Chargebacks are a fiat problem because the fiat system allows them to exist. Not only allowed, they are accepted as a normal part of doing business.
A chargeback is a forced transaction reversal where a customer’s bank or credit card issuer takes funds directly from a merchant’s account to refund a customer. They typically occur in cases of fraud, when goods are not received, or an item is defective. They operate primarily to protect the customer, and these protections come at the expense of the business—especially when the chargeback is manipulated by the customer.
Banks and credit card issuers in the fiat world act as the intermediary between a customer and a business and are the ruling authority that can grant or deny the chargeback. In cases where a chargeback is requested, it is the business’s responsibility to provide evidence to deny a chargeback. Given the fact that anyone requesting a chargeback is either a customer of the bank or the credit card issuer, whose side do you think the bank or the credit card issuer will be on?
The old adage of “the customer is always right” holds true. Obviously, not every chargeback is approved, but if the acting intermediary can simply pass off the brunt of a chargeback to a business and make their customer happy all in the same act, what do you think typically happens?
The scale at which chargebacks impact US businesses is impressive:
Chargebacks are a fiat concept because of how our traditional payment rails operate. With Bitcoin and its transaction finality, there are no “chargebacks.” This is great for a business because it means the only way a “refund” can occur is if it is truly warranted. That means a customer must return to the store with the item and receipt, or must ship the item back per the terms of return. In this sense, the return is not extractive in nature; both parties are returning to their original status.
However, just because there are no traditional “chargebacks” in Bitcoin does not mean there isn’t a Bitcoin version of the fiat chargeback.
Bitcoin’s version of a chargeback is the address swap attack.
While Bitcoin makes returning an item more fair for the business, the lack of intermediaries does present potential pitfalls for both the customer and business via an address swap attack. We argue this lack of intermediaries is a net benefit, but it’s worth noting the tradeoffs and taking steps to protect against them.
An address swap attack is, by definition, fraud where an attacker replaces a legitimate Bitcoin (or Lightning) receiving address with one that they control. Unless detected, the sender will send their transaction to the malicious address instead of the intended recipient, resulting in a loss of funds.
Common vectors enabling these attacks are clipboard malware that detects copied addresses and substitutes the attacker’s address before you paste, and compromised websites or browser extensions that rewrite the address field on an invoice/payment page. There are also such attacks where the UX of a website could potentially display the proper address, but the backend of the site actually directs to a malicious address.
While it is true these attacks are “rare,” every time they do happen, they are expensive, damage the reputation of a merchant, and are a net negative for Bitcoin. As Bitcoin scales as a medium of exchange, even having a 1 in 100,000 attack rate is too high to be reasonably accepted.
Two lines of thought apply when thinking about address swap attacks:
-
Think, “It won’t happen to me. I double-check my addresses before I transmit my transaction.” (Double-checking your address does nothing if your device is co-opted; you can still be attacked).
-
Attack the issue and identify that this is a problem holding back Bitcoin from being widespread money; then fix it.
Branta aligns itself with the second thought and has a singular mission to create a world where sending Bitcoin transactions is not only frictionless but also anxiety-free.
Branta contends that address swaps are worse than the fiat chargeback because when address swaps occur, the only winner is the malicious actor. The business and the customer both lose.
One Sat stolen is capital misallocation and is unacceptable.
Being the armor against these exploits is vital to the mission of Branta and is specifically the defense Branta’s Guardrail provides. By being a verification source, Branta offers one more layer of security that specifically aims to verify the validity of an intended transaction.
However, it is worth it to flesh out the thinking of the first option from above. Let’s assume you have the belief that address-swap attacks are nothing to worry about, and you are protected. Except, let’s assume that one happens to you.
What would that look like? Multiple scenarios paint the picture that this is a very real pain point and liability that could happen to anyone.
Example #1) You are a seasoned Bitcoin vet intending to purchase something from a Bitcoin vendor. You queue up your cart and scan the QR Code for your Lightning transaction. You have done this a million times. You click confirm and see that it was “accepted.” Yet, you don’t receive any confirmation from the vendor. You wait a day and still have no confirmation. You reach out to the vendor, and they don’t have any receipts for the funds. The reason for this is that the address you thought was the real address was actually the attacker’s address you were confirming. Your Bitcoin is gone, the vendor does not receive funds, and you don’t receive the item you want. Losses all-around.
Example #2) You have stacked diligently and have a sizeable amount of Bitcoin you want to send to cold storage to save for the future. You queue up your address from the exchange, and you hit send. You wait for the transaction to hit the mempool, and you watch as it is verified on the Bitcoin Network. You wait and you wait, yet your funds never arrive in your cold storage wallet. You triple-check the original transaction, and you realize you were a victim of an address swap attack. Your Bitcoin is gone. You lose.
Example #3) You are new to Bitcoin and are excited about using it as payment. Your friends and family have talked about it for a while, and you finally decided to learn how to buy some for yourself. You go to a Bitcoin merchant and want to buy a product for the first time with Bitcoin. This is a similar situation to example 1 above, except in this case, you are new to Bitcoin. You get address swapped and realize the “fiat safety measures” are not in place within the realm of Bitcoin. You leave Bitcoin forever because you were stolen from. The merchant loses a customer, and Bitcoin loses a loser. You lose, the business loses, and the circular economy of Bitcoin loses as well.
These examples all impact Bitcoin and the circular economy in different ways. Regardless of their negative impact, it is undeniable that address swap attacks and similar attacks cannot be an outcome that is routinely possible in a world where Bitcoin is commonly used as a medium of exchange.
From a business side of things, your customer having a bad experience reflects negatively on your storefront. If your customer is “stolen” from when trying to interact with your checkout page, what is the likelihood they will trust you as a merchant going forward? If they keep this issue private, you have lost one customer. If they post about it online, you now have negative press you have to deal with.
From an individual perspective, there are varying levels of responses. If you lose a huge chunk of your stack when sending to a vault, what makes you want to come back to the world of Bitcoin if this level of theft can just happen? If you are a newcomer to Bitcoin and are excited to spend your Bitcoin in the circular economy, and you lose it via an address-swap attack, that fiat credit card in your pocket looks way more attractive to return to.
In the Bitcoin world, there are no intermediaries to reverse a transaction in the case you get address swapped. In the Bitcoin world, Guardrail is the solution to prevent these attacks.
Don’t trust, verify.
Use Guardrail.