-----BEGIN PGP SIGNED MESSAGE----- C'punks, What would a cypherpunk bank (being a bank the style of which some cypherpunks would not hate too much :-) look like? How could it be made safe to run? One avenue of safety - shepherding the idea through SEC etc scrutiny so as to render the venture completely legal seems to lack something of a c'punk flavour. After all, one idea that some of us are quite taken with is that strong crypto and the changes it brings are not only important (they are), nor good (as Tim has pointed out - it depends where you stand) but *inevitable*. So, how safe would a cp style bank be today? There seem to be a number of possible pressure points: the machine, the operators, the managers/directors, the owners, the assets, getting money out of the system and getting money into the system. The Machine The easiest way to shut down an ebank is probably to unplug the machine the software is running on and take it away. A variation of this is to cut off net/telecomms access, or even electricity. (In the US/UK/NZ etc this would not seem to be too difficult - lie to a judge about a bit of child porn and you can pretty much take what you like.) Restricting ourselves to legitimate securities/banking enforcement, however, it would seem to be enough to move the box to some appropriate offshore site away from the major markets for the bank's services. Obviously, there is no need to actively advertise the physical location of the processor... The Operators Even if the authorities of the target jurisdictions (US, Europe, Asia) can't reach the operators of the machine while they are tending to it, they could, presumably, make it difficult for those people to leave their jurisdictions once they had entered them - by, for instance, issuing arrest warrants, or holding trials in absentia. Again, if the physical location of the machine is sufficiently obfuscated, this attack can be foiled. The Managers/Directors Assuming the bank is some kind of artificial legal entity, it will require some other legal entity to control its actions. That controlling entity could be themselves an artificial legal entity - for instance, a corporate director of an offshore company. The Owners Assuming the bank itself is not a natural person, it will be owned by someone (at least one list member has indicated an interest in investing in some form of ebank). These owners could be the subject of pressure. Using the same technology that made the ecash anonymous, the ownership of the bank could be made similarly unknowable. The Assets A bank isn't going to last long if the SEC can just take its 'deposits'. Fortunately there are still a number of jurisdictions left where the bank's bank account should be safe. Getting Money out of the System Eventually Tim is going to want to turn his Blacknet earnings into USD to reinforce his security perimeter. How do we stop the Feds effectively making it illegal to receive cheques from Banque des Cp? Presumably, BCp instructs its banks to issue bank cheques, or get bank cheques from other banks. Receiving wire transfers from Citbank may be notifiably suspicious, but that just makes you one of millions... Getting Money into the System This strikes me as the most serious problem. If we differentiate between big ticket (wholesale pharmaceutical type) and small ticket (remailer stamp type) transactions, it might just be possible that the former could be managed without bringing down the wrath of the authorities on the customers (having failed to effectivley attack the bank). Essentially the idea is to route payments through enough appropriate jurisdictions that tracing back from the ebank to the customer is impossible (or, rather, unlikely). Sticking a Libyan bank in the chain could help, for instance... But small ticket transactions can't use this route. The easiest thing to do would be to accept credit cards - but it wouldn't take much to convince Visa and Mastercard not to let their services be used, if not turn over details of everyone who tried to buy ecash. Cheques, TTs etc seem too cumbersome to be marketable, and, once again, too easy to trace - at least at first glance. The problem stems, I think, from trying to satisfy two seemingly opposed requirements - the customer must be sure who they are paying, but the authorities must not know the customer is paying the bank. Any ideas? [Another problem occurs to me. Alice's Awsome XXX CD-Rom Shoppe accepts BCp's BlackCash[TM]. Simon from the SEC buys a CD with BlackCash. "Asian Teenage Leather Maidens" duly arrives, and Simon arrests Alice for dealing in unauthorised securities (and unauthorised dealing in securities etc)...] I think I'll stop before I talk myself out of the whole thing :-) Cheers Dm -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMHtVEVlo3j8JHzalAQHT9wP/TV0AN7o4/yfkKw3G4SPrZWUO+LUFdDnD a9v6OKUZZ8LrPQ/XORq3dvtOFtJ6GNiOPZkAWQQI9Rm792PcW4mdF+ppKynjgt0A olK/wFnbBVhYwoEOXvqaC+ZwCTbaewpydEi3OEPGRoXbpDaYxQkfAj7K0dPT21sz TjV5qM+rt+M= =dTqF -----END PGP SIGNATURE----- [Palmtop News Reader - Beta Version 3]