commit a5e16a9a286fdbe553ab0fc1be3f575f5aa0e1e0
parent ace6398394f24c6ea8ee3a449776140ab2d670fd
Author: Emmanuel Benoist <emmanuel.benoist@bfh.ch>
Date: Fri, 28 Jan 2022 18:18:13 +0100
merge conflict
Diffstat:
2 files changed, 39 insertions(+), 23 deletions(-)
diff --git a/2022-privacy/literature.bib b/2022-privacy/literature.bib
@@ -6,6 +6,17 @@
howpublished = {\url{https://www.schneier.com/essays/archives/2016/03/data_is_a_toxic_asse.html}},
}
+
+
+@Book{carbon,
+ author = {Ricardo Coelho},
+ editor = {Joanna Cabello and Tamra Gilbertson},
+ title = {Green is the Color of Money: The EU ETS failure as a model for the “green economy”},
+ publisher = {Carbon Trade Watch},
+ year = {2012},
+ month = {June},
+}
+
@PhdThesis{cwps,
author = {J. Appelbaum},
title = {Communication in a world of pervasive surveillance},
@@ -504,8 +515,7 @@ series = {SEC'16}
@misc{EurostatAge10,
author = {Eurostat},
title = {{Population on 1 January by age and sex (Europa, Altersgruppe 10)}},
- howpublished = {Webpräsenz von Eurostat},
- url = {https://bit.ly/32iWEyV}
+ howpublished = {\url{https://bit.ly/32iWEyV}}
}
@book{dannen2017introducing,
@@ -519,15 +529,14 @@ series = {SEC'16}
@misc{merge2022,
title={The merge},
year={2022},
- url = {https://ethereum.org/en/upgrades/merge}
+ howpublished = {\url{https://ethereum.org/en/upgrades/merge}}
}
@misc{nelson2021,
title={The State of the Merge: An Update on Ethereum’s Merge to Proof of Stake in 2022},
author={Matt Nelson},
year = {2021},
- howpublished={consensys.net},
- url = {https://consensys.net/blog/news/the-state-of-the-merge-an-update-on-ethereums-merge-to-proof-of-stake-in-2022/}
+ howpublished = {\url{https://consensys.net/blog/news/the-state-of-the-merge-an-update-on-ethereums-merge-to-proof-of-stake-in-2022/}}
}
@article{noether2015ring,
diff --git a/2022-privacy/privacy.tex b/2022-privacy/privacy.tex
@@ -29,11 +29,11 @@ design goals and that the ECB needs to fundamentally change its mindset when
thinking about its role in the context of the Digital Euro if it wants the
project to succeed.
-Along the same lines, the French council scientific numerique published a
+Along the same lines, the French National Council for Digitalization published a
report on ``Notes and Tokens, The New Competition of
Currencies''~\cite{french2021}. Here, the authors make similar false
-assumptions about inevidable properties of CBDCs, going as far as stating that
-a CBDC is not possible without an E-ID system. Our paper attempts to set the
+assumptions about inevitable properties of CBDCs, going as far as stating that
+a CBDC is not possible without an eID system. Our paper attempts to set the
record straight.
% [oec] Shouldn't we also mention GNU Taler already here as an example for an alternative?
@@ -66,7 +66,7 @@ citizens and businesses.
\section{Currency, crypto-currency and payment systems} \label{sec:terms}
Currency is ``\emph{something that is used as a medium of exchange;
- money.}''\cite{dictionaryCurrency}. Form the French dictionary, currency
+ money.}''\cite{dictionaryCurrency}. From the French dictionary, currency
(i.e. la monnaie) is an ``\emph{Instrument of measurement and conservation of
value, legal means of exchanging goods}''\footnote{``Instrument de mesure et
de conservation de la valeur, moyen légal d'échange des biens.''}, or
@@ -84,7 +84,7 @@ are very heterogeneous and based on different principles. Some use accounts
with balances with a blockchain used to establish a consensus on the account
balances (Bitcoin was the first currency to use it), while others allow the
transfer of fungible tokens that are disassociated from any transaction
-history (Z-cash\cite{zcash}). Among those using a blockchain, some use proof
+history (Zcash~\cite{zcash}). Among those using a blockchain, some use proof
of work (Bitcoin, Ethereum), others use proof of stake
(Ethereum, expected in Q2 2022~\cite{merge2022,nelson2021}) or most recently
proof of wasted human lifetime (Play to Earn~\cite{p2e2022}). Some are rather
@@ -113,11 +113,10 @@ may introduce new failure modes into the system. As a result, payment service
providers are generally regulated entities, at least when they deal with
traditional fiat currencies. Examples for payment systems used with
crypto-currencies include the various proprietary crypto-trading platforms as
-well as distributed layer-2 solutions like the Lightening
+well as distributed layer-2 solutions like the Lightning
network~\cite{lightening}.
-In the rest of this paper we will focus on the design principles for a Central
-Bank Digital Currency (CBDC). There are two types of CBDCs, retail CBDCs and
+There are two types of CBDCs, retail CBDCs and
wholesale CBDCs. Wholesale CBDC is expected to be primarily used to trade
between banks and between the central bank and banks. An example of wholesale
CBDC can be found in the description of the project Helvetia of the Swiss
@@ -127,7 +126,7 @@ National Bank~\cite{BISHelvetia2020}.\footnote{We note that the French report
contrast, a retail CBDC is intended to be used by citizens and businesses in
their daily lives for their ordinary expenses, basically providing a form of
digital cash that is, like physical cash, a liability of the central bank.
-The rest of this paper will concentrate on retail CBDCs. Our discussion will
+This paper is about retail CBDCs. Our discussion will
assume that the currency for the CBDC already exists, and thus focus on the
requirements for the payment system that facilitates ordinary people to make
digital transactions with such a currency.
@@ -226,7 +225,7 @@ CBDC.
\label{sec:coupling}
The arguably most dangerous idea of the ECB report is ``combining use of
digital identity and CBDC''. The same idea is echoed in the French report
-which quotes Catenae~\cite{catenae2020} to say that ``it is difficult to
+which quotes an unpublished report from Catenae (2020) to say that ``it is difficult to
envisage the creation of a retail CBDC, and more specifically a Digital Euro
without first creating a reliable, secure digital identity offering the
necessary guarantees''. From a technical perspective, the statement is hard to
@@ -273,13 +272,13 @@ space for CBDCs but is exactly what is proposed.
Citizens themselves are well aware of this aspect and it consequently would
have a significant impact on acceptance of a CDBC:
The Swiss population recently rejected a proposal for a national
-E-ID~\cite{eid2021}, and the newly elected German government is promising a
-reversal of ubiquitous data retention (without cause) in
-Germany~\cite{koalitionsvertrag2021}. The European Parliament has members
+eID~\cite{eid2021}, and the newly elected German government is promising a
+reversal of ubiquitous data retention (without cause)~\cite{koalitionsvertrag2021}.
+The European Parliament has members
proposing to ban the use of facial recognition in public
spaces~\cite{euai2021}. The ECB's proposal seemingly ignores the popular
rejection of treating every citizen as a criminal suspect by doubling down.
-Payment data is typically retained for 6 or more years.
+Payment data is already typically retained for 6 or more years.
% FIXME: What is this referring to? Is it already retained 6 or more years? Is that proposed?
% That is common fact for banking in EU/US/UK and likely other states.
% That said, if someone has a good reference, that would be appreciated...
@@ -291,6 +290,8 @@ offerings already put it. If CBDC payment data is strongly coupled with our
identities, those who dislike living in a panopticon could only hope for such a
CBDC to be rarely used.
+
+% FIXME This paragraph. It conflates and rambles incoherently with a lot of ()s
But the ECB is not the only institution pushing for digital identity-based
solutions. Another domain where this is inappropriately pursued is the
decades-old debate about age-verification for Websites. The common pattern
@@ -322,12 +323,12 @@ Here, the ECB fails to learn the hard lessons from the introduction of $CO_2$
emissions certificates, where initial allocations were calculated based on
``presumed emission needs'' of certain industries, resulting in windfalls for
shifty polluters that managed to rig the calculations, giving them excess
-certificates that they could then resell. If CBDC holdings are limited and
+certificates that they could then resell.~\cite{carbon} If CBDC holdings are limited and
financially attractive, there will clearly again be businesses profiting from
organizing their business data to obtain high account limits. This kind of
socially unproductive optimization will happen regardless of the specific
rules that the ECB will design. Thus, this is a fundamentally flawed design.
-% FIXME: add citations on CO2 certificate abuses?
+
The ECB's focus on account-based solutions seems to have caused it to ignore a
better solution that was proposed in~\cite{snb2021}, even though it was
@@ -345,6 +346,9 @@ risk, quite comparable to the risk of hoarding cash. By analyzing this risk,
citizens and businesses would themselves determine appropriate individual
limits for their CBDC holdings based on their actual cash needs.
+
+%FIXME this whole section is out of place. It is not a critique of the paper(s)
+% but it is also not a proposal of properties. Why is it here?
\section{Tokenization beyond CBDC}
\label{sec:tokenization}
@@ -451,6 +455,7 @@ We think that any CBDC must be based on the following design principles
inspired by~\cite{dold2019}, given in order of priority:
\begin{enumerate}
+ % FIXME: free software using open standards?
\item \textbf{A CBDC must be implemented as free software.}
Free refers to ``free as in free speech'', as opposed to ``free as in free beer''.
@@ -485,6 +490,8 @@ inspired by~\cite{dold2019}, given in order of priority:
\item \textbf{A CBDC must protect the privacy of buyers.}\label{item:privacy}
+ % FIXME s/should/must?
+ % guaranteed??? That is too hard!
Privacy should be guaranteed via technical measures, as opposed to mere
policies. Especially with micropayments for online content, a
disproportionate amount of rather private data about buyers would be revealed, if
@@ -508,7 +515,7 @@ inspired by~\cite{dold2019}, given in order of priority:
it is conceivable that specific rules and regulations may be modified to
accomodate a CBDC, it is inconceivable that states would relax the rules
to the point where businesses receiving income are not held accountable
- for their actions, especially as there seems to be a broad consensuse that
+ for their actions, especially as there seems to be a broad consensus that
levying of taxes based on economic activity is beneficial to society.
\item \textbf{A CBDC must prevent payment fraud.}
@@ -544,7 +551,7 @@ inspired by~\cite{dold2019}, given in order of priority:
\item \textbf{A CBDC must be efficient.}
- Approaches such as proof-of-work are ruled out by this requirement. Efficiency is
+ Approaches such as proof of work are ruled out by this requirement. Efficiency is
necessary for a CBDC to scale to the hundreds of thousands of transactions
required to support larger economic areas. Efficient payments can also open
up new use-cases by enabling micropayments.
