

Why BitcoinStore is going to bring an end to a Decade of PayPal - Coinabul1
http://coinabul.tumblr.com/post/44164174080/why-bitcoinstore-is-going-to-bring-an-end-to-a-decade

======
betterunix
Why would a major, established business like Amazon want to deal with Bitcoin?
Transaction times of 10 minutes? Questions about how to pay their taxes (yes,
believe it or not, a business as enormous as Amazon is not going to fail to
pay taxes) and what taxes should be paid on BTC transactions are probably
enough to keep them away. Amazon issues lines of credit to their customers,
and only a fool would issue a line of credit in a currency that has built-in
deflation.

I think it is more likely that Congress will dismantle the military industrial
complex.

~~~
nwh
Generally you can accept transactions with zero confirmations without a huge
issue. For someone like Amazon the small loss you might make from a couple of
double-spends is outweighed by the almost instantaneous transaction.

In an ideal circumstance, you'd average five minutes for a confirmation
anyway. Blocks are usually generated every 10 minutes or so.

~~~
betterunix
I think you are underestimating the number of double-spend attacks that a
business like Amazon would face if they never waited for confirmation. Amazon
has plenty of problems with fraud right now; this would just be another way
for people to commit fraud. It is not just the losses, either; Amazon could
reverse transactions once the double spending is detecting, but they have to
worry about their reputation. The last thing they need is to be known as the
website for people trying to cheat.

Also, "ideal circumstances" do not happen in the real world. IF you want to
convince Amazon to adopt Bitcoin, you need to impress them with _typical_ and
_realistic_ circumstances.

~~~
nwh
Given that double spends are reasonably expensive, you could just use zero
confirmations for anything under 25BTC and the standard six confirmations for
the rest. If you double spent a transaction under 25BTC, you would have been
better off just mining a block yourself.

I'm sure anyone spending more than $750 on amazon is probably happy enough
waiting for two or more confirmations.

~~~
betterunix
"I'm sure anyone spending more than $750 on amazon is probably happy enough
waiting for two or more confirmations."

Maybe, but if I can do it without waiting by just sticking with credit cards,
why wouldn't I?

"Given that double spends are reasonably expensive"

I see this being tossed around quite a bit. I am not entirely sure where this
idea came from. Can you _prove_ it, the way that ECDSA (on which Bitcoin is
based) can be proved secure as a signature system? When I hear this sort of
statement, it sounds a lot like, "Nobody has published any way to double spend
cheaply, and I cannot think of one; therefore it must be an expensive thing to
do!"

I do not mean to be insulting with that, I really would like to know why
people think double spending attacks are _necessarily_ expensive. On top of
that, how do we know that a double spending attack would be _more_ expensive
than the payoff -- especially when you are dealing with a complex marketplace,
where a double spending attack may be just one component of a larger scheme.
Maybe the point will just be to deny another person the ability to buy
something, by double-spending until the merchant is sold out of the item, or
as shills in an auction to try to inflate the price (should Amazon revive its
auctions system).

This reminds me of the sort of argument I had with Hushmail users back before
the infamous DEA incident. Your secret key is sitting there, on their servers;
they could read your mail if they wanted to or if someone had a gun to their
head. People said it couldn't happen, that the key would only be in RAM for a
split second, that using their Java applet solved the problem, etc. Then the
DEA turned up in court with a mountain of decrypted email from Hushmail (and
then, as if the entire world just wanted to aggravate me, people starting
saying that PGP had security problems). Cryptography tends to be black-and-
white when it comes to security: you are either secure, or you are not secure,
and there is rarely anything in-between (with multiparty computation, that
might be changing; people are now talking about the "covert model" and "one-
bit leakage" notions of security, which are in that middle area).

~~~
Anderkent
_Maybe, but if I can do it without waiting by just sticking with credit cards,
why wouldn't I?_

How can you? If a credit card transaction can be charged back, it effectively
never clears (or doesn't clear as long as the chargeback is possible, if
there's a time limit on chargeback). So in any situation where you would be
willing to take a possibly chargeback-able, you should be willing to take an
unconfirmed bitcoin.

 _"Nobody has published any way to double spend cheaply, and I cannot think of
one; therefore it must be an expensive thing to do!"_

The fact that nobody published a cheap way to double spend is strong evidence
that it's difficult and expensive to double spend.

Also it doesn't really matter if there is some obscure method to cheaply
double spend, since because of its obscurity it would only affect a small
number of transactions (and presumably once it is used it will be detected and
made public, at which point it can be fixed).

~~~
betterunix
"The fact that nobody published a cheap way to double spend is strong evidence
that it's difficult and expensive to double spend."

Nonsense. Bitcoin is only a few years old. It is not nearly well-studied
enough to claim that there is any good evidence that double spending is
costly. Keep in mind that in the first few years of RSA, people thought that
128 bit public keys would be sufficient for centuries. Bitcoin has not
received anything close to the attention RSA received from the research
community, or even that attention given newer ciphers like AES.

"Also it doesn't really matter if there is some obscure method to cheaply
double spend"

That is kind of like saying, "It does not really matter if there is some
obscure method to crack RSA quickly."

"since because of its obscurity it would only affect a small number of
transactions (and presumably once it is used it will be detected and made
public, at which point it can be fixed)."

Or it might turn out that there is no fix and that the attack would work no
matter what you did to Bitcoin. Maybe not confirming transactions is an
inherently insecure way to do business. It is equally possible that cheap
double spending attacks are impossible due to some property of Bitcoin. Right
now there is no clear answer; you just have to shrug and hope for the best if
you neglect to wait for confirmations.

------
jareau
Why is bitcoin the one "true" alternative? If payment services like Balanced
and Stripe solve most of the problems of PayPal (frozen accounts, pleasant
APIs, etc) then why are they less worthy alternatives?

~~~
Coinabul1
I feel like there are more problems at PayPal than just frozen accounts. The
inherent issues I have with PayPal is a: they're a middleman and bump up
prices. and b: they facilitate chargebacks which lead to an ever increase
amount of fraud.

More fraud equals more cost. As the conventional alternatives continue to grow
they'll face more and more fraud. Bitcoin has no chargeback fraud. It never
will.

~~~
slinkyavenger
Bitcoin fluctuates wildly in value. Bitcoin takes quite a while for a
transaction to happen, and there are waits and fees involved in exchanging
money from USD and back to USD. Bitcoin doesn't allow chargebacks, an
important consumer protection mechanism, therefore helping to perpetuate
fraud.

No one wants to buy anything with bitcon, and no one wants to go through the
trouble of selling anything with bitcoin.

~~~
mrb
_"No one wants to buy anything with bitcon, and no one wants to go through the
trouble of selling anything with bitcoin."_

You have absolutely no idea what you are talking about.

\- There are at the very least 5k+ merchants selling products & services for
bitcoins - a small fraction of them is listed on
<https://en.bitcoin.it/wiki/Trade> \- and this is increasing every day

\- BitPay alone signed up 1500 businesses accepting Bitcoin:
[http://finance.sfgate.com/hearst.sfgate/news/read/23400142/w...](http://finance.sfgate.com/hearst.sfgate/news/read/23400142/when_your_paypal)

You are not a Bitcoin user and have no idea how successful it is, that is
fine, but do not spread lies. Obviously you have no idea how quickly the
number of buyers and sellers using Bitcoin is rising...

~~~
slinkyavenger
Every business I hear about that starts accepting bitcoin does so through a
third party exchanger - so companies are still getting paid in USD. That
doesn't count as a bitcoin accepting company.

~~~
Anderkent
Can I pay with bitcoin? Yes. Then it is a bitcoin accepting company. I don't
care if they use someone else for the infrastructure and sell the bitcoins
immediately.

~~~
slinkyavenger
That's called going through a re-seller. Of course, they also make sure to get
a cut.

Still just about anyone not doing business below the table is going to prefer
USD, or some other state-backed currency.

------
sethist
Until the value of Bitcoin is more stable and technology illiterate people
start to use it, there is no way that something like this can replace PayPal.

~~~
astrodust
It's not the price stability, which is still a serious concern, but the fact
that you're talking about a system designed by crypto-anarchists.

There is no way Bitcoin will _ever_ displace Paypal without serious,
fundamental changes.

~~~
wmf
It's funny you should mention that, since Paypal was also founded by crypto-
anarchists.

~~~
astrodust
Paypal is also an entity with a head office, where the people involved in
creating it are widely known. Although you might disagree with their policies
or ethics, at least they're a legitimate concern.

Bitcoin was created by "some guy" that, if anybody knows them, nobody's
talking. Illegal, underground money lenders are more above-board than this.

------
SpikeDad
Another favorite geek service that touted as the end of something that regular
folks use. Do folks around her realize yet that we're not regular folks and
our interest, desires and accommodations are often not connected at all with
those of the average non-geek person?

~~~
throwawayG9
I'm pretty sure average non-geek persons will receive with open arms a
currency that can't be manipulated by the government, among other benefits,
once they are sure it's safe and not a scam, like some people even here in HN
sometimes suggest.

~~~
illuminate
So, geeks and Birchers? :p

~~~
throwawayG9
What do you mean by "bircher"? I found this:
<http://www.urbandictionary.com/define.php?term=bircher>

~~~
illuminate
Not at all. <http://en.wikipedia.org/wiki/John_Birch_Society> , the Ron Paul
fans, and anyone else against the Fed.

------
foxylad
It seems to me that the beauty (and probably the downfall) of bitcoin is that
it is equivalent to cash. If you're careful, you can use it anonymously. No
charge-backs - just like cash.

You need to use the same care with bitcoin as we used to use with cash. Credit
cards are far more forgiving, thanks mainly to the charge-back mechanism
(which incidentally is a US thing - in most countries it is un-heard of).

My biggest fear for bitcoin is that governments will kill it, because they
have no control over it. They've been delighted to see cash fading away, but I
predict that if bitcoin ever does get traction with the general public, we'll
see a deluge of "bitcoin is the currency of the terrorists and child-
molesters" propaganda which will make copyright scaremongering seem quaint.

------
mootothemax
Not a single mention of fraud prevention, AKA why no-one else has successfully
challenged PayPal to date.

Buyers can perform fraud. Sellers can perform fraud. Sometimes they're the
same person. None of this is easy. But articles like this pretend it is.

------
thinkcomp
If you want to know why PayPal has been around for a decade with no
competitors, you should read this:

<http://news.ycombinator.com/item?id=5295236>

~~~
Coinabul1
Exactly. They've stacked the deck against any startup. I recall that one
startup in California, facecash or something, that couldn't get licensing even
though they're entirely qualified.

That's the beautiful thing about Bitcoin, it isn't just any startup, it's an
open source project. If one exchange can't get a banking license, another one
will. Everyone can use it and no one can shut it down at a centralized
location.

~~~
thinkcomp
I run FaceCash. I would advise talking to a lawyer. (I am not a lawyer.)

I would also advise, to anyone who can make it, going to Sacramento on March
11:

<http://abnk.assembly.ca.gov/hearings>

~~~
Coinabul1
I've talked with lawyers! I don't advise running an exchange anywhere near the
United States. (But yes, I'm not a lawyer either.)

If I didn't have jury duty I would be there. I hope you can shed some light on
these guys. Can I expect another post with updates? :)

