Bitcoin Forum

To have pure bitcoin instant payments (no ewallets, coupons, etc) one has to accept a payment at 0 confirmation.
So the question is how can someone accept a 0 confirmation transaction? Well, first of all, especially for small amounts, it is
a lot safer than most think. One has to trick the network to be able to double spend.
But how can we raise the bar? These days we don't have a lot of independent miners, we have a few big pools.
Almost all coins come from one of those few pools. So if someone wants to "validate" a transaction at the 0 confirmation level, one has to ask the pools if this transaction would be included in the next block. And since we only have a few pools, and the pools are connected, this would be a very secure way to thrust a 0 confirmation transaction. So to double spend one would have to mine his own coins, without adding the specific transaction, and faster than the remaining network. However, at the current difficult level this is practically impossible.
I don't recommend such a system for larger payments, but for smaller ones.
We would only need to add some API to a few pools to query the transactions.

The "mining backbone" as jgarzik described it:
 - http://forum.bitcoin.org/index.php?topic=423.msg66611#msg66611

The thing is, the pools aren't going to promise you that the transaction will be included in the block. Because the next moment a block could come along with a conflicting transaction (the attacker might have prepared such a block) and then they aren't going to keep working on a block that will potentially end up as an orphan. After all, 50 BTC are at risk here.

So the best you can get is "we received your transaction". And you can pretty much do that already: Just open a connection to the big pools and listen for the "inv" message with the hash of your transaction. If you see it, the pool received it.

We only need to know it a pool would add it, if this certain pool would mine the next block. So an attacker would have to invest some 7000 Thashes (at current difficulty) to double spend 1BTC. And it is not easy to prepare such a block, because one has to be faster than the rest of the network (currently at some 11 Thashes/s).
I am only suggesting to use this for your 1BTC payment at the local restaurant or other small amounts. For buying a car one still would wait for some confirmations.


Interesting idea. But you still would not know if the pool would include the transaction in the next block. This is the information to be known. If the lets say 3 big pool would include it in the next block, chances are very high that it will get included. Keep in mind that I am still only talking about those small 1BTC payments.

ButI doubt that the direct pool connection would work, because I doubt that those pools would accept millions of connections. So I guess a simple transaction check URL at the pools would be better.

Not for a Finney [edit: 0-confirmed / race] attack.

 - http://en.bitcoin.it/wiki/FAQ#Do_you_have_to_wait_10_minutes_in_order_to_buy_or_sell_things_with_BitCoin?

Yes, one can double spend that way.
But for a Finney attack one has to generate a block. And for generating a block one has at the current difficulty test some 7000 Thashes on average before finding one. 2.6Ghashes/s are needed to generate one block per month.
So one has to buy some pricey equipment, then standby waiting around a month to double spend maybe 1 BTC within less than 10 minutes. Doesn't sounds like a good business plan :-)

Sorry, I hadn't realized that the Finney Attack is a variation on the 0-confirmed race attack:
 - http://forum.bitcoin.org/?topic=3441.msg48384#msg48384

The o-confirmed / race attack is the reason I would, as a merchant, be concerned about when accepting a payment immediately.  That is addressed here, and I now understand how that risk can (with additional software) be curtailed:
 - http://forum.bitcoin.org/index.php?topic=27417.msg350531#msg350531

And that is why I propose that a merchant (meze grill, grocery store) that needs an instant payment, could just check the transaction with the 3 big pools. If those would include it, the danger of a double spending is negligible.

Again, this would enable instant transactions for small amounts without the need of something added on top of bitcoins. It could easily be implemented in some merchant point of sale software. Or to put it in some other way, a lot of people think we would need easycoins, mtgox vouchers or some other things to "fix" this issue, while I believe we could fix it without anything on top of bitcoins.