If you ask me, I've been doing it for the last 5 years of my journey in the crypto industry, and never in my life I have sent BTC in the wrong address.
It looks like they finally found a great solution and thus removed several of the drawbacks of bitcoin blockchain such as immutability, decentralization, disintermediation. You are now less responsible for your own money and rely on centralized parties to keep your bitcoin safe like we used to. This solution is rendering bitcoin less weird looking thing for those who don't want any responsibility, because we definitely haven't yet deserved a right to become financially free if we are still looking for solutions like this.
Seriously, we don't need such solutions that require us to operate in a centralized way while using a decentralized protocol. If you are looking for solutions to prevent human errors, consider decentralized solutions like PayNym reusable codes, for instance.
Seriously, we don't need such solutions that require us to operate in a centralized way while using a decentralized protocol. If you are looking for solutions to prevent human errors, consider decentralized solutions like PayNym reusable codes, for instance.
legendary
Activity: 2268
Merit: 2327
Marketing Campaign Manager |Telegram ID- @LT_Mouse
It does not sound like a development of bitcoin. It seems like a service which they provide for bitcoin transactions to be more safe through encrypting and decrypring or something like that. It is never an undor button for bitcoin transaction. If you use bitcoin on a decentralized wallet, this will never happen.
Actually the undo button feature is not needed in my opinion, consider the exchanges and wallets that we use today. Usually after we enter
the recipient's address and the number of coins to be sent, we are asked to reconfirm by entering password or code sent to mobile phones
or email. After that the sending button is active, process all of that in an inaccurate manner directly prevent human errors and to ensure the
security that we are doing the transaction. With these features already more than enough, and does not require an undo button. After all,
as said in the opening post, the undo button feature has risks abuse occurred. So I don't recommend using it.
the recipient's address and the number of coins to be sent, we are asked to reconfirm by entering password or code sent to mobile phones
or email. After that the sending button is active, process all of that in an inaccurate manner directly prevent human errors and to ensure the
security that we are doing the transaction. With these features already more than enough, and does not require an undo button. After all,
as said in the opening post, the undo button feature has risks abuse occurred. So I don't recommend using it.
I saw some a few wallets provide users the feature to undo the transactions. but, usually you can only do such thing if your transaction is not confirmed. Also, if your wallet doesn't have the feature, I guess you can transfer the same amount of bitcoins to your own wallet. But, again this will work if the transaction is not confirmed.
The news at https://cointelegraph.com/ says:
If this feature could be made available in the Bitcoin wallet itself without the need for a third party then that would be really great.
Quote
“Until the right code has been provided by the recipient, the sender can retrieve the funds at any time. [...] Kirobo does not hold the user’s private key and has no access whatsoever to the funds or their destination: the password simply governs whether the transfer is finalized or not, ”
But for me I don't quite trust the third-party service, this may change at any time, I will not feel safe while my coins are in the hands of a third party, so for me I think it is best to do a good address check before sending and this does not take much time. If this feature could be made available in the Bitcoin wallet itself without the need for a third party then that would be really great.
P.S. Really 18% of people make this kind of mistake?
People are lazy and don't bother to check at all, or think that they are checking in a secure manner when they aren't. See the post directly above this one for yet another example of this. Using the copy and paste function to check achieves nothing if it is the copy and paste function which is compromised. Checking the first couple of characters and last couple of characters can also be potentially overcome by an attacker with a database of similar addresses to choose from. Check the entire address manually. It takes 10 seconds to do. There is no excuse for not doing.Still, that stat's got to be hugely unqualified. 1 in 5 people are too lazy to check, I believe. But 1 in 5 people too lazy AND have their devices compromised like that? If that's true, then people shouldn't even really be trying to learn to use Bitcoin until they learn to identify if they've been compromised. Like kids shouldn't be going around rolling in the hay until they learn to use protection.
But you're right. 10 seconds in time saves heartbreak.
All-in-all, it seems like a massively over-engineered solution for the problem of not double checking the address you enter. Why would I go through all this effort when I could instead just spend 10 seconds to make sure the address is correct? Not to mention that your transaction is now entirely dependent on a third party.
They have just level up the ignorance of people not checking the address of their recipient. I don't really think it could help people to avoid sending to a wrong address, instead some scammer would just use it to scam more people, just a tool for scams omg. I know many wallets now are requiring the user to enter his/her password, keys or pins to authenticate and approve the transaction that is about to made. We need something to highlight the exact text to see if the address is correct. just like the CTRL+F of google tools.
2FA is okay for me.
It's already a confirmation if you are sure with what you are dealing with or how much it is.
In old machines, it's like the prompt of "Are you sure?". Yes or No.
Instead of becoming a good service, it could lead to a bad one.
Paypal is already an example of it.
Might as well double or triple check every transaction which also tells every satoshi is important to you.
It's already a confirmation if you are sure with what you are dealing with or how much it is.
In old machines, it's like the prompt of "Are you sure?". Yes or No.
Instead of becoming a good service, it could lead to a bad one.
Paypal is already an example of it.
Might as well double or triple check every transaction which also tells every satoshi is important to you.
I do a 'Ctrl+F" thingy on the desktop (but not possible with mobile unless there's an app or feature for that) on my Bitcoin wallet's tab.
That's a dangerous way to check. If you are a victim of clipboard malware, which is the main reason to check an address you have copy and pasted is correct, then by copy and pasting an address in to your browser's search function the malware could again change the address to fool you in to thinking it is correct. Once you have pasted the address in to your bitcoin wallet, you should manually check the characters match the receiving address you want to send to without using any software or program to do it for you.P.S. Really 18% of people make this kind of mistake?
People are lazy and don't bother to check at all, or think that they are checking in a secure manner when they aren't. See the post directly above this one for yet another example of this. Using the copy and paste function to check achieves nothing if it is the copy and paste function which is compromised. Checking the first couple of characters and last couple of characters can also be potentially overcome by an attacker with a database of similar addresses to choose from. Check the entire address manually. It takes 10 seconds to do. There is no excuse for not doing. 
Makes more complicated when a sender is unsure about the address he can just Copy, Control F, and Control V to find out if the address matches. But whatever it still serves the purpose. I hope it won't prompt confirmation message if BTCs are yet not sent and then the sender can undo it because it can be used to fake and scam.
since the second transaction (going out from the "safe address" to the receiver's address) is never broadcast to the bitcoin network until the receiver claims it from their centralized server, i'd say there is no similarity. no transaction is being replaced or double spent or even undone here. there is a transaction that may or may not be broadcast depending on receiver's decision...
Oh, now I get it. This now sounds kinda similar for me to the way BEAM's Desktop Wallet works (not sure if the coin itself has this option or just the wallet), besides the fact that with Kirobo the receiver both initiates the tx and decides whether it's the right address or not:... which makes me think of another vulnerability in this design: the receiver sees the wrong transaction's destination but still confirms it to be broadcast and spent essentially making user lose money and since they never received the coins they have no obligation to end up their end of the bargain.
Well, honestly all these steps could be skipped with a simple "is this the right address?" question. I feel way safer to know that I am the one initiating the tx than knowing the other party is. Now I see the flaws too: you could send a tx with the wrong address and the receiver confirms it, acts as if now the money poofed and all this time the "wrong address" was actually another of his. Guess there's no perfect solution to all the problems - there'll always be a flaw within the blockchain system and trying to "fix" them with centralized stuff has absolutely zero benefits imo. All-in-all, it seems like a massively over-engineered solution for the problem of not double checking the address you enter. Why would I go through all this effort when I could instead just spend 10 seconds to make sure the address is correct? Not to mention that your transaction is now entirely dependent on a third party.
Thanks for digging it up, was wondering how the actual implementation worked but it does seem like a simple step/layer anyone could manually do anyway, and not dissimilar to having a forced escrower (like a lot of rich people do when they appoint someone with power of attorney to double confirm their transactions).
So yeah, I don't know why anyone who uses Bitcoin normally would want that, OR why a receive would want to go through that and pay the extra fees and triple the waiting time.
P.S. Really 18% of people make this kind of mistake? I've not once in many years sent the wrong transaction. I have ONCE sent an amount too small but that was a keyboard/browser malfunction that happened only because I was testing dust, a carelessness that would never have happened with a proper transaction.
What I am doing is that on my desktop and mobile device when sending Bitcoin, I usually spend time looking at the first and last letters/numbers to see if they are a match or not.
Why not just check the entire address? It only takes a few seconds longer and means you are 100% safe.Yeah I can do that when using the desktop. It's just my own technique though when using mobile for transferring BTC or other assets, and I didn't have any problem at all since the beginning. What I mean for the first and last letters/numbers (which I forgot to mention earlier) are the first and last five figures of the receiving address when transferring using mobile phone. Everyone has their own method of double or triple checking. Like depositing Bitcoin in an exchange for example, I opened two tabs.
One is from my wallet and the other tab is from the exchange. I do a 'Ctrl+F" thingy on the desktop (but not possible with mobile unless there's an app or feature for that) on my Bitcoin wallet's tab. When I copy the address from the exchange and paste it on my wallet, I do "Ctrl+F" on that and paste the same receiving address if it matches or not to ensure that I would not end up sending it to the wrong address.
What I am doing is that on my desktop and mobile device when sending Bitcoin, I usually spend time looking at the first and last letters/numbers to see if they are a match or not.
Why not just check the entire address? It only takes a few seconds longer and means you are 100% safe.there is a transaction that may or may not be broadcast depending on receiver's decision.
This is a good point, actually. In addition trusting someone else to encrypt, store, decrypt, and broadcast your transaction, you are also trusting someone else - the recipient - to check your transaction for you. You are essentially saying "I'm too lazy to spend 10 seconds to read an address - you do it for me and claim the coins if it's right. If it's wrong, please don't screw me over and let me know so I can get my money back." How irresponsible.Maybe good for newbies that aren´t used to double and triple check the addresses.
I would argue the exact opposite - this is a terrible solution for newbies. It is needlessly complicated, and it teaches them to be lax with their own security practices and trust someone else to do it for them. So, after poking around on their support pages for a bit (https://kirobo.io/support/), it seems that it works like this:
I first sign and broadcast a transaction sending coins from an address to I own to another address I own, called the "safe address".
I then sign a second transaction sending the coins from the "safe address" to the recipient.
This second transaction is encrypted with a password I choose, and Kirobo store the encrypted transaction on their servers.
I send the password to the recipient, who logs on to Kirobo's site and enters the password, which then decrypts and broadcasts the signed transaction.
At any point before that happens, I can reclaim my coins from the "safe address", rendering the encrypted transaction invalid.
All-in-all, it seems like a massively over-engineered solution for the problem of not double checking the address you enter. Why would I go through all this effort when I could instead just spend 10 seconds to make sure the address is correct? Not to mention that your transaction is now entirely dependent on a third party.
I first sign and broadcast a transaction sending coins from an address to I own to another address I own, called the "safe address".
I then sign a second transaction sending the coins from the "safe address" to the recipient.
This second transaction is encrypted with a password I choose, and Kirobo store the encrypted transaction on their servers.
I send the password to the recipient, who logs on to Kirobo's site and enters the password, which then decrypts and broadcasts the signed transaction.
At any point before that happens, I can reclaim my coins from the "safe address", rendering the encrypted transaction invalid.
All-in-all, it seems like a massively over-engineered solution for the problem of not double checking the address you enter. Why would I go through all this effort when I could instead just spend 10 seconds to make sure the address is correct? Not to mention that your transaction is now entirely dependent on a third party.
Thanks for explaining! That sounds like some sort of custody/third party/intermediary solution. Maybe good for newbies that aren´t used to double and triple check the addresses. As for a advanced trader it sounds like a redundant service. Big players can go to one of the custody services already in existance to do so, like that https://www.cryptoglobe.com/latest/2020/02/bitgo-starts-letting-institutions-trade-crypto-directly-in-cold-storage/
All-in-all, it seems like a massively over-engineered solution for the problem of not double checking the address you enter. Why would I go through all this effort when I could instead just spend 10 seconds to make sure the address is correct? Not to mention that your transaction is now entirely dependent on a third party.
Am I missing something or is this basically a quite crappy replacement of the "Replace-By-Fee" function some wallets like Electrum have, but non-trustless and if RBF had a timer for you to cancel the tx at any point? I guess RBF could be implemented in such a way to be used as a "tx cancelling" function with a very simple 2-step process and, in the end, you do not even need any third party account to do so.since the second transaction (going out from the "safe address" to the receiver's address) is never broadcast to the bitcoin network until the receiver claims it from their centralized server, i'd say there is no similarity. no transaction is being replaced or double spent or even undone here. there is a transaction that may or may not be broadcast depending on receiver's decision...
... which makes me think of another vulnerability in this design: the receiver sees the wrong transaction's destination but still confirms it to be broadcast and spent essentially making user lose money and since they never received the coins they have no obligation to end up their end of the bargain.
Not everyone is like you, mistakes will surely be made. I get that the OP worries that there might be things that will go south when this feature becomes prevalent, I have seen this kind of features in games that lets you scam people scot free of their wrongdoing, this feature is a double edged sword and that worries me the most because if there are people who makes mistake then there is surely people who will have a malicious intent.
Well I'm sorry but someone who doesn't check the BTC address before broadcasting a tx probably doesn't check the destination IBAN either when transferring money. It's literally the only thing you have to check: address, amount and fees.If I got it right from o_e_l_e_o's reply from the 1st page, there shouldn't be much of a "malicious intent" to worry about. It's not like you could cancel the tx after it gets broadcasted. Replace-by-fee probably has a higher chance of malicious usage right now than this new feature does.
Jump to: