When you can and can’t rely on 0 confirmations

The Bitcoin community has been hit with a wide range of security related news lately: first CVE-2014-0160 aka ‘Heartbleed’ , a serious vulnerability in the popular OpenSSL cryptographic software library. The Bitcoin core team has issued an update of the Bitcoin software and an alert  . We have tweeted about the vulnerability, just after we upgraded and checked our services (we recommend Saltstack to manage your servers, great especially in these situations ).

Then user espringe on Reddit announced BitUndo, a service that “can help you to revert mistaken payments” effectively allowing users to double spend their transaction back to themselves for a 10% fee to BitUndo.

One immediate community reactions was to suggest that this service could also be used to defraud merchant or bitcoin payment processors such as Bitpay  and Coinbase.

So far the service doesn’t seem to have any sufficient hashrate to be successful in double spend attempts often to be a problem however this may change as the BitUndo mining pool seems to have better incentives for miners and the situation will become worse as the block reward halves. There seems little that the network can do from a decentralized perspective to stop this from happening.

The situation appears to be much worse: Peter Todd, one of the core Bitcoin developers has submitted on reddit a post titled “Double-spending unconfirmed transactions is a lot easier than most people realise”  which shows and proves how he and anyone that tries can easily double spend with around a 50% chance. He continues, “Fact is, unconfirmed transactions aren’t safe.”  This is caused principally by the difference in how some miners perceive a low fee as dust and won’t include it (nor check for double spends) while others will happily include it. Submitting first a transaction with one of the new lower fees is what causes the problem.

This will improve as more miners move to the latest version and Peter has also proposed some patches that will allow to somewhat counterbalance this attack but ultimately any difference in the transaction that miners accept will allow some percentage of double spends and as mentioned above the incentives will change further as the block reward halves.

Solutions to this problem are various:

  • accept risk and perhaps use one of the new counterbalancing measures or wait for a number of confirmations in relation to the amount and risk in the local area/product category
  • require users to pre deposit their Bitcoins well in advance

One more thing worth mentioning is about localbitcoins , a market place for trading bitcoins locally and over the internet. User don4of4 submitted a post on Reddit  in which he advise users to empty their accounts.

There seems to be an issue with stolen bitcoins. While it is not clear yet whether the hack was on the user credentials externally to localbitcoins or whether it was on localbitcoins service itself, one thing that is clear is that a multisignature system would have prevented funds to be moved without access to the user private key.

This could be implemented directly by localbitcoins.com, or should they prefer, it could be provided with the help of a specialized third party such as greenaddress.it that could help them concentrate on their core business and at the same time allow user funds to be locked only while in escrow and not require predepositing with localbitcoins.com.

Greenaddress user’s funds are in a multisignature 2of2 P2SH between them and the server and as such both the keys from the user and GreenAddress are required to move funds. This allows us to prevent user double spend, effectively guaranteeing to receivers instant payment, even under the 0-confirmation scenario, as long as the merchant trusts us. At the same time, should we disappear for _any_ reasons, users can sleep feeling safe as we provide in advance transaction unlocking their funds in the future.

GreenAddress.it could help in sending the user funds to localbitcoins.com upon user signature and two factor authentication directly in the escrow system. This would provide localbitcoins.com a signed instant confirmation proving the users funds came from a wallet in multisignature with GreenAddress.it

This would mean that users and merchants don’t have to wait to trust that funds will be received!

This mechanism could also allow exchanges to provide a competitive advantage to users both in terms of inter-exchange transfer for arbitration but also in terms of security as user funds would only be compromisable when in order or instant book, reducing the extent to which MtGoxing like scenarios can happen in the first place.

For more info on the design, see the white paper here.

UPDATE:

Allegedly the localbitcoins issue was caused by the user reusing data across services of which some have been recently compromised and information thereof leaked. See their initial response here . Ultimately we think it doesn’t really matter who is at fault, using multisignature can help prevent this class of issues entirely and services should evolve to take advantage of improved standards.

2 Comments

  1. Pingback: Bitcoin – When you can and can’t rely on 0 confirmations | NYC Startup News

Comments are closed.