Author: Jeff Garzik 2015-02-24 01:11:26
Published on: 2015-02-24T01:11:26+00:00
The email conversation between Eric Lombrozo and Jeff Garzik talked about the security associated with 0-conf transactions in Bitcoin. The conversation started with Eric mentioning that there are instances where 0-conf transactions make sense, such as paying for utilities, ISP, web hosting, or other such services which could be immediately shut off upon detection of a double-spend. Jeff agreed to this point, stating that business conditions must be considered when calculating 0-conf risks.Jeff mentioned that some business cases such as placing an order for a physical good, making an in-person purchase at a brick-n-mortar store, or subscriptions already have countermeasures in place if funds go astray. Order fulfilment can be stopped, subscriptions cancelled, photos handed to police. He also stated that a thief would try to maximize return, which usually means either stealing a few large amounts or many small amounts. Double-spending against a SatoshiDICE clone is easy to automate. Many other purchase situations are difficult to repeat without getting caught, or the level of effort (cost) is greater than the payout of double-spending a small amount. Jeff further explained that purely online, mostly anonymous services like SatoshiDICE will be easily attacked if they accept 0-conf transactions as there is little customer/reputation relationship to leverage. However, that observation cannot be easily applied to most other businesses. Jeff Garzik is a Bitcoin core developer and open-source evangelist who works at BitPay, Inc.
Updated on: 2023-06-09T17:00:23.281021+00:00