From: rah@shipwright.com (Robert Hettinga)
Date: Wed, 6 Dec 95 07:41:53 PST
To: Nathaniel Borenstein <cypherpunks@toad.com
Subject: Re: Geodesic Payment Systems?  (was Re: Meeting notes from ANSI X.9 Meeting onElectronic Payment)
Message-ID: <v02120d30aceb5c57b23c@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain


Once again, Hettinga shoots from the hip, and hits an expert instead...
;-)

At 9:07 AM 12/5/95, Nathaniel Borenstein wrote:

>There are some interesting unspoken assumptions here.  To calculate
>anyone's "cost" on a transaction requires the complex amortization of
>costs over many transactions, with assumptions/projections about the
>transaction volume.  I have no idea where you came by either of your
>numbers, MTB's or FV's, but I can tell you that your guess about FV is
>off the mark.  And I'm sure that MTB is no more eager than we are to
>publicly dissect all the underlying cost structures, so I have no idea
>what the 50 cents that you cite really means.

The 50 cents actually comes from this week's InfoWorld, Bob Metcalfe's
column. I have know idea where he got the 50 cents, but he did say digital
cash, so i expect that he means MTB.

>To be perfectly clear:  our minimum service charge is 30 cents, not 5
>dollars.  If we didn't think it was worthwhile to take transactions that
>small, we wouldn't do so.

Fine. Are we including the cost of the credit card transaction to the
consumer? Fees, interest, that stuff? There are lots of hidden costs in a
book entry system. With a bearer-certificate system, the price is the
spread between the certificate's bid and asked prices for (a traveller's
check, for instance, is asked at a primium, and redeemed at face value, for
instance. That's all the cost of using them.)

>A true geodesic structure is self-supporting and self-structuring.  A
>cryptographic infrastructure can and should be similar, I agree
>completely.  However, a *monetary* infrastructure needs convertability,
>and the points of conversion are always the best targets of attack for
>criminals.  (I've been casting about for an analogy to physical
>geodesics, and it's hard to find one.  The best I can come up with is to
>imagine that in order to convert a carbon buckyball to a more
>conventional set of carbon molecules, you had to do it through a service
>bureau that was capable of error, fraud, or subversion by outside
>criminals.  This would ONLY matter if you ever wanted to do such
>conversions, but it would matter a lot then, especially if you had to
>suffer a serious financial loss if you got the wrong carbon molecules at
>the end of the process.)

Sometimes I feel like I'm beating this geodesic metaphor like a dead horse
sometimes... ;-).

>
>IF you wanted to settle for a totally non-convertible economy (like
>rubles in the old Soviet Union, or like the LETS system on the net
>today, as I understand it) then you could build it geodesically.

Really?

>  But if
>you want to be able to convert back and forth between Internet payment
>systems and non-Internet payment systems, it can never be truly
>geodesic.  It will always be attackable at the points of conversion.
>(You may "trade digital certificates", but how do you know the ones
>you're receiving were obtained for legitimate real-world value?)
>Because of this, the underwriting financial institutions, who have a
>very reasonable desire to limit their own risk, will inevitably seek the
>protection-by-traceability offered by something less than perfect
>anonymity.  We may not like it, but it's a very natural position to be
>taken by those who are actually bearing the financial risks at the point
>of conversion.

That may be true, Nathaniel, but just because the people who bring the
money off the net need to be identified to the digital cash underwriter's
(actually the underwriter's bank's) satisfaction, doesn't mean that the
trades on the net can't be totally anonymous. We've gone over this before.
Let's build a model to talk about this, and then you'll see what I mean.

Suppose I open an anonymous bank account with ATM card. Then, on the net, I
buy digital cash from a digital cash underwriter. The web-page reads my ATM
swipe and PIN, and then pumps it (without the underwriter being able to
read it) through to my bank, who says to the underwriter, "Yup, there's
money here, send it to him, and I'll wire it you (now/overnight/whatever)."
The digital cash underwriter then issues me my digital cash, and I put it
on my hard drive. I buy stuff on the net. I sell stuff on the net.
Sometimes I go online with the trade to check my buyers' cash, sometimes I
don't. Element of risk there, but this risk can be made accountable. It's
probably always going to be cheaper to do offline transactions, but there's
the possibility that when I cash in that money, it has been spent already.
Fair trade. It's probably quantifiable and thus can be dealt with. We won't
know till we have data.

Being an astute businessman (you can tell this is a model, right?), I end
up with positive cashflow. So, that money I don't invest with a portfolio
manager on the net by buying anonymous bearer certificates for his mutual
fund, ;-), I decide to take off of the net and buy Netscape puts, March
1996, $10.

So, I go to the underwriter's page (maybe I go to multiple underwriters'
pages, or maybe there's an enterprising third-party money changer who
honors all comers for a cut), and I cash out. I swipe my ATM and punch my
PIN, and my bank says to the underwriter "OK, I know that account, how much
are you sending me?", and the underwriter says how much, and how and when
the money would arrive (wire? Rollerblade messenger? bunch of militia types
in a purple Hummer?, anyway...). And there's money back off of the net.

In this model, there's no reason why I can't send an anonymous software
agent to buy stuff for me, why I can't buy anonymously or sell anonymously.

So, given that model, what's the problem?


Now, I've also been thinking about something else.

Wei Dai has been talking about how anonymity will always cost more, and
certainly, in the model above, there's a certain risk with doing off-line
transactions. You don't know if the cash in the transaction is
double-spent, like I said above, but that "special stuff" has to be done to
accomodate anonymity, which will always cost more.  I'll come back with a
whole blather on this next week when I get back from the CyberDog Kitchen
(I'm here, and Gromit says "hi"), but I think it comes from what the
default mechanism for commerce is going to be, threaded, audit-trailed
x.blabla or anarchic, geodesic, bearer-certificates. I bet you can guess
where I'm going to come down on this...

Cheers,
Bob Hettinga




-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<