James Stanley

I started accepting 0-conf Bitcoin payments, and it was great

Wed 29 March 2017
Tagged: smsprivacy, bitcoin

Customers of SMS Privacy have been frustrated with long confirmation times for Bitcoin payments. Even though I only required 1 confirmation, it can still take a long time for that first confirmation if the transaction was accidentally sent with a fee that is too low. Instead of sending money and being able to use the service immediately, customers sometimes had to wait hours. This is immensely frustrating for a legitimate customer: you've sent the money, you're not trying to steal anything, why do you have to wait?

In time, this issue will be solved by improved fee calculation in wallet software, and by second-layer payment methods. In the meantime, I decided to experiment with accepting unconfirmed payments to improve the user experience. (For those less familiar with Bitcoin: unconfirmed payments can be "double-spent" meaning that although a transaction paying you exists on the network, it can be replaced by a different transaction that spends the same money to somebody else; once the transaction is included in a block, the cost of double-spending rises significantly).


For my experiment, instead of waiting for 1 confirmation before crediting payments to user balances, I made my software credit the user's balance as soon as it sees the transaction, for payments up to 0.02 BTC.

I was expecting a certain level of fraud (i.e. some people would double-spend and steal the money, not least because the service is totally anonymous). But this is fine as long as the increased profits due to improved user experience outweigh the losses due to fraud.

Luke Dashjr told me that making it easy to scam me would "attract the wrong kind of people", and that he suspects SMS Privacy is particularly prone to this. So, to limit the maximum exposure to double-spends, I added a limit of 0.1 BTC credited unconfirmed payments: once there is 0.1 BTC of credited payments that have 0 confirmations, SMS Privacy would revert to requiring 1 confirmation for all payments.


I started this about a month ago.

There have so far been 0 instances of double-spend attacks against SMS Privacy. 0 losses due to double-spends. I was very pleased with this, much better than expected. This integrity, despite complete anonymity, is a credit to the SMS Privacy customers.

Total payments since accepting 0-conf payments have been roughly double what they were in the same time period prior to accepting 0-conf payments. I don't know if this is 100% attributable to the acceptance of 0-conf payments, but it is much greater than the organic growth that had been happening up to that point. I also don't have a p-value, sorry.


If the current situation continues (no thefts, and an improved user experience), then I consider the experiment a great success. I think it caused an increase in purchases, but even if the total amount of payments was completely unaffected by the change, the improved user experience is a clear win anyway. I intend to leave the new behaviour in effect for the foreseeable future.

I encourage everybody who accepts Bitcoin payments to try running a similar experiment. Your customers might surprise you.

Finally, as an aside, I don't know if writing about my findings in this post is necessarily wise: perhaps somebody out there will take it as a provocation and will now double-spend SMS Privacy as a joke. Hope not :).

If you like my blog, please consider subscribing to the RSS feed or the mailing list: