In this article, we’ll discuss the concept and importance of confirmations in ensuring secure transactions on a blockchain network. So let's dive in and learn more about blockchain confirmations!
What are Blockchain Confirmations?
Blockchain confirmation refers to the number of blocks added to the blockchain after a transaction has been included in a block. When a transaction is broadcast to the network, it enters a pool of unconfirmed transactions. Miners then collect a group of these transactions and include them in a block, adding to the chain of previous blocks. Once a transaction is included in a block, it is considered to have one confirmation.
Confirmations are critical to blockchain technology because they provide security and immutability to transactions. Without confirmations, it would be relatively easy for a malicious actor to alter or reverse a transaction, undermining the integrity of the entire blockchain. In addition, by requiring multiple confirmations to consider a transaction as finalized, those who use the blockchain can have faith that a transaction should be irreversible and tamper-proof or at least as close to it as practically possible.
Unconfirmed transactions, also known as "pending" transactions, have been broadcast to the blockchain network but have not yet been included in a block. Instead, these transactions are stored in a pool or pools of unconfirmed transactions and are waiting to be picked up by a miner to be included in the next block.
While typically, a transaction sent using a reasonable fee will be confirmed without any issues, there are several reasons why a transaction may remain unconfirmed, such as:
Low Transaction Fee: Transactions with a low fee may take longer to be confirmed because miners prioritize transactions with higher fees. In some cases, they may eventually fail.
Network Congestion: if there are too many unconfirmed transactions in the network, it can take longer for a transaction to be confirmed.
Miner's Preference: Some miners may choose to confirm transactions from specific wallets or addresses over others.
How Many Confirmations is Enough?
The number of confirmations a transaction has is an indication of how secure it is. The more blocks that have been added to the blockchain after a transaction, the more difficult it becomes for an attacker to reverse or alter it. However, what exactly should be constituted as a finalized transaction can vary, both depending on the specific blockchain, the amount, and those who are using it.
Commonly when using Bitcoin, most platforms will accept deposits with between 1 and 3 confirmations depending on the size of the transactions and other factors. Ethereum deposits typically require between 32 and 64 confirmations, but given block times are much shorter on Ethereum, it’s common for an Ethereum transaction to be sufficiently confirmed before a bitcoin transaction that was sent at the same time.
The size of the network is a significant factor when determining the reasonable amount of confirmations required for a transaction to be considered secure and final. However, often this is more complex and nuanced as things can be affected by the consensus algorithm and other variables. Typically the best way to decide on what is right for you is to look at what other wallets, platforms, and services are doing and then find the average for that specific blockchain; just beware that some platforms will accept higher-risk transactions in an attempt to enable faster access to their services, this is common with crypto gambling websites for example who will even accept zero confirmation transactions in some cases.
Zero-confirmation transactions, also known as "0-conf" transactions, are transactions that are claimed to be valid and secure by some people even before they have been included in a block. While this can provide faster confirmation times, it also comes with several risks:
Double-spending: One of the main risks of 0-conf transactions is the possibility of double-spending. This occurs when a malicious actor sends a transaction to one recipient and then sends a second conflicting transaction immediately to another recipient using the same funds. Because 0-conf transactions are not yet confirmed, a double-spend attack can often be successful far easier than in other situations.
Finney attack: A Finney attack is a type of double-spending attack where an attacker mines a block and includes a 0-conf transaction that they have already broadcast. This can allow the attacker to spend the same funds twice, as the second transaction will be included in the block and confirmed, while the first transaction will be discarded.
Race attack: A race attack is a type of double-spending attack where an attacker sends two conflicting 0-conf transactions to different merchants. The attacker then waits to see which transaction is confirmed first and then uses the second transaction to reverse the first one.
Vector76 attack: This is a variation of the Finney attack where an attacker uses a rented or compromised mining hash power to confirm their own transaction before broadcasting it, making it more likely to be confirmed by another miner.
Malleability attack: In this case, an attacker can change the transaction ID of a zero-conf transaction, making it difficult to track and confirm.
Reverse transaction: An attacker can reverse a zero-conf transaction by broadcasting a conflicting transaction with a higher transaction fee.
These risks make it more likely for a malicious actor to successfully execute a double-spend attack, steal funds, or otherwise manipulate the system. Therefore, it is recommended to wait for multiple confirmations before considering a transaction secure and final.
A blockchain reorg, short for "reorganization," occurs when a new block is added to the blockchain that creates a new chain tip, causing the previously accepted blocks to be discarded. This event could cause previously confirmed transactions to be reversed or invalidated.
Reorgs can happen naturally in a blockchain network, particularly in those that use a proof-of-work consensus mechanism like Bitcoin and Monero, where multiple miners compete to add new blocks to the chain. When two miners solve the proof-of-work puzzle simultaneously and broadcast their blocks, the network will temporarily split between two different chains. As more blocks are added, the network will eventually converge on a single chain. Still, transactions included in the discarded chain will be considered unconfirmed or invalidated during this time.
However, reorgs can also be caused by malicious actors, known as a 51% attack, where a miner or group of miners control more than 50% of the total mining power in a network, allowing them to create a longer chain and reverse or invalidate previous transactions.
Reorgs can have serious consequences for confirmed transactions. For example, a user who thought they had successfully transferred funds may find that the transaction has been reversed and the funds are no longer available. In this way, reorgs can also affect merchants who may have shipped goods based on a later invalidated payment.
To minimize the risk of reorgs affecting confirmed transactions, it's recommended to wait for a higher number of confirmations before considering a transaction as secure. Additionally, some blockchain platforms provide additional security mechanisms, such as "checkpoints," that can help prevent reorgs from occurring.
Checking a Transaction for Confirmations
There are several ways to check the confirmation status of a transaction on a blockchain. The most common method is a blockchain explorer, a website that allows users to view transaction details and the status of the transaction.
To check the confirmation status of a transaction, you will need the transaction ID or "TXID" which is a unique identifier for the transaction. Once you have the TXID, you can enter it into the search bar of a blockchain explorer, and it will display the details of the transaction, including the number of confirmations it has received.
Here are the steps to check the confirmation status of a transaction on a blockchain explorer:
Go to a blockchain explorer website, such as mempool.space for Bitcoin or Etherscan.io for Ethereum. Search for the transaction ID or "TXID" of the transaction. Click on the transaction ID to view the details of the transaction. Look for the number of confirmations in the transaction details.
Another way to check a transaction's confirmation status is through API calls if you are using a wallet or an exchange that provides an API. In this case, the process is similar to using a blockchain explorer; you will need the transaction ID and use the API to get the details of the transaction and check the number of confirmations.
It's also possible to check the confirmation status of a transaction using a command-line interface if you are running a full node of the blockchain. In this case, you will need to use a command to check the transaction details, such as "gettransaction" in Bitcoin or "eth_getTransactionByHash" in Ethereum.
Confirmations are an important concept, and it’s imperative to have at least a basic understanding of them when performing transactions on any blockchain. Thankfully, the basics are easy to understand, and you’ll be able to transact with confidence now you have explored the basics.
If you are even in doubt, just wait for a few extra confirmations. In almost any situation, more is better, which is an easy rule to remember.