Blockstream / green_android

Blockstream Green Wallet for Android
GNU General Public License v3.0
192 stars 75 forks source link

Feature Request: allow scanned QR-code to suggest disabling replace-by-fee. #73

Open berkes opened 4 years ago

berkes commented 4 years ago

Description

As a user with a small amount of "Spending money" in my Green Wallet, When I visit a merchant, bar or other place that accepts Bitcoin in their Point of Sale (POS), Then I want to pay, using the Green Wallet.

Currrently, this is most often not possible. Many merchants, the most visible being BitKassa employ PSPs that:

  1. acknowledge payment on 0 confirmations.
  2. as such, cannot accept "replace-by-fee" (RBF) transactions.

0-conf acceptance is a requirement, as, paying in a shop or any other POS, requires speed: having a line of customers waiting for over 10 minutes per customer is unacceptable. Often such PSPs employ three protections against double spending:

  1. Only allow small amounts (and therefore can carry the risk of double spending)
  2. Check with multiple nodes if a TX arrives at the mempools over the global network.
  3. Deny replace-by-fee.

The latter is the only way to easily remove or double-spend 0-conf transactions. Non-RBF require an attack, e.g. a DDOS on multiple nodes. Which, for small amounts, is really not worth the effort, and otherwise so hard to achieve that the chance this happens is a risk a PSP can easily take.

Version

3.2.4

Steps to reproduce

Pay at any Bitkassa merchant.

The transaction will be placed in the mempool, but the transaction will show up as "error" in the interface of the POS.

Expected behaviour

When I scan a QR code of a merchant that advertises they don't accept RBF-transactions, my wallet should disable that, or suggest disabling it.

And potentially alert me that it was switched off.

Alternatively, the wallet should not allow paying this merchant, if RBF cannot, in any way, be disabled.

Actual behaviour

The merchant is paid. The Teller sees an error at the POS. And the Teller requires another means of paying.

The original payment will go through (as Green has no way of retracting them) and a refund must be requested at the PSP or Teller.

As such, currently, the Green Wallet is unusable for day-to-day payments at POS.

Screenshots

Not applicable.

Device or machine

Android FP2

Additional info

Not applicable

berkes commented 4 years ago

Possible solution: Using BIP21 parameter signalling

BIP 21 does allow for additional parameters:

https://github.com/bitcoin/bips/blob/master/bip-0021.mediawiki

label: Label for that address (e.g. name of receiver) address: bitcoin address message: message that describes the transaction to the user (see examples below) size: amount of base bitcoin units (see below) (others): optional, for future extensions

(emphasis mine).

Adding a &rbf_denied=true might be the most practical and pragmatic solution to signal to a wallet that the recepient will not accept RBF transactions.

The wallet could then act upon this flag by disabling RBF, suggesting to disable RBF, warn the user that a transaction will probably not be accepted and so on.

Green wallet could then disable RBF for this transaction, warn the user about this, and allow the user to choose wether to proceed anyway.

PSPs need to take steps as well, and include this optional parameter in their QR-codes and links.

jeffrade commented 4 years ago

Pay at any Bitkassa merchant.

Same issue with merchant Bitrefill. They can invoice over LN, so I will probably use as a workaround for now.