Andreas is incorrect here. A double spend _did_ happen.

Bitcoin's double-spend protection is probabilistic: after one confirmation, if the sender is attempting to double spend, the probability of success is extremely low. But it's still non-zero.

As the Bitcoin whitepaper helpfully explains, the probability of a double spend attempt succeeding drops exponentially with the number of confirmations. One confirmation is extremely low, two is basically (extremely low)².

Full details: bitcoin.org/bitcoin.pdf

Follow

Unfortunately, Andreas falsely claiming a double spend did _not_ happen is dangerous: people have to realize that a single confirmation is not an absolute guarantee.

This case was ~$20, and looks like someone was just moving money between different wallets.

But if you're accepting a payment large enough that you can't risk even a very low chance of a double spend, you _do_ need to wait for multiple confirmations. Claiming otherwise could lead to people losing money.

· · Web · 4 · 4 · 12

As an example, my OpenTimestamps server software waits 5 confirmations (by default). I'm not worried about losing money - the calendars are double-spending transactions to themselves. But the software frankly can't handle a double spend - you'd need to manually fix things in the calendar database.

So I just wait a few confirmations to make the probability of a double spend extremely low. So low that if one actually does happen, it's much more likely that Bitcoin itself broke in some way.

Re user's being confused, here's an example.

Even with control of no hashing power at all, you can very occasionally do double spends of confirmed transactions. You just have to be lucky enough for a stale block to get mined at the right time.

Stale blocks are pretty rare these days. I don't have stats handy. But looks like the % is something like 1 in 1000 blocks or less. So that'd be a sub 0.1% chance of success per attempt.

@pete That depends on how you define "happened". Is the fact two conflicting txes exist, unmined, in "the" mempool enough for a double spend to happen? Is the fact that two conflicting txes were both mined in competing blocks enough? Why is one more "happened" than the other?

@pete I would argue a double spend only "happened" if the spend that ended up being non-canonical was actually accepted by the recipient in return for some services/goods/whatever. And if that happens with a 1conf tx that's a implementation failure on the recipient side.

@kekcoin I define a double-spend as happening if wallet software would have likely observed one happening.

So double-spends of unconfirmed txs happen *constantly*. I personally have services that do them dozens of times every day.

Double-spends of txs with 1 confirmation are very rare. But they still occasionally happen.

@pete That's a reasonable and internally consistent definition. No guarantee Andreas is using the same one, though

@kekcoin Thing is, since we don't know what that transaction was for, Andreas can _not_ claim it wasn't a double spend, even by a definition that requires someone to get ripped off. We just don't know if someone did or did not lose money. I'm _guessing_ no. But I can't be sure.

@pete @kekcoin

> Double-spends of txs with 1 confirmation are very rare. But they still occasionally happen.

Why aren't they valuable collectibles then? 🙃

Semi-serious question.

@pete peter, wouldn't you say double spend requires that a merchant was actually defrauded? no one accepted the deposit and credited the entity with the additional funds here.

unlike the okpay double spend in 2013 which really was a double spend.

@nic No I wouldn't, not from the perspective of users interested in understanding Bitcoin. A double-spend technically speaking happened. It looks like the double spend was between two different wallets, by the same person. But it might not have been.

Regardless, it's a good lesson learned to remind people of best practices.

@pete fair enough. spend 30 min on the phone with a journalist explaining how bitcoin settlement works. probabilistic settlement is still a mystery to these people.

@nic @pete That's no surprise, given how most people still think of bitcoin mining costs in terms of "this is what it costs to process 1 block worth of txs" rather than "this is what it costs to secure all txs in this block and all that came before it".

@nic @pete man, I’m not sure they’ll ever get it.
You have a lot of patience.

@lucash_dev @nic My willingness to talk to journalists has dropped dramatically in general; Coindesk specifically I almost entirely stopped responding too due to badly reporting that wasn't getting facts correct. A year *prior* to Cuen's first article on the Lovecruft case in fact!

Thank you very much @pete for this awesome and complete explanation

@pete Four confirmations has been the suggested minimum for several years. Do you agree with this? Thanks for your advice.

@theitaliandude Honestly, it depends on risk vs reward. As very rough guess, if someone is *actively* trying to attack you with a double spend, a reasonable worst-case guess is there's a 0.1% chance of them succeeding after one confirmation. And even less after two. But there's tail risk - that model doesn't capture it all.

Sign in to participate in the conversation
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!