From: jamesd@netcom.com (James A. Donald)
To: cypherpunks@toad.com
Message Hash: 12967cbfbe867e7feb9baa3913519c4a0fbab984c2031b6245551a075bfe436f
Message ID: <199408261726.KAA22802@netcom8.netcom.com>
Reply To: <199408260931.EAA17205@chaos.bsu.edu>
UTC Datetime: 1994-08-26 17:26:17 UTC
Raw Date: Fri, 26 Aug 94 10:26:17 PDT
From: jamesd@netcom.com (James A. Donald)
Date: Fri, 26 Aug 94 10:26:17 PDT
To: cypherpunks@toad.com
Subject: Offline cash vs online cash.
In-Reply-To: <199408260931.EAA17205@chaos.bsu.edu>
Message-ID: <199408261726.KAA22802@netcom8.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
Anonymous writes
> there are serious holes in the
> assumptions made by offline digital cash protocols when applied
> to computer networks rather than manually operated smart cards.
>
> ...
> I disagree that "there is no excuse" for double spending. If
> the software is implemented badly (no fault of the user),
So implement it right - the fact that a poorly programmed
bank computer might credit someone with a million dollars
does not prevent banks from using computers.
> ... if the system crashes
> and one must recover from a month old backup, one has to
> go through that old purse and determine which coins have been
> spent.
Return suspect coins to vendor and ask for new coins.
Vendor will detect most of the already spent coins. If
some coins are double spent they will eventually show up
as double spent by the person who had the system crash, who will
simply make them good.
> If a network burps and
> sends a vendor two coins where there should have been one,
> we get double spending.
Actually we do not, because the recipient will detect the coins
are non unique, assuming the protocol is implemented correctly,
and will treat the duplicated message as a single message.
Indeed since coin transport will probably be by datagrams
duplicated and lost coins will happen continuously, and
will be automatically fixed by the protocol.
> The possibilities for accident are legion and cannot all be
> foreseen. "Shit happens".
That is what debugging and beta testing is for.
> A protocol that treats common
> accident the same as criminal fraud, when the stakes are
> so high, is pathological.
If you make good on the accident, no problem. It is only
a problem if the accident causes substantial money
transfer, which can be prevented by adequate protocols.
It is possible to construct the protocols so that any
"accident" resulting in substantial money transfer must
be old fashioned fraud or robbery. If someone breaks
into your computer, that is no more an argument against
offline digicash than if someone breaks into your safe.
If Joe million spends one of Janes coins he must interact
with a million separate vendors in a rather short time.
This will inevitably make waves. Offline digicash is
not so much anonymous as offering controlled nomity.
Again I point out that the existing grey capitalist
system involving foreign bank accounts in the names
of bermuda and Hong Kong companies, is quite adequately
anonymous even though checks are purely identity based
money.
Offline digital cash cannot be "real" digital cash, whatever
that is. It has to be identity based cash with controlled
limits on identification. It will resemble those Bermuda
check accounts with Visa debit cards more than it resembles
cash in your pocket.
--
---------------------------------------------------------------------
We have the right to defend ourselves and our
property, because of the kind of animals that we James A. Donald
are. True law derives from this right, not from
the arbitrary power of the omnipotent state. jamesd@netcom.com
Return to August 1994
Return to “jamesd@netcom.com (James A. Donald)”