Bitcoin Forum
December 11, 2016, 02:10:59 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Doublespend Protection Insurance  (Read 3143 times)
Etlase2
Hero Member
*****
Offline Offline

Activity: 798


View Profile
November 03, 2011, 09:06:15 PM
 #41

Maybe that's because they are _much_ harder to pull off?

Besides, if any such "agency" would really want to bring down Bitcoin, they could do so much more easily by influencing legislation, attacking the exchanges, spreading more FUD,...

I find it funny to assume that anyone with the power to quickly build a 30.000 GPU cluster just for the purpose of messing with Bitcoin, doesn't have any better, cheaper and slightly more subtle means of severely harming Bitcoin.

They aren't _much_ harder to pull off with pools being the way they are. Double spends aren't exactly easy as cake to pull off, and they will generally only affect a small number of people. Making an insurance company to reduce the threat is laughable. Merchants could merely add a small fee to their products to cover any potential loss.

Legislation is very expensive, probably more expensive than designing a big computer to compute SHA2 hashes. Not to mention there is no one-world government yet. Attacking the exchanges doesn't stop the network, especially if it's ubiquitous.

1481465459
Hero Member
*
Offline Offline

Posts: 1481465459

View Profile Personal Message (Offline)

Ignore
1481465459
Reply with quote  #2

1481465459
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481465459
Hero Member
*
Offline Offline

Posts: 1481465459

View Profile Personal Message (Offline)

Ignore
1481465459
Reply with quote  #2

1481465459
Report to moderator
1481465459
Hero Member
*
Offline Offline

Posts: 1481465459

View Profile Personal Message (Offline)

Ignore
1481465459
Reply with quote  #2

1481465459
Report to moderator
1481465459
Hero Member
*
Offline Offline

Posts: 1481465459

View Profile Personal Message (Offline)

Ignore
1481465459
Reply with quote  #2

1481465459
Report to moderator
Steve
Hero Member
*****
Offline Offline

Activity: 868



View Profile WWW
November 03, 2011, 09:21:27 PM
 #42

A couple of months ago I have considered for a while to start something like the described BDPIC. In my opinion, it is only possible if you know the involved merchants very well. I did not want to have to whitelist merchants, so I decided not to attempt it.

The problem is this: Let's assume everyone can sign up for your BDPIC. If I'm an attacker, I set up a merchant account and can now pay myself through BDPIC any amount I want at a small fee. If there are limits in place, I just open multiple merchant accounts and bundle them.

With this setup, I can now attempt to double-spend until I succeed. The only conditions is, that the total amount of fees I have to pay is less than the payoff for a single successful double-spend. This will most likely be the case, unless you charge huge fees. Let's assume you charge 2% on all transactions (already on the expensive side, I would argue), then I as an attacker can try 50 times before it becomes unprofitable. I described one attack that can be performed here: http://www.reddit.com/r/Bitcoin/comments/kmo2l/suggestion_bitcoin_confirmation_honeypot/c2lhbv1 . The attack described there can not be detected by monitoring the network and if you have 50 tries you need to have a little bit more than 2% of total hashing power to make it work.
Having 2% of the network would be in excess of 100 Ghash currently see http://bitcoin.sipa.be/).  That kind of hardware will set you back by at least $50,000 (if not closer to $100k).  If you're talking about relatively small value transactions, you will need to pull off a lot of double spends to make it worthwhile.  I think if you employed counter measures once a double spend is successfully executed, you could easily undermine the economics of such an attack.  For in person transactions, where instant confirmation is most needed, the economics of such an attack are already not viable.  For online transactions, counter measures could be as simple as resorting to full confirmations in the event of a successful double spend.

(btw, some on this thread have mentioned listening for conflicting transactions…but that's not actually how it would work…you would receive your transaction through the network and then you listen for additional nodes reporting that same transaction…what you want is a high percentage of nodes reporting your transaction…if they report your transaction, it means that they consider it to be valid (and would have discarded any conflicting transaction)…you'll want to place more weight on mining nodes if you can determine them since you'll want to see that there are miners working on putting your transaction into a block)

(gasteve on IRC) Does your website accept cash? https://bitpay.com
wareen
Millionaire
Hero Member
*****
Offline Offline

Activity: 742

bitcoin-austria.at


View Profile
November 03, 2011, 10:02:01 PM
 #43

Legislation is very expensive, probably more expensive than designing a big computer to compute SHA2 hashes. Not to mention there is no one-world government yet. Attacking the exchanges doesn't stop the network, especially if it's ubiquitous.
Influencing legislation doesn't have to be very expensive: incriminating someone with selling cp or terroristic equipment for Bitcoins will quickly get you the negative publicity needed to pave the way for passing a bill outlawing anonymous cryptocurrencies. With some connections to politics and media, this should not be too difficult.

You are right in that attacking the exchanges won't stop the network, but it could cripple Bitcoin nevertheless (price would plummet, hashrate and confidence would follow soon). It would be more or less the same scenario as if some major jurisdiction was to outlaw Bitcoin.
Littleshop
Legendary
*
Offline Offline

Activity: 1316



View Profile WWW
November 03, 2011, 10:42:40 PM
 #44

Doublepspend insurance is not needed yet.  Either the item is too cheap and the attacker could get a larger reward by mining with his hardware, or the item is probably not going to be delivered before the doublespend is detected.

Maybe in the future someone will sell a database or software for BTC that is expensive, and deliver it too soon but I don't know of any serious attack possibility that would be financially worthwhile.

FreeTrade
Hero Member
*****
Offline Offline

Activity: 854



View Profile
November 04, 2011, 03:59:35 AM
 #45

Doublepspend insurance is not needed yet.  Either the item is too cheap and the attacker could get a larger reward by mining with his hardware, or the item is probably not going to be delivered before the doublespend is detected.

Maybe in the future someone will sell a database or software for BTC that is expensive, and deliver it too soon but I don't know of any serious attack possibility that would be financially worthwhile.


Maybe. It's just nice right now to have a good response to the argument - "Oh Bitcoin could never be used for retail, the transaction would take too long, or the retailer would risk getting stung by doublespends." This as a problem that is solved in theory.

The internet is freedom to communicate without permission. Crypto is freedom to trade without permission.

HODLCoin ANN - Interest rate 0.000015% per block for every balance. Term Deposit Rate 2500% - http://hodlcoin.com/
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!