Real Bitcoin Double Spends Are Hard, Looking Into Alleged Issue – Cointelegraph

Bitcoin Cash (BCH) focused firm BitcoinBCH has potentially misled the public into believing that Bitcoin (BTC) double spends can be easily carried out.

On Dec. 18, BitcoinBCHs CEO Hayden Otto published a video on YouTube allegedly showing how TravelByBits Bitcoin Point of Sale (PoS) wallet misleads merchants into believing that they were paid before a transaction is actually concluded. Hayden Otto also runs a competing BCH-based PoS solution called Hula.

In a recent interview, a TravelByBit representative said that merchants using its service are insured against fraud and will not lose money. The firms founder Caleb Yeoh also said that if many users begin to exploit their systems design the firm will drop support for Bitcoin and Bitcoin Cash on-chain transactions in its PoS solution.

Overall, Yeoh admitted that accepting on-chain payments in in-store settings is not practical and requires a compromise between security and convenience. The main reason is that no one will want to wait in line for at least 10 minutes for a transaction to be confirmed before being able to get hold of the product. While accepting unconfirmed transactions is a major security concern, it is the only way to accept Bitcoin or Bitcoin Cash on-chain payments in time-sensitive situations.

Yeoh points to the Lightning Network as a potential solution, noting that it can address the impracticality of waiting for transaction finality when paying with cryptocurrency inside physical stores. He told Cointelegraph that Lightning Network transactions also constitute a significant portion of the payments facilitated by its PoS system:

If we remove the online travel booking transactions and you look at the number of transactions purely from a retail perspective we, over 47% of transactions around Australia the last 3 months was done over the lightning network.

Instead of pointing out that unconfirmed transactions as the name suggests are not final, the video suggests that the wallets flawed design is, in fact, a Bitcoin security flaw that enables double-spends. Hayden Otto, the person in the video, says merchants should immediately cease accepting Bitcoin and switch to Bitcoin Cash.

In the demonstration, Otto first sends the lowest transaction possible 1sat/byte to another wallet that he controls with replace-by-fee (RBF) enabled. As Bitcoin users will know, a transaction with such a low fee will be confirmed and placed in a block on Bitcoins blockchain after a notoriously long time, often multiple hours or even over a day if the network is severely congested.

RBF is a function that allows a user to replace a non-final not yet confirmed on the blockchain transaction with another one which has a higher fee. This Bitcoin functionality raised criticism because it enables unconfirmed transaction double spends.

Still, those concerns have no basis given that unconfirmed transactions can be double-spent without this feature as well. An in-depth analysis of how this can be done was published in 2015 by the author of the BitTorrent protocol, Bram Cohen. Overall, unconfirmed transactions are not final and should not be accepted as payment.

BCH-centric website Bitcoin.com recently reported that Bitcoin Cash removed the RBF feature from its code. The website also claims that as a consequence Bitcoin Cash unconfirmed transactions are not safe to use. The article reads:

The Bitcoin Cash community believes that zero-confirmation transactions are reliable and secure.

After sending the first low-fee RBF-on transaction in the video, Otto performs a Bitcoin payment to a merchant in a store without RBF. At this point, the merchants wallet shows a big green checkmark on the screen, misleading the user into believing that she received the payment.

Because of the wallets user interface, the merchant cedes the goods when the transaction is still unconfirmed. Right after, Otto bumps (increases) the transaction fee on the first transaction, ensuring that all the funds are moved to another address he controls before they are sent to the merchant.

This way, the funds do not reach the merchant who accepted the unconfirmed transaction, while Otto ends up holding both the good and the Bitcoin minus the transaction fees.

Later in the video, Otto says that the ability to reverse Bitcoin transactions is dangerous. This statement erroneously implies that a transaction was reversed. The transaction that was changed was unconfirmed which makes it non-final and the protocol acted as it was intended to.

Otto is also suggesting in the video that Bitcoin Cash fixes this, referring to unconfirmed transaction double-spends. While Cointelegraph was unable to definitely establish that BCH unconfirmed transactions are also non-final, Yeoh suggested so:

Nothing stops BCH miners from replacing transactions right now, as it's more of a gentlemen's agreement, but once in a while "RBF-like" double spends do happen on the BCH network. It's important to note RBF is not a protocol consensus feature, it's a node policy that any Bitcoin or Bitcoin cash miner can choose to run and it does not affect the reliability of payments.

Furthermore, Yeoh pointed out that the hashrate distribution gap between Bitcoin and Bitcoin Cash also influences the security, and plays in Bitcoins favour. Overall, he also said that tribalism in cryptocurrency hinders innovation in the space:

Honestly, I think the community should focus on helping build and grow wider adoption across the various ecosystems and not focus on running attacks on each others bitcoin projects. It creates a tit for tat scenario which erodes the entire space as a whole. People should be free to transaction in any crypto they want and help contribute to the ecosystems as builders.

This is not the first time that the Bitcoin Cash community is accused of spreading misleading information. As Cointelegraph reported in April last year, Bitcoin.com was accused of misleading buyers into purchasing Bitcoin Cash instead of Bitcoin by presenting the crypto assets in an unusual way.

Go here to read the rest:
Real Bitcoin Double Spends Are Hard, Looking Into Alleged Issue - Cointelegraph

Related Post

Comments are closed.