Request for Comment: BUIP 0-conf double-spend consensus secure

[DrSammyD]

I've written up a proposal on how to economically secure 0-conf double spends.

The short version is whenever a miner detects a double spend, the miner can choose which transaction to process, and which to use as a double spend proof, and consensus allows that miner to take the remaining balance of that wallet. This enables merchants to consider 1/2 wallet spends economically secure, and double spend attempts costly or unprofitable for an attacker.

This link dives deeper into how this protocol works

Thoughts?

 

[AdrianX]

and which to use as a double spend proof, and consensus allows that miner to take the remaining balance of that wallet.

@HostFat I like the incentive to process the earlier transaction and profit from the latter. I'm not technical but as I understand bitcoin this cant work.

My understanding is when you send a transaction. It consists of an unspent output and a new transaction input. The difference between those two is unclaimed and becomes the transaction fee. Only signed transactions can be written to the blockchain and so you cant claim the fee from a double spend.

eg 1 BTC (unspent) - spend 0.5 BTC new input, - chain 0.49 BTC new input - 0.01 is left to be claimed by the miner who writes that transaction to the blockchain.

When the transaction is confirmed in a block, the inputs become available outputs. Each signed transaction is unique the miner cant combine bits of one and not the other. ( segwit is another story as a soft fork it uses anyone can spend transactions as a base.)

 

[DrSammyD]

Agreed, the format of the UTXO would have to change for these new types of wallets. I suspect you could create a common UTXO pool and convert 1:1 into account balances when you send bitcoin from old wallets to new ones, and then redeem from that pool 1:1 when you deduct from your balance to an old wallet. This might be considered a side-chain at that point.

I mention this at the bottom of the gist

 

[painlord2k]

The problem I see is the miners should be able to write, in the blockchain, the proof a double spend was underway at the time of they took the coins away.

I don't like the miners appropriating money for any reason. This is not their job description.

I suggest waiting for "Weak blocks" development and other improvements to allow miners to know, in advance, the contents of blocks other miners are working on.

With this approach, a 0-conf transaction would be demonstrably in the blocks the miners are working on. The merchant would know, roughly, how much of the total hash power (and miners) would include tx one and how much would include tx two.

Anyway, in presence of a double spend, the merchant should just waits.
If he wants to accept a 0-conf transaction being double spent it is his problem.

 

[DrSammyD]

The problem I see is the miners should be able to write, in the blockchain, the proof a double spend was underway at the time of they took the coins away.

I believe I accounted for that when I added in block range validity to the transactions.

I don't like the miners appropriating money for any reason. This is not their job description

The only time it would ever be their job to take money away from wallets is if the user subjected themselves to it by opting into these new double spend wallets. Normal wallets would not be subject to this rule.

I suggest waiting for "Weak blocks" development and other improvements to allow miners to know, in advance, the contents of blocks other miners are working on.

I'm aware of weak blocks but it's an unanswered question whether it contains the incentives required to construct and abide by them.
https://www.google.com/amp/s/amp.reddit.com/r/Bitcoin/comments/41pf41/weak_blocks_the_good_and_the_bad/
I am certain that this double spend approach would work even if the block construction time was expanded to every 12 hours... Assuming it works as I've described, which is why I'm posting it here for feedback.

 

[DrSammyD]

Ok, I know have it working without account balances, and using collateral.