Topic: Where to draw the confirmation lines. (Read 698 times)
I wait for 3 confirmations for the majority of my sales. More if the purchase is rather large.
I would use a service like Bit Pay if I was a store owner because I could accept Bitcoin payments quickly without worrying about confirmation times. For a skilled coder it wouldn't be difficult to do it himself, but for ordinary people running a business it's simpler to let someone else take the risks in accepting fast payments.
I'm aware Bit Pay lost money due to poor security but they are still running and have competitors. They only hold a client's money for a brie time so they are fairly low risk.
I'm aware Bit Pay lost money due to poor security but they are still running and have competitors. They only hold a client's money for a brie time so they are fairly low risk.
No matter what the price is at least 1 confirmation.
I see those guidelines making decent sense. In the future we'll be able to run smaller transactions through the blockchain. Ideally even the most mundane of expenses should be on the blockchain but let's be realistic, there's no way everything can be on the blockchain, so McDonalds and Coffee cups will need to go through LN I guess.
What is your opinion on where should a person (as a store owner) draw confirmation lines?
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
that sounds good.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-10.000$
What is your opinion on where should a person (as a store owner) draw confirmation lines?
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
First step is to make sure that the transaction is reasonably safe:
- Does it pay a reasonable transaction fee?
- Are all the outputs of reasonable size?
- Do all the inputs already have at least 1 confirmation?
- Are the inputs reasonably aged?
- Is your receiving client well connected to many geographically diverse nodes on the bitcoin network?
- Have any of the nodes that you are connected to seen any other transaction that spends any of the same inputs?
- Are there any indications that the blockchain is forked, a single mining entity controls more than 45% of the global hash power, or that there are any other issues with trusting confirmations?
The next thing to determine is if you have any sort of trust relationship with the sender, or if you have sufficient information to identify them if necessary.
If the transaction passes all of these tests, then I would use the following rules:
- 0 confirmations...for purchases lower than $1000
- 1 confirmations...for purchases $1000-$3000
- 2 confirmations...for purchases $3000-$10000
- 3 confirmations...for purchases $10000-$30000
- 4 confirmations...for purchases $30000-$100000
- 5 confirmations...for purchases $100000-$300000
- 6 confirmations...for purchases $300000-$1000000
- 7 confirmations...for purchases over $1000000
If the transaction fails any of the tests listed above, then I would adjust the number of confirmations according to my risk tolerance and the specific test (or tests) failed.
For example
If a transaction fails any of the following, and I don't have a trust relationship with the sender, or sufficient information to identify them then I would not accept a 0 confirmation transaction at all:
- Does it pay a reasonable transaction fee?
- Are all the outputs of reasonable size?
- Do all the inputs already have at least 1 confirmation?
- Are the inputs reasonably aged?
- Have any of the nodes that you are connected to seen any other transaction that spends any of the same inputs?
Additional example:
If the transaction is from a regular customer, for whom I have a copy of their current government issued ID (such as a drivers license in the U.S.) and it fails any of the following tests, I'd still accept a 0 confirmation transaction for amounts less than $200:
- Does it pay a reasonable transaction fee?
- Are all the outputs of reasonable size?
- Are the inputs reasonably aged?
- Is your receiving client well connected to many geographically diverse nodes on the bitcoin network?
- Are there any indications that the blockchain is forked, a single mining entity controls more than 45% of the global hash power, or that there are any other issues with trusting confirmations?
There are a LOT of conditions that need to be considered when making a business decision about confirmations. It isn't really a simple X confirmations for Y dollars for all businesses.
Here are just a few things to consider:
- What is the profit margin on the merchandise being sold?
- What is the ability of the business to recover the stolen item or prosecute the thief if the transaction becomes invalid?
- How devastating would it be to the business if a single transaction of X dollars becomes invalid?
- What is the relationship with the customer?
- What is the risk tolerance of the business owner?
- What is the maximum acceptable delay between payment and departure?
- Are the customers or business owner willing to consider alternative interactions (For example: customer makes deposit upon entering & receives change when leaving?)
Very nice answer! Would you mind enlightening me where to get this information about the payment you are about to recieve(unconfirmed);
-Does it pay a reasonable transaction fee?
-Are all the outputs of reasonable size?
-Do all the inputs already have at least 1 confirmation?
-Are the inputs reasonably aged?
-Is your receiving client well connected to many geographically diverse nodes on the bitcoin network?
-Have any of the nodes that you are connected to seen any other transaction that spends any of the same inputs?
-Are there any indications that the blockchain is forked, a single mining entity controls more than 45% of the global hash power, or that there are any other issues with trusting
confirmations?
And are they easy to implement into html/php/javascript so that you can create a seller friendly GUI? So they can see if there is anything wrong and then wait for confirmations.
If you approach it from that angle.. we manage the risk in much the same way people approach credit card transactions. {Putting a delay on transactions in fear of chargebacks}
I would rather implement a strategy where merchants accept some kind of pre-loaded token system for small purchases like coffee, and you get instant confirmation on those types
of transactions. {You buy these tokens online and receive your coffee on the go.. no waiting period} For the rest 4 to 6 confirmations should be enough.
I would rather implement a strategy where merchants accept some kind of pre-loaded token system for small purchases like coffee, and you get instant confirmation on those types
of transactions. {You buy these tokens online and receive your coffee on the go.. no waiting period} For the rest 4 to 6 confirmations should be enough.
Standard should be around 6 or more confirmations on any amount of transactions.
What is your opinion on where should a person (as a store owner) draw confirmation lines?
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
I would go for 6 confirmations for anything above $10,000 if I'm not willing to suffer a single cent of loss due to possible double spend. It is still possible to reverse after 6 confirmations if someone holds a huge portion of network hashrate and wishes to initiate an attack. A huge portion of the hashrate is not easy to attain and it is very expensive. Once you initiate the attack, the price would most likely tumble and there is not much profit if you reverse it.Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
Anything below $100, 0 confirmations would be okay as long as it fits the criteria that dannyhamilton mentioned. The risk is very little unless a mining pool cooperates with the attacker. However, it would still be quite expensive as it is not certain that the pool would mine any block at all.
Considering the max you'd wait for a fully, fully secure confirmation is at most a handful of hours wouldn't the question better be phrased as zero or plenty?
What is your opinion on where should a person (as a store owner) draw confirmation lines?
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
well iwth the first 2 i agree, but it's kind of exponential after that one (as it gets exponentially more difficult to reverse transactions with each confirmation.
What is your opinion on where should a person (as a store owner) draw confirmation lines?
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
First step is to make sure that the transaction is reasonably safe:
- Does it pay a reasonable transaction fee?
- Are all the outputs of reasonable size?
- Do all the inputs already have at least 1 confirmation?
- Are the inputs reasonably aged?
- Is your receiving client well connected to many geographically diverse nodes on the bitcoin network?
- Have any of the nodes that you are connected to seen any other transaction that spends any of the same inputs?
- Are there any indications that the blockchain is forked, a single mining entity controls more than 45% of the global hash power, or that there are any other issues with trusting confirmations?
The next thing to determine is if you have any sort of trust relationship with the sender, or if you have sufficient information to identify them if necessary.
If the transaction passes all of these tests, then I would use the following rules:
- 0 confirmations...for purchases lower than $1000
- 1 confirmations...for purchases $1000-$3000
- 2 confirmations...for purchases $3000-$10000
- 3 confirmations...for purchases $10000-$30000
- 4 confirmations...for purchases $30000-$100000
- 5 confirmations...for purchases $100000-$300000
- 6 confirmations...for purchases $300000-$1000000
- 7 confirmations...for purchases over $1000000
If the transaction fails any of the tests listed above, then I would adjust the number of confirmations according to my risk tolerance and the specific test (or tests) failed.
For example
If a transaction fails any of the following, and I don't have a trust relationship with the sender, or sufficient information to identify them then I would not accept a 0 confirmation transaction at all:
- Does it pay a reasonable transaction fee?
- Are all the outputs of reasonable size?
- Do all the inputs already have at least 1 confirmation?
- Are the inputs reasonably aged?
- Have any of the nodes that you are connected to seen any other transaction that spends any of the same inputs?
Additional example:
If the transaction is from a regular customer, for whom I have a copy of their current government issued ID (such as a drivers license in the U.S.) and it fails any of the following tests, I'd still accept a 0 confirmation transaction for amounts less than $200:
- Does it pay a reasonable transaction fee?
- Are all the outputs of reasonable size?
- Are the inputs reasonably aged?
- Is your receiving client well connected to many geographically diverse nodes on the bitcoin network?
- Are there any indications that the blockchain is forked, a single mining entity controls more than 45% of the global hash power, or that there are any other issues with trusting confirmations?
There are a LOT of conditions that need to be considered when making a business decision about confirmations. It isn't really a simple X confirmations for Y dollars for all businesses.
Here are just a few things to consider:
- What is the profit margin on the merchandise being sold?
- What is the ability of the business to recover the stolen item or prosecute the thief if the transaction becomes invalid?
- How devastating would it be to the business if a single transaction of X dollars becomes invalid?
- What is the relationship with the customer?
- What is the risk tolerance of the business owner?
- What is the maximum acceptable delay between payment and departure?
- Are the customers or business owner willing to consider alternative interactions (For example: customer makes deposit upon entering & receives change when leaving?)
Probably 6 confirmations for me only because I've trained myself into being uber paranoid when dealing with bitcoin.
I think a transaction with 4 confirmation is safe to accept either big or small. If you're worried about double spend use payment processor like bitpay or others.
It's your personal feeling. I trust 1 confirmation for almost everything that I paid or sent until now and that's up to the 5 BTCs, the highest ever I think.
If I would buy a 300 BTCs sports car or if I would buy a 100 BTCs from someone face to face then I would wait for 6 confirmations for example. It just depends on your feeling and how security conscious or even paranoid you are.
If I would buy a 300 BTCs sports car or if I would buy a 100 BTCs from someone face to face then I would wait for 6 confirmations for example. It just depends on your feeling and how security conscious or even paranoid you are.
i would do under six confirmations, everything that is cheap enough, like you said sub 100 would be ideal
for everything else there are six confirmations, to paraphrase trh mastercard spot
for everything else there are six confirmations, to paraphrase trh mastercard spot
for me personally id be satisfied with 1 confirmation, i have never seen anyone succesfully double spend with more than 1 confirmation.
Same for me. As long as there is at least 1 confirmation, you are safe. Amount of transaction doesn't matter.
for me personally id be satisfied with 1 confirmation, i have never seen anyone succesfully double spend with more than 1 confirmation.
What is your opinion on where should a person (as a store owner) draw confirmation lines?
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
Answer in a type like this.
0 confirmations.....for purchases lower than 100$
1 confirmation.....for purchases 100-1000$
2 confirmations...for purchases of 1000-2000$
etc.
Also, i would like to know why have you choose the lines like you did. For example, how much does it cost for the attacker to double spend after 1 confirmation and arguments like that. I havent added them because i do not know them.
Thanks
Jump to: