kirlisakal (OP)
Newbie
 Offline
Activity: 9
Merit: 0
|
 |
May 14, 2013, 09:11:12 AM |
|
Hi,
I am working on a payment system and I need a bit help.
The point I didn`t understand is how I can be sure I got the money?
I can use listtransactions ,listunspent and then gettxout or gettransaction API calls to follow up received payments.
As a transation is a script, it is possible to add an amount which can be spend by 2 different address in a transaction.
It is alsa possible to create very different script scenerios.
If a sender creates a transaction with an amount which can be used by 2 different address, I will see this transaction with API calls. Also after 6 confirmation I will accept the transaction as a valid payment but then the sender can spend money by using the second address he added to transaction after I delivery the goods.
how can I be sure?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Whoever mines the block which ends up containing your transaction will get its fee.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
kirlisakal (OP)
Newbie
Offline
Activity: 9
Merit: 0
|
|
May 14, 2013, 03:46:41 PM |
|
Any help is appreciated.
|
|
|
|
|
Gabi
Legendary
Offline
Activity: 1148
Merit: 1008
If you want to walk on water, get out of the boat
|
|
May 14, 2013, 04:15:33 PM |
|
This 6 confirmations thing must die.
This said, you are very confused, once the transaction is confirmed, it can't be reverted, what do you mean with "second address"? Yes you can send btc to many addresses with a single transaction, but once you sent them, you sent them.
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1075
Ian Knowles - CIYAM Lead Developer
|
|
May 14, 2013, 04:28:41 PM |
|
One basic starting point that might help is to understand that all tx's assign UTXOs (which are previous tx's to your own addresses that you haven't spent yet) to "output addresses".
The confirmation process ensures that "double spending" cannot take place - the 6 confirmations that the Satoshi client uses to "clear" a tx is arbitrary and for most tx's 1 or 2 confirmations should be enough (0 confirmations is never safe).
Mostly your decision upon "how many confirmations" will come down to "how much am I risking" (i.e. if it is only a coffee then you are not taking much of a risk but if it is a house I think I'd be waiting for 6).
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3388
Merit: 4616
|
|
May 14, 2013, 04:47:05 PM |
|
One basic starting point that might help is to understand that all tx's assign UTXOs (which are previous tx's to your own addresses that you haven't spent yet) to "output addresses".
The typical transaction type assigns value from UTXO to "output addresses", however, based on the following: As a transation is a script, it is possible to add an amount which can be spend by 2 different address in a transaction.
It is alsa possible to create very different script scenerios.
It sounds like the OP is concerned about receiving a non-typical transaction. Does the possibility exist that someone could perhaps create a transaction where the "Txout-script" is created in such a way that a signature from either of 2 different private keys would satisfy the spending requirement (sort of like multisig, but requiring either sig instead of both)? Could such a non-typical transaction be created in such a way to get it to show up with listunspent or listtransactions? |
|
|
|
|
kirlisakal (OP)
Newbie
Offline
Activity: 9
Merit: 0
|
|
May 14, 2013, 05:06:58 PM |
|
It sounds like the OP is concerned about receiving a non-typical transaction. Does the possibility exist that someone could perhaps create a transaction where the "Txout-script" is created in such a way that a signature from either of 2 different private keys would satisfy the spending requirement (sort of like multisig, but requiring either sig instead of both)? Could such a non-typical transaction be created in such a way to get it to show up with listunspent or listtransactions?
Yes.This is the question.It is possible to create a non-typical transaction with createrawtransaction command and it is possible to add a second public key to "Txout-script" which makes this amount can be spent by 2 different addresses. I beleive this type of transactions also appears in listtransactions . |
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1075
Ian Knowles - CIYAM Lead Developer
|
|
May 15, 2013, 03:21:49 AM |
|
Oh - now I get what you're asking and the answer is *yes* I think it may be possible to create such a script although I don't know exactly what the purpose of it would be (whereas M of N makes more sense).
Any *second* attempt to spend the UTXOs will *fail* (so the existence of such scripts should be of no concern). So if you are concerned that tx output scripts could be written to try help with doing "double spends" then basically I think there is nothing to worry about. Also AFAIA miners will simply not include tx scripts that do not "make sense" into blocks that they mine (i.e. there is no magical script to let someone get away with a double spend).
The reason to wait for confirmations (although 6 is not really the "magic" number) is to be assured that a tx *has* been mined (1 confirmation) and that a *reorg* won't see an attempted double spend as instead being the original spend (> 1 confirmation).
|
|
|
|
jamesgarfield
Newbie
Offline
Activity: 14
Merit: 0
|
|
May 15, 2013, 03:32:55 AM |
|
Hi,
I am working on a payment system and I need a bit help.
The point I didn`t understand is how I can be sure I got the money?
I can use listtransactions ,listunspent and then gettxout or gettransaction API calls to follow up received payments.
As a transation is a script, it is possible to add an amount which can be spend by 2 different address in a transaction.
It is alsa possible to create very different script scenerios.
If a sender creates a transaction with an amount which can be used by 2 different address, I will see this transaction with API calls. Also after 6 confirmation I will accept the transaction as a valid payment but then the sender can spend money by using the second address he added to transaction after I delivery the goods.
how can I be sure?
hmm not sure |
|
|
|
|
scab
Newbie
Offline
Activity: 14
Merit: 0
|
|
May 15, 2013, 04:25:00 AM |
|
All I know is the blockchain doesnt scam.
|
|
|
|
|
kirlisakal (OP)
Newbie
Offline
Activity: 9
Merit: 0
|
|
May 15, 2013, 11:28:58 PM |
|
Any has an idea?
|
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1075
Ian Knowles - CIYAM Lead Developer
|
|
May 16, 2013, 02:54:54 AM |
|
Any has an idea?
Did you not read my my reply? Double spends are *impossible* to pull off once you have >1 confirmations (otherwise it would have failed years ago). |
|
|
|
|
Charles999
|
|
May 16, 2013, 02:56:40 AM |
|
can someone help me out with this. doesn't seem to eork
|
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3388
Merit: 4616
|
|
May 16, 2013, 09:20:19 AM |
|
Any has an idea?
Did you not read my my reply? Double spends are *impossible* to pull off once you have >1 confirmations (otherwise it would have failed years ago). As I mentioned earlier, I don't think it's "double spends" that the OP is concerned about: It sounds like the OP is concerned about receiving a non-typical transaction. Does the possibility exist that someone could perhaps create a transaction where the "Txout-script" is created in such a way that a signature from either of 2 different private keys would satisfy the spending requirement (sort of like multisig, but requiring either sig instead of both)? Could such a non-typical transaction be created in such a way to get it to show up with listunspent or listtransactions?
I'm not sure which transactions are listed with listunspent and/or listtransactions, but it seems that the OP is concerned a transaction could be structured such that: - Spending an output from the transaction requires signatures from M of N private keys
- The sender has control of M private keys
- One of the N private keys is the private key associated with the OP's receiving address
- The transaction shows up as having been paid to his receiving address when the OP executes listunspent and/or listtransactions
|
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1075
Ian Knowles - CIYAM Lead Developer
|
|
May 16, 2013, 09:42:31 AM |
|
I am pretty sure that listunspent will only include tx's that the client knows it *can* spend (i.e. has *all* the required keys for) but unfortunately I don't have the time to check for this in the source (perhaps this could be moved to Technical Support to get a definitive answer from a dev?).
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3388
Merit: 4616
|
|
May 16, 2013, 09:58:24 AM |
|
(perhaps this could be moved to Technical Support to get a definitive answer from a dev?).
Agreed. OP, you'll be more likely to get the answer you are looking for if you move this thread to the "Technical Support" sub-forum. There is a "move topic" link at the bottom of the thread that you can use to move it. |
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3388
Merit: 4616
|
|
May 16, 2013, 10:02:03 AM |
|
I am pretty sure that listunspent will only include tx's that the client knows it *can* spend (i.e. has *all* the required keys for)
I would expect that you are right. The question is, what happens if M=1 and N=2? If you create a M of N transaction where M=1 and N=2, and the sender controls one of the 2 private keys (while the receiver controls the other), then either the receiver OR the sender could spend it. Would the client know it *can* spend it, since it controls 1 of the 2 private keys? If so, would it include it in "listunspent"? |
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1075
Ian Knowles - CIYAM Lead Developer
|
|
May 16, 2013, 10:07:22 AM |
|
Yes - I see the problem now - and the point of the OP (which is an interesting one).
It could well be that the only way you can be certain that you do "own" the UTXO in that case would be to actually "spend" it (had never really considered M of N with M as 1 as *being* an M of N tx but I guess it could make sense - especially if you are wanting to be very tricky).
|
|
|
|
kirlisakal (OP)
Newbie
Offline
Activity: 9
Merit: 0
|
|
May 16, 2013, 07:24:21 PM |
|
(perhaps this could be moved to Technical Support to get a definitive answer from a dev?).
Agreed. OP, you'll be more likely to get the answer you are looking for if you move this thread to the "Technical Support" sub-forum. There is a "move topic" link at the bottom of the thread that you can use to move it. As I am a newbie in the forum, I can not open any topic other then Newbies subforum. |
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3388
Merit: 4616
|
|
May 16, 2013, 08:50:27 PM |
|
As I am a newbie in the forum
- snip -
N0. You are not.  |
|
|
|
|
gmaxwell
Moderator
Legendary
Offline
Activity: 4158
Merit: 8382
|
|
May 16, 2013, 09:06:37 PM |
|
You (meaning your wallet) won't recognize as yours any unusual or non-standard payments. Someone could crazy some bizarro transaction that— in theory— your wallet has enough information to redeem, but it will not show it. Generally, if a payment script wasn't provided by the recipient no one should assume the recipient will even be aware of it, much less consider it a payment.
This avoids the issue that you are concerned with completely so long as you keep your private keys private.
|
|
|
|
|
|
