\pdfminorversion=3 \documentclass[fleqn,xcolor={usenames,dvipsnames}]{beamer} \usepackage{amsmath} \usepackage{multimedia} \usepackage[utf8]{inputenc} \usepackage{framed,color,ragged2e} \usepackage[absolute,overlay]{textpos} \definecolor{shadecolor}{rgb}{0.8,0.8,0.8} \usetheme{boxes} \setbeamertemplate{navigation symbols}{} \usepackage{xcolor} \usepackage{tikz,eurosym} \usepackage[normalem]{ulem} \usepackage{listings} \usepackage{adjustbox} % CSS \lstdefinelanguage{CSS}{ basicstyle=\ttfamily\scriptsize, keywords={color,background-image:,margin,padding,font,weight,display,position,top,left,right,bottom,list,style,border,size,white,space,min,width, transition:, transform:, transition-property, transition-duration, transition-timing-function}, sensitive=true, morecomment=[l]{//}, morecomment=[s]{/*}{*/}, morestring=[b]', morestring=[b]", alsoletter={:}, alsodigit={-} } % JavaScript \lstdefinelanguage{JavaScript}{ basicstyle=\ttfamily\scriptsize, morekeywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break}, morecomment=[s]{/*}{*/}, morecomment=[l]//, morestring=[b]", morestring=[b]' } \lstdefinelanguage{HTML5}{ basicstyle=\ttfamily\scriptsize, language=html, sensitive=true, alsoletter={<>=-}, morecomment=[s]{}, tag=[s], otherkeywords={ % General >, % Standard tags , % body , % Paragraphs , % scripts , , , , , }, ndkeywords={ % General =, % HTML attributes charset=, src=, id=, width=, height=, style=, type=, rel=, href=, % SVG attributes fill=, attributeName=, begin=, dur=, from=, to=, poster=, controls=, x=, y=, repeatCount=, xlink:href=, % CSS properties margin:, padding:, background-image:, border:, top:, left:, position:, width:, height:, % CSS3 properties transform:, -moz-transform:, -webkit-transform:, animation:, -webkit-animation:, transition:, transition-duration:, transition-property:, transition-timing-function:, } } \lstdefinelanguage{JavaScript}{ basicstyle=\ttfamily\scriptsize, keywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break, for}, keywordstyle=\color{blue}\bfseries, ndkeywords={class, export, boolean, throw, implements, import, this}, ndkeywordstyle=\color{darkgray}\bfseries, identifierstyle=\color{black}, sensitive=false, comment=[l]{//}, morecomment=[s]{/*}{*/}, commentstyle=\color{purple}\ttfamily, stringstyle=\color{red}\ttfamily, morestring=[b]', morestring=[b]" } \usetikzlibrary{shapes,arrows} \usetikzlibrary{positioning} \usetikzlibrary{calc} \title{GNU Taler as a Retail CBDC} %\subtitle{} \setbeamertemplate{navigation symbols}{\includegraphics[width=1cm]{inria.pdf} \includegraphics[width=2.3cm]{bfh.png} \includegraphics[width=1.6cm]{fub.pdf} \includegraphics[width=0.4cm]{ashoka.png} \includegraphics[width=0.4cm]{gnu.png} \includegraphics[width=1cm]{logo-2020.jpg} \hfill} %\setbeamercovered{transparent=1} \author[C. Grothoff]{J. Burdges, F. Dold, {\bf C. Grothoff}, M. Stanisci} \date{\today} \institute{The GNU Project} \begin{document} \justifying \begin{frame} \begin{center} \LARGE {\bf GNU} \vfill % \includegraphics[width=0.66\textwidth]{logo-2017-fr.pdf} \includegraphics[width=0.66\textwidth]{logo-2020.jpg} as a Retail CBDC \vfill \end{center} \begin{textblock*}{6cm}(.5cm,7.7cm) % {block width} (coords) {\Large {\bf \href{https://taler.net/}{taler.net}} \\ \href{https://twitter.com/taler}{taler@twitter} \\ \href{https://taler-systems.com/}{taler-systems.com}} \end{textblock*} % Substitute based on who is giving the talk! \begin{textblock*}{6cm}(6.7cm,7.7cm) % {block width} (coords) {\hfill {\Large {\bf Florian Dold \&} \\ \hfill {\bf Christian Grothoff}} \\ \hfill \{dold,grothoff\}@taler.net } \end{textblock*} \end{frame} \section{Introduction} \begin{frame}{Main Points} \framesubtitle{https://taler.net/} Our CBDC: \begin{itemize} \item is token-based (no accounts), centrally issued (not DLT); as efficient and cost-effective as modern real-time gross settlement (RTGS) systems operated by central banks; \item is designed to provide an electronic equivalent to banknotes, therefore no material impact on monetary policy and/or financial stability expected; \item guarantees privacy for the payer, combined with KYC/AML/CFT compliance and income transparency to promote tax compliance; \item is implemented as Free/Libre and Open Source Software (FLOSS) to provide transparency, accountability, and security (part of the GNU project). \end{itemize} \end{frame} \begin{frame}{Payment Systems: Accounts vs. Tokens} Two types of payment systems: \begin{enumerate} \item {\bf account-based system}: transfer occurs by charging the payer’s account and crediting the payee’s account (e.g., bank deposits) \item {\bf token-based (value-based) system}: transfer occurs by transferring the value itself, or a token that represents the monetary asset (e.g., banknotes) \end{enumerate} Key Difference is the information carried by the information asset: \begin{itemize} \item account (assets): associated with a transaction history \item token (assets): carry information about value and entity that issued the token \end{itemize} Bitcoin, and Distributed Ledger Technologies (DLTs) in general, are account-based systems! Novelty is that the ledger is distributed (decentralized). \end{frame} \begin{frame}{Simplistic CBDC Designs} \begin{itemize} \item Account-based CBDC (e.g., Bindseil 2020, Berentsen and Schär 2018): \begin{itemize} \item simplest solution: central bank account for all \item responsibility to perform KYC and ensure AML/CFT (could be outsourced); \item potential for mass-surveillance (threat to CB independence); \item in direct competition with commercial banks \end{itemize} \item Token-based CBDC: \begin{itemize} \item requires a system to ensure that electronic tokens are not easily copied (hardware-based or software-based) $\rightarrow$ double-spending problem \item KYC and AML/CFT compliance? \end{itemize} \end{itemize} \end{frame} \section{What is Taler?} \begin{frame}{What is Taler?} \begin{center} Taler is an electronic instant payment system based on tokens. \end{center} \begin{itemize} \item Uses electronic coins stored in {\bf wallets} on customer's device \item Like {\bf cash} \item Pay in {\bf existing currencies} (i.e. CHF, EUR, USD) \end{itemize} \vfill \pause \noindent However, Taler is \begin{itemize} \item \emph{not} a currency \item \emph{not} a long-term store of value \item \emph{not} a network or instance of a system \item \emph{not} decentralized \item \emph{not} based on proof-of-work or proof-of-stake \item \emph{not} a speculative asset / ``get-rich-quick scheme'' \end{itemize} \end{frame} \begin{frame}{The Big Picture} \begin{center} \includegraphics[width=0.8\textwidth]{bp.png} \end{center} \end{frame} \begin{frame}{Design Principles} \framesubtitle{https://taler.net/en/principles.html} GNU Taler must ... \begin{enumerate} \item {... be implemented as {\bf free software}.} \item {... protect the {\bf privacy of buyers}.} \item {... must enable the state to {\bf tax income} and crack down on illegal business activities.} \item {... prevent payment fraud.} \item {... only {\bf disclose the minimal amount of information necessary}.} \item {... be usable.} \item {... be efficient.} \item {... avoid single points of failure.} \item {... foster {\bf competition}.} \end{enumerate} \end{frame} \begin{frame} \frametitle{Architecture of Taler} \begin{center} \includegraphics[width=1\textwidth]{operations.png} \end{center} \end{frame} \begin{frame}{Taler: Unique Regulatory Features for CBs} \framesubtitle{\url{https://www.snb.ch/en/mmr/papers/id/working_paper_2021_03}} \begin{itemize} \item Central bank issues digital coins equivalent to issuing cash \\ $\Rightarrow$ monetary policy remains under CB control \item Architecture with consumer accounts at commercial banks \\ $\Rightarrow$ no competition for commercial banking (S\&L) \\ $\Rightarrow$ CB does not have to manage KYC, customer support \item Withdrawal limits and denomination expiration \\ $\Rightarrow$ protects against bank runs and hoarding \item Income transparency and possibility to set fees \\ $\Rightarrow$ additional insights into economy and new policy options \item Revocation protocols and loss limitations \\ $\Rightarrow$ exit strategy and handles catastrophic security incidents \item Privacy by cryptographic design not organizational compliance \\ $\Rightarrow$ CB cannot be forced to facilitate mass-surveillance \end{itemize} \end{frame} \begin{frame} \frametitle{Taler Core Components} \begin{center} \begin{tikzpicture} \tikzstyle{def} = [node distance= 5em and 6.5em, inner sep=1em, outer sep=.3em]; \node (origin) at (0,0) {}; \node (exchange) [def,above=of origin,draw]{Exchange}; \node (customer) [def, draw, below left=of origin] {Customer}; \node (merchant) [def, draw, below right=of origin] {Merchant}; \node (auditor) [def, draw, above right=of origin]{Auditor}; % \node (regulator) [def, draw, above=of auditor]{CSSF}; \tikzstyle{C} = [color=black, line width=1pt] \draw [<-, C] (customer) -- (exchange) node [midway, above, sloped] (TextNode) {withdraw coins}; \draw [<-, C] (exchange) -- (merchant) node [midway, above, sloped] (TextNode) {deposit coins}; \draw [<-, C] (merchant) -- (customer) node [midway, above, sloped] (TextNode) {spend coins}; \draw [<-, C] (exchange) -- (auditor) node [midway, above, sloped] (TextNode) {verify}; % \draw [<-, C] (regulator) -- (auditor) node [midway, above, sloped] (TextNode) {report}; \end{tikzpicture} \end{center} \end{frame} \begin{frame}{The Taler Software Ecosystem} \framesubtitle{\url{https://taler.net/en/docs.html}} Taler is based on modular components that work together to provide a complete payment system: \vfill \begin{itemize} \item {\bf Exchange:} Service provider for digital cash \begin{itemize} \item Core exchange software (cryptography, database) \item Air-gapped key management, real-time {\bf auditing} \item LibEuFin: Modular integration with banking systems \end{itemize} \item {\bf Merchant:} Integration service for existing businesses \begin{itemize} \item Core merchant backend software (cryptography, database) \item Back-office interface for staff \item Frontend integration (E-commerce, Point-of-sale) \end{itemize} \item {\bf Wallet:} Consumer-controlled applications for e-cash \begin{itemize} \item Multi-platform wallet software (for browsers \& mobile phones) \item Wallet backup storage providers \item {\bf Anastasis}: Recovery of lost wallets based on secret splitting \end{itemize} \end{itemize} \end{frame} \begin{frame}{Usability of Taler} \vfill \begin{center} \url{https://demo.taler.net/} \end{center} \begin{enumerate} \item Install browser extension. \item Visit the {\tt bank.demo.taler.net} to withdraw coins. \item Visit the {\tt shop.demo.taler.net} to spend coins. \end{enumerate} \vfill \end{frame} \begin{frame}{Requirements: Online vs. Offline Digital Currencies} \framesubtitle{\url{https://taler.net/papers/euro-bearer-online-2021.pdf}} \begin{itemize} \item Offline capabilities are sometimes cited as a requirement for digital payment solutions \item All implementations must either use restrictive hardware elements and/or introduce counterparty risk. \item[$\Rightarrow$] Permanent offline features weaken a digital payment solution (privacy, security) \item[$\Rightarrow$] Introduces unwarranted competition for physical cash (endangers emergency-preparedness). \end{itemize} We recommend a tiered approach: \begin{enumerate} \item Online-first, bearer-based digital currency with Taler \item (Optional:) Limited offline mode for network outages \item Physical cash for emergencies (power outage, catastrophic cyber incidents) \end{enumerate} \end{frame} \begin{frame}{Scalability} The design scales linearly with computing resources: \begin{itemize} \item Front-end logic at the central bank only needs to perform a few signature operations, a single CPU core can typically do a few thousands per second. \item Front-end servers need to talk to a database to prevent double-spending. A single database server can handle tens of thousands of such operations per second. \item All operations are easily split across multiple database servers by simply assigning each database server a range of values. \item The frontends need to talk to the backends using an interconnect. The size of an individual transaction is typically about 1–10 kilobytes. Modern interconnects can support millions of such transactions per second. \item To securely store 1-10 kilobytes per transaction, using AWS pricing, the cost of the system (storage, bandwidth, computation) at scale would be 0.0001 USD per transaction. \end{itemize} \end{frame} \begin{frame}{Taler: Project Status} \framesubtitle{\url{https://docs.taler.net/}} \begin{itemize} \item Cryptographic protocols and core exchange component are stable \item Current focus: Merchant integration, settlement integration, wallet backup \item Pilot project at Bern University of Applied Sciences cafeteria \item Internal alpha deployment with a commercial bank in progress \end{itemize} \end{frame} \begin{frame}{Next Steps: Possible Projects and Collaborations} \vfill \begin{center} \includegraphics[width=1.0\textwidth]{taler-in-use.png} \end{center} \end{frame} \begin{frame}{Area I: System Integration and Partnerships} Pilots with banking organizations could: \begin{itemize} \item Study integration with the underlying RTGS layer: \begin{itemize} \item Develop standardized operational procedures \item Assess transaction performance at scale \item Perform cost analysis in banking environment \item Assess effort for integration with commercial banks \end{itemize} \item Analyze regulatory considerations for different legislations \item Perform independent security audits of Taler components \end{itemize} In general, a major task is faciltation of integration at retailers: \begin{itemize} \item Hardware and software support \item Integration into off-the-shelf E-commerce systems \end{itemize} \end{frame} \begin{frame}{Area II: Development/Research Extensions} % \framesubtitle{Background: \url{https://myoralvillage.org/}} We have ideas for protocol extensions and ``programmable money'': \begin{itemize} \item Mediated wallet-to-wallet payments (instead of customer-to-merchant) \item Privacy-preserving auctions (trading, currency exchange) \item Age-restricted private payments for children (youth protection) \end{itemize} Public funding could be used to improve: \begin{itemize} \item General digital wallet usability and availability \item Accessibility features for illiterate and innumerate users \item Protocol extensions for automated tax reporting \end{itemize} \end{frame} \begin{frame} \frametitle{Do you have any questions?} \vfill References: {\tiny \begin{enumerate} \item{David Chaum, Christian Grothoff and Thomas Moser. {\em How to issue a central bank digital currency}. {\bf SNB Working Papers, 2021}.} \item{Christian Grothoff, Bart Polot and Carlo von Loesch. {\em The Internet is broken: Idealistic Ideas for Building a GNU Network}. {\bf W3C/IAB Workshop on Strengthening the Internet Against Pervasive Monitoring (STRINT)}, 2014.} \item{Jeffrey Burdges, Florian Dold, Christian Grothoff and Marcello Stanisci. {\em Enabling Secure Web Payments with GNU Taler}. {\bf SPACE 2016}.} \item{Florian Dold, Sree Harsha Totakura, Benedikt M\"uller, Jeffrey Burdges and Christian Grothoff. {\em Taler: Taxable Anonymous Libre Electronic Reserves}. Available upon request. 2016.} \item{Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer and Madars Virza. {\em Zerocash: Decentralized Anonymous Payments from Bitcoin}. {\bf IEEE Symposium on Security \& Privacy, 2016}.} \item{David Chaum, Amos Fiat and Moni Naor. {\em Untraceable electronic cash}. {\bf Proceedings on Advances in Cryptology, 1990}.} \item{Phillip Rogaway. {\em The Moral Character of Cryptographic Work}. {\bf Asiacrypt}, 2015.} \label{bib:rogaway} \end{enumerate} } \end{frame} \end{document}