Small fee transactions + shops which trust 0 confirmations

[Perlover]

Hi,

I experimented with my wallets and transfered to mine from other wallet 0.008 BTC with fee 0.000001 (1/100 from recommended). Inputs of this transaction refered to outputs of other transaction with only 1 confirmation. So weight of inputs were very low priority. And value of this transaction was < 0.01 BTC which recommended.

I saw my transaction in "memory pool" at blockchain.info. It had not be confirmed very very long time (i waited ~ 2 days) and now there is no this transaction at blockchain.info. I think it was ignored and wiped as dust by nodes. My wallet now thinks that this transaction is pending and doesn't allow to spent this money. Ok, i know if i restore wallet from private keys at other device may be i will be able to spent this money. My question not about this.

I know shops which accepted micropayments after 0 confirmations. I thought it's fine and ok because double spending is very difficult. But after this the case i don't think same.
An attaker can send a micropayment to same shops by way as i did. Shop sees transaction (value < 0.01 BTC) in pool and decides to release a good or a service to buyer. But after this the payment will stay in memory pool long time and after erased because some conditions occurred from default described here: https://en.bitcoin.it/wiki/Transaction_fees

What should shop do for to prevent such instances? Software of shop should see in transaction fee? But if the buyer did not do it intentionally (wallet had fee as 0.000001 BTC for example or there zero fee)? And if this happens, as a shop in advance, fast, can know - will this transaction confirmed (even after 1-2 days) or not?

[1715561535]

1715561535

[1715561535]

1715561535

[1715561535]

1715561535

[Perlover]

Ooopss..
I see this transaction again but time of arriving there is new - today...

https://blockchain.info/tx/f0171af132cf728e162b561391f2019712b6c5400e702d0c232c897a34a85c27

May be this transaction will be confirmed through ... X days/months

[isidore]

In this case I feel the problem is the fee being too low. The transaction may never be confirmed if there are no miners going to put it in the chain.

If I were the merchant I would not honor this transaction because of the lack of fees. Most wallets will include the fee by default for you, so the fact that it is lower than normal would be suspect to me.

It would be interesting to see what the behavior is at bitpay / coinbase if you author a transaction with fees low as this. Chances are they won't accept it?

[amaclin]

I experimented with my wallets and transfered to mine from other wallet 0.008 BTC with fee 0.000001 (1/100 from recommended).

Acceptable fee for 0.9.x clients is 0.00001 per kilobyte
So, you are about 1/4 below limit, not 1/100

and now there is no this transaction at blockchain.info. I think it was ignored and wiped as dust by nodes.

It was deleted from memory-pool by blockchain.info node!
There are nodes on the network which keep transactions for a months and [may be] for years!
Sometimes these nodes re-broadcast transactions from their memory-pools.
Your transaction has a non-zero fee, so the nodes have more reasons to keep it than a free ones.

[Perlover]

Thanks for replies.
Now i want to make some test for Bitpay
The namecheap uses Bitpay for payments. I will test now there what happens

[Perlover]

The Bitpay accepted my payment after 2 seconds
And $3 there is in my account at the Namecheap

Transaction is here:

https://blockchain.info/tx/241a9cb0a9374d432e230ecbc8f88494856b38e201455d2faa5c0de8a90b3aa3

I paid 1 Satoshi for it.

I am very interested when this payment will be confirmed...

P.S. And only a notice: the Bitpay reuse addresses for orders. Here address of Bitpay for my order: https://blockchain.info/ru/address/18Gds8K6HUBcojEN2jj1kaA9rmxdwNzHV8
And now i think experiment is not enough clean - in my last transaction used input with 16 mBTC, so priority of transaction will be few more than first transaction where input was 8 mBTC

[tsoPANos]

So bitpay doesn't require any confirmations?
AFAIK this can be used for double spending!

[amaclin]

The Bitpay accepted my payment after 2 seconds
And $3 there is in my account at the Namecheap
Transaction is here:
https://blockchain.info/tx/241a9cb0a9374d432e230ecbc8f88494856b38e201455d2faa5c0de8a90b3aa3
I paid 1 Satoshi for it.
I am very interested when this payment will be confirmed...

Everyone else is very interested if this payment will be successfully double-spended.

[Muhammed Zakir]

I didn't know that Bitpay doesn't requires confirmation? Why didn't they check it? Is double spend a problem? Really this is against BTC rule, right?
Kindly,
    MZ

[Perlover]

I think only for small payments the Bitpay doesn't require confirmation
But if fee >= 0.0001 BTC, it's not problem - as rule the payment will be confirmed quickly and for double spending an attacker should do a mining very quickly
But if fee is very small for this transaction it will be in pool very long time (am attacker without problem will set fee <0.1 mBTC).
Then an attacker can make a double spend and mine only block with new double spend transaction and he will have more time because first transaction will wait ~ days for confirmation.
Right?

[Perlover]

I didn't know that Bitpay doesn't requires confirmation? Why didn't they check it? Is double spend a problem? Really this is against BTC rule, right?
Kindly,
    MZ

I think they wants easy payments for customers. The cost of double spending for small transaction is very big and more than the cost of small micropayment. But these rules work only for normal speed - 10-20 minutes. As i think here is other situation - small fee -> long time -> attacker has time for double spending.

[Perlover]

But i think it's very difficult to make double spending because my small small-fee transaction already in memory pool of many full nodes.
And if i will broadcast a new signed transaction with same outputs full nodes will reject the new transaction because they have first small transaction.
The Bitpay accepted with 0/confirmed because they got my first tx and now they retranslated it to many other nodes and will store it until it is confirmed.

Am i right?

[amaclin]

But i think it's very difficult to make double spending because my small small-fee transaction already in memory pool of many full nodes.
And if i will broadcast a new signed transaction with same outputs full nodes will reject the new transaction because they have first small transaction.
The Bitpay accepted with 0/confirmed because they got my first tx and now they retranslated it to many other nodes and will store it until it is confirmed.

Am i right?

it's very difficult to make double spending - wrong. It is easy to double-spend 0-confirmed tx with low fee.
my small small-fee transaction already in memory pool of many full nodes - right or wrong depends of what is "many"?
full nodes will reject the new transaction because they have first small transaction - usually, but not 100% truth

The Bitpay accepted with 0/confirmed because they got my first tx - wrong? I think that Bitpay is able to discard $3-payment to your  Namecheap account

[Perlover]

The Bitpay accepted with 0/confirmed because they got my first tx - wrong? I think that Bitpay is able to discard $3-payment to your  Namecheap account

I know other shops which accept 0/confirmed transactions and they do mobile phone recharges. I will not write here URL of same shop but i know that they accept 0/confirmed transactions.

And my experiment to be continuing:

1) I imported private key in Bitcoin Core for this address which i used for namecheap's transaction (through debug console)
2) Bitcoin Core didn't see anywhere my first transaction and wrote to me that i have 16.** mBTC
3) I sent all funds from old address to my other address. Bitcoin Core sent this transaction in network

Here is new transaction:

https://www.biteasy.com/blockchain/transactions/b78bfe99cfd6eaf843ce7d739c29cbfb2e19d40d26ec4c7f8d15793ae579e4b0
As i understand the beateasy doesn't know about my first transaction

Same address:
https://blockchain.info/address/1Q7t6mYBrZ5jHkYoUzLrFfky5JQ1UNbsrS
And
https://www.biteasy.com/blockchain/addresses/1Q7t6mYBrZ5jHkYoUzLrFfky5JQ1UNbsrS

I am waiting what happens now

[Perlover]

Oops...

Double spending.
My second transaction which sent through 4 hours later (!) was confirmed.
Now i have $3 in namecheap account but Bitpay's transaction was declined by bitcoin network.

I will write now in the Namecheap & in the Bitpay about this.

[Perlover]

SUMMARY:

In the Bitcoin transactions with small fee and low priority inputs can slow a speed of transaction confirmation and retranslations.
An attacker can use it!

Conditions:

1) A sum of transaction should be small (about 0.01BTC)
2) After invoice the attacker should make & send a transaction with small fee (<0.00001 BTC/kb, https://en.bitcoin.it/wiki/Transaction_fee#Including_in_Blocks) and low prioroty inputs (it can be achieved by sending bitcoins before to other address and to do new transaction immediately after first confirmation from outputs of previous transaction)
3) A shop (which allows 0-confirmed transaction) sees transaction and release service or goods.
4) After through some time (it can be through 1-4 hours even! I did it after 4 hours) an attacker should send in network other transaction with normal fee (>=0.0001BTC).
    Because second transaction has fee more than recommened 0.0001BTC, it has a huge chance to get into the near block (https://en.bitcoin.it/wiki/Transaction_fee#Including_in_Blocks)
5) The attack can be done by using common clients: Bitcoin Core & and some Bitcoin wallets where fee can be changed (Wallet32 @ Android)

As solution i see here two ways:

1) A shop should release service or goods after as minimum 1 confirmation

OR

2) If a shop wants make a quickly payments and continues to work with 0-confirmed transaction it should analyze a probability of success fast transaction:
  a) a fee of transaction should be >= 0.0001 BTC (for quickly retranslate it to miners through Bitcoin network)
  b) Transaction inputs should refer to age outputs of previous transaction.
  c) Transaction should not be big size ("priority = sum(input_value_in_base_units * input_age)/size_in_bytes")
  If it does not satisfy the requirements of these conitions a shop should wait 1 confirmation.

a & b & c points are described here:
https://en.bitcoin.it/wiki/Transaction_fee#Reference_Implementation
But these rules can be changed with new versions of Bitcoin Core.

I saw many shops where 0-confirmed is ok. These shops use Bitpay.com, Alfacoins.com and other billings. They sell mobile recharging, domains and bank account recharging (Yes!)

I love the Bitcoin and i love quickly micropayments!

UPDATED: I found similar topic from 2012:
https://bitcointalk.org/index.php?topic=130764.msg1405516#msg1405516

[edmundedgar]

Namecheap are generally holding domains and things on your behalf, so if you diddle them they can repossess them. You may be able to get away with a certain amount of fraud to the extent that their losses to double-spending are too low to be worth chasing up, but that doesn't mean they're making the wrong business decision.

PS From a friendliness to bitcoin point of view it's probably better to report issues you think BitPay may have to BitPay in the first instance not to their client, since you just end up burning up the support time of guys like Namecheap dealing with stuff they'll probably just end up escalating to BitPay.

[bitcoinbeliever]

Your successful double-spend shows up on this site that tracks them:

http://respends.thinlink.com

It's true that double-spending a 0-conf tx is easier than most people think, and it's true that you should be very careful *ever* trusting a payment with no confirmations.

The weird thing is the idea that no effort should be made to improve the situation, or at least let the victims know sooner.  The reason that comes up is "it won't work 100%, so don't even try."

[Perlover]

The namecheap thanked to me and returned back $3 from account.
The Bitpay is working with my ticket.

UPDATE: Here fine desciption what happened with my double-spending
https://bitcointalk.org/index.php?topic=714263.msg8102166#msg8102166

[Jenny69]

So bitpay doesn't require any confirmations?
AFAIK this can be used for double spending!

Both bitpay and coinbase will only give you a limited amount of time to "send" the BTC (likely to protect against price chances in the price). IIRC the TOS when paying via coinbase is that an item is not considered paid for until the TX is actually confirmed by the network, but the timer on the limit as to how long you have to pay for an item is only for when the TX actually shows up on the network.