From: Hal Finney <hal@rain.org>
Date: Sat, 3 May 1997 06:16:02 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Bypassing the Digicash Patents
Message-ID: <199705022130.OAA01562@crypt.hfinney.com>
MIME-Version: 1.0
Content-Type: text/plain


Robert Hettinga, <rah@shipwright.com>, writes:
> Again, it's using the right business model, and not necessarily
> cryptography, which makes a market happen. Blind signatures and hash
> collisions are necessary, but not sufficient, for the market to exist.

Bob, if I understand you correctly, you've suggested that digital
bearer instruments will in the long run actually be more efficient than
conventional book entry based transaction models.  Anonymity will be
cheaper than identified transactions.

But, if digital bearer certificates of all kinds are, as you suggest,
cheaper and more efficient than conventional ones, why can't we just
use ordinary non-blinded digital instruments and ignore the identifying
information?

For example, XYZ Co. could issue a signed note saying "Serial number
12345, worth 100 shares of XYZ Co.".  A bank could issue a signed note
saying "Serial number 54321, worth $100 at DigiBank".  These can be done
with ordinary digital signatures.  No blinding or patent issues arise
(by the end of this year, when the patents expire!).

These are not blinded, so they are in principle traceable.  They have to
have unique serial numbers to solve the double spending problem, and those
could be used to track them.

This makes them less attractive from the privacy perspective, but what
about from the point of view of the financial markets?  Can they just
ignore the serial numbers and treat them as the bearer certificates you
have been talking about?  (Don't real bearer certificates often have
serial numbers on them?)

Maybe this geodesic market you're talking about (which I don't understand
at all) could work with current technology?

Hal