Beating Bitcoin’s 0 confirmation payments ain’t so easy
Satoshi Nakamoto wrote about the idea, and, theoretically it made a lot of sense. In questions concerning the need for a fast payment (the snack machine problem), Satoshi mentioned the following in mid-2010:
I believe it’ll be possible for a payment processing company to provide as a service the rapid distribution of transactions with good-enough checking in something like 10 seconds or less.
The network nodes only accept the first version of a transaction they receive to incorporate into the block they’re trying to generate. When you broadcast a transaction, if someone else broadcasts a double-spend at the same time, it’s a race to propagate to the most nodes first. If one has a slight head start, it’ll geometrically spread through the network faster and get most of the nodes.
A rough back-of-the-envelope example:
So if a double-spend has to wait even a second, it has a huge disadvantage.
The payment processor has connections with many nodes. When it gets a transaction, it blasts it out, and at the same time monitors the network for double-spends. If it receives a double-spend on any of its many listening nodes, then it alerts that the transaction is bad. A double-spent transaction wouldn’t get very far without one of the listeners hearing it. The double-spender would have to wait until the listening phase is over, but by then, the payment processor’s broadcast has reached most nodes, or is so far ahead in propagating that the double-spender has no hope of grabbing a significant percentage of the remaining nodes.
A few points to note in the above. What may have required 10 seconds back in 2010, now requires less than 3 seconds. Dr Craig Wright states that by checking just 8 nodes, you get the 99.9999% assurance that your transaction will be included within the next block.
So when Core developer Peter Todd fought hard to implement “Replace By Fee” (an algorithm which enabled users to double spend, forcing merchants to wait for a confirmation) on the BTC chain, he did so without any testing or statistical analysis on just how easy it is to do fraud proofs.
Dr Craig Wright states that “fraud proofs and nowhere near as difficult as anyone thinks… the solution is incredibly simple. All you need to do is randomly select a series of nodes on the network and query whether the inclusion of your transaction has occurred on that node. Each query would be random. Using a simple Bayesian algorithm, we could use a failure model to analyse the likelihood of a double spend or other attack… In under two seconds 99.98% of the hashpower would have received your transaction.”
This means that, without the cap, you can be assured of zero confirmation transactions in minimum amount of time.
Sure, this is probabilistic, but every security system works on probabilistic information. “so-called experts of Bitcoin fail to comprehend that strong encryption is [in itself] probabilistic”.
The next point to note with Satoshi’s comment is the term “good enough”.
Ravi Sandu of George Mason University and SingleSignOn.net states the following:
Good enough is good enough.
Good enough always beats perfect.
The really hard part is determining what is good enough.
The first principle is a vacuous tautology, but one that the technical security community (myself included) forgets too easily. The second principle is amply supported by strong empirical evidence in all aspects of information technology. Its application to our field is further amplified because there is no such thing as “perfect” in security. We might thus restate it as the nearly tautological, “Good enough always beats ‘better but imperfect’.”
With Bitcoin Cash, the removal of the cap and the merchant hostile RBF (replace by fee), the online eco-system has now flocked back to embrace the original vision of Bitcoin (BCH) once again.
But this has not stopped a large vocal group of online keyboard warriors spreading fear and ‘concern’ over 0-confirmation payments.
But what better way to fight fake propaganda than by issuing a direct challenge?
Arian Kuqi, Co-founder of Cryptonize.it issued this very challenge to the community, and particularly to those screaming loudest in condemnation of 0-confirmation payments. He says “it started about a month ago, I noticed a lot of comments and posts about 0-conf and how it’s nat safe to use. It’s understandable, people are stuck in their head with BTC problems and think the same goes for BCH”.
For anyone confident you can pull a double spend on the Bitcoin Cash ledger: ' I'll tell you what, I set up an Amazon giftcard worth $1000,- but you pay the equivalent of $2000,- in Bitcoin Cash. ' https://t.co/n6G2rcyGYx
— Cryptonize It (@CRYPTONIZE_IT) February 12, 2018
The challenge is simple… If you can double spend, then you should be able to pay $2000, and then immediately re-spend the money by paying it back to yourself. In return, you would have earned yourself a free $1000 bucks (voucher exchangeable for BTC).
That was a month ago, and to date, there are no prize collectors.
But we did have a buyer of the $1000 voucher for which a user paid $2000… transaction log is here. And Arian Kuqi was quick to post about it.
— Arian Kuqi (@ari_cryptonized) March 17, 2018
And so Cryptonize.it was up 1000 bucks that day. More importantly, it’s proof in itself, that Bitcoin Cash cannot be double spent at 0 confirmations. Not without significant investment anyhow.
Arian has mentioned that he’ll have many more of these challenges coming up in the near future. After all, it is no loss to him… As for any ‘attacker’, Arian promises that it’s fair game if they do succeed. “I announced that I would not press charges or block the card at Amazon if the double spend succeeded, so no risk there for the attacker. Same goes for the coming challenges.”