Bitcoin Forum
December 10, 2016, 04:42:12 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4] 5 6 7 »  All
  Print  
Author Topic: Bitcoin snack machine (fast transaction problem)  (Read 29026 times)
Gabi
Legendary
*
Offline Offline

Activity: 1050


View Profile
April 30, 2013, 09:41:35 PM
 #61

Why doesn't someone who wants to operate vending machines also operate a mining rig that specifically prioritizes confirms from transactions from it's vending machines?  This way, it could release the goods immediately from receiving the btc and then expedite the confirmations thus minimizing risk of double spends.
Because you don't know how mining works  Roll Eyes
1481388132
Hero Member
*
Offline Offline

Posts: 1481388132

View Profile Personal Message (Offline)

Ignore
1481388132
Reply with quote  #2

1481388132
Report to moderator
1481388132
Hero Member
*
Offline Offline

Posts: 1481388132

View Profile Personal Message (Offline)

Ignore
1481388132
Reply with quote  #2

1481388132
Report to moderator
1481388132
Hero Member
*
Offline Offline

Posts: 1481388132

View Profile Personal Message (Offline)

Ignore
1481388132
Reply with quote  #2

1481388132
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481388132
Hero Member
*
Offline Offline

Posts: 1481388132

View Profile Personal Message (Offline)

Ignore
1481388132
Reply with quote  #2

1481388132
Report to moderator
1481388132
Hero Member
*
Offline Offline

Posts: 1481388132

View Profile Personal Message (Offline)

Ignore
1481388132
Reply with quote  #2

1481388132
Report to moderator
1481388132
Hero Member
*
Offline Offline

Posts: 1481388132

View Profile Personal Message (Offline)

Ignore
1481388132
Reply with quote  #2

1481388132
Report to moderator
franky1
Legendary
*
Online Online

Activity: 1526



View Profile
April 30, 2013, 09:57:24 PM
 #62

why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

Do not take any information given on this forum on face value. Please do your own due diligence and respect what is written here as both opinion and information gleaned from experience. If you wish to seek legal FACTUAL advice, then seek the guidance of a LEGAL specialist
gogxmagog
Legendary
*
Offline Offline

Activity: 1162


Soylent, Vape & Sleep Deprivation; Analog Life


View Profile
April 30, 2013, 10:02:25 PM
 #63

Even better than an escrow, you just fund the beverage machine company itself.

Like this: you go to the company's website and send them 100 BC.  Then, they give you an ID.  They have plenty of time to get confirmations to build, and when you need a beverage you just use the ID they issued you and they debit it from your account.

5/10 - this prohibits "impulse sales" which are HUGE in snack and beverage industries.

Sig This
Akka
Legendary
*
Offline Offline

Activity: 1064



View Profile
April 30, 2013, 10:19:05 PM
 #64

I apologize for the bump, but this has been done Cool
There's also a good (albeit too detailed for the average consumer) explanation of how it works in the video.
http://www.youtube.com/watch?v=pDOcLros-w0

How does the protection against double-spending work?

Is not needed. If it's done right, the vending machine itself doesn't run a BTC client, but receives a paid notification from the vending machine company server that runs the node and is located elsewhere, which would be a good protection against a race attack as you can't make sure miners get the double spend transaction first (the vending company node gets the double spend transaction before the "valid" one).

Therefore leafs only the Finney attack which requires a pool or very large miner to participate to even have a slight chance of success. Which is obviously to expansive to get a bag of popcorn for free.

Also, real cool machine. This could be a great advantage for the snack industry as no money has to be stored on this machines if the machine doesn't contain any private keys, which would be unnecessary anyway.

All previous versions of currency will no longer be supported as of this update
MoonShadow
Legendary
*
Offline Offline

Activity: 1666



View Profile
April 30, 2013, 10:25:38 PM
 #65

why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

You just described green addresses.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
glub0x
Hero Member
*****
Offline Offline

Activity: 768



View Profile
April 30, 2013, 10:35:09 PM
 #66

why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

You just described green addresses.
i think it is the solution to those kind of problem.

Otherwise i'll allways be able to give my private adress to 10 friends buy a snack, send a txt to them and they all go to buy a snack with the same private adress. If i send the txt message before buying the snack i can even get poeple using that private adress in china at the very same moment i use it in london so it might be very hard to be instant AND secure without green address.

The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactions

Satoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
Jan
Legendary
*
Offline Offline

Activity: 1042



View Profile
April 30, 2013, 10:53:45 PM
 #67

I apologize for the bump, but this has been done Cool
There's also a good (albeit too detailed for the average consumer) explanation of how it works in the video.
http://www.youtube.com/watch?v=pDOcLros-w0

How does the protection against double-spending work?

Is not needed. If it's done right, the vending machine itself doesn't run a BTC client, but receives a paid notification from the vending machine company server that runs the node and is located elsewhere, which would be a good protection against a race attack as you can't make sure miners get the double spend transaction first (the vending company node gets the double spend transaction before the "valid" one).

Therefore leafs only the Finney attack which requires a pool or very large miner to participate to even have a slight chance of success. Which is obviously to expansive to get a bag of popcorn for free.
Unfortunately there is a long distance between a "race attack" and a Finney attack.
1. Long chain of fee less unconfirmed truansactions challenged by one fat fee transaction sent directly to big miners
2. No 1 combined with a tx in midstrean with nlocktime.
3. One tx sent directly to snack server, conflicting tx sent to 1000+ nodes
The list goes on.
Protecting against zero confirmation transactions is a never ending battle, like spam mail. Attackers/defenders improve, you are never 100% certain.

Mycelium let's you hold your private keys private.
MoonShadow
Legendary
*
Offline Offline

Activity: 1666



View Profile
April 30, 2013, 10:56:59 PM
 #68

why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

You just described green addresses.
i think it is the solution to those kind of problem.

Otherwise i'll allways be able to give my private adress to 10 friends buy a snack, send a txt to them and they all go to buy a snack with the same private adress. If i send the txt message before buying the snack i can even get poeple using that private adress in china at the very same moment i use it in london so it might be very hard to be instant AND secure without green address.

A double spending attack is much harder, even while duping snack machines, than your scenario implies.  There are techniques for detecting a double spend attack while in progress that can be employed, none of which are necessary yet, and thus have not been implimented.  Several of which don't require any outside support for the snack machine, and provide no warning for anyone that does not have a sniffer on the machine's network connection.

A double spend attack is very timing dependent, and for practical reasons requires that all spend attemps hit the bitcoin network within 10 seconds of each other.  Good luck coordinating that in meatspace.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
MoonShadow
Legendary
*
Offline Offline

Activity: 1666



View Profile
April 30, 2013, 11:06:52 PM
 #69

I apologize for the bump, but this has been done Cool
There's also a good (albeit too detailed for the average consumer) explanation of how it works in the video.
http://www.youtube.com/watch?v=pDOcLros-w0

How does the protection against double-spending work?

Is not needed. If it's done right, the vending machine itself doesn't run a BTC client, but receives a paid notification from the vending machine company server that runs the node and is located elsewhere, which would be a good protection against a race attack as you can't make sure miners get the double spend transaction first (the vending company node gets the double spend transaction before the "valid" one).

Therefore leafs only the Finney attack which requires a pool or very large miner to participate to even have a slight chance of success. Which is obviously to expansive to get a bag of popcorn for free.
Unfortunately there is a long distance between a "race attack" and a Finney attack.
1. Long chain of fee less unconfirmed truansactions challenged by one fat fee transaction sent directly to big miners
2. No 1 combined with a tx in midstrean with nlocktime.


No meatspace POS system shoudl ever accept any transaction that is not immediately lockable.  This should be obvious enough.  Snack machines shouldn't take IOU's.

Quote
3. One tx sent directly to snack server, conflicting tx sent to 1000+ nodes
The list goes on.
Protecting against zero confirmation transactions is a never ending battle, like spam mail. Attackers/defenders improve, you are never 100% certain.

Maybe, but as far as I am aware, both the race attack and finney attack are theoretical.  Are there any examples of either being employing in the wild, that does not involve a contrived lab-like setup?  Has anyone, ever, posted on the forums with a "I've been double spended against!" with a credible story?  Online websites should only accept 6 confirms for instantly deliverable goods such as online data streaming, etc; (maybe not a movie, since a double spend simply cuts off the feed halfway through the movie) but meatspace transactions below a certain value are pretty safe.  It's technically simplier to fake a coin operated snack machine using slugs than to double-spend attack it for a bag of chips.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
Jan
Legendary
*
Offline Offline

Activity: 1042



View Profile
April 30, 2013, 11:32:13 PM
 #70

Maybe, but as far as I am aware, both the race attack and finney attack are theoretical.  Are there any examples of either being employing in the wild, that does not involve a contrived lab-like setup?  Has anyone, ever, posted on the forums with a "I've been double spended against!" with a credible story?  Online websites should only accept 6 confirms for instantly deliverable goods such as online data streaming, etc; (maybe not a movie, since a double spend simply cuts off the feed halfway through the movie) but meatspace transactions below a certain value are pretty safe.  It's technically simplier to fake a coin operated snack machine using slugs than to double-spend attack it for a bag of chips.

I would love to hear the SatoshiDice developer's take on this and pick his brain.
They (if any) have the experience in the field of accepting zero conf transactions.

How about this:
SD winners/loosers are determined by value of the TX hash and some secret (to be revealed the next day).
If I am among the first to relay a SD TX I can actually alter the TX hash without invalidating the TX (by for instance altering the DER encoding and yet not invalidate signatures) before relaying it to 1000+ nodes. This gives me a high probability of getting my altered TX into the block chain.
Which of the TX hashes should get the winnings if they are determining the outcome on zero confirmations? (No, I wouldn't gain anything from this myself other than the thrill as I wouldn't be able to change the inputs/outputs without invalidating the signatures)

A similar approach would probably confuse many services around as the two TXes would not be a double spend, but just a different variety of the same TX with a different hash.   

Mycelium let's you hold your private keys private.
chronocoin
Jr. Member
*
Offline Offline

Activity: 39

Chronocoin: Buy anything for Bitcoin - Ships 2day!


View Profile WWW
May 04, 2013, 08:51:00 AM
 #71

Haha, nice catch phrase for chronocoin: "The original bitcoin snack machine"

Chronocoin: Buy anything for Bitcoin - Ships 2day!
farlack
Legendary
*
Offline Offline

Activity: 868



View Profile
May 04, 2013, 12:03:48 PM
 #72

Vending machines get robbed all the time, I don't think that the 4 people in the world who know how double spending is done properly will hurt the owners of the machine.







P.S. I know more than 4 people was being sarcastic.
P.S.S its no different than when you watch a video on youtube that shows a button combination that spits out money, and free drinks.
MWNinja
Hero Member
*****
Offline Offline

Activity: 630



View Profile WWW
May 04, 2013, 03:46:41 PM
 #73

Merchants will easily accept the double spend risk.

$20 or less - 0 confirms (similar to no signature required on VISA/MC)
$20 - $300 - 1 confirm
$300+ - 6 confirms
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 1414

Newbie


View Profile
May 04, 2013, 06:52:47 PM
 #74

Merchants will easily accept the double spend risk.

$20 or less - 0 confirms (similar to no signature required on VISA/MC)
$20 - $300 - 1 confirm
$300+ - 6 confirms

How many confirms for 15 purchases $20 each ($300 total)? 0 or 6?
LeTanque
Member
**
Offline Offline

Activity: 85


Fortune favors the bold and brave


View Profile WWW
May 04, 2013, 08:19:37 PM
 #75

Why doesn't someone who wants to operate vending machines also operate a mining rig that specifically prioritizes confirms from transactions from it's vending machines?  This way, it could release the goods immediately from receiving the btc and then expedite the confirmations thus minimizing risk of double spends.
Because you don't know how mining works  Roll Eyes

You have a point. After your comment, I realized there are probably a lot of things regarding bitcoin that I only have a cursory knowledge of.  So, I started to do some research to try and catch up.  Any response to help verify or dispute my understanding would be greatly appreciated.

The first thing I started with was the Satoshi original white paper. Something stood out to me, in section 8:

Quote
... Businesses that receive frequent payments will probably still want to run their own nodes for more independent security and quicker verification.

This sounds very similar to what I was describing, except exchange miner with node.

So then, I thought to myself: well, what is the difference between a miner and a node? This is something I always assumed was the same thing.

But, AFAIK, it would seem that a business would be wise to run a node for speed and security. Wouldn't businesses do this in the future and wouldn't that in turn become a lot of the power of the network, even when there are no more block rewards.

To make it more effective, you would verify your own transactions faster than others. I suppose it would be difficult to single out transactions from their business; so like, confirm the vending machine transactions before others.  Would that be possible?  Could the miner single out transactions that are a certain value, technically?



"It is a mistake to suppose that any technological innovation has a one-sided effect. Every technology is both a burden and a blessing; not either-or, but this-and-that." -Neil Postman Technopoly
1KTXL5GbFzAB2QZ43ARMR8gbidvfk5nqW5
BitcoinUK
Jr. Member
*
Offline Offline

Activity: 58


View Profile
May 04, 2013, 09:45:18 PM
 #76

The whole double spending issue from what I can see is that anyone can send out the same allotment of coins multiple times by using different clients with the same private key imported.

The only problem is only one of the recipients will get the confirmed one. so I still would not risk a zero confirm transaction, instead a vendor would work best if they had a micro-bank/escrow/prepayment service. Just for depositing 0.1btc in each day, which gets confirmed by the microbank/escrow/prepayment service and then when the transaction goes through, the vendor collects the fully guaranteed funds instantly.

So this is an opportunity for someone with high trust to create a prepayment service where franky1 suggests
Quote
why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

I can see starbucks, vending machines, train stations, etc all taking on the prepayment service as their payment gateway
skull88
Hero Member
*****
Offline Offline

Activity: 684



View Profile
May 04, 2013, 11:11:28 PM
 #77

For small transactions, you actually don't need to wait for confirmations because chances someone will do a double spend for a chocolate bar are pretty small and if they would succeed it isn't a huge loss.

BTC: 1MifMqtqqwMMAbb6zr8u6qEzWqq3CQeGUr
LTC: LhvMYEngkKS2B8FAcbnzHb2dvW8n9eHkdp
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 1414

Newbie


View Profile
May 04, 2013, 11:25:25 PM
 #78

For small transactions, you actually don't need to wait for confirmations because chances someone will do a double spend for a chocolate bar are pretty small and if they would succeed it isn't a huge loss.

What if someone does it 1000 times in a row? It's digital world, almost anything can be easily replicated, especially algorithms.
FlappySocks
Hero Member
*****
Offline Offline

Activity: 532



View Profile
May 04, 2013, 11:44:43 PM
 #79

Profit margins should be good enough to cover the odd case of fraud.  I would imagine it would be possible to get some sort of insurance to cover a major scam.

Some sensible checks can be put in place for detecting abnormal behaviour.

If there is any serious risk, install CCTV.
ralree
Hero Member
*****
Offline Offline

Activity: 518


Manateeeeeeees


View Profile
May 05, 2013, 12:14:16 AM
 #80

Yeah I think the solution of just accepting without any confirmations is fine for such low-value items.

1MANaTeEZoH4YkgMYz61E5y4s9BYhAuUjG
Pages: « 1 2 3 [4] 5 6 7 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!