commit 9e6b12fd0b05f0f0857b7839797192e9863300a9 parent 7e352a83cff3e5d219b65c25225c46dbfb73ba2b Author: Florian Dold <florian.dold@gmail.com> Date: Thu, 20 Dec 2018 01:02:00 +0100 add first draft of cbdc response Diffstat:
| A | 2018-cbdc-response/taler-cbdc.tex | | | 134 | +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
1 file changed, 134 insertions(+), 0 deletions(-)
diff --git a/2018-cbdc-response/taler-cbdc.tex b/2018-cbdc-response/taler-cbdc.tex @@ -0,0 +1,134 @@ +\documentclass{scrartcl} +\usepackage[a4paper, +top=2cm, +bottom=1cm, +includefoot, +left=4cm, +right=2cm, +footskip=1cm]{geometry} + +\usepackage{lastpage} % enables \pageref{LastPage} + +\usepackage{scrlayer-scrpage} +\cfoot*{\normalfont Seite \pagemark{} von \normalfont \pageref{LastPage}} +\pagestyle{scrheadings} + +% German indentation +\setlength{\parindent}{0pt} +\setlength{\parskip}{0.5ex plus 1pt minus 1pt} + + +\usepackage{graphicx} +%\usepackage{mathpazo} +\usepackage{newtxtext,newtxmath} +%\usepackage{mathptmx} +\usepackage[utf8]{inputenc} +\usepackage[T1]{fontenc} +%\usepackage[ngerman]{babel} +\usepackage{color} +\usepackage[hidelinks]{hyperref} + +\begin{document} + +\title{Taler as the Foundation for a European Retail CBDC} +\date{} +\maketitle%\vspace{-15ex} + +This note elaborates how the open source payment system GNU Taler fits into the +requirements of a Centrally Banked Digital Currencency (CBDC) intended for use +in the European retail market. + +\section*{Overview} +Taler Systems is developing GNU Taler, the software +infrastructure for an electronic payment system with focus on security, +efficiency and data minimization. Cryptography is employed for security, +privacy and data minimization, but can at the same time guarantee that cash flows +to merchants/retailers are transparent for AML and other financial auditing +features. + +The following components form the core of the system: +\begin{enumerate} + \item An \emph{Electronic wallet} software stores cryptographic tokens of + value (called digital coins), implemented via blind signatures. Wallets + are typically managed by the end user, a \emph{wallet provider} can manage + storage of cryptographic material for the user, and can provide backup, + synchronization and recovery. + + \item The \emph{Exchange} issues digital coins to wallets, after receiving + money on a transit account. As blind signatures are used, the exchange + knows that it issued coins of a certain monetary value, but not to which + wallet. Digital coins are always denominated in a fiat currency (e.g. + Euro). + + \item The \emph{Merchant} receives digital coins from customers and transmits + them to the exchange. After validating these coins, the exchanges sends + money from the transit account to the merchant's bank account. Transfers + can be aggregated to allow micropayents of even fractions of a cent. + + \item The \emph{Auditor} is a central entity that certifies which Exchanges + are to be trusted as legitimate, and how much digital coins an exchange + can issue during a given time frame. Merchants typically accept digital coins + from all exchanges that are certified by the centrally trusted auditor. + Additionally the Auditor has a software component that conducts frequent + automated checks of the Exchanges' transaction history and database to + detect if they deviate from their expected operation. +\end{enumerate} + +The implementation of all core components is licensed as free and open source (FOSS) software. + +\section*{Addressing CBDC Requirements} +We now sketch how the Taler components map to a CBDC system run by ECB/NZBs, +according to the draft requirements. As Taler is a value-based payment system, +we will address the common requirements C1-C8 and requirements V1-V4 specific +to the value-based model. + +\paragraph{C1. Tokenization:} The ECB/NZBs would simultaneously take the role of the Taler Exchange +and Taler Auditor. +\paragraph{C2. Issuance:} The ECB/NZBs create new CBDC units by issuing Taler digital coins, +and destroy CBDC units by accepting digital coin deposits from merchants, subsequently releasing +funds blocked in the transit account and sending them to the merchant's bank account. +\paragraph{C4. 1-on-1 parity rule:} Digital coins in GNU Taler already correspond 1-on-1 to a +value in a fiat currency such as the Euro. +\paragraph{C4. Two-tier structure:} With Taler, national banks can serve as +the primary Tier-2 entity, and facilitate the transfer from a customer's bank +account to the ECB/NZBs transit account, in exchange for letting the customer +obtain digital coins. A secondary Tier-2 entity are the wallet providers. +Banks can serve as wallet providers, but other third party businesses can offer +a wallet backup/sync/restore service as well. Customers can even decide to be +responsible for the security of their wallet on their own, and manage private keys directly +and on their own device. +\paragraph{C5. Compliance with AML regulation:} Strict withdrawal limits can +be placed on customers' bank accounts. Merchants can be required to collect +customer data for transactions of large amounts. Due to the technical measures +that provide transparency of cash flows to merchants, the compliance of +merchants can be easily verified. +\paragraph{C6. Fees:} Taler has a flexible fee structure that can be adjusted so that Tier-2 banks +can charge for CBDC creation and other activities. +\paragraph{C7. Availability:} Taler requires no manual processing and can be made highly +available with standard software deployment and operations techniques. +\paragraph{C8. Throughput, transaction time and micropayments:} Transactions +with Taler are processed in the order of milliseconds. Unlike DLTs, Taler can +be easily scaled both horizontally (sharding, more processing nodes) and +vertically (faster machines). Since multiple payments to a merchant can be aggregated into +one bank transfer, even micropayments with fractions of a cent are possible. +\paragraph{V1. Non-interest-bearing:} In Taler, digital coins do not bear interest. +\paragraph{V2. Limitation of bank runs:} Bank runs can be discouraged and limited with Taler: (1) Withdrawal +limits can be imposed by the Tier-2 banks on the withdrawal of CBDC units (2) wallet providers can place limits +on how much money can be stored in online wallets (3) customers that mange their own wallet are discouraged from +withdrawing large amounts of CBDC units in their wallets, as they must ensure its safety similar to a physical wallet. +\paragraph{V3. Anonymity and AML:} AML measures can be implemented upon the \emph{income transparency} feature, +where cash flows to merchants (but not cash flows from individual customers) are visible to the exchanges (and +thus ECB/NCBs). As the merchant redeems CBDC units with a transaction to their bank account, the KYC process +already happened when the merchant opened their SEPA bank account. +With Taler, ownership of +digital coins between mutually distrusting parties can only be securely transferred with a digital coin deposit via the exchange. +This discourages ``invisible'' payments by sharing digital coins between wallets. + +\paragraph{V4. Ownership and spending rights of CBDC:} Technically literate users can manage their own wallets +and private keys, whereas other users can use wallet backup/sync/restore providers. + +\section*{Contrast and Relationship to DLT-based Systems} +To be written \ldots + + +\end{document}