a no-risk 0-conf attack?



I've seen people such as Craig Wright and others talk about the infeasibility of 0-conf double spend attacks because of the risk a miner takes of losing the block they had mined and are withholding (the idea being the longer they hold onto the block without broadcasting it, the greater the chance someone else on the network will come up with the next block)

But, say the miner goes about double spending this way:

-Miner broadcasts tx to network

-Miner creates separate, double spend tx but doesn't broadcast it

-Merchant accepting 0-conf sees broadcasted tx and accepts payment

-Miner has up to a 20-30% chance (if they are a big mining pool) of finding the next block and will include the double spent, nonbroadcasted tx which will invalidate the tx sent to the merchant.

Now there is no guarantee in this situation that the miner's double spend will go through. In fact the chance is relatively small unless the miner controls a lot of hash power. However, there is a small but significant chance that the miner will create the next block with his double spent tx and broadcast it to the network, which will invalidate the first tx he broadcasted earlier, defrauding the merchant. I could imagine a miner performing this attack in an opportunistic way, where they attempt it on a regular basis and just get free merchandise every so often.

So, this isn't as certain as a Finney attack but there is a real chance of the double spend going through, and more importantly the miner risks nothing. He either finds a block and double spends, or he doesn't, but doing this attack doesn't decrease his chances of getting a block reward.

One answer to this is that if a mining pool started doing this on a regular basis they would be opening themselves up to legal action, because it could be easily shown that they are engaging in fraud. Although, going after a miner in China if you are in the US would be difficult.

Thoughts?

submitted by /u/linuxbeak
[comments]



Source link

Leave a Reply

Your email address will not be published.