Hey all,

So last night my friend got duped by a phishing/scam site which ended up costing her 0.6 btc. I noticed that she'd fallen for a scam before the transaction had confirmed, and did my best to broadcast a new double-spend transaction, but my attempts didn't work and eventually the original transaction was confirmed and all was lost. This is a huge hit for her, and I feel pretty shitty that I couldn't help in the end.

I'm a software developer, so naturally this got me to thinking about creating a new service to limit this sort of thing in the future.

This idea has flaws, so I figured I'd post here to see if there's any other suggestions or input.

The basic scenario is this:

• The service maintains a list of known 'scam' addresses. Some scammers just generate a fresh address every time, but others simply have a static page, or a list of a few addresses.

• The service monitors the blockchain for transactions sent to any of the known scam addresses. Once a transaction is detected, it sends a few satoshis to the originator of the transaction, along with a message that they've been scammed and a link to our site.

• IF the scamee sees the transaction, notices the message, and goes to our site, they are given instructions of exactly how to generate and broadcast a double-spend transaction (with a huge fee) in hopes of beating the first scam transaction. The site could host an open source tool that basically does everything for you – you just download it and import the wallet/key that initiated the original transaction.

Some problems:

• Scammers could simply generate a brand new public address every time, rather than re-using the same address. For some reason it seems some are using a single address just now (the one my friend fell for had dozens of past incoming transactions)

• Low chance of double spend success, especially as network speed/mempool problems are fixed in the future and transactions confirm quickly. Still, worth a shot if the alternative is losing everything.

Thoughts?