Search content
Sort by
Showing 20 of 111 results by CJYP
Let me preface this with, I'm not exactly sure how bitcoind deals with receiving two equivalent blocks (two different block 213s for example). Obviously, once it receives a block 214 it'll keep the 213 referenced by its 214. But until then, from my research (which may be incomplete, but I can't find much about this) it seems that it keeps the block it received first. This, however, is a breach of the bitcoin protocol.
The bitcoin protocol specifies that in the case of a blockchain fork the winning chain is the one with the most work in it. Clearly, the first block received is not necessarily the one with the most work - the block with the most work would be the block with the lowest hash. For all neutral miners (miners who didn't mine either version block 213) and non-mining nodes, replacing a block is a normal occurrence that doesn't cost anything. Therefore, following the protocol and replacing the accepted block by the block with the lowest hash seems like an intuitive thing to do. It is also a useful thing to do - it immediately ends the current situation where it is more profitable to mine blocks with less transactions, unless the transactions pay a much higher fee than otherwise would not be necessary. I see no reason why bitcoin core does not follow one of the most basic rules of the protocol, especially when not following it has a cost in network utility.
Yes, I do know that Gavin's O(1) block propagation time solves the problem too, however these solutions can coexist. And implementing replace-by-lowest-hash would be extremely simple, compared to the O(1) propagation time solution.
EDIT:
To avoid bumping this, I'm just going to edit this post.
I disagree with some of Shorena's specifics, but I can't refute the general point which is that it would open up some possibilities for attack that currently aren't possible.
The bitcoin protocol specifies that in the case of a blockchain fork the winning chain is the one with the most work in it. Clearly, the first block received is not necessarily the one with the most work - the block with the most work would be the block with the lowest hash. For all neutral miners (miners who didn't mine either version block 213) and non-mining nodes, replacing a block is a normal occurrence that doesn't cost anything. Therefore, following the protocol and replacing the accepted block by the block with the lowest hash seems like an intuitive thing to do. It is also a useful thing to do - it immediately ends the current situation where it is more profitable to mine blocks with less transactions, unless the transactions pay a much higher fee than otherwise would not be necessary. I see no reason why bitcoin core does not follow one of the most basic rules of the protocol, especially when not following it has a cost in network utility.
Yes, I do know that Gavin's O(1) block propagation time solves the problem too, however these solutions can coexist. And implementing replace-by-lowest-hash would be extremely simple, compared to the O(1) propagation time solution.
EDIT:
To avoid bumping this, I'm just going to edit this post.
I disagree with some of Shorena's specifics, but I can't refute the general point which is that it would open up some possibilities for attack that currently aren't possible.
I see a lot of alt-coins use what is called "Proof of Stake"... That gives them an incentive to be full nodes, at least some of the time. Maybe not all the time.
Well then it's not impossible to implement. And yes this is just a debate for a request I made. See thread Subject.
One of BTC strongest claim, is it's decentralized nature. {This is being threatened, by less people, running full nodes} Exaggerated but still true.
Why not implement something that is a incentive to keep it that way. {decentralized}
I suggest you read up on proof of stake. Bitcoin secures the network by proving that enough work (in the form of computing really low hash values) was put into generating a block that it would be (almost) impossible to have forged it. The proof-of-stake altcoins secure the network by proving that enough coin days were destroyed (I suggest you read up on what that means) in the process of generating a block that it would be (almost) impossible to have forged it. I have a much better understanding of how proof-of-work actually works than proof-of-stake, so I'm not really in a position to explain it better. But what I can tell you is that changing bitcoin over to proof-of-stake would be a huge change in the security model of the network. It would destroy some trust, and there's almost no chance it will happen without an extremely strong reason (stronger even than loss of some decentralization). The only way that could happen is if the current security model breaks somehow (51% attack, SHA-256 broken, etc), and even then other solutions would be considered first.
The reason not to implement something that is an incentive to keep bitcoin decentralized is that we don't know how to without either breaking trust in the network or adding an element of trust in a third party.
You can do a few things to mitigate coin applications that cause problems:
1. Lower the CPU affinity and process priority. You can do this with task manager right-clicks in Windows if you are going to leave Bitcoin running, or you can make a .cmd file (batch file) to run with the start priority options. CPU is required to validate P2P transaction signatures, and someone could be targeting you specifically with attack transaction broadcasts.
2. If your rotating hard disk is fragmented, that means the disk heads will have to hunt all over the platter to find data, limiting the possible input-output operations per second. You can use defrag programs that completely move and defrag every file, but the new blocks every 10 minutes will again be fragmented. It would be best to give the Bitcoin datadir its own ~40gb disk partition to limit hunting. This problem is solved with a SSD - instead of a limit of 150 IOPS from moving heads, it's more like 40000 IOPS.
3. Monitor RAM usage. I'm not so sure this is an issue. I have Bitcoin Core and Namecoin both running. They use under 400MB each on a 8GB system, and don't impact anything else noticeably.
1. Lower the CPU affinity and process priority. You can do this with task manager right-clicks in Windows if you are going to leave Bitcoin running, or you can make a .cmd file (batch file) to run with the start priority options. CPU is required to validate P2P transaction signatures, and someone could be targeting you specifically with attack transaction broadcasts.
2. If your rotating hard disk is fragmented, that means the disk heads will have to hunt all over the platter to find data, limiting the possible input-output operations per second. You can use defrag programs that completely move and defrag every file, but the new blocks every 10 minutes will again be fragmented. It would be best to give the Bitcoin datadir its own ~40gb disk partition to limit hunting. This problem is solved with a SSD - instead of a limit of 150 IOPS from moving heads, it's more like 40000 IOPS.
3. Monitor RAM usage. I'm not so sure this is an issue. I have Bitcoin Core and Namecoin both running. They use under 400MB each on a 8GB system, and don't impact anything else noticeably.
Hrm. I was noticing high CPU usage, so it's possible that was an issue. I ran disk defrag a month or two ago and it only reported 1% of fragmentation, which doesn't seem like that much. That said, it didn't tell me which 1% of the hard drive was fragmented. If that 2 GB or so was right smack in the middle of the blockchain, that'd cause some significant problems I'd imagine.
Granted, I do have an old fashioned hard drive, not an SSD. I'm seriously thinking of upgrading and am wondering whether bumping up my RAM or adding in an SSD would be better off performance wise. Any thoughts there?
There is such a thing as a hybrid SSD HDD. I don't really know anything about it (so you should look into it yourself), but it seems to allow you to boot quickly from SSD while performing most of your everyday tasks on the cheaper hard drive.
I wonder why there isn't more effort put in the direction of implementing QoS mechanisms (like throttling blockchain downloads) in the protocol. After all, the network as a whole does not become more efficient when single nodes hog down other nodes due to misconfigured blockchain downloading.
Downloading the blockchain is easy. A much bigger resource hog is verifying the blockchain.Updating isn't always important. The main benefits to updating are personal security and new features - occasionally there could be a network security update. If a full node operator isn't using the node to store bitcoin, they don't need to update for personal security, and they certainly don't need to update for the new features. They only need to update if there's a network security update or a fork, which is rare.
There is almost never a fork - it happened with version 8.0, but only because of a bug. Most versions of the bitcoin core client are compatible with the same bitcoin protocol.
EDIT - To clarify, bitcoin is a consensus driven network. A fork only happens if a fundamental rule of the network is changed. Most updates to bitcoind don't change the rules of the network, so they don't cause a fork - therefore running an older version doesn't break compatibility.
There is almost never a fork - it happened with version 8.0, but only because of a bug. Most versions of the bitcoin core client are compatible with the same bitcoin protocol.
EDIT - To clarify, bitcoin is a consensus driven network. A fork only happens if a fundamental rule of the network is changed. Most updates to bitcoind don't change the rules of the network, so they don't cause a fork - therefore running an older version doesn't break compatibility.
I suggest reading this wiki page:
https://en.bitcoin.it/wiki/Scalability
The 7 txps limit is arbitrary, not a design choice, and can be increased quickly if necessary.
Miners won't suffer from this - they only have to confirm each transaction once per pool.
https://en.bitcoin.it/wiki/Scalability
The 7 txps limit is arbitrary, not a design choice, and can be increased quickly if necessary.
Miners won't suffer from this - they only have to confirm each transaction once per pool.
Quote
That's not proof of fullnode, only proof of hash power. You can mine without being a full node as long as you have a full copy of the blockchain.
http://en.wikipedia.org/wiki/Duck_testEvery running miner (not a pool-miner, but owner of full node in setgenerate=true mode) works for decentralisation and been paid fees for founding blocks.
Such miners *must* accept transactions from the network and *must* push found blocks back to a network (otherwize it is wasting energy)
Miners and full node owners are not the same. Though they both work for decentralization (as long as they don't own too much of the hash power / connectable full nodes) and the security of the network, the way they do so is completely different. See my comparison earlier. Someone can be both (as in your example - owner of full node with setgenerate=true), but someone definitely can be one without being the other.
One important distinction - miners are not required to include transactions in their block (read up on the O(1) block propagation discussion to see why this is important), so they are not required to do anything other than accept blocks from the network and push their blocks to the network. And since mining can be pooled, one copy of the blockchain can support many miners.
The problem is that mining on general devices is economically unreasonable. But we can do nothing with it.
You must understand that nobody will pay you only for your computer switched on.
I placed here a link http://en.wikipedia.org/wiki/Tragedy_of_the_commons
Fees and block reward - is a "common resource".
https://en.bitcoin.it/wiki/ScalabilityYou must understand that nobody will pay you only for your computer switched on.
I placed here a link http://en.wikipedia.org/wiki/Tragedy_of_the_commons
Fees and block reward - is a "common resource".
Running a full node is much more than just computer switched on. It requires storing the entire blockchain (~20gb right now, but will scale as the network grows - and there certainly will be a financial price for all the hard drive space that'll take up once the it's growing fast enough). It requires accepting incoming connections, and accepting and sending on transactions to anyone who needs or wants to send them (8 mbps according to the above article assuming 2000 txps, which is certainly not free).
The article I linked claims that these problems are easily solvable as long as full nodes are running on high end servers. The price of a high end server is enough that most people won't pay that price just to support the bitcoin network.
The common resource we need to protect is not fees or block reward - that's reserved for specific people (miners). The common resource we need to protect is the security of the network (you know, the thing that gives bitcoin value).
you can already be rewarded for having a full node. just turn your full node into a p2pool node with a moderate mining fee.
There's only so much room for p2pools. If all 7000 (or however many there are) fullnodes currently in existence ran p2pools, only a few of them would have miners on them (and those would be the ones with the lowest fees, so they wouldn't even make too much money off of it).The only proof-of-fullnode is mined block. If you are not producing blocks - you are not bitcoin network supporter.
That's not proof of fullnode, only proof of hash power. You can mine without being a full node as long as you have a full copy of the blockchain.When I created this thread, I was more thinking of a very small portion of the estimated +/- US $50 transactions fees per block, being generated now. {Let's say about $10 of that amount, goes towards, this reward.}
But the $50 per block, seems to be at the upper limit per block, anyway. See this thread --> https://bitcointalk.org/index.php?topic=738166.msg8351456#msg8351456
This can easily be funded by donations, from generous BTC moguls. or from the $ 2 000 000 wallets currently generated on the blockchain. { 1 satoshi from each of them }
The "proof of node" part, I will leave up to you. Way above my knowledge level.
Who would want to exploit a system, for that kind of money? {Remember it's split up between everyone, running the full node} So running 1000 full nodes, will cost you more than, what you would gain from it.
But it creates another way, to generate income from BTC and that is good.
But, thanks for all the positive remarks. Remember it's just a request.
But the $50 per block, seems to be at the upper limit per block, anyway. See this thread --> https://bitcointalk.org/index.php?topic=738166.msg8351456#msg8351456
This can easily be funded by donations, from generous BTC moguls. or from the $ 2 000 000 wallets currently generated on the blockchain. { 1 satoshi from each of them }
The "proof of node" part, I will leave up to you. Way above my knowledge level.
Who would want to exploit a system, for that kind of money? {Remember it's split up between everyone, running the full node} So running 1000 full nodes, will cost you more than, what you would gain from it.
But it creates another way, to generate income from BTC and that is good.
But, thanks for all the positive remarks. Remember it's just a request.
There are two separate problems here:
1) Figuring out a way for people to prove that they are a full node, that won't allow them to cheat (don't underestimate peoples' willingness to cheat when there's a financial incentive, or even just the ability to destabilize bitcoin involved).
2) Implementing this either (a) at the protocol level (where people who run full nodes are automatically rewarded with bitcoin) or (b) as an optional thing people can donate to if they so choose.
There will have to be a big debate over (2). There are a lot of merits and downsides to (2a), and it is definitely a useful debate. But until (1) is done, it doesn't even make sense to have that debate.
It seems that you created this thread to debate (2), but most of the discussion in this thread has centered around (1). That's probably because we don't have a practical solution to (1), so debating (2) isn't really practically necessary yet. Also, this is the Development and Technical Discussion board, so people here are more inclined to discuss the technical side of things than to debate the practical side of things.
Would it be possible to edit the bitcoin-qt code so that when communicating with other peers it also grabs their private keys whilst grabbing their version of the blockchain?
This could be a possible security flaw am I right?
This could be a possible security flaw am I right?
The way communication over the bitcoin network works is, you send me a message then I send you another message.
While you can modify your bitcoin-qt code to send any me message you want to send, I will not respond with a message containing my private keys.
Unless you can find a bug in the bitcoin software that causes it to respond to some message with private keys (for example, the heartbleed bug in 0.9 - I might be misunderstanding what exactly is possible, but it was bad enough that 0.9 is insecure).
bitnodes has a part of full nodes IP address .
Maybe bitcoin fundation will likely to donate some little money to full nodes ?
Maybe bitcoin fundation will likely to donate some little money to full nodes ?
Centralized, and doesn't associate bitcoin addresses with nodes (only IP addresses).
It's fine for just getting a sense of the network, but not for trying to contribute financially to node operators.
The most important concept that people seem to be missing:
You can have a full copy of the blockchain and all unconfirmed transactions and not be a full node.
To be a full node, you also have to participate in relaying transactions and blocks, and accept incoming connections. If you use bitcoin core, and only have 8 or less connections, you're probably not a full node even if your block chain is up to date. And you are only a full node as long as you are accepting incoming connections, so you can be a full node for some hours of the day (when your computer is on, for instance) and not be a full node others.
So, would it be possible to verify that an entity is a full node if they sign to show their address and provide a hash of the entire blockchain + a nonce?
No, see above.
Also, under that system a single full node operator could sign multiple addresses.
You can have a full copy of the blockchain and all unconfirmed transactions and not be a full node.
To be a full node, you also have to participate in relaying transactions and blocks, and accept incoming connections. If you use bitcoin core, and only have 8 or less connections, you're probably not a full node even if your block chain is up to date. And you are only a full node as long as you are accepting incoming connections, so you can be a full node for some hours of the day (when your computer is on, for instance) and not be a full node others.
Here is an idea that could have some potential - there has been discussion (by Peter R in particular) about tools for creating a "snapshot" of all UTXOs for a given date range (for usage in clone coins that will end up with the equivalent distribution that BTC had at the time of the snapshot).
Offering such a service (which requires a full block chain) could be a way to "earn some extra BTC by running a full node" (and perhaps there are other such services that could be useful - such as say statistical reports).
You just need a full copy of the blockchain (and maybe unconfirmed transactions) to do this. See above. A full node owner can do it, but it's a niche and there won't be much room for competition in that niche.Offering such a service (which requires a full block chain) could be a way to "earn some extra BTC by running a full node" (and perhaps there are other such services that could be useful - such as say statistical reports).
Nope. Anyone can do that, even someone not running a full node. You can't guarantee that they actually have the whole blockchain.
So, would it be possible to verify that an entity is a full node if they sign to show their address and provide a hash of the entire blockchain + a nonce?
Also, under that system a single full node operator could sign multiple addresses.
Can a contract be written into the scrypt stating that a designated node can receive the coins of a transaction? Or, why not give higher priority to transactions that include a small transaction to a known node address?
This only works if you can identify nodes (though, allowing a full node to sign an arbitrary number of addresses is acceptable for giving higher priority to their transactions; node owners would have to show restraint and not abuse that, or miners would eventually start disregarding it).If an alt protocol is created to reward nodes, then it may be better to abandon processor-based mining altogether. It is possible to devise a protocol in which nodes constantly send blocks, and send 'gibberish' transactions in the block to provide the randomized value that allow the hash to be different for each block. When some set of conditions is met (like Node A can prove to the network that it received a transaction from Node B and they each used the same salt/random value to generate the transaction), then a reward can be split among nodes A, B, and all other nodes that directly observed and confirmed that transaction. This system could feasibly work because it's intention is to consume bandwidth - so needing tons of bandwidth to inform and validate with the network is a good thing, rather than a bad thing.
The benefit of consuming bandwidth rather than ASIC cycles is primarily that, in order to 'mine' faster, the miner must increase their bandwidth, which allows them to transmit more transactions. There is a perfect correlation between helping the network and the miner's profit. The gibberish transactions sent along the network can be discarded shortly after they are received; there is no reason to keep them, they can be treated just like any failed attempt to mine a block.
The actual signal that a block has been mined may be a bit tough to figure out though - the specific example I gave would be too easy to exploit.
Interesting. Proof-of-bandwidth. If you develop this idea further and write up a whitepaper, you might be able to get some support for developing an alt based on the concept. One issue I can see is that we don't want to ddos the entire internet (or even just the trans-oceanic pipes). Think of the implications of anyone being able to profit financially from sending junk data, and profiting more the more junk they send.The benefit of consuming bandwidth rather than ASIC cycles is primarily that, in order to 'mine' faster, the miner must increase their bandwidth, which allows them to transmit more transactions. There is a perfect correlation between helping the network and the miner's profit. The gibberish transactions sent along the network can be discarded shortly after they are received; there is no reason to keep them, they can be treated just like any failed attempt to mine a block.
The actual signal that a block has been mined may be a bit tough to figure out though - the specific example I gave would be too easy to exploit.
It's a good incentive for people but it would be too complicated to implement and would probably be exploited a few ways I think you get enough reward for having a full node in the first place.
I agree that it would be complicated to implement, but bitcoin as a whole is complicated to implement. That didn't stop Satoshi from implementing it. I think this is a problem that will take Satoshi-level genius to solve securely. It's not currently a big enough problem to warrant it, but there are a lot of really smart people working on bitcoin. If the number of full nodes starts decreasing too much, the developers will find a solution.Replace by fee and child pays for parent are both must-have features IMHO.
Replace by fee without child pays for parent would make 0 transactions impossible to accept, as it would be trivial to double-spend back to yourself at any time before the transaction is included in a block.
Child pays for parent is useful, and poses no security risk; I really don't know why it isn't implemented.
⭐ Merited by ABCbits (3)
Dear all
I have read Gavins proposal on O(1) block propagation, available here:
https://gist.github.com/gavinandresen/e20c3b5a1d4b97f79ac2
If there is another thread on this I apologise, I couldnt find it. I think the proposal is interesting and could be brilliant. However there are various basic aspects to it which I do not understand, if possible could some of you try to help explain these:
1. Is this a proposal for initial block propagation only, with the old style blocks still being propagated with a delay or will the blockchain only contain the new smaller style of blocks?
2. What is the incentive to propagate the old block format, with all the transactions, as this will presumably no longer be required for mining? Couldnt this make the problem of a lack of full nodes worse?
3. If the blockchain now only contains only the new type of block, how does the client get the history of all bitcoin transactions? Will clients need to connect to the memory pool of other nodes and how will all historic transactions be reconstructed?
4. How will miners be incentivised once the block reward drops, as if there is no longer as much scarcity in the blockchain, the fees may be too low to incentivise miners?
Many thanks
I have read Gavins proposal on O(1) block propagation, available here:
https://gist.github.com/gavinandresen/e20c3b5a1d4b97f79ac2
If there is another thread on this I apologise, I couldnt find it. I think the proposal is interesting and could be brilliant. However there are various basic aspects to it which I do not understand, if possible could some of you try to help explain these:
1. Is this a proposal for initial block propagation only, with the old style blocks still being propagated with a delay or will the blockchain only contain the new smaller style of blocks?
2. What is the incentive to propagate the old block format, with all the transactions, as this will presumably no longer be required for mining? Couldnt this make the problem of a lack of full nodes worse?
3. If the blockchain now only contains only the new type of block, how does the client get the history of all bitcoin transactions? Will clients need to connect to the memory pool of other nodes and how will all historic transactions be reconstructed?
4. How will miners be incentivised once the block reward drops, as if there is no longer as much scarcity in the blockchain, the fees may be too low to incentivise miners?
Many thanks
This proposal does not change anything about the blockchain. To answer question 1, sort of. Since finding a block really just means finding a low enough hash to make the block valid, all the data except for the hash can be known to the entire network before the block is found.
Currently, when a miner finds a block, they have to send the entire block (all transactions in the block + header), to everyone else, which is harder the more transactions there are in the block.
The proposal is (oversimplified) to ensure each miner has all the transactions that will be included in the block beforehand. Then when a miner finds a block, they will only have to send the header and coinbase transaction (telling everyone who gets the block reward), and other miners will be able to reconstruct the block from this.
Since they will be able to reconstruct the block, the only difference is that the entire block isn't sent over the network.
Better question maybe...
What would you do if you setgenerate true and mined a block with 25 bitcoin after only a few seconds?
Then there's no moral obligation to send it back to anyone, because there's nobody to send it back to (unless you decide to distribute it evenly among everyone who has bitcoin, proportional to the amount they have, but I don't see the purpose in doing that).
What would you do if you setgenerate true and mined a block with 25 bitcoin after only a few seconds?
Then there's no moral obligation to send it back to anyone, because there's nobody to send it back to (unless you decide to distribute it evenly among everyone who has bitcoin, proportional to the amount they have, but I don't see the purpose in doing that).
I did forget about jdillon's solution. Assuming it takes 13 seconds for a transaction to propagate through the network, and a block is found once every ten minutes (600 seconds), there's less than a 13/600 chance (oversimplified, but you get the idea) of a double spend getting into a block before the victim sees it, then another less than 13/600 chance of the transaction being included in a block before the scorched earth transaction is seen (if the scammer has a miner friend then all bets are off anyway remember). The merchant doesn't need to do any of this manually; their software will do it for them.
OK, I'll buy that. So there's a non-zero chance that the scammer will get away with it scot-free (get their btc back), but in every scamming attempt, the scam attempt will result in a 587/600 chance that the receiver doesn't receive any btc (unless they want to try a cat-and-mouse game of some sort with the scammer up until the next block is found).
A rational scammer will only try this scam if their expectancy is > 1, in other words if the refundable fee is < than some smallish %. But a scammer who places value on the thought that the receiver will not get paid can execute the attack at will (albeit in return for the surcharge), with the added bonus that they also might get their btc back.
This means that the vendor needs a higher refundable fee to discourage such practice, and they also need to add a non-refundable surcharge to cover their losses. As long as this surcharge is less than 3-ish percent, it will be comparable to credit cards (which removes an advantage of Bitcoin from a vendor's point of view).
Now that Bitcoin is gaining some public traction, explaining all this from a PR point of view would be just about disastrous, if you ask me. To consumers: you have to pay an extra 10%, but it's refundable. To vendors: any consumer who wants to can rip you off, even though they aren't likely to benefit financially, so it probably won't happen much.
But more importantly, what is it that we'd be left with? A more complicated system (both technically and PR-wise) that that accomplishes the same thing as what we had before: instant payments still aren't guaranteed, and so they cost the receiver. So where's the advantage?
If anything, I'd prefer a Pay by Fee that didn't include scorched earth. At least there I see some small advantage: nobody should trust zero-conf transactions (although I still don't like it).
So absolutely anyone who wants can become a criminal for absolutely no financial gain!
Remember, most physical goods stores have video cameras already to catch people who are shoplifting. Now we have a situation where for the potential scammer:
Risk:
- Guaranteed to lose the (small, but non-zero) extra money they paid (which can be increased slightly to account for this situation)
- Likely to become a criminal, and face a prison sentence
- Likely to be banned from the store for life, or at least have to wait around for one confirmation from then on whenever they go to the store
Reward:
- Small satisfaction that the store won't receive money
The number of people who would be willing to risk this is very small. Again, if the transaction is large enough that this happening occasionally poses an actual threat to the business, the business should be smart enough to make the customer wait for confirmations on either system.
EDIT: (late edit, but better late than never and there are no replies yet so it should be okay)
The advantage is as such:
Currently, accepting a 0 confirmation transaction runs the risk that a scammer will create a transaction (via software remember) paying a utxo to themselves, and another paying it to a merchant's address. They have some direct connection to the merchant - I don't know how they acquired this, but they have it (yes, that is possible if they can find the merchant's IP, which depending on the merchant might not be difficult). But the merchant and the scammer also have other direct connections. So the scammer simultaneously sends the transaction paying a utxo to the merchant, and the transaction paying it to themselves to all their other connections (with their software, not trying to manually click two buttons at once obviously). This gives them an advantage in network propagation, and the merchant sees the valid transaction. The merchant releases the items, and the scammer leaves; later the scammer's transaction is much more likely to end up in a block. This possibility makes it very risky to allow anyone to leave until their transaction has at least one confirmation.
With replace-by-fee and child-pays-for-parent, in the normal case, the merchant would immediately (via software, not manually) send a child transaction paying the temporary fee back to the customer. These would be confirmed in the same block in almost all cases, and the customer would never be without access to the temporary fee. The customer's software would pay this extra fee for them; the customer does not have to know about the fee at all (as long as they have enough bitcoin to cover it; if not they can stay around for a confirmation). The merchant's software would send the fee back for them; the merchant does not have to know about the fee at all. In the case of an attack as described above, the merchant's software would automatically send the scorched-earth transaction, costing the scammer his temporary fee and the entire balance of the transaction. Since almost nobody will be willing to pay just to screw a merchant out of a small amount of money, this is unlikely to happen and the merchant can allow the customer to leave immediately.
Hello,
my core wallet started to act weird in the last few days. Yesterday after trying to open it, it displayed an error and required me to re-download the entire blockchain. I finished downloading this morning and I still have 3 conflicted transactions(had them even before re-download) and whenever I make a new payment, a part of my balance goes from Available to Pending and after the new transaction gets 1 confirmation, the general balance goes back to Available. I am afraid that after I'll make a new transaction it will too get conflicted and will remain with my funds blocked forever.
How can I delete those 3 conflicted transactions ? because I think they're the cause for the wallet misbehaviour. The wallet is 2 years old, I've emptied it quite a few times now so I have no old coins left inside it, only recent ones, do you think I should delete this wallet and start a new one ?
Thanks
my core wallet started to act weird in the last few days. Yesterday after trying to open it, it displayed an error and required me to re-download the entire blockchain. I finished downloading this morning and I still have 3 conflicted transactions(had them even before re-download) and whenever I make a new payment, a part of my balance goes from Available to Pending and after the new transaction gets 1 confirmation, the general balance goes back to Available. I am afraid that after I'll make a new transaction it will too get conflicted and will remain with my funds blocked forever.
How can I delete those 3 conflicted transactions ? because I think they're the cause for the wallet misbehaviour. The wallet is 2 years old, I've emptied it quite a few times now so I have no old coins left inside it, only recent ones, do you think I should delete this wallet and start a new one ?
Thanks
This is perfectly normal behavior. The change from each new transaction is unconfirmed until that transaction is included in a block.
EDIT - If you're wondering what I mean by change, read this:
https://en.bitcoin.it/wiki/Change
Actually you can receive an indirect income by providing alternate services to Bitcoin network.
Check https://bitcointalk.org/index.php?topic=726826.msg8214655#msg8214655.
This week will be more information about how the node works and potential additional services.
The basic Coinjoin service doesn't require a large bandwidth connection, but if you connect the node to a good internet connection you can provide the blockchain network service and get additional income with a better ROI than a GPU rig miner. You will be able to pay the basic bills (host, internet access, etc) and get extra bitcoins to invest and consolidate the Bitcoin network service.
Check https://bitcointalk.org/index.php?topic=726826.msg8214655#msg8214655.
This week will be more information about how the node works and potential additional services.
The basic Coinjoin service doesn't require a large bandwidth connection, but if you connect the node to a good internet connection you can provide the blockchain network service and get additional income with a better ROI than a GPU rig miner. You will be able to pay the basic bills (host, internet access, etc) and get extra bitcoins to invest and consolidate the Bitcoin network service.
While I like the idea, this doesn't reward someone just for being a full node. They have to do something additional.
I understand your point of view and agree with you.
Let me use a simile:
Most large shopping centers (at least in south Florida) provide free parking for their customers. The parking lot space service is obviously not free and someone absorb the cost (usually ownership cost and maintenance community fees).
Change this traditional free parking in most shopping center and charge the customer is not a good idea (it will create additional problems in the future).
- One solution could be accept donations at the shopping center entrance (maybe with an amazing sign with a lovely speech suggesting a donation).
- Another solution could be an optional paid service like valet parking or premium parking slots, (equivalent to premium bandwidth to download and perform the blockchain operations). I'm confident that some bitcoin users will paid a reasonable fee to have access to faster full nodes.
- Another real solution is to offer other related paid services like rent electric chair or high capacity shopping carts, sell umbrellas when is raining, etc. (equivalent to perform the Coinjoin service). At the end you will have the blockchain in the Coinjoin processor and your node will be idle until the deterministic selection will activate your node to execute the coinjoin transaction.
I'm not advocating anything that would force anyone into paying for full nodes. But some people would like to donate to full node operators, and I would like it to be possible to do that with full faith that you are actually donating to a full node operator. It simply is not right now.
As for coinjoin nodes, that's a separate topic, and it may or may not be implemented (regardless of our advocating for or against it in this thread).
TL;DR: the main point is that Pay by Fee isn't a simple issue, and its as much a technical issue as it is one of human nature.
To be fair, I think (but am not sure) it was luke-jr who initially decribed this, and jdillon who expanded on it.
Also, I don't think you have the description quite right.
Replace-by-fee, combined with child-pays-for-parent, seems to make 0/unconfirmed transactions much more secure for small transactions. Just read the thread where Peter Todd describes the proposal; he has a very well thought-out argument for why, which I'll summarize:
To be fair, I think (but am not sure) it was luke-jr who initially decribed this, and jdillon who expanded on it.
Also, I don't think you have the description quite right.
That's what I was referring to, yes.
Current system:
- If a scamer manages to send out a double-spend transaction at the same time as you send the actual transaction, 50% chance yours is confirmed 50% theirs
- If a scamer manages to send out a double-spend transaction at the same time as you send the actual transaction, 50% chance yours is confirmed 50% theirs
I think you mean, "If a scammer tries to double-spend their own Bitcoin by sending out two transactions, one legit and one back to themselves, there is some chance they will succeed and the receiver/vendor will be none-the-wiser until it's too late."
I don't understand where the percentages you go on to quote come from, though. There is some chance that the receiver/vendor will see the legit transaction in their memory pool, and some chance they will see the scamming transaction (and react accordingly), but it's not 50/50. Likewise with the chances that one transaction will end up succeeding over the other.
The percentages did indeed come out of thin air. I was assuming that the scammer can send directly to the sender and at the same time to everyone else. Right now, if I understand the system correctly (and depending on the wallet of course), the victim keeps his version of the transaction in his memory pool while sending it, and rejects the double-spend until it gets included in a block.
And the scammer doesn't need to do this manually - he can have software do it for him.
Replace-By-Fee system:
- If a scamer sends out a double-spend transaction at the same time as you send the actual transaction, you send another transaction paying the output of your transaction to a transaction fee. Scamer receives nothing, but neither do you.
- If a scamer sends out a double-spend transaction at the same time as you send the actual transaction, you send another transaction paying the output of your transaction to a transaction fee. Scamer receives nothing, but neither do you.
I think you mean, "If a scammer sends out two transactions, one legit and one back to themselves, the receiver/vendor will eventually (assuming a significant majority of the network/miners is using Replace by Fee) see the scam transaction, which is good for the receiver/vendor, so the receiver/vendor can send another transaction paying 100% of the output of the transaction to a transaction fee (to a miner). Scammer receives nothing, but neither does the vendor.
No arguments from me here.
As you can see, there's no longer any motivation to scam. The only reason there would be motivation to scam is if the scamer has a vendetta against you
You're assuming that all receivers/vendors will be smart enough to check for this situation and react to it quickly (which might be the case one day, but the reality is that there will be a transition period while this is not the case). You're also assuming that the scammer is choosing to act rationally.
Even if the scammer only has a low likelihood of success, I don't see why a scammer wouldn't try anyways. Some percentage of the time the scammer would fail and would end up paying for their merchandise (although they'd be paying a miner instead of the vendor). Some other percentage of the time, the scammer would succeed and get their btc back. It seems to me that the scammer, at least during the transition period, has nothing to lose by trying, and is guaranteed to at least deprive the receiver/vendor of their payment.
To be fair, jdillon also had a clever solution to this problem (linked above), but it involves requiring all senders/consumers to overpay for their merchandise/service, and then trust the receiver/vendor to refund them the difference after the tx has been confirmed, which seems unfriendly at best.
The bottom line is that Pay by Fee seems likely to completely eliminate zero-conf transactions, or at least during the transition period. Some would argue that this would be a good thing, but I'd rather let receivers/vendors have the choice to make their own risk/benefit analysis.
I did forget about jdillon's solution. Assuming it takes 13 seconds for a transaction to propagate through the network, and a block is found once every ten minutes (600 seconds), there's less than a 13/600 chance (oversimplified, but you get the idea) of a double spend getting into a block before the victim sees it, then another less than 13/600 chance of the transaction being included in a block before the scorched earth transaction is seen (if the scammer has a miner friend then all bets are off anyway remember). The merchant doesn't need to do any of this manually; their software will do it for them. So you need to overpay by 13/300, or about 4.33%. If 4.33% is a significant amount when I'm getting it back later, you bet I'm waiting for confirmations anyway if I'm receiving the money. Hopefully, merchants will offer the choice of temporarily pay 4.33% or stay around for a confirmation, then I can make the choice depending on the size of the transaction. And if the merchant steals 4.33% on a small transaction, they'll cost themselves more in trust than they gain in the transaction.
As for the transition period, you can't be afraid to implement improvements because it will temporarily make life difficult. You'll never improve anything that way. The bitcoin community has shown itself to be fast to upgrade when it's important.
EDIT - The very thread you linked shows a case where 0 confirmation transactions were temporarily insecure because of an upgrade.
Someone on Reddit said Circle was amazing.
No wait times, easy interface, professional execution, etc.
I know there's a group of people in the BTC community who have temper tantrums about Circle, but if I don't have to wait a fucking week for my Bitcoins to be available, I will switch tomorrow.
Or today.
Disclaimer: I havent even been to the circle website yet. Just was reading Reddit recently.
-B-
No wait times, easy interface, professional execution, etc.
I know there's a group of people in the BTC community who have temper tantrums about Circle, but if I don't have to wait a fucking week for my Bitcoins to be available, I will switch tomorrow.
Or today.
Disclaimer: I havent even been to the circle website yet. Just was reading Reddit recently.
-B-
Good luck getting an invite tomorrow.
Well, if you're setting up 1000 full nodes then you're doing a lot to help the network, so I'd say you'd deserve a good chunk of donations (we're not trying to force anyone to donate, just allow anyone to prove that a full node is associated with a specific address).
1000 nodes run by one party is very harmful to the network compared to just running one system with more capacity, consolidating node control like that reduces the diversity of voices available to other hosts. Done maliciously it would be called a sybil, done innocently its just a waste.Fair, though I know I just run fullnodes on computers or servers I have anyway, as a thing it does on the side.
That honestly sounds like a bigger problem than a 51% attack, since it would be easier.