commit 0795c971fe16006cf4be77be515a5d34d681c1ca
parent d4bd16ad4ae346b8d3c3c8ccc6eedabb25b6d5d9
Author: Christian Grothoff <grothoff@gnunet.org>
Date: Tue, 14 Mar 2023 21:07:46 +0100
slides
Diffstat:
1 file changed, 1819 insertions(+), 0 deletions(-)
diff --git a/presentations/comprehensive/boj.tex b/presentations/comprehensive/boj.tex
@@ -0,0 +1,1819 @@
+\pdfminorversion=3
+\documentclass[fleqn,xcolor={usenames,dvipsnames},handout
+]{beamer}
+\usepackage{amsmath}
+\usepackage{multimedia}
+\usepackage[utf8]{inputenc}
+\usepackage{framed,color,ragged2e}
+\usepackage[absolute,overlay]{textpos}
+\definecolor{shadecolor}{rgb}{0.8,0.8,0.8}
+\usetheme{boxes}
+\setbeamertemplate{navigation symbols}{}
+\usepackage{xcolor}
+\usepackage[normalem]{ulem}
+\usepackage{listings}
+\usepackage{adjustbox}
+\usepackage{array}
+\usepackage{bbding}
+\usepackage{relsize}
+\usepackage{graphicx}
+\usepackage{tikz,eurosym,calc}
+\usetikzlibrary{tikzmark}
+\usetikzlibrary{shapes,arrows,arrows.meta}
+\usetikzlibrary{positioning,fit,patterns}
+\usetikzlibrary{calc}
+
+% CSS
+\lstdefinelanguage{CSS}{
+ basicstyle=\ttfamily\scriptsize,
+ keywords={color,background-image:,margin,padding,font,weight,display,position,top,left,right,bottom,list,style,border,size,white,space,min,width, transition:, transform:, transition-property, transition-duration, transition-timing-function},
+ sensitive=true,
+ morecomment=[l]{//},
+ morecomment=[s]{/*}{*/},
+ morestring=[b]',
+ morestring=[b]",
+ alsoletter={:},
+ alsodigit={-}
+}
+
+% JavaScript
+\lstdefinelanguage{JavaScript}{
+ basicstyle=\ttfamily\scriptsize,
+ morekeywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break},
+ morecomment=[s]{/*}{*/},
+ morecomment=[l]//,
+ morestring=[b]",
+ morestring=[b]'
+}
+
+\lstdefinelanguage{HTML5}{
+ basicstyle=\ttfamily\scriptsize,
+ language=html,
+ sensitive=true,
+ alsoletter={<>=-},
+ morecomment=[s]{<!-}{-->},
+ tag=[s],
+ otherkeywords={
+ % General
+ >,
+ % Standard tags
+ <!DOCTYPE,
+ </html, <html, <head, <title, </title, <style, </style, <link, </head, <meta, />,
+ % body
+ </body, <body,
+ % Divs
+ </div, <div, </div>,
+ % Paragraphs
+ </p, <p, </p>,
+ % scripts
+ </script, <script,
+ % More tags...
+ <canvas, /canvas>, <svg, <rect, <animateTransform, </rect>, </svg>, <video, <source, <iframe, </iframe>, </video>, <image, </image>
+ },
+ ndkeywords={
+ % General
+ =,
+ % HTML attributes
+ charset=, src=, id=, width=, height=, style=, type=, rel=, href=,
+ % SVG attributes
+ fill=, attributeName=, begin=, dur=, from=, to=, poster=, controls=, x=, y=, repeatCount=, xlink:href=,
+ % CSS properties
+ margin:, padding:, background-image:, border:, top:, left:, position:, width:, height:,
+ % CSS3 properties
+ transform:, -moz-transform:, -webkit-transform:,
+ animation:, -webkit-animation:,
+ transition:, transition-duration:, transition-property:, transition-timing-function:,
+ }
+}
+
+\lstdefinelanguage{JavaScript}{
+ basicstyle=\ttfamily\scriptsize,
+ keywords={typeof, new, true, false, catch, function, return, null, catch, switch, var, if, in, while, do, else, case, break, for},
+ keywordstyle=\color{blue}\bfseries,
+ ndkeywords={class, export, boolean, throw, implements, import, this},
+ ndkeywordstyle=\color{darkgray}\bfseries,
+ identifierstyle=\color{black},
+ sensitive=false,
+ comment=[l]{//},
+ morecomment=[s]{/*}{*/},
+ commentstyle=\color{purple}\ttfamily,
+ stringstyle=\color{red}\ttfamily,
+ morestring=[b]',
+ morestring=[b]"
+}
+
+\def\checkmark{\tikz\fill[scale=0.4](0,.35) -- (.25,0) -- (1,.7) -- (.25,.15) -- cycle;}
+
+
+\setbeamersize{description width=1em}
+
+\definecolor{blue}{rgb}{0,0,0.7}
+\newcommand{\orange}[1]{{\color{orange}#1}}
+\newcommand{\blue}[1]{{\color{blue}#1}}
+\newcommand{\red}[1]{{\color{red}#1}}
+\newcommand{\Guardian}{\mathcal{G}}
+\newcommand{\Child}{\mathcal{C}}
+\newcommand{\Customer}{\mathcal{C}}
+\newcommand{\Merchant}{\mathcal{M}}
+\newcommand{\Exchange}{\mathcal{E}}
+
+\newcommand{\Commit}{\mathsf{Commit}}
+\newcommand{\Attest}{\mathsf{Attest}}
+\newcommand{\Verify}{\mathsf{Verify}}
+\newcommand{\Derive}{\mathsf{Derive}}
+\newcommand{\DeriveCompare}{\mathsf{DeriveCompare_\kappa}}
+\newcommand{\Compare}{\mathsf{Compare}}
+\newcommand{\AgeVer}{\mathsf{AgeVer}}
+
+\newcommand{\HashF}{\mathsf{H}}
+\newcommand{\Hash}{\mathsf{H}}
+\newcommand{\Block}{\mathbb{B}}
+\newcommand{\Pub}{\mathsf{Pub}}
+\newcommand{\Sign}{\mathsf{Sig}}
+\newcommand{\Ver}{\mathsf{Ver}}
+\newcommand{\Encoding}{\mathsf{Encoding}}
+\newcommand{\ECDSA}{\mathsf{ECDSA}}
+\newcommand{\Null}{\mathcal{O}}
+\newcommand{\EC}{\mathrm{ec}}
+\newcommand{\Curve}{\mathsf{Curve25519}}
+\newcommand{\SHA}{\mathsf{SHA256}}
+\newcommand{\SHAF}{\mathsf{SHA252}}
+\newcommand{\FDH}{\mathsf{FDH}}
+
+\newcommand{\negl}{\epsilon}
+
+\newcommand{\rand}{\mathsf{rand}}
+\newcommand{\age}{\mathsf{a}}
+\newcommand{\Age}{\mathsf{M}}
+\newcommand{\bage}{\mathsf{b}}
+\newcommand{\minage}{\mathsf{m}}
+\newcommand{\attest}{\mathsf{T}}
+\newcommand{\commitment}{\mathsf{Q}}
+\newcommand{\pruf}{\mathsf{P}}
+\newcommand{\Vcommitment}{\vec{\mathsf{Q}}}
+\newcommand{\Vpruf}{\vec{\mathsf{P}}}
+\newcommand{\blinding}{\beta}
+
+\newcommand{\ZN}{\mathbb{Z}_N}
+\newcommand{\Z}{\mathbb{Z}}
+\newcommand{\N}{\mathbb{N}}
+\newcommand{\A}{\mathbb{A}}
+\newcommand{\E}{\mathbb{E}}
+\newcommand{\F}{\mathbb{F}}
+\newcommand{\seck}{\mathsf{s}}
+\newcommand{\pubk}{\mathsf{P}}
+\renewcommand{\H}{\mathbb{H}}
+\newcommand{\K}{\mathbb{K}}
+\newcommand{\Proofs}{\mathbb{P}}
+\newcommand{\Commitments}{\mathbb{O}}
+\newcommand{\Attests}{\mathbb{T}}
+\newcommand{\Blindings}{\mathbb{B}}
+\newcommand{\Nil}{\perp}
+
+\newcommand{\p}{\mathsf{p}}
+\newcommand{\com}{\mathsf{com}}
+\newcommand{\prf}{\mathsf{prf}}
+
+\newcommand{\Adv}{\mathcal{A}}
+\newcommand{\PPT}{\mathfrak{A}}
+\newcommand{\Probability}{\mathrm{Pr}}
+\newcommand{\Algorithm}{f}
+\renewcommand{\Game}[1]{G_\Adv^\mathsf{#1}}
+
+\DeclareMathOperator{\Image}{Im}
+\DeclareMathOperator{\Mod}{mod}
+
+\newcommand{\Encode}[1]{\overbracket[0.5pt][2pt]{\,#1\,}}
+\newcommand{\Decode}[1]{\underbracket[0.5pt][3pt]{\,#1\,}}
+\newcommand{\FDHg}[1]{[#1]_g\,}
+\newcommand{\logg}{{\breve{g}}}
+
+
+\newcommand{\drawfrom}{\xleftarrow{\$}}
+\newcommand\Exists{%
+ \mathop{\lower0.75ex\hbox{\ensuremath{%
+ \mathlarger{\mathlarger{\mathlarger{\mathlarger{\exists}}}}}}}%
+ \limits}
+
+\newcommand\Forall{%
+ \mathop{\lower0.75ex\hbox{\ensuremath{%
+ \mathlarger{\mathlarger{\mathlarger{\mathlarger{\forall}}}}}}}%
+ \limits}
+
+
+\title{GNU Taler}
+%\subtitle{}
+
+\setbeamertemplate{navigation symbols}{\includegraphics[width=1cm]{inria.pdf} \includegraphics[width=2.3cm]{bfh.png} \includegraphics[width=1.6cm]{fub.pdf} \includegraphics[width=0.4cm]{ashoka.png} \includegraphics[width=0.4cm]{gnu.png} \includegraphics[width=1cm]{taler-logo-2021-inkscape.pdf} \hfill}
+%\setbeamercovered{transparent=1}
+
+\author[C. Grothoff]{J. Burdges, {\bf F. Dold, C. Grothoff, M. Stanisci}}
+\date{\today}
+\institute{Taler Systems SA \& The GNU Project}
+
+
+\begin{document}
+
+\justifying
+
+\begin{frame}
+ \begin{center}
+ \LARGE {\bf GNU} \\
+ \vspace{0.3cm}
+% \includegraphics[width=0.66\textwidth]{logo-2017-fr.pdf}
+ \includegraphics[width=0.66\textwidth]{taler-logo-2021-inkscape.pdf}
+ \vfill
+ \end{center}
+\begin{textblock*}{6cm}(.5cm,7.7cm) % {block width} (coords)
+ {\Large {\bf \href{https://taler.net/}{taler.net}} \\
+ \href{https://twitter.com/taler}{taler@twitter} \\
+ \href{https://taler-systems.com/}{taler-systems.com}}
+\end{textblock*}
+
+% Substitute based on who is giving the talk!
+ \begin{textblock*}{8cm}(4.7cm,6.7cm) % {block width} (coords)
+ {\hfill {{\bf Dr. Emmanuel Benoist} \\
+ \hfill {\bf Dr. Florian Dold} \\
+ \hfill {\bf Dr. Andreas Habegger} \\
+ \hfill {\bf Dr. Christian Grothoff} \\ }
+ \hfill \{benoist,dold,habegger,grothoff\}@taler.net }
+\end{textblock*}
+
+\end{frame}
+
+\begin{frame}{GNU Taler}
+ \vfill
+ \begin{center}
+ {\huge {\bf Digital} cash, made \textbf{socially responsible}.}
+ \end{center}
+ \vfill
+ \begin{center}
+ \includegraphics[scale=0.3]{taler-logo-2021-inkscape.pdf}
+ \end{center}
+ \vfill
+ \begin{center}
+ Privacy-Preserving, Practical, Taxable, Free Software, Efficient
+ \end{center}
+ \vfill
+ \vfill
+\ %
+\end{frame}
+
+
+\begin{frame}{Agenda}
+\tableofcontents
+\end{frame}
+
+
+\section{Introduction}
+
+\begin{frame}
+ \vfill
+ \begin{center}
+ {\bf Part I: Introduction}
+ \end{center}
+ \vfill
+\end{frame}
+
+
+\section{What is Taler?}
+\begin{frame}{What is Taler?}
+ \framesubtitle{\url{https://taler.net/en/features.html}} \noindent
+Taler is
+ \vfill
+ \begin{itemize}
+ \item a Free/Libre software \emph{payment system} infrastructure project
+ \item ... with a surrounding software ecosystem
+ \item ... and a company (Taler Systems S.A.) and community that wants to deploy it
+ as widely as possible.
+ \end{itemize}
+ \vfill
+\noindent
+ However, Taler is
+ \begin{itemize}
+ \item \emph{not} a currency
+ \item \emph{not} a long-term store of value
+ \item \emph{not} a network or instance of a system
+ \item \emph{not} decentralized
+% \item \emph{not} based on proof-of-work or proof-of-stake
+ \item combinable with a DLT back-end if requested
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Design principles}
+ \framesubtitle{https://taler.net/en/principles.html}
+GNU Taler must ...
+\begin{enumerate}
+ \item {... be implemented as {\bf free software} (but {\em available} under a commercial license).}
+ \item {... protect the {\bf privacy of buyers}.}
+ \item {... must enable the state to {\bf tax income} and crack down on
+ illegal business activities.}
+ \item {... prevent payment fraud.}
+ \item {... only {\bf disclose the minimal amount of information
+ necessary}.}
+ \item {... be usable.}
+ \item {... be efficient.}
+ \item {... avoid single points of failure.}
+ \item {... foster {\bf competition} in associated services.}
+\end{enumerate}
+\end{frame}
+
+
+\begin{frame}
+\frametitle{Taler Overview}
+\begin{center}
+\begin{tikzpicture}
+ \tikzstyle{def} = [node distance= 5em and 6.5em, inner sep=1em, outer sep=.3em];
+ \node (origin) at (0,0) {};
+ \node (exchange) [def,above=of origin,draw]{Exchange};
+ \node (customer) [def, draw, below left=of origin] {Customer};
+ \node (merchant) [def, draw, below right=of origin] {Merchant};
+ \node (auditor) [def, draw, above right=of origin]{Auditor};
+% \node (regulator) [def, draw, above=of auditor]{CSSF};
+
+ \tikzstyle{C} = [color=black, line width=1pt]
+
+ \draw [<-, C] (customer) -- (exchange) node [midway, above, sloped] (TextNode) {withdraw coins};
+ \draw [<-, C] (exchange) -- (merchant) node [midway, above, sloped] (TextNode) {deposit coins};
+ \draw [<-, C] (merchant) -- (customer) node [midway, above, sloped] (TextNode) {spend coins};
+ \draw [<-, C] (exchange) -- (auditor) node [midway, above, sloped] (TextNode) {verify};
+% \draw [<-, C] (regulator) -- (auditor) node [midway, above, sloped] (TextNode) {report};
+
+\end{tikzpicture}
+\end{center}
+\end{frame}
+
+
+\begin{frame}{Architecture of Taler}
+\begin{center}
+ \includegraphics[width=1\textwidth]{operations.png}
+\end{center}
+\end{frame}
+
+
+\begin{frame}{Consumer Impact of Taler}
+\begin{itemize}
+\item {\bf Convenient:} pay with one click instantly --– in Euro,
+Dollar, Yen or Bitcoin
+\item {\bf Friction-free security:} Payments do not require sign-up,
+login or multi-factor authentication
+\item {\bf Privacy-preserving:} payment requires/shares no personal information
+\item {\bf Bank account:} not required
+\end{itemize}
+\end{frame}
+
+
+\begin{frame}{Merchant Impact of Taler}
+\begin{itemize}
+\item {\bf Instant clearance:} one-click transactions and instant clearance at par
+\item {\bf Easy \& compliant:} GDPR \& PCI-DSS compliance-free and without any effort
+\item {\bf Major profit increase:} efficient protocol $+$ no fraud $=$ extremely low costs
+\item {\bf 1-click checkout:} without Amazon and without false
+positives in fraud detection
+\end{itemize}
+\end{frame}
+
+
+\begin{frame}{Taler: Unique Regulatory Features for Central Banks}
+ \framesubtitle{\url{https://www.snb.ch/en/mmr/papers/id/working_paper_2021_03}}
+ \begin{itemize}
+ \item Central bank issues digital coins equivalent to issuing cash \\
+ $\Rightarrow$ monetary policy remains under CB control
+ \item Architecture with consumer accounts at commercial banks \\
+ $\Rightarrow$ no competition for commercial banking (S\&L) \\
+ $\Rightarrow$ CB does not have to manage KYC, customer support
+ \item Withdrawal limits and denomination expiration \\
+ $\Rightarrow$ protects against bank runs and hoarding
+ \item Income transparency and possibility to set fees \\
+ $\Rightarrow$ additional insights into economy and new policy options
+ \item Revocation protocols and loss limitations \\
+ $\Rightarrow$ exit strategy and handles catastrophic security incidents
+ \item Privacy by cryptographic design not organizational compliance \\
+ $\Rightarrow$ CB cannot be forced to facilitate mass-surveillance
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Active collaborations}
+{\tiny
+ \begin{description}
+ \item {\bf Berner Fachhochschule:} \\ Snack machine \& blockchain integration \& scalability
+ \item {\bf Technische Universit\"at Eindhoven:} \\ Post-quantum cryptography
+ \item {\bf Freie Universit\"at Berlin:} \\ Programmability \& embedded systems
+ \item {\bf The GNU Project}: \\ Integration into FLOSS software
+ \item {\bf Code Blau GmbH}: \\ Independent auditor development
+ \item {\bf Fraunhofer Gesellschaft}: \\ Identity management \& SSI \& wallet-to-wallet communication
+ \item {\bf Fiscaltrust GmbH}: \\ Point-of-sale integration ({\bf
+new})
+ \item {\bf Bank of International Settlements}: \\ Participation in Point Zero Forum 2023 ({\bf new})
+ \item {\bf Oesterreichische Nationalbank AG}: \\ Joint presentation
+proposal for Re:publica 2023 ({\bf new})
+ \end{description}
+ }
+\end{frame}
+
+
+\begin{frame}{Launch Timeline}
+ \begin{description}
+ \item[2022] Internal deployment at BFH
+ \item[Q1'2023] Deployment using Bitcoin at BFH (running, but not yet announced)
+ \item[Q2-3'2023] Deployment of local currency Netzbon in Basel
+ \item[Q3'2023] Public deployment of eCHF stablecoin in Switzerland, cleared by FINMA
+ \item[2024] German bank executes ``new product process'' for launch in Eurozone
+ \end{description}
+\end{frame}
+
+
+\begin{frame}{Usability of Taler}
+ \vfill
+ \begin{center}
+ \url{https://demo.taler.net/}
+ \end{center}
+ \begin{enumerate}
+ \item Install browser extension.
+ \item Visit the {\tt bank.demo.taler.net} to withdraw coins.
+ \item Visit the {\tt shop.demo.taler.net} to spend coins.
+ \end{enumerate}
+ \vfill
+\end{frame}
+
+
+\section{Component Zoo}
+
+\begin{frame}
+ \vfill
+ \begin{center}
+ {\bf Part II: Component Zoo}
+ \end{center}
+ \vfill
+\end{frame}
+
+
+\begin{frame}{The Taler Software Ecosystem: Overview}
+ \framesubtitle{\url{https://taler.net/en/docs.html}}
+ Taler is based on modular components that work together to provide a
+ complete payment system:
+ \vfill
+ \begin{itemize}
+ \item {\bf Exchange:} Service provider for digital cash
+ \begin{itemize}
+ \item Core exchange software (cryptography, database)
+ \item Air-gapped key management, real-time {\bf auditing}
+ \item {\bf LibEuFin}: Modular integration with banking systems
+ \end{itemize}
+ \item {\bf Merchant:} Integration service for existing businesses
+ \begin{itemize}
+ \item Core merchant backend software (cryptography, database)
+ \item {\bf Back-office interface} for staff
+ \item {\bf Frontend integration} (E-commerce, Point-of-sale)
+ \end{itemize}
+ \item {\bf Wallet:} Consumer-controlled applications for e-cash
+ \begin{itemize}
+ \item Multi-platform wallet software (for browsers \& mobile phones)
+ \item Wallet backup storage providers ({\bf sync})
+ \item {\bf Anastasis}: Recovery of lost wallets based on secret splitting
+ \end{itemize}
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Taler Exchange}
+ The {\bf Exchange} is the core logic of the payment system.
+
+ \begin{itemize}
+ \item One exchange at minimum must be operated per currency
+ \item Offers a REST API for merchants and customers
+ \item Uses several helper processes for configuration and to
+ interact with RTGS and cryptography
+ \item KYC support via OAuth 2.0, KycAID or Persona APIs
+ \item Implemented in C on top of GNU libmicrohttpd
+ \end{itemize}
+ Scalability: 28'500 transactions/second measured % in BS-thesis
+ in 2022 using two servers on Grid5000. Likely several times
+ higher today (but we did not re-measure recently).
+\end{frame}
+
+
+\begin{frame}{Taler Merchant}
+ The {\bf Merchant} is the software run by merchants to accept\\
+ GNU Taler payments.
+
+ \begin{minipage}{6cm}
+ \begin{itemize}
+ \item REST API for integration with e-commerce
+ \item SPA provides Web interface for administration
+ \item Features include:
+ \begin{itemize}
+ \item Multi-tenant support
+ \item Refunds
+ \item Tipping (Website pays visitor)
+ \item Webhooks
+ \item Inventory management (optional)
+ \end{itemize}
+ \item Implemented in C on top of GNU libmicrohttpd
+ \end{itemize}
+ \end{minipage}
+ \begin{minipage}{5cm}
+ \includegraphics[width=5cm]{screenshots/merchant-spa-settings}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Taler Wallet}
+ The {\bf Wallet} is the software run by consumers to store
+ their digital cash and authorize transactions.
+
+ \begin{minipage}{8cm}
+ \begin{itemize}
+ \item {\bf wallet-core} is the logic shared by all interfaces
+ \item Applications exist for Android, F-Droid,
+ WebExtension (Chrome, Chromium, Firefox, etc.), iOS ({\bf WiP})
+ \item Features include:
+ \begin{itemize}
+ \item Multi-currency support
+ \item Wallet-to-wallet payments (NFC or QR code)
+ \item CRDT-like data model
+ \end{itemize}
+ \item {\bf wallet-core} implemented in TypeScript
+ \end{itemize}
+ Can be integrated into other Apps if desired.
+ \end{minipage}
+ \begin{minipage}{3cm}
+ \includegraphics[width=3cm]{screenshots/Screenshot_20230225-103520.png}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Taler Auditor}
+ The {\bf Auditor} is the software run by an independent auditor
+ to validate the operation of an Exchange.
+
+ \begin{itemize}
+ \item REST API for additional report inputs by merchants (optional)
+ \item Secure database replication logic
+ \item Implemented in C on top of GNU libmicrohttpd
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Pretix Taler payment plugin}
+\begin{center}
+\includegraphics[width=0.5\textwidth]{screenshots/pretix.png}
+\end{center}
+
+ Pretix is a ticket sales system.
+
+ \begin{itemize}
+ \item Pretix payment plugin enables payments via GNU Taler
+ \item Developed by Pretix.eu for \EUR{3,000} on behalf of Taler Systems SA
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{WooCommerce Taler payment plugin}
+\begin{minipage}{6cm}
+ \begin{itemize}
+ \item WooCommerce is an e-commerce plugin for WordPress.
+ \item WooCommerce payment plugin enables payments via GNU Taler
+ \item Features include:
+ \begin{itemize}
+ \item Trivial configuration
+ \item Support for refunds
+ \item Full internationalization
+ \end{itemize}
+ \item WooCommerce and its plugins are implemented in PHP
+ \end{itemize}
+\end{minipage}
+\begin{minipage}{5cm}
+ \includegraphics[width=4cm]{screenshots/woocommerce-cart.png}
+ \includegraphics[width=4cm]{screenshots/woocommerce-settings.png}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Point-of-Sale App for Android}
+
+\begin{minipage}{7cm}
+ \begin{itemize}
+ \item Allows merchant to generate orders against Taler backend
+ and display QR code to enable customer to pay in person
+ \item Patterned after ViewTouch restaurant UI
+ \item Features include:
+ \begin{itemize}
+ \item Internet-based configuration
+ \item Products sorted by categories
+ \item Easy undo of every operation
+ \item Manages multiple concurrent orders
+ \end{itemize}
+ \item The Point-of-Sale App is implemented in Kotlin
+ \end{itemize}
+\end{minipage}
+\begin{minipage}{4cm}
+ \includegraphics[width=4cm]{screenshots/Screenshot_20230224-194112.jpg}
+ \includegraphics[width=4cm]{screenshots/Screenshot_20230224-194119.jpg}
+ \includegraphics[width=4cm]{screenshots/Screenshot_20230224-195348.jpg}
+\end{minipage}
+\end{frame}
+
+
+\begin{frame}{LibEuFin}
+ LibEuFin is a standalone project that provides adapters to bank account
+ access APIs.
+
+ \begin{itemize}
+ \item LibEuFin provides both a generic access layer and an
+ implementation of the Wire Gateway for the exchange
+ \item Supports EBICS 2.5
+ \item other APIs such as FinTS or PSD2-style XS2A APIs can be added
+ without requiring changes to the Exchange
+ \item tested with German bank GLS business account and real Euros
+ \end{itemize}
+ \vfill
+ \begin{itemize}
+ \item \texttt{libeufin-nexus} is the main service
+ \item Almost all configuration (except DB credentials)
+ is stored in the database and managed via a RESTful HTTP API
+ \item \texttt{libeufin-sandbox} implements a toy EBICS host for protocol
+ testing
+ \item \texttt{libeufin-cli} is client for the HTTP API (only implements a subset
+ of available functionality)
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Cashier App for Android}
+\begin{minipage}{4cm}
+ \begin{itemize}
+ \item Enables BFH staff to convert cash to e-cash
+ \item Staff has special bank accounts with limited funds
+ \item Students can pay staff in cash to receive e-cash
+ \item The Cashier App is implemented in Kotlin
+ \end{itemize}
+ \end{minipage}
+ \begin{minipage}{3cm}
+ \includegraphics[width=3cm]{screenshots/Screenshot_20230225-103315.png}
+ \end{minipage}
+ \begin{minipage}{3cm}
+ \includegraphics[width=3cm]{screenshots/Screenshot_20230225-103325.png}
+ \end{minipage}
+\end{frame}
+
+
+\begin{frame}{Depolymerization}
+ Depolymerization is a bridge between GNU Taler and blockchains,
+ making Taler a layer 2 system for crypto-currencies (like Lightning).
+
+ \begin{itemize}
+ \item Currently implemented for Bitcoin and Ethereum
+ crypto-currencies, with the DLTs as the ``RTGS''
+ \item Provides same API to Exchange as LibEuFin
+% \item Transaction rate and speed limited by the underlying blockchain
+ \item Implemented in Rust
+ \end{itemize}
+ \begin{center}
+ \url{https://bitcoin.ice.bfh.ch/}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{TalDir (WiP)}
+ TalDir is an extension to the existing
+ peer-to-peer payment functionality.
+
+ \begin{itemize}
+ \item Registry to associate wallets with network addresses
+ \item Extensible to different types of network services:
+ \begin{itemize}
+ \item E-mail
+ \item SMS
+ \item Twitter
+ \item ...
+ \end{itemize}
+ \item Send payments or invoices to wallets associated with network address
+ \item Will {\bf not} require sending wallet to use same network service
+ \end{itemize}
+\end{frame}
+
+
+\section{Basic Cryptography}
+
+\begin{frame}
+ \vfill
+ \begin{center}
+ {\bf Part III: Basic Cryptography}
+ \end{center}
+ \vfill
+\end{frame}
+
+
+
+
+\begin{frame}{How does it work?}
+We use a few well established and tested constructions:
+ \begin{itemize}
+ \item Cryptographic hash function (1989)
+ \item Blind signature (1983)
+ \item Schnorr signature (1989)
+ \item Diffie-Hellman key exchange (1976)
+ \item Cut-and-choose zero-knowledge proof (1985)
+ \end{itemize}
+But of course we use modern instantiations.
+\end{frame}
+
+
+\begin{frame}{Withdrawing coins on the Web}
+ \begin{center}
+ \includegraphics[height=0.9\textheight]{figs/taler-withdraw.pdf}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Payment processing with Taler}
+ \begin{center}
+ \includegraphics[height=0.9\textheight]{figs/taler-pay.pdf}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Giving change}
+ It would be inefficient to pay EUR 100 with 1 cent coins!
+ \begin{itemize}
+ \item Denomination key represents value of a coin.
+ \item Exchange may offer various denominations for coins.
+ \item Wallet may not have exact change!
+ \item Usability requires ability to pay given sufficient total funds.
+ \end{itemize}\pause
+ Key goals:
+ \begin{itemize}
+ \item maintain unlinkability
+ \item maintain taxability of transactions
+ \end{itemize}\pause
+ Method:
+ \begin{itemize}
+ \item Contract can specify to only pay {\em partial value} of a coin.
+ \item Exchange allows wallet to obtain {\em unlinkable change}
+ for remaining coin value.
+ \end{itemize}
+\end{frame}
+
+
+\section{Illustration of Programmable Money: Age Restrictions}
+
+\begin{frame}
+ \vfill
+ \begin{center}
+ \vfill
+ {\bf Part IV:}
+ \vfill
+ {\bf Illustration of Programmable Money}
+ \vfill
+ {\bf Zero-knowledge Age Restrictions}
+ \vfill
+ \end{center}
+ \vfill
+\end{frame}
+
+
+\begin{frame}{Age restriction in e-commerce}
+
+ \begin{description}
+ \item[Problem:]~\\[1em]
+ Verification of minimum age requirements in e-commerce.\\[2em]
+
+ \item[Common solutions:]
+
+\begin{tabular}{l<{\onslide<2->}c<{\onslide<3->}cr<{\onslide}}
+ & \blue{Privacy} & \tikzmark{topau} \blue{Ext. authority}& \\[\medskipamount]
+ 1. ID Verification & bad & required & \\[\medskipamount]
+ 2. Restricted Accounts & bad & required & \\[\medskipamount]
+ 3. Attribute-based & good & required &\tikzmark{bottomau} \\[\medskipamount]
+\end{tabular}
+ \end{description}
+
+\uncover<4->{
+ \begin{tikzpicture}[overlay,remember picture]
+ \draw[orange,thick,rounded corners]
+ ($(pic cs:topau) +(0,0.5)$) rectangle ($(pic cs:bottomau) -(0.3, 0.2)$);
+ \end{tikzpicture}
+ \begin{center}
+ \bf Principle of subsidiarity is violated
+ \end{center}
+}
+\end{frame}
+
+
+\begin{frame}{Age restriction design for GNU Taler}
+Design and implementation of an age restriction scheme\\
+with the following goals:
+
+\begin{enumerate}
+\item It ties age restriction to the \textbf{ability to pay} (not to ID's)
+\item maintains \textbf{anonymity of buyers}
+\item maintains \textbf{unlinkability of transactions}
+\item aligns with \textbf{principle of subsidiarity}
+\item is \textbf{practical and efficient}
+\end{enumerate}
+
+\end{frame}
+
+
+\begin{frame}{Age restriction}
+ \framesubtitle{Assumptions and scenario}
+
+ \begin{columns}
+ \column{7.5cm}
+ \begin{itemize}
+ \item<1-> Assumption: Checking accounts are under control of eligible adults/guardians.
+ \item<2-> \textit{Guardians} \textbf{commit} to an maximum age
+ \item<3-> \textit{Minors} \textbf{attest} their adequate age
+ \item<4-> \textit{Merchants} \textbf{verify} the attestations
+ \item<5-> Minors \textbf{derive} age commitments from existing ones
+ \item<6-> \textit{Exchanges} \textbf{compare} the derived age commitments
+ \end{itemize}
+ \column{5cm}
+ \uncover<7->
+ {
+ \begin{center}
+ \fontsize{7pt}{7pt}\selectfont
+ \begin{tikzpicture}[scale=.5]
+ \node[circle,minimum size=15pt,fill=black!15] at ( 60:4) (Exchange) {$\Exchange$};
+ \node[circle,minimum size=15pt,fill=black!15] at ( 0:0) (Client) {$\Child$};
+ \node[circle,minimum size=15pt,fill=black!15] at ( 0:4) (Merchant) {$\Merchant$};
+ \node[circle,minimum size=15pt,fill=blue!15] at (140:3) (Guardian) {$\Guardian$};
+
+ \draw[->] (Guardian) to [out=50,in=130, loop] node[above]
+ {$\Commit$} (Guardian);
+ \draw[->,blue] (Client) to [out=-125,in=-190, loop] node[below,left]
+ {\blue{$\Attest$}} (Client);
+ \draw[->,blue] (Merchant) to [out=50,in=130, loop] node[above]
+ {\blue{$\Verify$}} (Merchant);
+ \draw[->,orange] (Client) to [out=-35,in=-100, loop] node[below]
+ {\orange{$\Derive$}} (Client);
+ \draw[->,orange] (Exchange) to [out=50,in=130, loop] node[above]
+ {\orange{$\Compare$}} (Exchange);
+
+ \draw[orange,|->] (Client) to node[sloped,above,align=left]
+ {\orange{\scriptsize }} (Exchange);
+ \draw[blue,|->] (Client) to node[sloped, above]
+ {\blue{\scriptsize }} (Merchant);
+ \draw[,|->] (Guardian) to node[above,sloped,align=left]
+ {{\scriptsize }} (Client);
+ \end{tikzpicture}
+ \end{center}
+ }
+ \end{columns}
+ \vfill
+% \uncover<7->{Note: Scheme is independent of payment service protocol.}
+\end{frame}
+
+
+\begin{frame}{Age Restrictions based on KYC}
+% \item Our solution can in principle be used with any token-based payment scheme
+% \item GNU Taler best aligned with our design goals (security, privacy and efficiency)
+ Subsidiarity requires bank accounts being owned by adults
+ \begin{itemize}
+ \item Scheme can be adapted to case where minors have bank accounts
+ \item Assumption: banks provide minimum age
+ information during bank
+ transactions.
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Conclusion}
+ Age restriction is a technical, ethical and legal challenge.
+
+ Existing solutions are
+ \begin{itemize}
+ \item without strong protection of privacy or
+ \item based on identity management systems (IMS)
+ \end{itemize}
+ \vfill
+
+ Our age restriction scheme offers a solution that is
+ \begin{itemize}
+ \item based on subsidiarity
+ \item privacy-preserving
+ \item efficient
+ \item an alternative to IMS
+ \end{itemize}
+ Other types of programmability (escrow, auctions) are under development.
+\end{frame}
+
+
+\section{Integration considerations}
+
+\begin{frame}
+ \vfill
+ \begin{center}
+ {\bf Part V: Integration considerations}
+ \end{center}
+ \vfill
+\end{frame}
+
+
+\begin{frame}[fragile]{RFC 8905: \texttt{payto:} Uniform Identifiers for Payments and Accounts}
+ \vfill
+ Like \texttt{mailto:}, but for bank accounts instead of email accounts!
+ \vfill
+ \begin{verbatim}
+ payto://<PAYMENT-METHOD>/<ACCOUNT-NR>
+ ?subject=InvoiceNr42
+ &amount=EUR:12.50
+ \end{verbatim}
+ \vfill
+ Default action: Open app to review and confirm payment.
+ \vfill
+\includegraphics[width=0.25\textwidth]{einzahlschein-ch.jpeg}
+\hfill
+\includegraphics[width=0.2\textwidth]{de-ueberweisungsformular.png}
+ \vfill
+\end{frame}
+
+
+\begin{frame}[fragile]{Benefits of {\tt payto://}}
+ \begin{itemize}
+ \item Standardized way to represent financial resources (bank account, bitcoin wallet)
+ and payments to them
+ \item Useful on the client-side on the Web and for FinTech backend applications
+ \item Payment methods (such as IBAN, ACH, Bitcoin) are registered with
+ IANA and allow extra options
+ \end{itemize}
+ \begin{center}
+ {\bf Taler wallet can generate payto://-URI for withdraw!}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Fully Offline Payments {\bf (WiP)}}
+\framesubtitle{\url{https://docs.taler.net/design-documents/030-offline-payments.html}}
+Many central banks today demand offline capabilities for digital payment solutions.
+\vfill
+\noindent
+Three possible approaches:
+\begin{enumerate}
+ \item Trust-based offline payments (has counterparty and/or privacy risks)
+ \item Full HSM Taler wallet (has hardware costs)
+ \item Light-weight HSM balance register
+\end{enumerate}
+\vfill
+\end{frame}
+
+
+\begin{frame}{Partially Offline Payments with GNU Taler}
+We have filed for a patent to address situations where only the merchant is offline:
+\begin{enumerate}
+ \item Customer pays by scanning static QR code and entering amount on mobile phone.
+ \item Merchant confirms payment by checking simple unique numeric confirmation code.
+ \item[$\Rightarrow$] Allows for very simple, cheap and secure merchant on-boarding.
+ Makes integration with existing PoS vendors optional.
+\end{enumerate}
+\begin{center}
+ {\bf Needed Point-of-sale hardware costs only $\approx$ \EUR{10}}
+\end{center}
+\vfill
+\end{frame}
+
+
+\section{Blockchain Integration}
+
+\begin{frame}
+ \vfill
+ \begin{center}
+ {\bf Part VI: Blockchain Integration}
+ \end{center}
+ \vfill
+ Antoine d’Aligny, Emmanuel Benoist and Christian Grothoff: ``{\em Project Depolymerization: Tokenization of Blockchains}''. {\bf 4th Conference on Blockchain Research \& Applications for Innovative Networks and Services}, 2022
+ \vfill
+\end{frame}
+
+
+\begin{frame}{Blockchain based cryptocurrencies}
+ \begin{tikzpicture}[remember picture,overlay]
+ \node (N1)[above right=5mm and 25mm of current page.center] {\includegraphics[width=34mm]{media/news1.png}};
+ \node (N0)[below=-3mm of N1] {\includegraphics[width=34mm]{media/news0.png}};
+ \node (N2)[below left=-26mm and -2.5mm of N1] {\includegraphics[width=34mm]{media/news2.png}};
+ \end{tikzpicture}
+ \begin{block}{Biggest cryptocurrencies}
+ \begin{itemize}
+ \item \textbf{BTC} Bitcoin
+ \item \textbf{ETH} Ethereum
+ \end{itemize}
+ \end{block}
+ \begin{block}{Common blockchain limitations}
+ \begin{itemize}
+ \item \textbf{Delay} block and confirmation delay
+ \item \textbf{Cost} transaction fees
+ \item \textbf{Scalability} limited amount of transaction per second
+ \item \textbf{Ecological impact} computation redundancy
+ \item \textbf{Privacy}
+ \item \textbf{Regulatory risk}
+ \end{itemize}
+ \end{block}
+\end{frame}
+
+\begin{frame}{Layer 2 solutions: Taler vs. Lightning}
+
+\begin{minipage}{5.5cm}
+{\bf Taler:}
+\begin{itemize}
+\item[\checkmark] can be used with any currency or asset
+\item[\checkmark] can make payments instantly between any two parties
+\item[\checkmark] has income transparency and can accommodate KYC, AML and CFT
+\item[\checkmark] has cryptographic privacy protections
+\item[\checkmark] can be used immediately to make instant payments
+\item[\checkmark] uses one or more central exchange service providers
+\end{itemize}
+\end{minipage}
+\hfill
+\begin{minipage}{5.5cm}
+{\bf Lightning:}
+\begin{itemize}
+\item[$\times$] only works with Bitcoin
+\item[$\times$] requires payment route establishment, which can fail
+\item[$\times$] cannot enforce regulatory requirements
+\item[$\times$] requires money to be locked in payment channels
+\item[$\times$] requires expensive Bitcoin node or trusted service to transact
+\item[$\times$] claims to be decentralized, but uses few and centralized nodes in practice
+\end{itemize}
+\end{minipage}
+\end{frame}
+
+
+\begin{frame}{Taler}{Blockchain settlement layer}
+ \begin{center}
+ \begin{tikzpicture}[
+ rect/.style={rectangle, draw=black, minimum width=30mm},
+ sym/.style={stealth-stealth, shorten >= 2pt, shorten <= 2pt},
+ block/.style={rectangle,draw=black,fill=black!10,minimum size=7mm},
+ ]
+
+ %% Architecture
+ \node(Tt){Taler};
+ \node[rect,below=0cm of Tt](Tc){Exchange};
+ \node[rect,fit={(Tt) (Tc)}](T){};
+
+ \node[rect,below=7mm of Tc](D) {\textbf{Depolymerization}};
+
+ \node[rect,below=7mm of D](Bc){Node};
+ \node[below=0cm of Bc](Bt){Blockchain};
+ \node[rect,fit={(Bt) (Bc)}](B){};
+
+ \draw[sym] (T) -- (D);
+ \draw[sym] (D) -- (B);
+
+ %% Blockchain
+ \node[block,right=8mm of B] (1){};
+ \node[block,right=4mm of 1] (2){};
+ \node[block,right=4mm of 2] (3){};
+ \node[block,right=4mm of 3] (4){};
+ \node[block,right=4mm of 4] (5){};
+ \node[block,right=4mm of 5] (6){};
+ \draw[-stealth] (1) -- (2);
+ \draw[-stealth] (2) -- (3);
+ \draw[-stealth] (3) -- (4);
+ \draw[-stealth] (4) -- (5);
+ \draw[-stealth] (5) -- (6);
+
+ \node[left=4mm of 1] (S){};
+ \node[right=4mm of 6] (E){};
+ \draw[-stealth] (S) -- (1);
+ \draw[-stealth] (6) -- (E);
+
+ %% Taler
+ \node[block, below right=-7.5mm and 20.5mm of T] (off){Off-chain transactions};
+ \node[above=-0.5mm of off] {\includegraphics[height=7mm]{taler-logo-2021-inkscape.pdf}};
+
+ %% Depolymerization
+ \node[right=11mm of D] {\small{Credit}};
+ \node[right=50mm of D] {\small{Debit}};
+ \draw[dashed,-stealth] (1.north) |- (off.west);
+ \draw[dashed,-stealth] (off.east) -| (6.north);
+ \end{tikzpicture}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Depolymerization}{Architecture}
+ \begin{center}
+ \begin{tikzpicture}[
+ rect/.style={rectangle, draw=black, minimum height=6mm, minimum width=28mm},
+ sym/.style={stealth-stealth, shorten >= 2pt, shorten <= 2pt}
+ ]
+ \node[rect](1) {Taler Exchange};
+ \node[rect,below=of 1](2) {Wire Gateway};
+ \node[rect,right=of 2](3) {PostgreSQL};
+ \node[rect,right=of 3](4) {DLT Adapter};
+ \node[rect,above=of 4](5) {DLT Full Node};
+
+ \draw[sym] (1) -- node [midway,right] {\tiny HTTP} (2);
+ \draw[sym] (2) -- node [midway,above] {\tiny SQL} (3);
+ \draw[sym] (3) -- node [midway,above] {\tiny SQL} (4);
+ \draw[sym] (4) -- node [midway,left ] {\tiny RPC} (5);
+
+
+ \node[above= 2mm of 1]{\small{\emph{Wire Gateway API}}};
+ \node[above= 2mm of 5]{\small{\emph{DLT specific}}};
+ \node[above=22mm of 3](T) {};
+ \draw[dotted] (3) -- (T);
+ \end{tikzpicture}
+ \end{center}
+ \begin{itemize}
+ \item Common database to store transactions state and communicate
+ with notifications
+ \item Wire Gateway for Taler API compatibility
+ \item DLT specific adapter
+ \end{itemize}
+\end{frame}
+
+\begin{frame}{Storing metadata}{Bitcoin}
+ \begin{block}{Bitcoin - Credit}
+ \begin{itemize}
+ \item Transactions from code
+ \item Only 32B + URI
+ \item \textbf{OP\_RETURN}
+ \end{itemize}
+ \end{block}
+ \begin{block}{Bitcoin - Debit}
+ \begin{itemize}
+ \item Transactions from common wallet software
+ \item Only 32B
+ \item \textbf{Fake Segwit Addresses}
+ \end{itemize}
+ \end{block}
+\end{frame}
+\begin{frame}{Storing metadata}{Ethereum}
+ \begin{block}{Smart contracts}
+ \begin{itemize}
+ \item Logs in smart contract is the recommend way {\tiny (ethereum.org)}
+ \item Expensive (additional storage and execution fees)
+ \item Avoidable attack surface (error prone)
+ \end{itemize}
+ \end{block}
+ \begin{block}{Custom input format}
+ Use input data in transactions, usually used to call smart contract, to
+ store our metadata.
+ \end{block}
+\end{frame}
+
+\begin{frame}{Handling blockchain reorganization}
+ \begin{center}
+ \begin{tikzpicture}[
+ block/.style={rectangle,draw=black,fill=black!10,minimum size=7mm},
+ conf/.style={draw=black!60!green,fill=black!60!green!10},
+ nconf/.style={dotted},
+ err/.style={draw=black!60!red,fill=black!60!red!10},
+ ar/.style={-stealth}
+ ]
+ % Common
+ \node[block,conf](1){};
+ \node[block,conf,right=5mm of 1](2){$D_0$};
+ \node[block,conf,right=5mm of 2](3){};
+ \draw[ar] (1) -- (2);
+ \draw[ar] (2) -- (3);
+
+ % Current
+ \only<1>{
+ \node [block,nconf,right=5mm of 3](4){};
+ }
+ \only<2->{
+ \node [block,conf,right=5mm of 3](4){\only<3>{$D_3$}};
+ }
+ \node[block,nconf,right=5mm of 4](5){};
+ \node[block,nconf,right=5mm of 5](6){$D_1$};
+ \draw[ar] (3) -- (4);
+ \draw[ar] (4) -- (5);
+ \draw[ar] (5) -- (6);
+
+ % Fork
+ \only<-2>{
+ \node [block,nconf,above=7mm of 4](4p){};
+ }
+ \only<3>{
+ \node [block,dashed,err,above=7mm of 4](4p){$D_3'$};
+ }
+ \node[block,nconf,right=5mm of 4p](5p){$D_2$};
+ \node[block,nconf,right=5mm of 5p](6p){};
+ \node[block,nconf,right=5mm of 6p](7p){};
+ \draw[ar] (3.east) -- (4p.west);
+ \draw[ar] (4p) -- (5p);
+ \draw[ar] (5p) -- (6p);
+ \draw[ar] (6p) -- (7p);
+
+ % Indication
+ \node [right=5mm of 7p]{\emph{fork}};
+ \node [right=17mm of 6]{\emph{active}};
+ \end{tikzpicture}
+ \end{center}
+ \only<1>{As small reorganizations are common, Satoshi already recommended to
+ apply a confirmation delay to handle most disturbances and attacks.}
+ \only<2>{If a reorganization longer than the confirmation delay happens,
+ but it did not remove credits, Depolymerizer is safe and automatically
+ resumes.}
+ \only<3>{If a fork removed a confirmed debit, an attacker may create a
+ conflicting transaction. Depolymerizer suspends operation until lost
+ credits reappear.}
+\end{frame}
+
+\begin{frame}{Adaptive confirmation}
+ \begin{center}
+ \begin{tikzpicture}[
+ block/.style={rectangle,draw=black,fill=black!10,minimum size=7mm},
+ conf/.style={draw=black!60!green,fill=black!60!green!10},
+ nconf/.style={dotted},
+ conft/.style={text=black!60!green},
+ confl/.style={draw=black!60!green},
+ ar/.style={-stealth}
+ ]
+ % Common
+ \node(0){};
+ \node[block,conf,right=5mm of 0](1){};
+ \node[block,conf,right=5mm of 1](2){};
+ \draw[ar] (0) -- (1);
+ \draw[ar] (1) -- (2);
+
+ % Current
+ \node[block,conf,right=5mm of 2](3){};
+ \node[block,nconf,right=5mm of 3](4){};
+ \node[block,nconf,right=5mm of 4](5){};
+ \node[block,nconf,right=5mm of 5](6){};
+ \draw[ar] (2) -- (3);
+ \draw[ar] (3) -- (4);
+ \draw[ar] (4) -- (5);
+ \draw[ar] (5) -- (6);
+
+ % Fork
+ \node[block,nconf,above=7mm of 3](3p){};
+ \node[block,nconf,right=5mm of 3p](4p){};
+ \node[block,nconf,right=5mm of 4p](5p){};
+ \node[block,nconf,right=5mm of 5p](6p){};
+ \node[block,nconf,right=5mm of 6p](7p){};
+ \draw[ar] (2.east) -- (3p.west);
+ \draw[ar] (3p) -- (4p);
+ \draw[ar] (4p) -- (5p);
+ \draw[ar] (5p) -- (6p);
+ \draw[ar] (6p) -- (7p);
+
+ % Indication
+ \node[right=5mm of 7p]{\emph{fork}};
+ \node[right=17mm of 6]{\emph{active}};
+
+ % Confirmation
+ \path (0) -- (1) node[conft,midway, below=6mm] (M) {Max};
+ \path (2) -- (3) node[conft,midway, below=6mm] (N) {New};
+ \path (3) -- (4) node[conft,midway, below=6mm] (I) {Initial};
+ \node[above=25mm of M] (Mp) {};
+ \node[above=25mm of N] (Np) {};
+ \node[above=25mm of I] (Ip) {};
+ \draw[confl,thick,dotted](M) -- (Mp);
+ \draw[confl](N) -- (Np);
+ \draw[confl,thick,dotted](I) -- (Ip);
+ \end{tikzpicture}
+ \end{center}
+ If we experience a reorganization once, its likely for another
+ reorganization of a similar scope to happen again.
+ Depolymerizer learns from reorganizations by increasing its confirmation delay.
+\end{frame}
+
+
+\begin{frame}{Project Depolymerization Summary}
+ Taler can be used as a layer 2 for existing
+ crypto-currencies and stablecoins with Depolymerizer:
+
+ \begin{itemize}
+ \item [$-$] Trust exchange operator or auditors
+ \item [$+$] Fast and cheap
+ \item [$+$] Realtime: transactions with milliseconds of latency
+ \item [$+$] Linear scalability
+ \item [$+$] Ecological
+ \item [$+$] Privacy when it can, transparency when it must (avoid tax evasion and money laundering)
+ \end{itemize}
+\end{frame}
+
+
+\section{Conclusion}
+
+\begin{frame}
+ \vfill
+ \begin{center}
+ {\bf Part VII: Conclusion}
+ \end{center}
+ \vfill
+\end{frame}
+
+
+\begin{frame}{Feature comparison}
+ \begin{center} \small
+ \begin{tabular}{l||c|c|c|c|c}
+ & Cash & Bitcoin & Zerocoin & Creditcard & GNU Taler \\ \hline \hline
+ Online &$-$$-$$-$ & ++ & ++ & + & +++ \\ \hline
+ Offline & +++ & $-$$-$ & $-$$-$ & + & ++ \\ \hline
+ Trans. cost & + & $-$$-$$-$ & $-$$-$$-$ & $-$ & ++ \\ \hline
+ Speed & + & $-$$-$$-$ & $-$$-$$-$ & o & ++ \\ \hline
+ Taxation & $-$ & $-$$-$ & $-$$-$$-$ & +++ & +++ \\ \hline
+ Payer-anon & ++ & o & ++ & $-$$-$$-$ & +++ \\ \hline
+ Payee-anon & ++ & o & ++ & $-$$-$$-$ & $-$$-$$-$ \\ \hline
+ Security & $-$ & o & o & $-$$-$ & ++ \\ \hline
+ Conversion & +++ & $-$$-$$-$ & $-$$-$$-$ & +++ & +++ \\ \hline
+ Libre & $-$ & +++ & +++ & $-$ $-$ $-$ & +++ \\
+ \end{tabular}
+ \end{center}
+\end{frame}
+
+
+\begin{frame}{Summary of Taler Solution}
+
+\begin{enumerate}
+\item {\bf Frictionless one click}, cash-like digital payments \& instant
+confirmation for all fiat- and crypto-currencies and for all users,
+unbanked, young and old.
+\item With {\bf income-transparency on the recipient side} is
+crime-preventing \& Taler coins are as secure as cash without
+counterfeits. No ID theft.
+\item {\bf Guaranteed privacy} for spender \& data minimization: payment
+requires/shares no personal information.
+\item {\bf No bank account needed}
+\item Highly efficient in power, processing \& storage, extremely low
+cost \& {\bf highly scalable} to 100’000 transactions/sec.
+\item Economically viable (sub-cent) instant {\bf micro-transactions} for
+e-commerce, Internet of Things, metaverse, machine2machine, $\ldots$
+\end{enumerate}
+\end{frame}
+
+
+\begin{frame}{Collaboration with BoJ}
+\framesubtitle{Discussion Proposal}
+Taler Systems SA can provide:
+\begin{itemize}
+\item Integration with Japanese banking APIs
+\item Sandbox setup for evaluation by BoJ
+\item Support in maintenance \& roll-outs
+\end{itemize}
+Additionally:
+\begin{itemize}
+\item I will have a sabbatical in Fall/Winter 2023
+\item Objective is to visit financial institutions to present
+ contemporary capabilities and gather requirements for
+ further research
+\item I would be happy to spend part of it in Japan
+\end{itemize}
+\end{frame}
+
+
+
+\begin{frame}{Do you have any questions?}
+ \framesubtitle{\url{https://taler.net/en/bibliography.html}}
+ \vfill
+References:
+{\tiny
+ \begin{enumerate}
+ \item{David Chaum, Christian Grothoff and Thomas Moser.
+ {\em How to issue a central bank digital currency}.
+ {\bf SNB Working Papers, 2021}.}
+ \item{Martin Summer and Hannes Hermanky.
+ {\em A digital euro and the future of cash}.
+ {\bf Monetary Policy \& The Economy Q1-Q2/22}.}
+ \item{Antoine d’Aligny, Emmanuel Benoist, Florian Dold, Christian Grothoff, Özgür Kesim and Martin Schanzenbach.
+ {\em Who comes after us? The correct mindset for designing a Central Bank Digital Currency}.
+ {\bf SUERF Policy Notes 279/2022}.}
+ \item{Florian Dold.
+ {\em GNU Taler}.
+ {\bf University of Rennes 1, PhD Thesis, 2019}.}
+ \item{Christian Grothoff and Alex Pentland.
+ {\em Digital cash and privacy: What are the alternatives to Libra?}.
+ {\bf MIT Media Lab, 2019}.}
+ \item{Jeffrey Burdges, Florian Dold, Christian Grothoff and Marcello Stanisci.
+ {\em Enabling Secure Web Payments with GNU Taler}.
+ {\bf SPACE 2016}.}
+ \item{Özgür Kesim, Christian Grothoff, Florian Dold and Martin Schanzenbach.
+ {\em Zero-Knowledge Age Restriction for GNU Taler}.
+ {\bf ESORICS, 2022}.}
+ \item{Gian Demarmels and Lucien Heuzeveldt.
+ {\em Adding Schnorr's Blind Signature in Taler}.
+ {\bf BFH, Bachelor's Thesis, 2022}.}
+ \item{Marco Boss.
+ {\em GNU Taler Scalability}.
+ {\bf BFH, Bachelor's Thesis, 2022}.}
+\end{enumerate}
+}
+\end{frame}
+
+\end{document}
+
+
+
+
+\begin{frame}{Taler {\tt /withdraw/sign}}
+% Customer withdrawing coins with blind signatures
+% \bigskip
+ \begin{figure}[th]
+ \begin{minipage}[b]{0.45\linewidth}
+ \begin{center}
+ \begin{tikzpicture}[scale = 0.4,
+ transform shape,
+ msglabel/.style = { text = Black, yshift = .3cm,
+ sloped, midway },
+ okmsg/.style = { ->, color = MidnightBlue, thick,
+ >=stealth },
+ rstmsg/.style = { ->, color = BrickRed, thick,
+ >=stealth }
+ ]
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h1) at (-4, 0) {};
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h2) at (4, 0) {};
+ \node[above = 0cm of h1] {Wallet};
+ \node[above = 0cm of h2] {Exchange};
+
+ \path[->, color = MidnightBlue, very thick, >=stealth]
+ (-5, 4.5) edge
+ node[rotate=90, text = Black, yshift = .3cm] {Time}
+ (-5, -4.5);
+ \path[okmsg, dashed]
+ ($(h1.east)+(0, 4.0)+(0, -1.0)$) edge
+ node[msglabel] {SEPA(RK,A)}
+ ($(h2.west)+(0, 3.5)+(0, -1.0)$);
+ \path[okmsg]
+ ($(h1.east)+(0, -1.0)$) edge
+ node[msglabel] {POST {\tt /withdraw/sign} $S_{RK}(DK, B_b(C))$}
+ ($(h2.west)+(0, -1.5)$);
+ \path[okmsg]
+ ($(h2.west)+(0, -2.0)$) edge
+ node[msglabel] {200 OK: $S_{DK}(B_b(C))$)}
+ ($(h1.east)+(0, -2.5)$);
+ \path[rstmsg]
+ ($(h2.west)+(0, -3.5)$) edge
+ node[msglabel] {402 PAYMENT REQUIRED: $S_{RK}(DK, B_b(C))$)}
+ ($(h1.east)+(0, -4)$);
+ \node at (5.3, 0) {};
+ \end{tikzpicture}
+ \end{center}
+ Result: $\langle c, S_{DK}(C) \rangle$.
+ \end{minipage}
+ \hspace{0.5cm}
+ \begin{minipage}[b]{0.45\linewidth}
+ \tiny
+ \begin{description}
+ \item[$A$] Some amount, $A \ge A_{DK}$
+ \item[$RK$] Reserve key
+ \item[$DK$] Denomination key
+ \item[$b$] Blinding factor
+ \item[$B_b()$] RSA-FDH blinding % DK supressed
+ \item[$C$] Coin public key $C := cG$
+ \item[$S_{RK}()$] EdDSA signature
+ \item[$S_{DK}()$] RSA-FDH signature
+ \end{description}
+ \end{minipage}
+ \end{figure}
+\end{frame}
+
+
+\begin{frame}[t]{Taler {\tt /deposit}}
+Merchant and exchange see only the public coin $\langle C, S_{DK}(C) \rangle$.
+\bigskip
+ \begin{figure}[th]
+ \begin{minipage}[b]{0.45\linewidth}
+ \begin{center}
+ \begin{tikzpicture}[scale = 0.4,
+ transform shape,
+ msglabel/.style = { text = Black, yshift = .3cm,
+ sloped, midway },
+ okmsg/.style = { ->, color = MidnightBlue, thick,
+ >=stealth },
+ rstmsg/.style = { ->, color = BrickRed, thick,
+ >=stealth }
+ ]
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h1) at (-4, 0) {};
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h2) at (4, 0) {};
+ \node[above = 0cm of h1] {Merchant};
+ \node[above = 0cm of h2] {Exchange};
+
+ \path[->, color = MidnightBlue, very thick, >=stealth]
+ (-5, 4.5) edge
+ node[rotate=90, text = Black, yshift = .3cm] {Time}
+ (-5, -4.5);
+ \path[->, color = MidnightBlue, thick, >=stealth]
+ ($(h1.east)+(0,3)$) edge
+ node[text = Black, yshift = .3cm, sloped] {POST {\tt /deposit} $S_{DK}(C), S_{c}(D)$}
+ ($(h2.west)+(0,2)$);
+ \path[->, color = MidnightBlue, thick, >=stealth]
+ ($(h2.west)+(0,0.5)$) edge
+ node[text = Black, yshift = .3cm, sloped] {200 OK: $S_{SK}(S_{c}(D))$}
+ ($(h1.east)+(0,-0.5)$);
+ \path[rstmsg]
+ ($(h2.west)+(0, -2.5)$) edge
+ node[msglabel] {409 CONFLICT: $S_{c}(D')$}
+ ($(h1.east)+(0, -3.5)$);
+ \node at (5.3, 0) {};
+ \end{tikzpicture}
+ \end{center}
+ \end{minipage}
+ \hspace{0.5cm}
+ \begin{minipage}[b]{0.45\linewidth}
+ \tiny
+ \begin{description}
+ \item[$DK$] Denomination key
+ \item[$S_{DK}()$] RSA-FDH signature using $DK$
+ \item[$c$] Private coin key, $C := cG$.
+ \item[$S_{C}()$] EdDSA signature using $c$
+ \item[$D$] Deposit details
+ \item[$SK$] Exchange's signing key
+ \item[$S_{SK}()$] EdDSA signature using $SK$
+ \item[$D'$] Conficting deposit details $D' \not= D$
+ \end{description}
+ \end{minipage}
+ \end{figure}
+\end{frame}
+
+
+\begin{frame}{Taler {\tt /refresh/melt}}
+ \begin{figure}[th]
+ \begin{minipage}[b]{0.45\linewidth}
+ \begin{center}
+ \begin{tikzpicture}[scale = 0.4,
+ transform shape,
+ msglabel/.style = { text = Black, yshift = .3cm,
+ sloped, midway },
+ okmsg/.style = { ->, color = MidnightBlue, thick,
+ >=stealth },
+ rstmsg/.style = { ->, color = BrickRed, thick,
+ >=stealth }
+ ]
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h1) at (-4, 0) {};
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h2) at (4, 0) {};
+ \node[above = 0cm of h1] {Customer};
+ \node[above = 0cm of h2] {Exchange};
+
+ \path[->, color = MidnightBlue, very thick, >=stealth]
+ (-5, 4.5) edge
+ node[rotate=90, text = Black, yshift = .3cm] {Time}
+ (-5, -4.5);
+ \path[->, color = MidnightBlue, thick, >=stealth]
+ ($(h1.east)+(0,3)$) edge
+ node[text = Black, yshift = .3cm, sloped] {POST {\tt /refresh/melt} $S_{DK}(C), S_c({\cal DK}, {\cal T},{\cal B})$}
+ ($(h2.west)+(0,2)$);
+ \path[->, color = MidnightBlue, thick, >=stealth]
+ ($(h2.west)+(0,0.5)$) edge
+ node[text = Black, yshift = .3cm, sloped] {200 OK: $S_{SK}(H({\cal T}, {\cal B}),\gamma)$}
+ ($(h1.east)+(0,-0.5)$);
+ \path[rstmsg]
+ ($(h2.west)+(0, -2.5)$) edge
+ node[msglabel] {409 CONFLICT: $S_{C}(X), \ldots$}
+ ($(h1.east)+(0, -3.5)$);
+ \node at (5.3, 0) {};
+ \end{tikzpicture}
+ \end{center}
+ \end{minipage}
+ \hspace{0.5cm}
+ \begin{minipage}[b]{0.45\linewidth}
+ \tiny
+ \begin{description}
+ \item[$\kappa$] System-wide security parameter, usually 3.
+ \\ \smallskip
+ \item[$\cal DK$] $:= [DK^{(i)}]_i$ \\ List of denomination keys \\
+ $D + \sum_i A_{DK^{(i)}} < A_{DK}$
+ \item[$t_j$] Random scalar for $j<\kappa$
+ \item[${\cal T}$] $:= [T_j]_\kappa$ where $T_j = t_j G$
+ \item[$k_j$] $:= c T_j = t_j C$ is an ECDHE
+ \item[$b_j^{(i)}$] $:= KDF_b(k_j,i)$ % blinding factor
+ \item[$c_j^{(i)}$] $:= KDF_c(k_j,i)$ % coin secret keys
+ \item[$C_j^{(i)}$] $: = c_j^{(i)} G$ % new coin publics % keys
+ \item[${\cal B}$] $:= [H( \beta_j )]_\kappa$ where \\
+ $\beta_j := \left[ B_{b_j^{(i)}}(C_j^{(i)}) \right]_i$
+ \\ \smallskip
+ \item[$\gamma$] Random value in $[0,\kappa)$
+% \\ \smallskip
+% \item[$X$] Deposit or refresh
+ \end{description}
+ \end{minipage}
+ \end{figure}
+\end{frame}
+
+
+\begin{frame}{Taler {\tt /refresh/reveal}}
+ \begin{figure}[th]
+ \begin{minipage}[b]{0.45\linewidth}
+ \begin{center}
+ \begin{tikzpicture}[scale = 0.4,
+ transform shape,
+ msglabel/.style = { text = Black, yshift = .3cm,
+ sloped, midway },
+ okmsg/.style = { ->, color = MidnightBlue, thick,
+ >=stealth },
+ rstmsg/.style = { ->, color = BrickRed, thick,
+ >=stealth }
+ ]
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h1) at (-4, 0) {};
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h2) at (4, 0) {};
+ \node[above = 0cm of h1] {Customer};
+ \node[above = 0cm of h2] {Exchange};
+
+ \path[->, color = MidnightBlue, very thick, >=stealth]
+ (-5, 4.5) edge
+ node[rotate=90, text = Black, yshift = .3cm] {Time}
+ (-5, -4.5);
+ \path[->, color = MidnightBlue, thick, >=stealth]
+ ($(h1.east)+(0,3)$) edge
+ node[text = Black, yshift = .3cm, sloped] {POST {\tt /refresh/reveal} $H({\cal T}, {\cal B}), {\tilde{\cal T}}, \beta_\gamma$}
+ ($(h2.west)+(0,2)$);
+ \path[->, color = MidnightBlue, thick, >=stealth]
+ ($(h2.west)+(0,0.5)$) edge
+ node[text = Black, yshift = .3cm, sloped] {200 OK: $\cal S$}
+ ($(h1.east)+(0,-0.5)$);
+ \path[rstmsg]
+ ($(h2.west)+(0, -2.5)$) edge
+ node[msglabel] {400 BAD REQUEST: $Z$}
+ ($(h1.east)+(0, -3.5)$);
+ \node at (5.3, 0) {};
+ \end{tikzpicture}
+ \end{center}
+ \end{minipage}
+ \hspace{0.5cm}
+ \begin{minipage}[b]{0.45\linewidth}
+ \tiny
+ \begin{description}
+ \item[$\cal DK$] $:= [DK^{(i)}]_i$
+ \item[$t_j$] .. \\ \smallskip
+
+ \item[$\tilde{\cal T}$] $:= [t_j | j \in \kappa, j \neq \gamma]$ \\ \smallskip
+
+ \item[$k_\gamma$] $:= c T_\gamma = t_\gamma C$
+ \item[$b_\gamma^{(i)}$] $:= KDF_b(k_\gamma,i)$
+ \item[$c_\gamma^{(i)}$] $:= KDF_c(k_\gamma,i)$
+ \item[$C_\gamma^{(i)}$] $: = c_\gamma^{(i)} G$
+
+ \item[$B_\gamma^{(i)}$] $:= B_{b_\gamma^{(i)}}(C_\gamma^{(i)})$
+ \item[$\beta_\gamma$] $:= \big[ B_\gamma^{(i)} \big]_i$
+ \item[$\cal S$] $:= \left[ S_{DK^{(i)}}( B_\gamma^{(i)} ) \right]_i$ \\ \smallskip
+
+ \item[$Z$] Cut-and-choose missmatch information
+ \end{description}
+ \end{minipage}
+ \end{figure}
+\end{frame}
+
+
+\begin{frame}{Taler {\tt /refresh/link}}
+ \begin{figure}[th]
+ \begin{minipage}[b]{0.45\linewidth}
+ \begin{center}
+ \begin{tikzpicture}[scale = 0.4,
+ transform shape,
+ msglabel/.style = { text = Black, yshift = .3cm,
+ sloped, midway },
+ okmsg/.style = { ->, color = MidnightBlue, thick,
+ >=stealth },
+ rstmsg/.style = { ->, color = BrickRed, thick,
+ >=stealth }
+ ]
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h1) at (-4, 0) {};
+ \node[draw = MidnightBlue,
+ fill = CornflowerBlue,
+ minimum width = .3cm,
+ minimum height = 10cm
+ ] (h2) at (4, 0) {};
+ \node[above = 0cm of h1] {Customer};
+ \node[above = 0cm of h2] {Exchagne};
+
+ \path[->, color = MidnightBlue, very thick, >=stealth]
+ (-5, 4.5) edge
+ node[rotate=90, text = Black, yshift = .3cm] {Time}
+ (-5, -4.5);
+ \path[->, color = MidnightBlue, thick, >=stealth]
+ ($(h1.east)+(0,3)$) edge
+ node[text = Black, yshift = .3cm, sloped] {POST {\tt /refresh/link} $C$}
+ ($(h2.west)+(0,2)$);
+ \path[->, color = MidnightBlue, thick, >=stealth]
+ ($(h2.west)+(0,0.5)$) edge
+ node[text = Black, yshift = .3cm, sloped] {200 OK: $T_\gamma$}
+ ($(h1.east)+(0,-0.5)$);
+ \path[rstmsg]
+ ($(h2.west)+(0, -2.5)$) edge
+ node[msglabel] {404 NOT FOUND}
+ ($(h1.east)+(0, -3.5)$);
+ \node at (5.3, 0) {};
+ \end{tikzpicture}
+ \end{center}
+ \end{minipage}
+ \hspace{0.5cm}
+ \begin{minipage}[b]{0.45\linewidth}
+ \tiny
+ \begin{description}
+ \item[$C$] Old coind public key \\ \smallskip
+ \item[$T_\gamma$] Linkage data $\cal L$ at $\gamma$
+ \end{description}
+ \end{minipage}
+ \end{figure}
+\end{frame}
+
+
+\begin{frame}{Operational security}
+ \begin{center}
+ \resizebox{\textwidth}{!}{
+\begin{tikzpicture}[
+ font=\sffamily,
+ every matrix/.style={ampersand replacement=\&,column sep=2cm,row sep=2cm},
+ source/.style={draw,thick,rounded corners,fill=green!20,inner sep=.3cm},
+ process/.style={draw,thick,circle,fill=blue!20},
+ sink/.style={source,fill=green!20},
+ datastore/.style={draw,very thick,shape=datastore,inner sep=.3cm},
+ dots/.style={gray,scale=2},
+ to/.style={->,>=stealth',shorten >=1pt,semithick,font=\sffamily\footnotesize},
+ every node/.style={align=center}]
+
+ % Position the nodes using a matrix layout
+ \matrix{
+ \node[source] (wallet) {Wallet};
+ \& \node[process] (browser) {Browser};
+ \& \node[process] (shop) {Web shop};
+ \& \node[sink] (backend) {Taler backend}; \\
+ };
+
+ % Draw the arrows between the nodes and label them.
+ \draw[to] (browser) to[bend right=50] node[midway,above] {(4) signed contract}
+ node[midway,below] {(signal)} (wallet);
+ \draw[to] (wallet) to[bend right=50] node[midway,above] {(signal)}
+ node[midway,below] {(5) signed coins} (browser);
+ \draw[<->] (browser) -- node[midway,above] {(3,6) custom}
+ node[midway,below] {(HTTPS)} (shop);
+ \draw[to] (shop) to[bend right=50] node[midway,above] {(HTTPS)}
+ node[midway,below] {(1) proposed contract / (7) signed coins} (backend);
+ \draw[to] (backend) to[bend right=50] node[midway,above] {(2) signed contract / (8) confirmation}
+ node[midway,below] {(HTTPS)} (shop);
+\end{tikzpicture}
+}
+\end{center}
+\end{frame}
+
+
+\begin{frame}{Use Cases: Refugee Camps}
+ Today:
+ \begin{itemize}
+ \item Non-bankable
+ \item Direct distribution of goods to population
+ \item Limited economic activity in camps
+ \item High level of economic dependence
+ \end{itemize}\vfill\pause
+ With GNU Taler:
+ \begin{itemize}
+ \item Local currency issued as basic income backed by aid
+ \item Taxation possible based on economic status
+ \item Local governance enabled by local taxes
+ \item Increased economic independence and political participation
+ \end{itemize}
+\end{frame}
+
+
+\begin{frame}{Use Case: Anti-Spam}
+ \framesubtitle{Background: \url{https://pep.security/}}
+ Today, p$\equiv$p provides authenticated encryption for e-mail:
+ \begin{itemize}
+ \item Free software
+ \item Easy to use opportunistic encryption
+ \item Available for Outlook, Android, Enigmail
+ \item Spies \& spam filters can no longer inspect content
+ \end{itemize}\vfill\pause
+ With GNU Taler:
+ \begin{itemize}
+ \item Peer-to-peer payments via e-mail
+ \item If unsolicited sender, hide messages from user \&
+ automatically request payment from sender
+ \item Sender can attach payment to be moved to inbox
+ \item Receiver may grant refund to sender
+ \end{itemize}
+\end{frame}
