Instant Bitcoin confirmation time (IDEA)

[domob]

The solution is green address.

Actually the solution is to not worry about it, it is really just another form of shoplifting. People who want to steal will find a way, and going through the register line is a bad way to do it because most places you will be caught on camera and eventually caught by law enforcement.

But double spends will be rarely attempted and I suspect the losses will likely be less than what is currently lost in debit/credit card transaction fees and chargebacks.

Who would wait 10 minutes for confirmation while in line? Or do you propose 0 conf?

Exactly, zero confirmations.  This should be good enough for most point-of-sales purchases (like groceries) in my opinion.  As AliceWonder has outlined, if someone intends to steal low-value items from the shop, they will surely find a much simpler way than performing a double spend.  So confirmations are really only necessary for high-value purchases like cars or high-end electronic products and so, where the effort and risk associated to a double-spend is worth it.  In that case (think a car) it isn't a big problem to wait for the confirmations.

[1714628135]

1714628135

[1714628135]

1714628135

[madmadmax]

The solution is green address.

Actually the solution is to not worry about it, it is really just another form of shoplifting. People who want to steal will find a way, and going through the register line is a bad way to do it because most places you will be caught on camera and eventually caught by law enforcement.

But double spends will be rarely attempted and I suspect the losses will likely be less than what is currently lost in debit/credit card transaction fees and chargebacks.

Who would wait 10 minutes for confirmation while in line? Or do you propose 0 conf?

Exactly, zero confirmations.  This should be good enough for most point-of-sales purchases (like groceries) in my opinion.  As AliceWonder has outlined, if someone intends to steal low-value items from the shop, they will surely find a much simpler way than performing a double spend.  So confirmations are really only necessary for high-value purchases like cars or high-end electronic products and so, where the effort and risk associated to a double-spend is worth it.  In that case (think a car) it isn't a big problem to wait for the confirmations.

Dude, I could write up a double spend button in a custom Bitcoin client, the police would never pursue Bitcoin crime.

[mnyonpa]

Dude, I could write up a double spend button in a custom Bitcoin client, the police would never pursue Bitcoin crime.

Please do.

[AliceWonder]

Dude, I could write up a double spend button in a custom Bitcoin client, the police would never pursue Bitcoin crime.

They already have. And since bitcoin transactions happen over a network, you may even be guilty of wire fraud if you did a double spend attack. That's much more serious than just stuffing something in your pocket.

But just because it is possible to double spend doesn't mean it will be a common occurrence. Most grocery stores where I live now have self checkout lanes that aren't even monitored. Does theft happen? Sure. But most people don't try to steal.

[madmadmax]

Dude, I could write up a double spend button in a custom Bitcoin client, the police would never pursue Bitcoin crime.

They already have. And since bitcoin transactions happen over a network, you may even be guilty of wire fraud if you did a double spend attack. That's much more serious than just stuffing something in your pocket.

But just because it is possible to double spend doesn't mean it will be a common occurrence. Most grocery stores where I live now have self checkout lanes that aren't even monitored. Does theft happen? Sure. But most people don't try to steal.

It might not be a common occurrence in your community looking through your narrow perception but it WILL become a common occurrence if it would happen in south Africa or other countries where some people live in complete poverty while others get to enjoy the fine things in life.

[DannyHamilton]

- snip -
it WILL become a common occurrence if it would happen in south Africa or other countries where some people live in complete poverty while others get to enjoy the fine things in life.

And this is a problem?

[madmadmax]

- snip -
it WILL become a common occurrence if it would happen in south Africa or other countries where some people live in complete poverty while others get to enjoy the fine things in life.

And this is a problem?

It would become a problem when wretched fools will start stealing from the hardworking people of Africa, same thing as with their governments currency being faked into oblivion.

[DannyHamilton]

- snip -
it WILL become a common occurrence if it would happen in south Africa or other countries where some people live in complete poverty while others get to enjoy the fine things in life.

And this is a problem?

It would become a problem when wretched fools will start stealing from the hardworking people of Africa, same thing as with their governments currency being faked into oblivion.

And your "Instant Bitcoins confirmation time" would keep them from putting products in their pocket and walking out of the store?

[AliceWonder]

It might not be a common occurrence in your community looking through your narrow perception but it WILL become a common occurrence if it would happen in south Africa or other countries where some people live in complete poverty while others get to enjoy the fine things in life.

If it is a problem a solution already exists, use of a green address. Usually they are offered by web wallets but they don't have to be.

I don't think it will be a problem in South Africa either. Or even Uganda or Nigeria or anywhere.

[madmadmax]

- snip -
it WILL become a common occurrence if it would happen in south Africa or other countries where some people live in complete poverty while others get to enjoy the fine things in life.

And this is a problem?

It would become a problem when wretched fools will start stealing from the hardworking people of Africa, same thing as with their governments currency being faked into oblivion.

And your "Instant Bitcoins confirmation time" would keep them from putting products in their pocket and walking out of the store?

Replies such as these are naive and childish, why should we bother with the security of the bank said the guard, they could put things in their pocket and walk outside anyway.

It might not be a common occurrence in your community looking through your narrow perception but it WILL become a common occurrence if it would happen in south Africa or other countries where some people live in complete poverty while others get to enjoy the fine things in life.

If it is a problem a solution already exists, use of a green address. Usually they are offered by web wallets but they don't have to be.

I don't think it will be a problem in South Africa either. Or even Uganda or Nigeria or anywhere.

Green addresses are a bad idea, currently the Bitcoin network doesn't try to resolve double spends in any way, using my method we could at the very least reach a lower rate of scammers.

[EmperorBob]

Green addresses are a bad idea, currently the Bitcoin network doesn't try to resolve double spends in any way, using my method we could at the very least reach a lower rate of scammers.

You may not like the current implementation of green addresses, but it's actually very easy to use multisig to make user-specific green addresses where your money can't be stolen, or frozen (if the cosigner disappears of the internet) for more than a few days. If that ends up being required to keep zero-conf safe, it will be deployed and used widely. We don't need to introduce new features to deal with zero confirmation security.

[madmadmax]

Green addresses are a bad idea, currently the Bitcoin network doesn't try to resolve double spends in any way, using my method we could at the very least reach a lower rate of scammers.

You may not like the current implementation of green addresses, but it's actually very easy to use multisig to make user-specific green addresses where your money can't be stolen, or frozen (if the cosigner disappears of the internet) for more than a few days. If that ends up being required to keep zero-conf safe, it will be deployed and used widely. We don't need to introduce new features to deal with zero confirmation security.

Please enlighten us on how to do so.

[EmperorBob]

Based in part on https://en.bitcoin.it/wiki/Contracts#Example_1:_Providing_a_deposit. Disclaimer: not tested, I may have made mistakes in designing it.

Alice: spender
Bob: merchant
George: green address service

1. Account setup:
  a. Alice and George create private keys and make a 2-of-2 multisignature address.
  b. Alice creates, but keeps private, a transaction (Tx1) depositing some funds into the address. She sends the hash of it to George.
  c. George creates and signs a transaction (Tx2) refunding Tx1's funds back to Alice, with a locktime of a week or so. He sends that back to Alice.
  d. Alice signs Tx2, keeps it, and broadcasts Tx1. The green address is now funded (after a few confirmations).

2. Spending with a merchant:
  a. Alice creates and signs a transaction (Tx3) sending money to Bob. She sends the transaction to George. The change address can be a green address like in step 1, or it can be a regular address.
  b. George checks that the transaction is the first one spending the output, and that Tx2 isn't valid for at least 6 blocks from now. If so he signs and broadcasts it.
  c. Bob sees the transaction, he can then check that it is a green address from a trusted service (Either by querying an API, or seeing the broadcast being sent from George's green node).
  d. Done

3. Taking money out
  a. If George is still operational and not an asshole, Alice can just use the spending technique in step 2 to withdraw her funds.
  b. If not, she has to wait until Tx2 becomes valid, then broadcast it.

4. Refreshing the account
  a. Everytime Alice comes online and Tx2 is becoming valid in less than some given time frame (say 2 days), she and George repeat step 1 to create a new green address, and transfer the funds from the old one.
  b. Because the funds came from a green address, they can't be double spent, and so the new address is immediately valid to use for spending.

Obviously, all of this needs to be automated by the wallet in order to be usable by people.
There's a sweet spot to be picked for the withdrawal delay and the refresh period. The shorter they are, the more fees are spent just keeping the funds rotating, and the more often Alice has to come online to refresh the funds. The longer it is, the greater the time during which George can cause the funds to become unavailable.

But that's the basic idea. Unstealable, unfreezable green addresses.

[Kouye]

[...] from a trusted service [...]

This is where it totally fails. I wan't to be able to pay for my bread from my loot directly to the one handing the bread to me, without having to trust a centralised trusted node - aka a bank.

I've been trying to find ideas for weeks, now, and even though I'm progressing, none of them has convinced me.
The major issue being that miners rule.

I tried to go with a pre-confirmation chain by full nodes (clients).
But when the TX is accepted by a miner, how can it check if there is no longer pre-confirmation chain on the network for the same unspent output?

Another option I'm left with, currently, is to have secured hardware devices, such as today's credit card, that would require you to enter a password for each payment, and that would not be possible to hack too easily. If not easier to hack than a credit card, then it's all good.

Of course, such a device implies you would not know your own private keys, to avoid double spend, but just a password (a pin code equivalent) to unlock them all.

And it would imply that you trust the issuer of such devices. 
Raaaaaaah!!!!! Back to square one.



Did someone actually came out with anything on that topic, apart from the zero confirmation suggestion ?






PS : This is similar to another issue raised here : https://bitcointalk.org/index.php?topic=268412.0

[AliceWonder]

Green addresses are a bad idea, currently the Bitcoin network doesn't try to resolve double spends in any way, using my method we could at the very least reach a lower rate of scammers.

The way I forsee Green Address's working -

Company X offers green address.
I get account with Company X - meaning they know my personal information so they can sue my sorry ass if I rip them off.

Company X provides a plugin for my client. When I want to pay from a green address, I check a box. What it actually does is send bitcoins to the company I have account with who then sends to the merchant.

Merchant trusts that Company X will not double spend and Company X takes the risk that I won't double spend. A risk they take as part of membership or added fee I pay (say 1.5% on top of transaction).

Right now there is no Company X as far as I know, but when there is a need, it will happen.

The bitcoin URI that I scan with my phone could even have a payment parameter in the QR code to use a green address.

When the transaction confirmation time becomes a problem, services like that will pop up.

[Sword Smith]

The solution is green address.

Actually the solution is to not worry about it, it is really just another form of shoplifting. People who want to steal will find a way, and going through the register line is a bad way to do it because most places you will be caught on camera and eventually caught by law enforcement.

But double spends will be rarely attempted and I suspect the losses will likely be less than what is currently lost in debit/credit card transaction fees and chargebacks.

True. Trust and then Green addresses which is another form of trust. And green addresses are not a problem for the decentralized idea of bitcoins since they are based on trust and not mandates.

[EmperorBob]

[...] from a trusted service [...]

This is where it totally fails. I wan't to be able to pay for my bread from my loot directly to the one handing the bread to me, without having to trust a centralised trusted node - aka a bank.

You, as the spender, don't need to trust the green address service at all, and are fully in control, that's the point of all the legwork with the 2-of-2 signatures. The worst that can happen is the service goes down, or tries to freeze your funds, in which case you can recover all your money after a couple days. Hell, you could event use 2 services at once in this process, with a 2-of-3 multisig, and then they'd both need to go down for you to be in any trouble (they'd have to coordinate together to prevent double spends).

The only trust that's necessary here is for the merchant to trust that if a green address service co-signs a transaction, that they'll only do that once, to avoid double spends. It's very straightforward, and almost impossible for a green address service to accidentaly mess that up.
If a merchant thinks that such a service will betray that trust (provably showing that they are untrustworthy, ruining their reputation and exposing themselves to legal action) just for this very specific transaction, then they're probably selling something really expensive (like a house), and should wait a few blocks.

Like I said before, it's completely unnecessary for now, because in practice zero-conf is safe for <10BTC transactions.
If it becomes unsafe for some reason, we can solve it with the existing tools we have (no soft/hard fork), without need for more than a minimum amount of merchant to service trust.

The business model for such a service would probably look something like:
- Making green addresses and spending from them is completely free/anonymous/all the good things.
- As a merchant, access to the spend verification service costs a small monthly fee.

BitPay could probably roll their own, and provide it as part of their service.

I don't think we can realistically do better than that, even with a hard fork. Consensus is hard.

[AliceWonder]

You know, the more I've been thinking about this the more I'm convinced that confirmation time is an imaginary fear.

When someone sends me bitcoins, I see that they have sent it almost instantly. That doesn't validate it is not a double spend but it does validate that they have the bitcoins needed to spend, does it not?

Doesn't the P2P network block a forgery transaction that has a made-up input? Wouldn't my client know the input was invalid?

So at least I know the input is valid. What I don't know is if the sender will double spend.

That's almost exactly the same thing with credit card authorizations

They may be instant but I don't know the value is really mine for some time. The authorization can be cancelled and even after it is paid it can still be reversed. How is that any less risky than someone doing a double spend?

There's no difference between accepting 0 confirmations and accepting with just a credit card auth. None at all. In both cases the vendor is taking a risk that they won't get the money.

At least with bitcoin the window of time is much smaller for the vendor to actually know the payment is good.

[madmadmax]

You know, the more I've been thinking about this the more I'm convinced that confirmation time is an imaginary fear.

When someone sends me bitcoins, I see that they have sent it almost instantly. That doesn't validate it is not a double spend but it does validate that they have the bitcoins needed to spend, does it not?

Doesn't the P2P network block a forgery transaction that has a made-up input? Wouldn't my client know the input was invalid?

So at least I know the input is valid. What I don't know is if the sender will double spend.

That's almost exactly the same thing with credit card authorizations

They may be instant but I don't know the value is really mine for some time. The authorization can be cancelled and even after it is paid it can still be reversed. How is that any less risky than someone doing a double spend?

There's no difference between accepting 0 confirmations and accepting with just a credit card auth. None at all. In both cases the vendor is taking a risk that they won't get the money.

At least with bitcoin the window of time is much smaller for the vendor to actually know the payment is good.

The difference is that the credit card company will not cancel your every transaction every day for prolonged amounts of time, generally speaking canceling a transaction is a "one time thing" only as you need a valid reason for cancellation, if you get caught canceling on valid transactions they could contact the police.

I have reviewed the green address concept and it is completely useless, ultimately a burden on the blockchain that works using a concept that is illogical and stupid.

[AliceWonder]

With bitcoin, a double spend isn't guaranteed to work. It all depends upon which transaction gets to the miner first.
And if you do it frequently, you will get caught because cameras are all over the place and you will be identified.

Perhaps for low value thefts you won't be but that's peanuts.

And as far as credit cards go, the problem is stolen credit cards.
You can buy lists of valid credit card numbers (something that doesn't really work with bitcoin) so you can keep defrauding the same way you would with double spending.

-=-

Some silicon valley exec just got busted for stealing legos. How was he doing it? Printing barcodes that scanned at lower prices and pasting them on the boxes so they ring up cheaper.

Thieves will always find a way.