1994-08-29 - Re: Cash, cheaters, and anonymity

Header Data

From: rah@shipwright.com (Robert Hettinga)
To: hfinney@shell.portal.com>
Message Hash: ce9d914a8312c049c5e28d598c8dab566bebf814ec80e53571774a23fc062108
Message ID: <199408290315.XAA27015@zork.tiac.net>
Reply To: N/A
UTC Datetime: 1994-08-29 03:16:44 UTC
Raw Date: Sun, 28 Aug 94 20:16:44 PDT

Raw message

From: rah@shipwright.com (Robert Hettinga)
Date: Sun, 28 Aug 94 20:16:44 PDT
To: hfinney@shell.portal.com>
Subject: Re: Cash, cheaters, and anonymity
Message-ID: <199408290315.XAA27015@zork.tiac.net>
MIME-Version: 1.0
Content-Type: text/plain

At 12:58 PM 8/28/94 -0800, Timothy C. May wrote:

>As I remember the observer protocol (Chaum's "Scientific American" article,
>August of 1992, as I recall), a trusted manufacturer is needed.
>Tamper-resistant modules, etc. This still allows spoofing. I know that
>off-line clearing, in which I get my money at some time after the
>transaction, is a whole lot less satisfying that receiving confirmation
>from my own agents/bankers that the money has already been transferred into
>my account.

So much for the observer protocol. Sigh.

Tim, I think that we can equivocate an enormous amount about the phrase
"some time" above. It is entirely possible to move whatever money you get
in a transaction off the net at little or no cost, especially if the
currency in question is front-end loaded, instead of back-end loaded,
immediately after the transaction happens. It may also be possible to
"test" an arbitrary piece of cash during an offline transaction by
depositing it before accepting any more.

However, the nice thing about using about an otherwise offline system in a
near-online scenario, like the one above, is that you aren't wedded to
using it all the time. If you can trust the cash you get, then your costs
should be lower. Setting up a system like it can happen faster with less
overhead for the issuers, also, so I expect that the first profitable
digital cash systems will probably offline ones.

How you feel about that satisfying "clink" sound, when you deposit that
cash immediately upon receipt in your favorite online system, I can't
really help you with...

>>One thing I think is clear is that off-line cash will not be issued to
>>anonymous recipients.  Imagine a magic quarter which would reappear in
>>your pocket after you put it into the coke machine.  How many people would
>>be willing to resist using it?  That's what you'll have with an off-line
>>coin issued to a pseudonym.
>We agree. Protocols I've seen make off-line cash problematic. "There is no
>digital coin." But on-line cash can be, and hence will be, issued to
>anonymous recipients. It's already done, with numbered Swiss bank accounts
>(at least in the past), and with the train lockers I mentioned. People put
>money in train lockers anonymously, then give the key to others, in
>exchange for goods and services (drugs, return of kidnap victims, etc.).

Light dawns on marblehead. The problem becomes allowing a nym to take his
money off the net. We run into the law here if the money is too much at one
time. Personally, I don't have any problems with preventing this, but I see
precisely how this is diametrically opposed to the manefesto of this list.

Can't we simply have a bank somewhere which accepts questionable, even
anonymous credentials? Don't we have those already? It seems to me that
Credit Suisse has every right to put up their own ATM gate on the net. The
ability to unmask a double spending nym shouldn't be any harder than
finding a nym who has created his own credentials in the first place, which
means waiting for him to repeat himself and screw up, you wait for someone
close to him to snitch, and you make sure he can't use the same nym again.

>Yes, [an on-line transaction system] requires an infrastructure. But for
>reasonable-sized transactions,
>the few cents for a current VISA transaction would be lost in the noise.
>Even if more computations are needed (as they will be, presumably), on-line
>transactions will be manageable for the larger transactions. Very small
>transactions (buying snacks and newspapers) can be handled off-line. This
>is already done, as when people buy "subway cards" that are
>semi-tamper-resistant (we all know they aren't, but most people don't try
>to diddle them). Ditto for phone cards, parking coupons, etc.

It's entirely possible that ontology may repeat phylogeny. Offline systems
like cash always presage more complicated systems. I'm just curious whether
if on offline system is implemented because it's easier, people will go
through the extra effort of messing with an offline system except when they
want to borrow something, like when they want to use a credit card.  It's
not entirely clear to me that on line systems are the "climax forest" of
the internet ecology. But as Hal and Tim have said in this thread, the
market will decide.

I think that an offline cash underwriting market is just about ready for
competitors to enter it.

Bob Hettinga

Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02331 USA                       snakes." -- Bertrand Russell
(617) 323-7923