Hello dear Bitcoin Cashers. People are again focusing on building a good money and this has led to a big milestone approaching for Double Spend Proofs (DSPs). I want to share an update on the progress of double spend proofs and look forward in this longer journey and provide a mini roadmap for people to understand what is next.
A double spend proof is a defence against people trying to send money to a merchant and then instantly send the same money to themselves back, double spending it. Because we know that miners won't allow double spending only one will be confirmed. This means that a thief can use it to try and avoid paying while the merchant thinks they paid.
Background
If you are already familiar on the concept and history you can skip down to Phase 2.
When Satoshi Nakamoto released Bitcoin to the world he successfully solved the double-spending of transactions with this blockchain idea. It is now public knowledge that as soon as the first block includes a transaction it has become very hard and costly to reverse that transaction.
Between the creation of a transaction and it landing in a block, however, is a bit more complex. The ability of an unconfirmed transaction being double spend is not black and white, instead it is a risk. We can calculate each individual transactions risk based on various factors we should look at. The biggest problem our wider ecosystem has today is that the least costly and the most effective indicator of risk is absent. A merchant receiving money on his phone does not know whether his customer is trying to steal from him. There is no signal from the network giving an indication of high risk.
This is like a homeowner who has to walk into his living room to confirm that his TV and game console went missing, or its still there. With the dog lying nearby. A silly idea because normally we expect signs of break-in, sounds of glass breaking, people running away or the dog barking. In our world there would be no such sounds, no barking no alarms alerting anyone until the thief was already long gone.
Double Spend Proofs give that signal. It is a digital dog barking at trouble, in the above comparison.
After initially coming up with the idea of a small proof message that uses cryptography against a thief in 2016 I published the first version in January 2017. When later that year we started Bitcoin Cash DSPs became much easier to do using a simple message which finally got coded in 2019. Near the end of 2019 I encoded this in Flowee the Hub and half a year ago I ported it to Bitcoin Unlimited. After waiting for 6 months I saw that BCHN was much more receptive on slack and in person of getting the DSP code and after their first release I worked on getting it into BCHN. Merge request here. I'm sure its purely coincidental that BU then started work on getting the dust off of my merge request. What is fun is that this would mean we will soon have DSP messages on the P2P network being created by the majority of the peers.
Double Spend Proofs being created is a great step forward for the network as this is basically a cryptographic message that indicates damage being done to the network. This is awesome for a whole lot of reasons, the most useful part is that this allows us to detect and defend against a great many attacks against the network and against individuals. The practical effect is that the double spend proof message allows the network to remove risk and promise an extremely shortened settle-time. It is like preconsensus, but without the cost. (more)
Phase 2
This first milestone took a long time, the development was halted various times which caused slowdowns, none of which stopped progress and I'm very happy with the current state.
That does not mean that now we are done. Just having the message is a fantastic first step, but people should actually use the message. It is like having an alarm on your house without a siren or light. Invisible.
So this is the time for me to present the evidence and the benefit, people can see this on mainnet today (connect to the P2P net on flowee.org) and I hope to convince many people of the benefit and that we shortly follow up with acceptance by the wider community as it needs a lot more people to take the task of double spend proofs on their shoulders. I will assist where I can, starting with this document which I hope will give people a good idea of where we are and where we want to go to.
Done
✔ Send on pure P2P (for merkleblock based SPV and full nodes)
✔ Flowee the Hub currently provides push-APIs for point-of-sale systems and BIP70 servers to include DS-notification, other nodes may want to do something similar. (link)
Make it available to the wider audience.
Add some RPC on full nodes to forward the notification and to indicate a tx in mempool having a DSProof attached to it.
Services like Fulcrum (electronx) need to forward them too for wallets that use these servers.
Online API providers (rest services) need to also allow a client to learn that a transaction is risky because a double spend proof has been seen for it.
Block explorers which show transactions from the mempool should do the same.
Make wallets and point-of-sale software use the proof.
Receiving money in practically all wallets currently completely ignores risk. Money was seen or not, nothing else, all unconfirmed transactions are the same.
This software should really start thinking in risk gradation. A DSProof (massively) increases the risk. Other risky properties like chain-depth, low fee, non-standardness etc. will be useful too.An important reminder(1): chain-depth; the state when a transaction pays using another unconfirmed transaction. Use this for risk analysis!
When a transaction uses unconfirmed parents the risk is recursive. When a parent of a parent gets a DSProof, this is equally bad for that child transactions risk-assessment.
Use all we learned and iterate the dsproof message.
DSProof is a great concept, and works well, but I know that it will be possible to improve with the many people in our ecosystem starting to use this and coming up with suggestions.
Finalize the design, rename the message to be just 'dsproof'
Yes, this is the last step.
Closing words
The double-spend-proof is a warning message from the network operators that warns you of suspect behavior, shown by your wallet when needed. This is very much like an alarm on your house, with minimal effort you can avoid an actual theft and damage. The alarm itself doesn't turn the doors into impenatrable steel, but they don't have to be as thiefs don't want to be caught and crime statistics show clearly the preventive effect of having an alarm. It simply raises the risk to thiefs enough for them to move on to an easier target.
Double Spend Proofs rock, lets get everyone to use them!
New knowledge for me. 👍