Bitcoin Forum
October 14, 2024, 11:46:14 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 6 7 »  All
  Print  
Author Topic: Bitcoin snack machine (fast transaction problem)  (Read 55296 times)
Gabi
Legendary
*
Offline Offline

Activity: 1148
Merit: 1008


If you want to walk on water, get out of the boat


View Profile
April 30, 2013, 09:41:35 PM
 #61

Why doesn't someone who wants to operate vending machines also operate a mining rig that specifically prioritizes confirms from transactions from it's vending machines?  This way, it could release the goods immediately from receiving the btc and then expedite the confirmations thus minimizing risk of double spends.
Because you don't know how mining works  Roll Eyes

franky1
Legendary
*
Offline Offline

Activity: 4368
Merit: 4749



View Profile
April 30, 2013, 09:57:24 PM
 #62

why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
gogxmagog
Legendary
*
Offline Offline

Activity: 1456
Merit: 1010

Ad maiora!


View Profile
April 30, 2013, 10:02:25 PM
 #63

Even better than an escrow, you just fund the beverage machine company itself.

Like this: you go to the company's website and send them 100 BC.  Then, they give you an ID.  They have plenty of time to get confirmations to build, and when you need a beverage you just use the ID they issued you and they debit it from your account.

5/10 - this prohibits "impulse sales" which are HUGE in snack and beverage industries.
Akka
Legendary
*
Offline Offline

Activity: 1232
Merit: 1001



View Profile
April 30, 2013, 10:19:05 PM
 #64

I apologize for the bump, but this has been done Cool
There's also a good (albeit too detailed for the average consumer) explanation of how it works in the video.
http://www.youtube.com/watch?v=pDOcLros-w0

How does the protection against double-spending work?

Is not needed. If it's done right, the vending machine itself doesn't run a BTC client, but receives a paid notification from the vending machine company server that runs the node and is located elsewhere, which would be a good protection against a race attack as you can't make sure miners get the double spend transaction first (the vending company node gets the double spend transaction before the "valid" one).

Therefore leafs only the Finney attack which requires a pool or very large miner to participate to even have a slight chance of success. Which is obviously to expansive to get a bag of popcorn for free.

Also, real cool machine. This could be a great advantage for the snack industry as no money has to be stored on this machines if the machine doesn't contain any private keys, which would be unnecessary anyway.

All previous versions of currency will no longer be supported as of this update
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
April 30, 2013, 10:25:38 PM
 #65

why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

You just described green addresses.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
glub0x
Legendary
*
Offline Offline

Activity: 892
Merit: 1013



View Profile
April 30, 2013, 10:35:09 PM
 #66

why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

You just described green addresses.
i think it is the solution to those kind of problem.

Otherwise i'll allways be able to give my private adress to 10 friends buy a snack, send a txt to them and they all go to buy a snack with the same private adress. If i send the txt message before buying the snack i can even get poeple using that private adress in china at the very same moment i use it in london so it might be very hard to be instant AND secure without green address.

The cost of mediation increases transaction costs, limiting the
minimum practical transaction size and cutting off the possibility for small casual transactions

Satoshi Nakamoto : https://bitcoin.org/bitcoin.pdf
Jan
Legendary
*
Offline Offline

Activity: 1043
Merit: 1002



View Profile
April 30, 2013, 10:53:45 PM
 #67

I apologize for the bump, but this has been done Cool
There's also a good (albeit too detailed for the average consumer) explanation of how it works in the video.
http://www.youtube.com/watch?v=pDOcLros-w0

How does the protection against double-spending work?

Is not needed. If it's done right, the vending machine itself doesn't run a BTC client, but receives a paid notification from the vending machine company server that runs the node and is located elsewhere, which would be a good protection against a race attack as you can't make sure miners get the double spend transaction first (the vending company node gets the double spend transaction before the "valid" one).

Therefore leafs only the Finney attack which requires a pool or very large miner to participate to even have a slight chance of success. Which is obviously to expansive to get a bag of popcorn for free.
Unfortunately there is a long distance between a "race attack" and a Finney attack.
1. Long chain of fee less unconfirmed truansactions challenged by one fat fee transaction sent directly to big miners
2. No 1 combined with a tx in midstrean with nlocktime.
3. One tx sent directly to snack server, conflicting tx sent to 1000+ nodes
The list goes on.
Protecting against zero confirmation transactions is a never ending battle, like spam mail. Attackers/defenders improve, you are never 100% certain.

Mycelium let's you hold your private keys private.
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
April 30, 2013, 10:56:59 PM
 #68

why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

You just described green addresses.
i think it is the solution to those kind of problem.

Otherwise i'll allways be able to give my private adress to 10 friends buy a snack, send a txt to them and they all go to buy a snack with the same private adress. If i send the txt message before buying the snack i can even get poeple using that private adress in china at the very same moment i use it in london so it might be very hard to be instant AND secure without green address.

A double spending attack is much harder, even while duping snack machines, than your scenario implies.  There are techniques for detecting a double spend attack while in progress that can be employed, none of which are necessary yet, and thus have not been implimented.  Several of which don't require any outside support for the snack machine, and provide no warning for anyone that does not have a sniffer on the machine's network connection.

A double spend attack is very timing dependent, and for practical reasons requires that all spend attemps hit the bitcoin network within 10 seconds of each other.  Good luck coordinating that in meatspace.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
April 30, 2013, 11:06:52 PM
 #69

I apologize for the bump, but this has been done Cool
There's also a good (albeit too detailed for the average consumer) explanation of how it works in the video.
http://www.youtube.com/watch?v=pDOcLros-w0

How does the protection against double-spending work?

Is not needed. If it's done right, the vending machine itself doesn't run a BTC client, but receives a paid notification from the vending machine company server that runs the node and is located elsewhere, which would be a good protection against a race attack as you can't make sure miners get the double spend transaction first (the vending company node gets the double spend transaction before the "valid" one).

Therefore leafs only the Finney attack which requires a pool or very large miner to participate to even have a slight chance of success. Which is obviously to expansive to get a bag of popcorn for free.
Unfortunately there is a long distance between a "race attack" and a Finney attack.
1. Long chain of fee less unconfirmed truansactions challenged by one fat fee transaction sent directly to big miners
2. No 1 combined with a tx in midstrean with nlocktime.


No meatspace POS system shoudl ever accept any transaction that is not immediately lockable.  This should be obvious enough.  Snack machines shouldn't take IOU's.

Quote
3. One tx sent directly to snack server, conflicting tx sent to 1000+ nodes
The list goes on.
Protecting against zero confirmation transactions is a never ending battle, like spam mail. Attackers/defenders improve, you are never 100% certain.

Maybe, but as far as I am aware, both the race attack and finney attack are theoretical.  Are there any examples of either being employing in the wild, that does not involve a contrived lab-like setup?  Has anyone, ever, posted on the forums with a "I've been double spended against!" with a credible story?  Online websites should only accept 6 confirms for instantly deliverable goods such as online data streaming, etc; (maybe not a movie, since a double spend simply cuts off the feed halfway through the movie) but meatspace transactions below a certain value are pretty safe.  It's technically simplier to fake a coin operated snack machine using slugs than to double-spend attack it for a bag of chips.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
Jan
Legendary
*
Offline Offline

Activity: 1043
Merit: 1002



View Profile
April 30, 2013, 11:32:13 PM
 #70

Maybe, but as far as I am aware, both the race attack and finney attack are theoretical.  Are there any examples of either being employing in the wild, that does not involve a contrived lab-like setup?  Has anyone, ever, posted on the forums with a "I've been double spended against!" with a credible story?  Online websites should only accept 6 confirms for instantly deliverable goods such as online data streaming, etc; (maybe not a movie, since a double spend simply cuts off the feed halfway through the movie) but meatspace transactions below a certain value are pretty safe.  It's technically simplier to fake a coin operated snack machine using slugs than to double-spend attack it for a bag of chips.

I would love to hear the SatoshiDice developer's take on this and pick his brain.
They (if any) have the experience in the field of accepting zero conf transactions.

How about this:
SD winners/loosers are determined by value of the TX hash and some secret (to be revealed the next day).
If I am among the first to relay a SD TX I can actually alter the TX hash without invalidating the TX (by for instance altering the DER encoding and yet not invalidate signatures) before relaying it to 1000+ nodes. This gives me a high probability of getting my altered TX into the block chain.
Which of the TX hashes should get the winnings if they are determining the outcome on zero confirmations? (No, I wouldn't gain anything from this myself other than the thrill as I wouldn't be able to change the inputs/outputs without invalidating the signatures)

A similar approach would probably confuse many services around as the two TXes would not be a double spend, but just a different variety of the same TX with a different hash.   

Mycelium let's you hold your private keys private.
chronocoin
Newbie
*
Offline Offline

Activity: 39
Merit: 0


View Profile WWW
May 04, 2013, 08:51:00 AM
 #71

Haha, nice catch phrase for chronocoin: "The original bitcoin snack machine"
farlack
Legendary
*
Offline Offline

Activity: 1310
Merit: 1000



View Profile
May 04, 2013, 12:03:48 PM
 #72

Vending machines get robbed all the time, I don't think that the 4 people in the world who know how double spending is done properly will hurt the owners of the machine.







P.S. I know more than 4 people was being sarcastic.
P.S.S its no different than when you watch a video on youtube that shows a button combination that spits out money, and free drinks.
MWNinja
Hero Member
*****
Offline Offline

Activity: 630
Merit: 500



View Profile WWW
May 04, 2013, 03:46:41 PM
 #73

Merchants will easily accept the double spend risk.

$20 or less - 0 confirms (similar to no signature required on VISA/MC)
$20 - $300 - 1 confirm
$300+ - 6 confirms
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
May 04, 2013, 06:52:47 PM
 #74

Merchants will easily accept the double spend risk.

$20 or less - 0 confirms (similar to no signature required on VISA/MC)
$20 - $300 - 1 confirm
$300+ - 6 confirms

How many confirms for 15 purchases $20 each ($300 total)? 0 or 6?
LeTanque
Member
**
Offline Offline

Activity: 85
Merit: 10


Fortune favors the bold and brave


View Profile
May 04, 2013, 08:19:37 PM
 #75

Why doesn't someone who wants to operate vending machines also operate a mining rig that specifically prioritizes confirms from transactions from it's vending machines?  This way, it could release the goods immediately from receiving the btc and then expedite the confirmations thus minimizing risk of double spends.
Because you don't know how mining works  Roll Eyes

You have a point. After your comment, I realized there are probably a lot of things regarding bitcoin that I only have a cursory knowledge of.  So, I started to do some research to try and catch up.  Any response to help verify or dispute my understanding would be greatly appreciated.

The first thing I started with was the Satoshi original white paper. Something stood out to me, in section 8:

Quote
... Businesses that receive frequent payments will probably still want to run their own nodes for more independent security and quicker verification.

This sounds very similar to what I was describing, except exchange miner with node.

So then, I thought to myself: well, what is the difference between a miner and a node? This is something I always assumed was the same thing.

But, AFAIK, it would seem that a business would be wise to run a node for speed and security. Wouldn't businesses do this in the future and wouldn't that in turn become a lot of the power of the network, even when there are no more block rewards.

To make it more effective, you would verify your own transactions faster than others. I suppose it would be difficult to single out transactions from their business; so like, confirm the vending machine transactions before others.  Would that be possible?  Could the miner single out transactions that are a certain value, technically?



"It is a mistake to suppose that any technological innovation has a one-sided effect. Every technology is both a burden and a blessing; not either-or, but this-and-that." -Neil Postman Technopoly
1FooDLuTYk782GQNrY7zY1obTc4ceUfj5t
BitcoinUK
Newbie
*
Offline Offline

Activity: 58
Merit: 0


View Profile
May 04, 2013, 09:45:18 PM
 #76

The whole double spending issue from what I can see is that anyone can send out the same allotment of coins multiple times by using different clients with the same private key imported.

The only problem is only one of the recipients will get the confirmed one. so I still would not risk a zero confirm transaction, instead a vendor would work best if they had a micro-bank/escrow/prepayment service. Just for depositing 0.1btc in each day, which gets confirmed by the microbank/escrow/prepayment service and then when the transaction goes through, the vendor collects the fully guaranteed funds instantly.

So this is an opportunity for someone with high trust to create a prepayment service where franky1 suggests
Quote
why doesnt someone that wants to operate vending machine have a small service where people put in pocket amount of funds in per day while taking a shower in the morning EG 0.1BTC which get pre confirmed into the service. then the funds are ready to use throughout the day

and the balance is deducted when they scan qr codes from the vending machine.

then they can expand this pocket money service to also cater to a payment gateway for starbucks, 7-11 etc..

i wouldnt call it a bank i would call it more like a prepaid service. much like how people use oyster cards in london to pay for train tickets and other things.

I can see starbucks, vending machines, train stations, etc all taking on the prepayment service as their payment gateway
skull88
Hero Member
*****
Offline Offline

Activity: 683
Merit: 500



View Profile
May 04, 2013, 11:11:28 PM
 #77

For small transactions, you actually don't need to wait for confirmations because chances someone will do a double spend for a chocolate bar are pretty small and if they would succeed it isn't a huge loss.

BTC: 1MifMqtqqwMMAbb6zr8u6qEzWqq3CQeGUr
LTC: LhvMYEngkKS2B8FAcbnzHb2dvW8n9eHkdp
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
May 04, 2013, 11:25:25 PM
 #78

For small transactions, you actually don't need to wait for confirmations because chances someone will do a double spend for a chocolate bar are pretty small and if they would succeed it isn't a huge loss.

What if someone does it 1000 times in a row? It's digital world, almost anything can be easily replicated, especially algorithms.
FlappySocks
Hero Member
*****
Offline Offline

Activity: 546
Merit: 500



View Profile
May 04, 2013, 11:44:43 PM
 #79

Profit margins should be good enough to cover the odd case of fraud.  I would imagine it would be possible to get some sort of insurance to cover a major scam.

Some sensible checks can be put in place for detecting abnormal behaviour.

If there is any serious risk, install CCTV.
ralree
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500


Manateeeeeeees


View Profile
May 05, 2013, 12:14:16 AM
 #80

Yeah I think the solution of just accepting without any confirmations is fine for such low-value items.

1MANaTeEZoH4YkgMYz61E5y4s9BYhAuUjG
Pages: « 1 2 3 [4] 5 6 7 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!