📅 Original date posted:2015-02-22
📝 Original message:Den 22 feb 2015 17:00 skrev "Justus Ranvier" <justusranvier at riseup.net>:
>
> On 02/22/2015 07:50 AM, Matt Whitlock wrote:
> > This happened to one of the merchants at the Bitcoin 2013
> > conference in San Jose. They sold some T-shirts and accepted
> > zero-confirmation transactions. The transactions depended on other
> > unconfirmed transactions, which never confirmed, so this merchant
> > never got their money.
> >
> > I keep telling people not to accept transactions with zero
> > confirmations, but no one listens.
>
> A better solution is to track the failure rate of zero confirmation
> transactions, and adjust prices accordingly to cover the expected loss.
>
> This is what every merchant *already does* since no payment method has
> a 0% fraud rate.
>
> Even physical cash has a probability of being counterfeit, and the
> prices you pay for things at a convenience store already have that
> risk priced in.
>
> The idea that zero confirmation transactions require a 100% guarantee
> is a strawman, especially since there exists no number of
> confirmations the actually produce a 100% irreversibility guarantee.
The problem with this approach is that it is worthless as a predictor. We
aren't dealing with traffic safety and road design - we are dealing with
adaptive attackers and malicious miners and pools.
Anything which does not invalidate blocks carrying doublespends WILL allow
malicious miners and pools to conspire with thieves to steal money. The
probability of being hit will then be (their proliferation in your business
area) * (their fraction of the mining power).
That might seem to give small numbers for most sets of reasonable
assumptions. But the problem is that's only an average, and the people
being hit might have small profit margins - one successful attack can place
hundreds of merchants in red numbers and force them to shut down.
You should never expose yourself to attacks which you can't defend against
and which can be fatal. In particular not if there's nothing in the
environment that is capable of limiting the size or numbers of any attacks.
And there's no such thing today in Bitcoin.
This is why I sketched out the multisignature notary approach, and why some
decided to extend that approach with collateral (NoRiskWallet) to further
reduce trust in the notary. This is the single most practical approach I
know of today to achieve ACTUAL SECURITY for unconfirmed transactions.
Don't like it? See if you can do better!
Just don't rely on zero-confirmation transactions!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150222/68d5018c/attachment.html>;
Natanael [ARCHIVE] /
npub179…lpmjt
2023-06-07 15:30:54
in reply to nevent1q…lvpm
Author Public Key
npub1798ncudyucap9jzzujjsgufx8tdykm8auzfledjcs6f6wf4ekqvq8lpmjtPublished at
2023-06-07 15:30:54Event JSON
{
"id": "58d20cd54e9acc1d6b009c24a57675480405aac1b2048e51c132ac675bfc7bfc",
"pubkey": "f14f3c71a4e63a12c842e4a50471263ada4b6cfde093fcb6588693a726b9b018",
"created_at": 1686151854,
"kind": 1,
"tags": [
[
"e",
"00335b798bd3386560c6501fdcb4ac491a0b697640f4bb1d0fb0617840851a89",
"",
"root"
],
[
"e",
"77edc9e923aa335a02a402937e189a8d412394c5bdd4f8e4a7265d313f8c70e0",
"",
"reply"
],
[
"p",
"b2b39b6f2c86908d3da9f500193abd5757b21cac328f838800a48c4d557c10dd"
]
],
"content": "📅 Original date posted:2015-02-22\n📝 Original message:Den 22 feb 2015 17:00 skrev \"Justus Ranvier\" \u003cjustusranvier at riseup.net\u003e:\n\u003e\n\u003e On 02/22/2015 07:50 AM, Matt Whitlock wrote:\n\u003e \u003e This happened to one of the merchants at the Bitcoin 2013\n\u003e \u003e conference in San Jose. They sold some T-shirts and accepted\n\u003e \u003e zero-confirmation transactions. The transactions depended on other\n\u003e \u003e unconfirmed transactions, which never confirmed, so this merchant\n\u003e \u003e never got their money.\n\u003e \u003e\n\u003e \u003e I keep telling people not to accept transactions with zero\n\u003e \u003e confirmations, but no one listens.\n\u003e\n\u003e A better solution is to track the failure rate of zero confirmation\n\u003e transactions, and adjust prices accordingly to cover the expected loss.\n\u003e\n\u003e This is what every merchant *already does* since no payment method has\n\u003e a 0% fraud rate.\n\u003e\n\u003e Even physical cash has a probability of being counterfeit, and the\n\u003e prices you pay for things at a convenience store already have that\n\u003e risk priced in.\n\u003e\n\u003e The idea that zero confirmation transactions require a 100% guarantee\n\u003e is a strawman, especially since there exists no number of\n\u003e confirmations the actually produce a 100% irreversibility guarantee.\n\nThe problem with this approach is that it is worthless as a predictor. We\naren't dealing with traffic safety and road design - we are dealing with\nadaptive attackers and malicious miners and pools.\n\nAnything which does not invalidate blocks carrying doublespends WILL allow\nmalicious miners and pools to conspire with thieves to steal money. The\nprobability of being hit will then be (their proliferation in your business\narea) * (their fraction of the mining power).\n\nThat might seem to give small numbers for most sets of reasonable\nassumptions. But the problem is that's only an average, and the people\nbeing hit might have small profit margins - one successful attack can place\nhundreds of merchants in red numbers and force them to shut down.\n\nYou should never expose yourself to attacks which you can't defend against\nand which can be fatal. In particular not if there's nothing in the\nenvironment that is capable of limiting the size or numbers of any attacks.\nAnd there's no such thing today in Bitcoin.\n\nThis is why I sketched out the multisignature notary approach, and why some\ndecided to extend that approach with collateral (NoRiskWallet) to further\nreduce trust in the notary. This is the single most practical approach I\nknow of today to achieve ACTUAL SECURITY for unconfirmed transactions.\n\nDon't like it? See if you can do better!\n\nJust don't rely on zero-confirmation transactions!\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150222/68d5018c/attachment.html\u003e",
"sig": "02e04c1c38f546fd4e7a2f5bcc05b4f091fa5b735495f154db042dfe75160272183f26f4ff6ac8330aff514a8cb6bf3ec9b65bb2c28a181232fbcf99bdbbcaf6"
}