Monthly Archives: June 2011

good way to understand cryptocash

From Future Imperfect:

Low-Tech ECash

I randomly create a very long number. I put the number and a dollar bill in an envelope and mail it to the First Bank of Cybercash. The FBC agrees –in a public statement –to do two things with money it receives in this way:
1 If anyone walks into the FBC and presents the number, he gets the dollar bill associated with that number.
2 If the FBC receives a message that includes the number associated with a dollar bill it has on deposit, instructing the FBC to change it to a new number, it will make the change and post the fact of the transaction on a publicly observable bulletin board. The dollar bill will now be associated with the new number.

Lets see how this works:

Alice has sent the FBC a dollar, accompanied by the number 59372. She now wants to buy a dollar’s worth of digital images from Bill, so she emails the number to him in payment. Bill emails the FBC, sending them three numbers: 59372, 21754, and 46629.

The FBC checks to see if it has a dollar on deposit with number 59372; it does. It changes the number associated with that dollar bill to 21754, Bill’s second number. Simultaneously, it posts on a publicly observable bulletin board the statement “the transaction identified by 46629 has gone through.” Bill reads that message, which tells him that Alice really had a dollar bill on deposit and it is now his, so he emails her a dollar’s worth of digital images.

Alice no longer has a dollar, since if she tries to spend it again the bank will report that it is not there to be spent – the FBC no longer has a dollar associated with the number she knows. Bill now has a dollar, since the dollar that Alice originally sent in is now associated with a new number and only he and the bank know what it is. He is in precisely the same situation that Alice was in before the transaction, so he can now spend the dollar to buy something from someone else. Like an ordinary paper dollar, the dollar of ecash in my system passes from hand to hand. Eventually someone who has it decides he wants a dollar of ordinary cash instead; he takes his number, the number that Alice’s original dollar is now associated with, to the FBC and exchanges it for a dollar bill.

My ecash may be low tech, but it meets all of the requirements. Payment is made by sending a message. Payer and payee need know nothing about the other’s identity beyond the address to send the message to. The bank need know nothing about either party. When the dollar bill originally came in, the letter had no name on it, only an identifying number. Each time it changed hands, the bank received an email but had no information about who sent it. When the chain of transactions ends and someone comes into the bank to collect the dollar bill he need not identify himself; even if the bank can somehow identify him he has no way of tracing the dollar bill back up the chain. The virtual dollar in my system is just as anonymous as the paper dollars in my wallet.

With lots of dollar bills in the bank there is a risk that two might by chance have the same number, or that someone might make up numbers and pay with them in the hope that the numbers he invents will, by chance, match numbers associated with dollar bills in the bank. But both problems become insignificant if instead of using 5-digit numbers we use 100-digit numbers. The chance that two random 100-digit numbers will turn out to be the same is a good deal less than the chance that payer, payee, and bank will all be struck by lightning at the same time.

Now get rid of the central bank (make them peering nodes) and encrypt the envelops it receives so the bank can do its jobs without actually knowing the secret numbers involved.
Advertisements