This is How Scammers Double Spent $200k Worth of Bitcoins in Seven Canadian Cities
The sole purpose of crypto is to bring back the power to the masses. Bitcoin led the way and as a revolutionary coin, it is a product of adversity and a leader of a transformation. This means, with every induction, the coin is edging closer to mainstream adoption and that is precisely what every enthusiasts and observer wants. Considering its global nature and how it can be shaping, making these coins accessible to everyone is of top priority.
For this reason, the team behind this novel drive saw it fit to introduce Bitcoin kiosks or crypto teller machines. Although there is no connection with those dispensing government issued fiat, these ATMs embodies decentralization. These ATMs can be two-way, meaning you can buy supported cryptocurrencies and some allows conversion of crypto assets for fiat. Obviously, they are convenient points where users can sell supported coins for a fee while receiving an equivalent amount in fiat.
In North America, the US leads in the number of installed ATMs but it is Canada that is grabbing all the attention thanks to recent and an unfortunate heist that saw $200k in cash double spent by four scammers across seven towns including Calgarywith 45 Bitcoin ATMs and Montreal with 102 ATMs.
Back to Basics: double spending and Zero-confirm Transactions
But the question in everyone mind is how did they pull it? How did they double spend what is supposedly an immutable transaction? Well, to understand how they did it and how rampant it can be, we must verse ourselves with two terms. Firstly, the meaning of a double spending and secondly, why merchants prefer zero-confirm transactions. In bare minimum definition, a double spend is simply the risk that any cryptocurrency can be spent twice.
It is a problem specific to digital assets and cryptocurrencies in particular in that digital information can be replicated. The good thing is that Satoshi successfully demonstrated that by employing a decentralized system where mathematics and encryption verify transaction logs it was possible to stop double-counting.
On the other hand, zero-confirm transactions are transactions that have been successfully broadcasted in the network but are yet to be confirmed by a miner and after that etched into the blockchain and therefore becoming valid. Double spending is discouraged and has been made expensive for would be attackers.
Convenience Over Security?
Unfortunately, there is a new breed of users preferring speed over security of their digital assets. It is understandable. Thanks to the 1020 minute wait time that a typical Bitcoin transaction takes, a merchants and users who accept zero-confirm transactions need not to wait and is a debatable subject. Not all ATMs accept zero-confirm transactions. Merchants using BitPay as an intermediary automatically accept zero-config transactions but these are adjusted. Casinos do accept zero-config transactions but need a 1 to 3 configuration for withdrawal.
All the same, these scammers took advantage of this lack of confirmation, reversing those transactions and thereafter converting the same Bitcoins for cash.
In the early days of Bitcoin, it was possible to send transactions if they were small enough or had an element of priority. However, with increasing use and miners in for profit, a user must pay for every transaction. And not just any fees. Miners are in business and the higher the fees, the faster the confirmation. There is a fee-rate measuring applicable fees at any time and is measured in satoshis per byte.
Now, since not all ATMs accept zero-config transactions, it is likely that they did their home work and after picking out these ATMs, they replaced older Bitcoin transactions with new ones with higher fees meaning miners paid attention and confirmed them in a procedure known as Replace by Fee (RBF). RBF was introduced in BIP-0125.
If that didnt work out, they could as well send the original amount to their Bitcoin wallet(s) while including better fees. The only trick for this double spending is that the wallet of choice must support double spending in one way or another. Any of these options are legal and Satoshi Nakamoto introduced them but was disabled at some pointafter Bitcoin Core 0.12+.
The post This is How Scammers Double Spent $200k Worth of Bitcoins in Seven Canadian Cities appeared first on Ethereum World News.