[Noisebridge-discuss] Is there an electronic equivalent of cash?

David Molnar dmolnar at gmail.com
Sun Dec 13 06:27:11 UTC 2009


On Sat, Dec 12, 2009 at 9:58 PM, Danny O'Brien <danny at spesh.com> wrote:
> On Fri, Dec 11, 2009 at 10:14 PM, Rebecca Bellovin
> <rmbellov at math.stanford.edu> wrote:
>> On Fri, 11 Dec 2009 21:57:55 -0800
>> Jason Dusek <jason.dusek at gmail.com> wrote:
>>
>>>   Is there a way to pay anonymously online, either in
>>>   theory or in practice?
>>>
>>
>> In theory, yes (http://en.wikipedia.org/wiki/Digital_cash).  This was
>> originally work of David Chaum in the '80s using blind signatures
>> ("Blind signatures for untraceable payments",
>> http://dsns.csie.nctu.edu.tw/research/crypto/HTML/PDF/C82/199.PDF).
>> There's also a second paper from 1990 by Chaum, Fiat, and Naor
>> ("Untraceable electronic cash",
>> http://dsns.csie.nctu.edu.tw/research/crypto/HTML/PDF/C88/319.PDF)
>> which improves the protocol: the penalty for spending the same
>> electronic coin twice is having your identity revealed!  Both papers
>> are pretty readable, and involve pretty much no math.
>>
>> At some point, Chaum started a company to implement his electronic
>> cash scheme, but it went bankrupt some time ago.
>>
>
> I'm pretty sure the patents on these techniques are now expired. Let
> the 2010 cypherpunk renaissance begin!

Patents are just one issue here, and perhaps not the largest issue
with Chaum style e-cash. Any payments company today will need to deal
with fraud. While e-cash has the advantage of being a bearer
instrument, which means instant settlement without credit card
chargebacks, that also means if your machine is infected with malware
that steals your e-cash, it's hard to reverse that transaction and
make you whole. This is a marked difference from today's account based
model used by web-based credit card payments, where when someone does
steal your credit card, most banks will reverse the transaction and
refund your money. (Not always, but often enough that most customers
don't have the incentive to move to anything new.)

There's also the issue that if your payment system starts being used
to do things that are not liked by some law enforcement agency,
somewhere, you start having problems. The e-gold story is interesting
here, in that they cooperated with law enforcement but still ended up
serving sentences.
http://www.wired.com/threatlevel/2009/06/e-gold/
Note that the PayPal founders explicitly had goals that sounded
similar to the cypherpunks (not sure if the PayPal people knew about
the cypherpunks or not)...but that didn't pan out.

These are hard issues that have relatively little to do with patents.

I am not saying that Chaum style e-cash is a bad idea, or that new
payment schemes are doomed. Far from it. In fact, there's a lot of
movement now on payments inside iphone apps (mediated by Apple),
payments in virtual currencies (WoW gold, QQ coin, Farmville &
friends), and payments in social networks. (Hi5, at least one Facebook
startup, and Facebook has been promising a payments platform since
early 2008). Everyone knows that today's web based credit card
transactions have significant downsides, especially in the form of
chargebacks to merchants and fees that make microtransactions
prohibitive.

What I am saying is that while patents and refusal to license them may
have torpedoed DigiCash's chances in the 90s, it's a different world
now. Even if the patents were done, an attempt to resurrect chaum
style e-cash bearer instruments now has to displace a large and
entrenched competitor, namely credit card web payments. That can be
done, but my bet is that it will be done by finding a rapidly growing
niche that is unsuitable for credit cards, more suited for
instant-settlement bearer instruments that have privacy, and going
from there, not by coming up with a new implementation of a recently
expired patent.

David Molnar



More information about the Noisebridge-discuss mailing list