I've been told that accepting 0 confirmation payments in bitcoin is a dangerous idea. There are people who say that there are ways to reduce the risk to virtually zero and others that say it will likely become a problem especially for high-value transactions. There is some disagreement from what I can gather.
There are two separate attacks regarding 0 confirmation -- one is the race attack and the other the Finney attack. First on the race attack:
Almost everyone agrees that there is some risk where a merchant accepts as "paid" on 0/unconfirmed due to the race attack . To protect against this attack the merchant can configure the client properly (no incoming connections, and explicitly have it be well connected to all the larger miners) and to weigh the risks versus the rewards. When the attacker is not successful, the store ends up having made a valid, profitable sale and the would-be scammer ends up purchasing goods that might not otherwise have been wanted. The attacker isn't going to be making 50 purchases at Home Depot in anticipation that at least one of those might be a successful double spend attempt. So the risk of a race attack double spend should not stop a Home Depot from accepting on 0/unconfirmed.
Now lets say instead you have a machine that gives out quarters at the laundromat and charges a 1% fee. Now for this it might be profitable to attempt to do double spend race attacks over and over even if an attempt is only successful 1 out of every 50 attempts. The merchant in this instance is vulnerable to the race attack.
That 1 out of 50 success metric was a fabricated estimate. Because bitcoins are not used much in retail yet there is no history of actual attacks available nor have any simulated attacks or other tests been performed to determine what this ratio would be against the way mining operates nowadays.
In both examples above, the merchant can self-insure against the risk by making the double spending tactic unprofitable in the long run (e.g., by charging more than 1% fee in the laundry vending machine example.)
With collusion and organisation the Finney attack could be much much worse.
Is this correct?
Every second that the miner holds onto that solved block is another second that the other miners have available to solve and announce a block at that same height. Now picture the scammer with the shopping cart at Home Depot waiting for the text from the miner. The scammer gets the green light, sprints to the cashier and hurriedly asks for checkout to be completed as quickly as possible. Once the mined block with the double-spend arrives, in a minute or three later, the merchant will know a fraudulent double-spend just occurred. Will the scammer even have made it out of the parking lot? The planning and timing would have to be very well executed for this to be successful.
Then consider the other example above -- the vending machine at the laundry. The merchant can limit the potential haul the scammer by simply limiting the amount that can be withdrawn per block. If $40 is the most that can be stolen the laundromat is probably not going to be the scammer's choice as to which merchant to hit.
Physical transactions have one characteristic that online transactions don't -- physical identity of the buyer. The cashier and/or cameras at Home Depot will be able to make out the identity of the scammer. If what the news media shows is typical, those who attempt heist jobs that require participation and coordination of multiple criminals will rarely ever succeed without getting caught. That miner probably would hate to see a multi-ghash mining operation get seized because the timing by one of the conspirators was a little off.
