Bitcoin Forum
November 21, 2017, 04:01:44 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Is It Really Necessary To Wait For Confirmations?  (Read 1717 times)
Siegfried
Sr. Member
****
Offline Offline

Activity: 266


View Profile
November 04, 2013, 12:55:16 AM
 #1

I can understand waiting for confirmations for a very large transaction, but for small transactions it just doesn't seem necessary to me. What are the odds that after seeing the initial notification of payment received the transaction turns out to be fraudulent? How could someone commit this kind of fraud? Would it be so easy that small-time losers would spend their time trying to do this kind theft on small transactions?
1511280104
Hero Member
*
Offline Offline

Posts: 1511280104

View Profile Personal Message (Offline)

Ignore
1511280104
Reply with quote  #2

1511280104
Report to moderator
1511280104
Hero Member
*
Offline Offline

Posts: 1511280104

View Profile Personal Message (Offline)

Ignore
1511280104
Reply with quote  #2

1511280104
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511280104
Hero Member
*
Offline Offline

Posts: 1511280104

View Profile Personal Message (Offline)

Ignore
1511280104
Reply with quote  #2

1511280104
Report to moderator
Tirapon
Hero Member
*****
Offline Offline

Activity: 900



View Profile
November 04, 2013, 01:29:01 AM
 #2

For small transactions you probably don't need to wait. Double spend attacks are generally difficult and costly to attempt, and therefore only worthwhile for large transaction amounts. The chances of losing out to a double spend on a small transaction are probably close to zero, and if its a small amount then its probably worth risking it for convenience because if you do lose out, its not very much money.
TheButterZone
Legendary
*
Offline Offline

Activity: 1960


Nemo me impune lacessit


View Profile WWW
November 04, 2013, 02:01:50 AM
 #3

I just wait for 1 confirmation on incomings, because I've seen my own outgoing transactions never confirm and be dropped out of mempool because of insufficient priority/fee. 1 confirmation means that the TX was legit enough to stick (be included in a block).

DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
November 04, 2013, 02:05:18 AM
 #4

I just wait for 1 confirmation on incomings, because I've seen my own outgoing transactions never confirm and be dropped out of mempool because of insufficient priority/fee. 1 confirmation means that the TX was legit enough to stick (be included in a block).

Or ensure the sender paid a fee.   I have never seen a paying tx not confirm.   Well maybe some spam dust garbage.  


For the OP.  It all depends on your risk tolerance.  I sold cellphone prepaid code and for repeat customers sent it with no confirm.  Of a couple hundred sales never had a double spend.   A lot depends on what you are selling and to who and for what reason.  Take humble bundle, it is a donation.  If people wanted to steal it they could simply torrent the game.  Very likely humble bundle could accept 0-confirm with no (or negligible) lost funds.  On the other hand if you are selling a high volume low magin product and can't afford any fraud not even <1% you probably should be waiting for at least one confirm.   High value tx especially the type which are highly fungible (poker deposit, exchange deposits, on blockchain gambling, etc) are much higher targets and really need confirms (often multiple).
Abdussamad
Legendary
*
Offline Offline

Activity: 1554



View Profile WWW
November 04, 2013, 02:07:53 AM
 #5

For small transactions you probably don't need to wait. Double spend attacks are generally difficult and costly to attempt, and therefore only worthwhile for large transaction amounts.

It is very easy to attempt a double spend:

https://blockchain.info/create-double-spend

To be successful at it is another matter entirely.

TheButterZone
Legendary
*
Offline Offline

Activity: 1960


Nemo me impune lacessit


View Profile WWW
November 04, 2013, 02:11:12 AM
 #6

I just wait for 1 confirmation on incomings, because I've seen my own outgoing transactions never confirm and be dropped out of mempool because of insufficient priority/fee. 1 confirmation means that the TX was legit enough to stick (be included in a block).

Or ensure the sender paid a fee.   

I have never seen a paying tx not confirm.   Well maybe some spam dust garbage. 

I try to only spend BTC when it has sufficient priority to not need a fee. Not to say my past calculations (with estimated TX size) have all been accurate, which is why they failed. I expect others are more likely to make mistakes like I have, rather than maliciously doublespend.

adamstgBit
Legendary
*
Offline Offline

Activity: 1904


Trusted Bitcoiner


View Profile WWW
November 04, 2013, 02:15:03 AM
 #7

i figured that if you wait 30 seconds and make sure their is no double spending during these 30 seconds, their a very very good chance that the TX will be confirmed even if their is a double spend attempt afterword.


read more here:
https://bitcointalk.org/index.php?topic=302990.0

Siegfried
Sr. Member
****
Offline Offline

Activity: 266


View Profile
November 04, 2013, 02:41:18 AM
 #8

I just wait for 1 confirmation on incomings, because I've seen my own outgoing transactions never confirm and be dropped out of mempool because of insufficient priority/fee. 1 confirmation means that the TX was legit enough to stick (be included in a block).

Or ensure the sender paid a fee.   

I have never seen a paying tx not confirm.   Well maybe some spam dust garbage. 

I try to only spend BTC when it has sufficient priority to not need a fee. Not to say my past calculations (with estimated TX size) have all been accurate, which is why they failed. I expect others are more likely to make mistakes like I have, rather than maliciously doublespend.

What determines priority? Size?
TheButterZone
Legendary
*
Offline Offline

Activity: 1960


Nemo me impune lacessit


View Profile WWW
November 04, 2013, 02:48:38 AM
 #9

https://en.bitcoin.it/wiki/Transaction_fees#Reference_Implementation

DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
November 04, 2013, 04:37:01 AM
 #10

I just wait for 1 confirmation on incomings, because I've seen my own outgoing transactions never confirm and be dropped out of mempool because of insufficient priority/fee. 1 confirmation means that the TX was legit enough to stick (be included in a block).

Or ensure the sender paid a fee.  

I have never seen a paying tx not confirm.   Well maybe some spam dust garbage.  

I try to only spend BTC when it has sufficient priority to not need a fee. Not to say my past calculations (with estimated TX size) have all been accurate, which is why they failed. I expect others are more likely to make mistakes like I have, rather than maliciously doublespend.

The client should do that calculation for you and should never make mistakes.   I have never seen the QT client neglect to include the "min mandatory fee" on tx with low priority.
TheButterZone
Legendary
*
Offline Offline

Activity: 1960


Nemo me impune lacessit


View Profile WWW
November 04, 2013, 05:05:42 AM
 #11

I just wait for 1 confirmation on incomings, because I've seen my own outgoing transactions never confirm and be dropped out of mempool because of insufficient priority/fee. 1 confirmation means that the TX was legit enough to stick (be included in a block).

Or ensure the sender paid a fee.   

I have never seen a paying tx not confirm.   Well maybe some spam dust garbage. 

I try to only spend BTC when it has sufficient priority to not need a fee. Not to say my past calculations (with estimated TX size) have all been accurate, which is why they failed. I expect others are more likely to make mistakes like I have, rather than maliciously doublespend.

The client should do that calculation for you and should never make mistakes.   I have never seen the QT client neglect to include the "min mandatory fee" on tx with low priority.

I used to use brainwallet.org's source, now I use Electrum. Whenever I've talked about priority calculation needing to be a feature of all clients instead of fee being the default despite it qualifying for free, IIRC I kept being told that no client can possibly calculate priority before signing because sig sizes vary, so I just gave up asking, and work around it.

LiteCoinGuy
Legendary
*
Offline Offline

Activity: 1148


In Satoshi I Trust


View Profile WWW
November 04, 2013, 05:45:40 AM
 #12

there are already shops that sell at 0 confirmations. for small amounts its okay.

malevolent
can into space
Staff
Legendary
*
Offline Offline

Activity: 1862



View Profile
November 04, 2013, 06:25:07 AM
 #13

Take humble bundle, it is a donation.  If people wanted to steal it they could simply torrent the game.  Very likely humble bundle could accept 0-confirm with no (or negligible) lost funds.  On the other hand if you are selling a high volume low magin product and can't afford any fraud not even <1% you probably should be waiting for at least one confirm.   High value tx especially the type which are highly fungible (poker deposit, exchange deposits, on blockchain gambling, etc) are much higher targets and really need confirms (often multiple).

Humble bundle uses Coinbase for handling BTC transactions and they accept 0-confirmation transactions, though I'm sure they do take some security measures, such as connecting only to trusted nodes and disallowing incoming connections.

As for the poker or gambling, 0-conf tx can be allowed but the customer shouldn't be able to withdraw any bitcoins until the other party can verify that no double-spend occurred.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218


Gerald Davis


View Profile
November 04, 2013, 06:44:45 AM
 #14

As for the poker or gambling, 0-conf tx can be allowed but the customer shouldn't be able to withdraw any bitcoins until the other party can verify that no double-spend occurred.

Well it is a little more complex than that.  Credit card thieves frequently hit online poker room.

Deposit x BTC.  Lose x BTC to an accomplice.  Double spend the deposit.

OR

Deposit x BTC.  Play poker if win let tx confirm, if lose double spend and try again.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!