In the previous post we covered the case of bitcoin ATM operator, who got attacked by a group of criminals doing double-spend transactions and withdrawing cash and later reverting bitcoin transaction from ATM operator.
During research on this we contacted manufacturers of ATM’s and asked what are the settings available for operators to control 0-confirmation transactions and risk associated with them. We reached out to top 4 bitcoin ATM producers based on number of ATM’s installed worldwide as of today: Genesis Coin, General Bytes, Lamassu and Bitaccess. In this post we review what are the options with respect to risk control of double spends that are available at operators’ disposal and are provided by suppliers.
To refresh, in the previous post we made an assumption that following settings and limits could mitigate the loss significantly:
- Limit the 0-conf transaction size;
- Limit the cumulative size of 0-conf transactions across full ATM’s network;
- Check for miner fee in order to process 0-conf when miner fee is large enough. This might not mitigate the attack in all cases, but can reduce the success rate of attack;
- Whether software allows to differentiate and limit processing of 0-conf transactions when RBF-transaction is received (which makes it much easier to double spend).
Genesis Coin representative refrained to provide details about settings that are available for operators. At the same time, he ensured that Genesis Coin machines “include a highly sophisticated system for handling cash withdrawals, allowing the operator to define their risk profile and employ additional risk-mitigating strategies”. Also Genesis Coin have “never recommended the use of 0-conf and the system actively warns against allowing it, but will always allow the operator to define their own settings”.
It is possible to set support for 0-confirmation transactions at General Bytes machines for the following coins: BTC, LTC and DASH. Only few operators use this feature according to General Bytes representative.
When 0-confirmation acceptance is set, then “Risk Box” needs to be defined:
This is an amount per ATM that operator is willing to risk in all 0-conf transactions at given moment for particular ATM. If the total pending amount of all currently unconfirmed incoming transactions related to particular ATM is higher than risk amount then next customer has to wait for transaction to first get confirmed. This setting is only possible at each machine separately, and there is no way operator can set the total risk amount for all machines in the network, however, General Bytes representative confirmed that they plan to add such a feature in one of the next releases.
Additionally to this General Bytes software is equipped with verifications that in order for transaction to be 0-conf accepted, it has to be evaluated as low risk, meaning to have statistically sufficient mining fee to be added in block soon – otherwise confirmations are needed anyway. Operators cannot turn this setting off, which is an extra step to reduce risk.
While currently not supported, there is a plan to add a double-spend notification to server software in the near future. This means if there is a double-spend attack, operator will get notified immediately by email, and also 0-confirmation support will be deactivated automatically.
General Bytes representative also adds: “It is important to mention that protection against double-spend can never be achieved, it can be only made harder for thief achieve profit.
Double-spend is a bitcoin’s feature – unpleasant, but present. If an attacker sends transaction with high mining fee directly to mining pool it is up to a miner to decide which transaction he is going to be in next block he mines. Nobody on the network can influence that. Very few our operators use 0-conf on their machines and they understand the risk that double-spend represents.”
Also the company representative mentioned they support DASH’s InstantSend (InstantX) at their ATM’s which has reportedly solved double-spend issue for DASH transactions.
Lamassu machines operators need to set a global fiat amount, above which they require 1-confirmation before the customer can redeem cash out. This setting is flexible, as it can be set as 0, means all the transactions require 1-confirmation first before further processing. Also the settings can be differentiated for different coins, means operators can set some non-zero global amount for one coin (means there is a possibility to process 0-conf transactions), but set another coin to require 1-confirmation for all transactions and disallow 0-conf transactions. Such a threshold is applied to the whole network of machines, which reduces the risk of targeted double-spend attack covered in previous post a lot.
When 0-confirmation acceptance is set, operators have extra tools to control the risk. Lamassu has integration with Blockcypher module, which automatically checks the confidence of 0-confirmation deposits via the Blockcypher API. The operator defines their desired confidence factor (1-100), and if the deposit is shown to be below this (due to low transaction fees, unconfirmed inputs, RBF, or any other reasons), then the user is automatically redirected to the 1-confirmation flow, prompted to enter their phone number, and allowed to redeem only after a confirmation received. Blockcypher significantly penalizes their confidence factor for RBF transactions, and therefore this figures into the above.
It is important to mention that Blockcypher’s integration effectively prevents the cash to be withdrawn, if the received transaction is assumed high risk (based on the rating threshold set by operator). However, it can’t do anything to prevent double-spend attack once the transaction passed Blockcypher verification and cash was provided to customer. Lamassu representative confirmed that there is no alerting mechanism to detect after-the-fact double-spend attack, but the probability of this can be reduced via custom Blockcypher threshold setting. Also global amount of 0-conf transactions reduces the total risk.
We also reached to fourth largest bitcoin ATM supplier on the market — Bitaccess — to ask about 0-conf settings and support at their machines. The company representative mentioned that years ago the 0-confirmation transaction were supported at their machines, but in 2016 they deprecated this functionality as they released a new feature to allow customers of any Bitaccess operator to remotely sell their BTC to a BTM. This means that users can initiate transaction online and send bitcoins in advance. While the phone needs to be provided, the customer then will receive an SMS when 1-confirmation is received, and then customer needs to visit machine only once and get the cash from it immediately, without need to wait.
Also the company representative mentioned that they plan to support lightning network transactions once the network capacity grows enough. Lightning network transactions can potentially decrease the risk of 0-confirmation.
Main bitcoin ATM producers (Genesis Coin, General Bytes, Lamassu) provide opportunity for operators to set up acceptance of zero-confirmation transactions. In general, all of providers have advanced tool to control the risk exposure in case of zero-confirmation double-spend attack, but there is still a way for improvement. Bitaccess chose a different approach and fully restricts operator and makes impossible to cash out against 0-conf transaction, to compensate for this they implemented a tool where cash out transaction can be initiated remotely over their website and customer needs to visit the machine only once when enough confirmations received.