Hey all,
I'm new here but already read quite a lot about bitcoins and already have a wallet, accounts on exchanges, etc. There's something I don't understand very well regarding orphaned blocks / double-spending / etc.
If I'm not a website (say not a gambling website) but just a regular user (and not a paranoid one) and expect a tx from another user which I believe is just also a regular user, how many blocks should I wait so that it's highly probable that I'll get my coins even if there are orphaned blocks?
That really is a decision you have to make for yourself based on the amount of risk you are willing to accept.
In general, I'm willing to accept transactions less than $1000 from an untrusted source once they have 1 confirmation. (If I have a trust relationship with the source, then 0 confirmation is fine). Anything between $1000 and $10,000, I'd prefer to wait for 2 confirmations. I've never done a transaction as large as that with an untrusted source, but if I were going to do a transaction larger than $10,000, I'd probably wait 3 confirmations.
Imagine I'm waiting for a tx of 1 BTC to a public address which belongs to me and I now see the tx to my public address in a block explorer (say blockchain.info) with zero block of confirmation.
Am I correct in my understanding that even if there are orphaned blocks, once I saw the tx (even with 0 confirmation), it is still highly probable that I'll get my 1 BTC?
No. If the sender used a blockchain.info wallet, a large number of inputs, and didn't pay a transaction fee, you will almost certainly NOT get your 1 BTC.
If I'm facing an attacker which want to try to prevent me from getting that 1 BTC even though I already saw that tx of 1 BTC to my public address, is the only possible attack a "double spend" attack?
No. All they have to do is create a transaction that is likely to take a few days to confirm. If the wallet you are using to receive the transaction doesn't save/re-transmit the transaction on a regular basis, then it will eventually be dropped and the sender will have their bitcoins back.
If an attacker wants to try a double-spend attack, does that attacker need to also be in control of a big mining pool or can an attacker just try to do a double-spend attack anyway?
They simply need to convince a mining pool that the second transaction is the one that should be confirmed instead of the first. There are several ways to do this without controling a big mining pool.
Can the network do anything versus attackers trying to do double-spend attacks?
Individuals who are engaged in a transaction where there is a significant risk of double-spend should wait for at least one confirmation if they don't want to take on the risk.
Is this even detectable?
In some cases it can be, but you can't count on that fact. There are ways to prevent it from being detected depending on the situation.