[cca]

(Christian from Stripe here.) We credit USD to our user's account when we see a transaction that we believe will become confirmed. The time-delay between when the customer pushes the transaction and when we notify our users is typically less than 15 seconds and almost always less than 60 seconds.

[Shank]

Has the technology changed/evolved enough that that's credible? I was under the impression that it wasn't "fully confirmed" by the network until a new block was mined, or you could have double spend attacks?

[sfeng]

Credit card fraud protection often relies on heuristics, perhaps they are doing a similar thing here.

[veryluckyxyz]

> We credit USD to our user's account when we see a transaction that we believe will become confirmed.

Can you please elaborate?

[NeutronBoy]

Really the key question is: if a transaction that you believe will become confirmed, turns out to be invalid, who wears that? Stripe, or me? Will Stripe eat that, or will I get hit with the difference?

[sah88]

What happens if it does not get confirmed. Do you debit the account by an equivalent amount or eat it?

[cca]

It's a good question. We want Bitcoin acceptance to be straightforward for our users, so we deal with a failed confirmation on our side. We do not debit the user.

[runeks]

Hence the 0.5% fee. :)

I suspect this is the reason Bitpay is able to waive fees completely: they do not take responsibility for unconfirmed transactions.

> Note: Regardless of the transaction speed settings, a fully paid invoice is credited to your merchant account after the transaction has accrued six confirmations. [1]

[1] https://support.bitpay.com/hc/en-us/articles/202943915-What-...

[freework]

its very easy to predict if a transaction will confirm.

[runeks]

The problem isn't detecting whether 99% of transactions will confirm.

The problem is preventing someone from ordering $10,000 worth of gold from a site that uses Stripe with Bitcoin payments enabled. Sending a paying transaction to Stripe, who confirms it within a minute, and simultaneously mining a block with contains a transaction that double spends the bitcoins sent to Stripe.

Stripe is now out $10,000. You receive your gold, sell it to your local bullion dealer for $9,500.

Of course, for Stripe, there are various hackish ways around this problem, like defining a maximum amount of, say, $1000, so that the above attack requires the attacker to mine 10 blocks instead of 1 (ie. repeat the procedure 10 times), in order to earn $10,000.

But they don't really solve the fundamental problem of accepting unconfirmed Bitcoin transactions.

[freework]

It costs 80 million dollars to buy all the hardware to mine a single block. It will probably costs 800 million dollars to amass enough computing power to mine 10 blocks. It only makes sense to double spend a transaction with a VERY large amount. No transaction going through stripe will qualify.