Bitcoin Forum
December 11, 2017, 11:54:47 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: Transaction Confirmation for non-typical transactions  (Read 1033 times)
kirlisakal
Newbie
*
Offline Offline

Activity: 9


View Profile
May 14, 2013, 09:11:12 AM
 #1

Hi,

I am working on a payment system and I need a bit help.

The point I didn`t understand is how I can be sure I got the money?
I can use listtransactions ,listunspent and then gettxout or gettransaction API calls to follow up received payments.

As a transation is a script, it is possible to add an amount which can be spend by 2 different address in a transaction.
It is alsa possible to create very different script scenerios.

If a sender creates a transaction with an amount which can be used by 2 different address, I will see this transaction with API calls. Also after 6 confirmation I will accept the transaction as a valid payment but then the sender can spend money by using the second address he added to transaction after I delivery the goods.

how can I be sure?
1513036487
Hero Member
*
Offline Offline

Posts: 1513036487

View Profile Personal Message (Offline)

Ignore
1513036487
Reply with quote  #2

1513036487
Report to moderator
1513036487
Hero Member
*
Offline Offline

Posts: 1513036487

View Profile Personal Message (Offline)

Ignore
1513036487
Reply with quote  #2

1513036487
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513036487
Hero Member
*
Offline Offline

Posts: 1513036487

View Profile Personal Message (Offline)

Ignore
1513036487
Reply with quote  #2

1513036487
Report to moderator
1513036487
Hero Member
*
Offline Offline

Posts: 1513036487

View Profile Personal Message (Offline)

Ignore
1513036487
Reply with quote  #2

1513036487
Report to moderator
kirlisakal
Newbie
*
Offline Offline

Activity: 9


View Profile
May 14, 2013, 03:46:41 PM
 #2

Any help is appreciated.
Gabi
Legendary
*
Offline Offline

Activity: 1092


If you want to walk on water, get out of the boat


View Profile
May 14, 2013, 04:15:33 PM
 #3

This 6 confirmations thing must die.

This said, you are very confused, once the transaction is confirmed, it can't be reverted, what do you mean with "second address"? Yes you can send btc to many addresses with a single transaction, but once you sent them, you sent them.
CIYAM
Legendary
*
Offline Offline

Activity: 1862


Ian Knowles - CIYAM Lead Developer


View Profile WWW
May 14, 2013, 04:28:41 PM
 #4

One basic starting point that might help is to understand that all tx's assign UTXOs (which are previous tx's to your own addresses that you haven't spent yet) to "output addresses".

The confirmation process ensures that "double spending" cannot take place - the 6 confirmations that the Satoshi client uses to "clear" a tx is arbitrary and for most tx's 1 or 2 confirmations should be enough (0 confirmations is never safe).

Mostly your decision upon "how many confirmations" will come down to "how much am I risking" (i.e. if it is only a coffee then you are not taking much of a risk but if it is a house I think I'd be waiting for 6).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
DannyHamilton
Legendary
*
Offline Offline

Activity: 2002



View Profile
May 14, 2013, 04:47:05 PM
 #5

One basic starting point that might help is to understand that all tx's assign UTXOs (which are previous tx's to your own addresses that you haven't spent yet) to "output addresses".

The typical transaction type assigns value from UTXO to "output addresses", however, based on the following:

As a transation is a script, it is possible to add an amount which can be spend by 2 different address in a transaction.
It is alsa possible to create very different script scenerios.

It sounds like the OP is concerned about receiving a non-typical transaction.  Does the possibility exist that someone could perhaps create a transaction where the "Txout-script" is created in such a way that a signature from either of 2 different private keys would satisfy the spending requirement (sort of like multisig, but requiring either sig instead of both)?  Could such a non-typical transaction be created in such a way to get it to show up with listunspent or listtransactions?

kirlisakal
Newbie
*
Offline Offline

Activity: 9


View Profile
May 14, 2013, 05:06:58 PM
 #6


It sounds like the OP is concerned about receiving a non-typical transaction.  Does the possibility exist that someone could perhaps create a transaction where the "Txout-script" is created in such a way that a signature from either of 2 different private keys would satisfy the spending requirement (sort of like multisig, but requiring either sig instead of both)?  Could such a non-typical transaction be created in such a way to get it to show up with listunspent or listtransactions?

Yes.This is the  question.It is possible to create a non-typical transaction with createrawtransaction command and it is possible to add a second public key to  "Txout-script" which makes this amount can be spent by 2 different addresses.
I beleive this type of transactions also appears in listtransactions .
CIYAM
Legendary
*
Offline Offline

Activity: 1862


Ian Knowles - CIYAM Lead Developer


View Profile WWW
May 15, 2013, 03:21:49 AM
 #7

Oh - now I get what you're asking and the answer is *yes* I think it may be possible to create such a script although I don't know exactly what the purpose of it would be (whereas M of N makes more sense).

Any *second* attempt to spend the UTXOs will *fail* (so the existence of such scripts should be of no concern). So if you are concerned that tx output scripts could be written to try help with doing "double spends" then basically I think there is nothing to worry about. Also AFAIA miners will simply not include tx scripts that do not "make sense" into blocks that they mine (i.e. there is no magical script to let someone get away with a double spend).

The reason to wait for confirmations (although 6 is not really the "magic" number) is to be assured that a tx *has* been mined (1 confirmation) and that a *reorg* won't see an attempted double spend as instead being the original spend (> 1 confirmation).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
jamesgarfield
Newbie
*
Offline Offline

Activity: 14



View Profile
May 15, 2013, 03:32:55 AM
 #8

Hi,

I am working on a payment system and I need a bit help.

The point I didn`t understand is how I can be sure I got the money?
I can use listtransactions ,listunspent and then gettxout or gettransaction API calls to follow up received payments.

As a transation is a script, it is possible to add an amount which can be spend by 2 different address in a transaction.
It is alsa possible to create very different script scenerios.

If a sender creates a transaction with an amount which can be used by 2 different address, I will see this transaction with API calls. Also after 6 confirmation I will accept the transaction as a valid payment but then the sender can spend money by using the second address he added to transaction after I delivery the goods.

how can I be sure?

hmm not sure

Obama's alt account Smiley
scab
Newbie
*
Offline Offline

Activity: 14



View Profile
May 15, 2013, 04:25:00 AM
 #9

All I know is the blockchain doesnt scam.
kirlisakal
Newbie
*
Offline Offline

Activity: 9


View Profile
May 15, 2013, 11:28:58 PM
 #10

Any has an idea?
CIYAM
Legendary
*
Offline Offline

Activity: 1862


Ian Knowles - CIYAM Lead Developer


View Profile WWW
May 16, 2013, 02:54:54 AM
 #11

Any has an idea?

Did you not read my my reply?

Double spends are *impossible* to pull off once you have >1 confirmations (otherwise it would have failed years ago).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Charles999
Full Member
***
Offline Offline

Activity: 224



View Profile
May 16, 2013, 02:56:40 AM
 #12

can someone help me out with this.  doesn't seem to eork
DannyHamilton
Legendary
*
Offline Offline

Activity: 2002



View Profile
May 16, 2013, 09:20:19 AM
 #13

Any has an idea?
Did you not read my my reply?

Double spends are *impossible* to pull off once you have >1 confirmations (otherwise it would have failed years ago).

As I mentioned earlier, I don't think it's "double spends" that the OP is concerned about:

It sounds like the OP is concerned about receiving a non-typical transaction.  Does the possibility exist that someone could perhaps create a transaction where the "Txout-script" is created in such a way that a signature from either of 2 different private keys would satisfy the spending requirement (sort of like multisig, but requiring either sig instead of both)?  Could such a non-typical transaction be created in such a way to get it to show up with listunspent or listtransactions?

I'm not sure which transactions are listed with listunspent and/or listtransactions, but it seems that the OP is concerned a transaction could be structured such that:

  • Spending an output from the transaction requires signatures from M of N private keys
  • The sender has control of M private keys
  • One of the N private keys is the private key associated with the OP's receiving address
  • The transaction shows up as having been paid to his receiving address when the OP executes listunspent and/or listtransactions

CIYAM
Legendary
*
Offline Offline

Activity: 1862


Ian Knowles - CIYAM Lead Developer


View Profile WWW
May 16, 2013, 09:42:31 AM
 #14

I am pretty sure that listunspent will only include tx's that the client knows it *can* spend (i.e. has *all* the required keys for) but unfortunately I don't have the time to check for this in the source (perhaps this could be moved to Technical Support to get a definitive answer from a dev?).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
DannyHamilton
Legendary
*
Offline Offline

Activity: 2002



View Profile
May 16, 2013, 09:58:24 AM
 #15

(perhaps this could be moved to Technical Support to get a definitive answer from a dev?).

Agreed.  OP, you'll be more likely to get the answer you are looking for if you move this thread to the "Technical Support" sub-forum.

There is a "move topic" link at the bottom of the thread that you can use to move it.

DannyHamilton
Legendary
*
Offline Offline

Activity: 2002



View Profile
May 16, 2013, 10:02:03 AM
 #16

I am pretty sure that listunspent will only include tx's that the client knows it *can* spend (i.e. has *all* the required keys for)

I would expect that you are right.  The question is, what happens if M=1 and N=2?

If you create a M of N transaction where M=1 and N=2, and the sender controls one of the 2 private keys (while the receiver controls the other), then either the receiver OR the sender could spend it.  Would the client know it *can* spend it, since it controls 1 of the 2 private keys?  If so, would it include it in "listunspent"?

CIYAM
Legendary
*
Offline Offline

Activity: 1862


Ian Knowles - CIYAM Lead Developer


View Profile WWW
May 16, 2013, 10:07:22 AM
 #17

Yes - I see the problem now - and the point of the OP (which is an interesting one).

It could well be that the only way you can be certain that you do "own" the UTXO in that case would be to actually "spend" it (had never really considered M of N with M as 1 as *being* an M of N tx but I guess it could make sense - especially if you are wanting to be very tricky).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
kirlisakal
Newbie
*
Offline Offline

Activity: 9


View Profile
May 16, 2013, 07:24:21 PM
 #18

(perhaps this could be moved to Technical Support to get a definitive answer from a dev?).

Agreed.  OP, you'll be more likely to get the answer you are looking for if you move this thread to the "Technical Support" sub-forum.

There is a "move topic" link at the bottom of the thread that you can use to move it.

As I am a newbie in the forum, I can not open any topic other then Newbies subforum.
DannyHamilton
Legendary
*
Offline Offline

Activity: 2002



View Profile
May 16, 2013, 08:50:27 PM
 #19

As I am a newbie in the forum
- snip -

N0. You are not.


gmaxwell
Moderator
Legendary
*
qt
Online Online

Activity: 2366



View Profile
May 16, 2013, 09:06:37 PM
 #20

You (meaning your wallet) won't recognize as yours any unusual or non-standard payments. Someone could crazy some bizarro transaction that— in theory— your wallet has enough information to redeem, but it will not show it.  Generally, if a payment script wasn't provided by the recipient no one should assume the recipient will even be aware of it, much less consider it a payment.

This avoids the issue that you are concerned with completely so long as you keep your private keys private.

Bitcoin will not be compromised
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!