The sole purpose of crypto is to bring back the power to the
masses. Bitcoin led the way and as a revolutionary coin, it is a product of
adversity and a leader of a transformation. This means, with every induction,
the coin is edging closer to mainstream adoption and that is precisely what
every enthusiasts and observer wants. Considering its global nature and how it
can be shaping, making these coins accessible to everyone is of top priority.
For this reason, the team behind this novel drive saw it fit
to introduce Bitcoin kiosks or crypto teller machines. Although there is no connection
with those dispensing government issued fiat, these ATMs embodies decentralization.
These ATMs can be two-way, meaning you can buy supported cryptocurrencies and
some allows conversion of crypto assets for fiat. Obviously, they are convenient
points where users can sell supported coins for a fee while receiving an equivalent
amount in fiat.
In North America, the
US leads in the number of installed ATMs but it is Canada that is grabbing all
the attention thanks to recent and an unfortunate heist that saw $200k in cash
double spent by four scammers across seven towns including Calgary—with 45
Bitcoin ATMs and Montreal with 102 ATMs.
Back to Basics: double spending and Zero-confirm Transactions
But the question in everyone mind is how did they pull it? How did they double spend what is supposedly an immutable transaction? Well, to understand how they did it and how rampant it can be, we must verse ourselves with two terms. Firstly, the meaning of a double spending and secondly, why merchants prefer zero-confirm transactions. In bare minimum definition, a double spend is simply the risk that any cryptocurrency can be spent twice.
It is a problem specific to digital assets and
cryptocurrencies in particular in that digital information can be replicated. The
good thing is that Satoshi successfully demonstrated that by employing a decentralized
system where mathematics and encryption verify transaction logs it was possible
to stop double-counting.
On the other hand, zero-confirm transactions are transactions
that have been successfully broadcasted in the network but are yet to be “confirmed”
by a miner and after that etched into the blockchain and therefore becoming
valid. Double spending is
discouraged and has been made expensive for would be attackers.
Convenience Over Security?
Unfortunately, there is a new breed of users preferring speed
over security of their digital assets. It is understandable. Thanks to the 10—20
minute wait time that a typical Bitcoin transaction takes, a merchants and
users who accept zero-confirm transactions need not to wait and is a debatable
subject. Not all ATMs accept zero-confirm transactions. Merchants using BitPay as an intermediary
automatically accept zero-config transactions but these are adjusted. Casinos
do accept zero-config transactions but need a 1 to 3 configuration for
All the same, these scammers took advantage of this lack of
confirmation, reversing those transactions and thereafter converting the same
Bitcoins for cash.
In the early days of Bitcoin, it was possible to send
transactions if they were small enough or had an element of priority. However,
with increasing use and miners in for profit, a user must pay for every
transaction. And not just any fees. Miners are in business and the higher the
fees, the faster the confirmation. There is a fee-rate measuring applicable fees at any time
and is measured in satoshis per byte.
Now, since not all ATMs accept zero-config transactions, it
is likely that they did their home work and after picking out these ATMs, they replaced
older Bitcoin transactions with new ones with higher fees meaning miners paid
attention and confirmed them in a procedure known as Replace by Fee (RBF).
RBF was introduced in BIP-0125.
If that didn’t work out, they could as well send the original
amount to their Bitcoin wallet(s) while including better fees. The only trick
for this double spending is that the wallet of choice must support double
spending in one way or another. Any of these options are legal and Satoshi
Nakamoto introduced them but was disabled at some point—after Bitcoin Core