2021-12-12 · 1 min read
def: zero-conf app
Accepts on-chain payment from untrusted party and possibly delivers product/service depending on risk factors.
- If incoming txn is RBF (direct or inherited)
- then the txn is too risky; wait for 1+ conf, since it can be replaced at any time
- If the payment amount is for an amount greater than X
- then the txn is too risky; wait for 1+ conf, since the amount is worthy of a sophisticated attacker
- wait for txn to propagate through mempool
- If there's no double-spend attempt, then accept zero-conf.
If receiving from fully untrusted third parties, zero-conf apps should be willing to tolerate an expected loss.