[Bitcoin-development] alternate proposal opt-in miner takes double-spend (Re: replace-by-fee v0.10.0rc4)

Justus Ranvier justusranvier at riseup.net
Sun Feb 22 16:25:11 UTC 2015

Hash: SHA1

On 02/22/2015 10:17 AM, Natanael wrote:
> The problem with this approach is that it is worthless as a
> predictor. We aren't dealing with traffic safety and road design -
> we are dealing with adaptive attackers and malicious miners and
> pools.
> Anything which does not invalidate blocks carrying doublespends
> WILL allow malicious miners and pools to conspire with thieves to
> steal money. The probability of being hit will then be (their
> proliferation in your business area) * (their fraction of the
> mining power).
> That might seem to give small numbers for most sets of reasonable 
> assumptions. But the problem is that's only an average, and the
> people being hit might have small profit margins - one successful
> attack can place hundreds of merchants in red numbers and force
> them to shut down.
> You should never expose yourself to attacks which you can't defend
> against and which can be fatal. In particular not if there's
> nothing in the environment that is capable of limiting the size or
> numbers of any attacks. And there's no such thing today in
> Bitcoin.
> This is why I sketched out the multisignature notary approach, and
> why some decided to extend that approach with collateral
> (NoRiskWallet) to further reduce trust in the notary. This is the
> single most practical approach I know of today to achieve ACTUAL
> SECURITY for unconfirmed transactions.
> Don't like it? See if you can do better!
> Just don't rely on zero-confirmation transactions!

You just disproved your own argument.

It is possible to predict risk, and therefore to price the risk.

You also noted that for some Bitcoin users, the price of that risk is
too high for the types of transactions in which wish to engage.

In what way does that translated into a universal requirement for
everybody to use multisignature notaries?

Surely the users who can afford the risk can use zero conf if they
like, and those who can't can use multisig notaries?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xEAD9E623.asc
Type: application/pgp-keys
Size: 17528 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150222/1008c914/attachment.bin>

More information about the bitcoin-dev mailing list