[I'll respond to several people's comments on this thread all at once.] Excerpts from mail.limbo: 6-Dec-95 Re: Geodesic Payment System.. Robert Hettinga@shipwrig (6688*)
To be perfectly clear: our minimum service charge is 30 cents, not 5 dollars. If we didn't think it was worthwhile to take transactions that small, we wouldn't do so.
Fine. Are we including the cost of the credit card transaction to the consumer? Fees, interest, that stuff? There are lots of hidden costs in a book entry system. With a bearer-certificate system, the price is the spread between the certificate's bid and asked prices for (a traveller's check, for instance, is asked at a primium, and redeemed at face value, for instance. That's all the cost of using them.)
This includes *everything*. The 29 cents plus 2% includes all credit-card related fees.
That may be true, Nathaniel, but just because the people who bring the money off the net need to be identified to the digital cash underwriter's (actually the underwriter's bank's) satisfaction, doesn't mean that the trades on the net can't be totally anonymous. We've gone over this before.
Yes, this is absolutely true. I didn't mean to imply otherwise. The question is whether or not the possibility of true anonymity in the net transactions might widen the door for fraud on the conversion. I think that it does, in the sense that there's no good way to answer the question, "is it reasonable for Robert Hettinga to be cashing in $2 million of ecash today?" In a non-anonymous system, audit trails could be called up automatically on any "suspiciously large" transaction, and this would help to limit fraud (along with some other, less desirable social consequences). I'm not saying that this kind of accountability would necessarily be a good thing, merely trying to explain why banks are leery of true anonymity.
So, given that model, what's the problem?
None at all, if you can find an underwriter who is comfortable with the fact that his investigative options will be limited in the case of suspiciously large or suspiciously frequent "cash out" events from a given customer. Apparently Mark Twain Bank finds that risk acceptable. I'm sure the larger banks will be watching quite closely. Excerpts from mail.limbo: 6-Dec-95 Re: Geodesic Payment System.. Wei Dai@eskimo.com (1462*)
..... There's a good reason that most companies have "Ltd" after their name instead of "Unlimited", in those countries where that's the naming convention.
I find this argument totally unconvincing. No risk is unbounded. The worst thing that can possibly happen is that a nearby star goes supernova and completely destroys the earth. Yet markets handle this low-probability risk quite well.
The direct cost of a break-the-bank catastrophic failure is bounded by the amount of capital the bank has. This is because the market will not accept more liabilities (real or forged) from the bank than its capital. There may be other indirect costs resulting from dislocations, but these should also be proportional to the size of the bank. Therefore your argument is really against centralization and for diversification and distribution.
I'm sorry, when I said "unbounded" I was talking in a practical sense. Very few banks are willing to undertake a venture in which there is a very-low-probability risk of a failure that is only bounded by their total asset pool. Technically, you are correct, that is always the practical bound. From a bank's perspective, however, "enough to break the bank" is a good working definition of "unbounded risk". They like their risk bounded at a slightly lower threshhold... :-) Excerpts from mail.limbo: 6-Dec-95 Re: Geodesic Payment System.. "E. ALLEN SMITH"@mbcl.ru (1656)
The risk in question is not infinite-cost. If the person who gets ahold of the keys starts simply making lots and lots of money, in a free market the prices in digital cash for everything will start going up. This phenomenon will be spotted, and those taking the particular variety in question will stop accepting it. Losses are limited to however much was out there at a given time, and if there are multiple systems with free-market interconversion between them, that may not be very much. People will move out of a decaying monetary system if: A. the new system is as easy to get as the old; and B. the new system is as easy to spend as the old. If the person who gets the keys simply uses them on a small scale, then the resulting inflation and loss of value can simply be dealt with using the discount mechanism. It's no longer infinite risk.
Basically, the criminal in this scenario has a choice between greed and vandalism. If he's motivated by greed, and he's clever, he'll push things slowly in the inflationary direction, as you describe. If he's a vandal or terrorist at heart, however, he might get more satisfaction out of generating the equivalent of overnight inflation at the billion-percent level. That's not a decaying monetary system, it's a suddenly-collapsing monetary system. The only difference between those two scenarios is the quantity of bad money the criminal chooses to print and distribute. (Note that this is very different from physical counterfeiting, where the logistics of actually feeding trillions of dollars into the money supply are quite daunting, and make the catastrophic-vandal scenario more or less impossible.) Excerpts from mail.limbo: 6-Dec-95 Re: Geodesic Payment System.. Peter Monta@qualcomm.com (892*)
Why "the bank", rather than "all banks"? If there is a single cryptographic point of failure in a widely used ecash system, it seems unlikely that diversity would buy you anything. The worry would not be the compromised keys of a single bank, but rather, say, an effective cryptanalysis. I would put this in the supernova class; it may be just as unlikely.
There's a big difference between breaking the algorithm and stealing the keys. To break a cryptographic algorithm requires either a revolutionary mathematical discovery or the discovery of a subtle coding flaw. The former is in the supernova category, and the latter is probably in the "major hurricane" category. However, stealing the keys is a relatively simple computer crime. You break into a computer somewhere and steal some information. It only breaks a single bank, but that's enough to satisfy most criminals..... -- Nathaniel -------- Nathaniel Borenstein <nsb@fv.com> | (Tense Hot Alien In Barn) Chief Scientist, First Virtual Holdings | VIRTUAL YELLOW RIBBON: FAQ & PGP key: nsb+faq@nsb.fv.com | http://www.netresponse.com/zldf