From: Peter Todd <pete@petertodd•org>
To: Gregory Maxwell <gmaxwell@gmail•com>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] Double Spend Notification
Date: Tue, 21 May 2013 06:05:57 -0700 [thread overview]
Message-ID: <20130521130534.GA27580@tilt> (raw)
In-Reply-To: <CAAS2fgRCpXUgw=GpE9_AcTgWcdCaDC6_16Xp5+oOZC0_1xmf-w@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2100 bytes --]
On Mon, May 20, 2013 at 08:54:25PM -0700, Gregory Maxwell wrote:
> One point that was only recently exposed to me is that replacement
> combined with child-pays-for-parent creates a new kind of double spend
> _defense_: If someone double spends a payment to an online key of
> yours, you can instantly produce a child transaction that pays 100% of
> the double spend to fees... so a double spender can hurt you but not
> profit from it. (and if your side of the transaction is
> potentially/partially reversible he will lose)...
You can do better than that actually: you can arrange the transaction
such that the double-spender is hurt by asking them to pay an excess on
top of the initial payment, and having that excess get returned to them
in a subsequent transaction. Of course, that's trusting the merchant,
but you're trusting the merchant to ship to a product anyway so...
A really interesting example for this though would be applications where
you are making a deposit. You credit the customer account immediately
with half of the deposit amount, allowing them to immediately spend that
portion for something transferable. (perhaps an alt-coin) If the
customer tries to double-spend you burn half to fees, still leaving the
other half to pay for what they did spend. If they don't double-spend,
the rest of the balance becomes available after n confirmations. A
BTC->alt-coin exchange could use this mechanism for instance, although
it only works with widespread replace-by-fee adoption; blockchain.info's
shared-send service is another application, as is SatoshiDice. (the
failed bet tx can be the refund)
What's nice here is even if the customer tries to pay a miner to do the
dirty work, a short-term rational miner still has an incentive to screw
over the customer by accepting the merchant's double-spend. Now the
customer can promise the miner future business, but they've shown
themselves to be dishonest... how much honor is there among thieves?
--
'peter'[:-1]@petertodd.org
00000000000000f31f5cd20f915e3edb8e3fceea49580235b984fea63f1f882c
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]
next prev parent reply other threads:[~2013-05-21 13:06 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-21 0:45 Quinn Harris
2013-05-21 1:24 ` Robert Backhaus
2013-05-21 1:56 ` Pieter Wuille
2013-05-21 3:27 ` Mike Hearn
2013-05-21 3:39 ` Robert Backhaus
2013-05-21 13:06 ` Peter Todd
2013-05-21 3:54 ` Gregory Maxwell
2013-05-21 4:39 ` Gavin Andresen
2013-05-21 7:04 ` Gregory Maxwell
2013-05-21 8:08 ` Robert Backhaus
2013-05-21 13:05 ` Peter Todd [this message]
2013-05-21 14:26 ` David Vorick
2013-05-21 16:47 ` Quinn Harris
2013-05-21 3:46 ` Quinn Harris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130521130534.GA27580@tilt \
--to=pete@petertodd$(echo .)org \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=gmaxwell@gmail$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox