📅 Original date posted:2011-08-04
🗒️ Summary of this message: A pragmatic way to detect double spends is by connecting to multiple clients and checking if they all send the same transaction. A service like Transaction Radar can be used for this purpose. Network support for double spends may not be necessary and could be potentially damaging.
📝 Original message:Since nobody else has mentioned it: There is another (more pragmatic?)
way to detect double spends:
1. Connect to lots of clients
2a. If they all send you the same transaction -> double spend unlikely
2b. If some don't send you the transaction (or send a conflicting one)
-> double spend in progress
Obviously not everyone will run a double spend detector - it's much more
easily realized as a service (just like mining.) Jan put up a proof of
concept: http://www.transactionradar.com/
Would network support like a MSG_DOUBLESPEND be better? I used to think
yes, but looking at the reality of Transaction Radar, I'm not so sure.
Nothing stops such a service from scaling up and connecting to thousands
of random nodes (especially when the network itself grows bigger),
pushing the probabilities of missing a double spend "in the wild" to
near zero. It could also connect directly to important miners/pools as
others have suggested.
Of course this doesn't help against double spends where the attacker
does his own mining*, but neither would MSG_DOUBLESPEND. Given the added
network load I'd argue that network support for double spends is
unnecessary and potentially damaging. DoS is more scary to me than
non-instant transactions.
* In this case of course the hacker will be exposed to some randomness,
and I doubt many attackers will buy 100 televisions, newspaper
subscriptions or MP3s to get one for free. So this is only a problem for
liquid goods with tiny spreads (any investment or stored value instrument.)
Stefan Thomas [ARCHIVE] /
npub1f8…ap20e
2023-06-07 02:12:21
in reply to nevent1q…9220
Author Public Key
npub1f8c8h5evqyy29yp6p7jelyzw6vfwp6jz05exn66l4ygwkj57ytzqmap20eSeen on
wss://relay.nostr.bandPublished at
2023-06-07 02:12:21Event JSON
{
"id": "4c20c7ce74272cd26e6fd2c5f8b908392001e3c930c00e2ebd71625b3fc18fd5",
"pubkey": "49f07bd32c0108a2903a0fa59f904ed312e0ea427d3269eb5fa910eb4a9e22c4",
"created_at": 1686103941,
"kind": 1,
"tags": [
[
"e",
"f7bac66510d148bc7cd5c36f79897fafe3410a2bc9df45238a65f8429b9407f0",
"",
"root"
],
[
"e",
"69c81a57602b33e25f87d2acf27cc829c46bc6f2f095894b49c3ebdd028a44bb",
"",
"reply"
],
[
"p",
"cd753aa8fbc112e14ffe9fe09d3630f0eff76ca68e376e004b8e77b687adddba"
]
],
"content": "📅 Original date posted:2011-08-04\n🗒️ Summary of this message: A pragmatic way to detect double spends is by connecting to multiple clients and checking if they all send the same transaction. A service like Transaction Radar can be used for this purpose. Network support for double spends may not be necessary and could be potentially damaging.\n📝 Original message:Since nobody else has mentioned it: There is another (more pragmatic?) \nway to detect double spends:\n\n1. Connect to lots of clients\n2a. If they all send you the same transaction -\u003e double spend unlikely\n2b. If some don't send you the transaction (or send a conflicting one) \n-\u003e double spend in progress\n\nObviously not everyone will run a double spend detector - it's much more \neasily realized as a service (just like mining.) Jan put up a proof of \nconcept: http://www.transactionradar.com/\n\nWould network support like a MSG_DOUBLESPEND be better? I used to think \nyes, but looking at the reality of Transaction Radar, I'm not so sure. \nNothing stops such a service from scaling up and connecting to thousands \nof random nodes (especially when the network itself grows bigger), \npushing the probabilities of missing a double spend \"in the wild\" to \nnear zero. It could also connect directly to important miners/pools as \nothers have suggested.\n\nOf course this doesn't help against double spends where the attacker \ndoes his own mining*, but neither would MSG_DOUBLESPEND. Given the added \nnetwork load I'd argue that network support for double spends is \nunnecessary and potentially damaging. DoS is more scary to me than \nnon-instant transactions.\n\n* In this case of course the hacker will be exposed to some randomness, \nand I doubt many attackers will buy 100 televisions, newspaper \nsubscriptions or MP3s to get one for free. So this is only a problem for \nliquid goods with tiny spreads (any investment or stored value instrument.)",
"sig": "d56a14051cc1b007a65c4e3631d01bbc7d9cc171c81c5f8b698056667297552d94be2f57ea75af131e54e6c6e78bb3db40e397a5302c1373f5662ca355490bde"
}