17 Dec
2003
17 Dec
'03
11:17 p.m.
My understanding of the protocol is that the identity of the purchacer is revealed only if the coin is double spent.
The identity of Bob is known by Alice and the bank.
Bob's identity is only known by Alice if other aspects of their transaction reveal it. Ecash payments can be made out to "@", a wild-card ID which allows anyone to spend it. TCP/IP payments only provide the IP address not the payee identity. Payments made via message pools further obscure identity. Once MoneyChanger front-ends to the mints are available Bob can remain anonymous to the bank as well.
No one can ever discover the identity of Alice from the coin.
Unless the payment characteristics, e.g., large coin values, permit linkage. --Steve