Dave's Beautiful BCH 0conf Exploit
For Educational and Informational Purposes Only. The information contained in this Gist is for educational and informational purposes only, and is made available to you for your own use.
This hypothetical exploit details how a malicious actor could steal goods or services from a merchant using Bitcoin Cash. This exploit takes advantage of the acceptance of unconfirmed transactions in the Bitcoin Cash community.
Imagine you have 4 BCH addresses, with funds on address 1. Just before you pay the merchant, you send 3 transactions in quick succession this order.
- Send a transaction from address 1 to address 4 (high fee)
- Send a transaction from address 1 to address 2 (very low fee) <- Double spend
- Send a transaction from address 2 to address 3 (very low fee)
Then you pay the merchant from address 3.
- Send a transaction from address 3 to the merchant (normal fee)
If you are served quickly, you can increase the certainty of this exploit by sending the following transactions.
- Send a transaction from address 2 to address 4 (high fee) <- Double spend
- Send a transaction from address 3 to address 4 (high fee) <- Double spend
Warning: Transaction 6 will show the merchant that you have double spent.
Why Is This Exploit So Beautiful?
- Transaction and fee appear normal to the merchant allowing plausible deniability.
- Allows at least 20 minutes before the merchant's tx input becomes invalid.
- Works given that miners follow the first-seen convention.
- Works given that miners favour transactions with high fees.
- Gives the appearance that fraudulent double spend attempts have failed!