At 4:43 PM 8/27/94 -0700, Anonymous User wrote:
If there are hundreds of thousands of vendors on the net, a situation CommerceNet predicts before the end of the decade, and they are using this offline protocol, then even with small transactions the fraud could run into the millions of dollars.
Fallacy of Composition. If every vendor pays a few hundredth of a cent to that million it's a cost of doing business. The number I had thrown at me for credit card fraud is 3%. That's a monstrous amount of money if you saw it one place. You don't see the credit card companies the banks getting out of the business, do you? You don't see sellers who accept AMEX or Visa refusing to accept those cards? The userous fees and reserve requirements against the vendor's own fraud cause some vendors to pull out, but the cost of outright credit card fraud to vendors and banks is, while noticible, not a deal-killer as far as they're concerned.
There's plenty of incentive for Irving to steal Jane's coins, run off to some place on the net that has no extradition treaty, and pump good change out of the vendors and into his Lichtenstein account to his heart's content.
And then Irving's spouse-equivalent Sam catches Irving in bed with another guy and rats on him to the police in a fit of jealous rage. Or Irving spends too much money in the wrong place and gets ratted on, or a competitor rats on him, as criminals are wont to do upon each other, or Lichtenstein, who does so much business with tax evaders that they don't Really Want to Besmirch their Name with Mere Criminals, decides to finger Irving. Or, maybe, just maybe, Irving has to make a living and, in order to keep his spouse-equivalent in the style to which he's become accustomed, repeats himself one too many times. Thus Dick, a detective, sends him to jail the old fashioned way. With police work.
We may yet find protocols to mitigate or limit this kind of fraud -- make change traceable if linked to double spending, do random online checks as a cypherpunks poster suggested last year, or similar precautions layered on top of the basic protocol. But so far these problems haven't been put on the front burner of digital cash design, and already we have people out there selling offline cash on the network as a superior solution!
God knows (she told me last night she knows :-)) that no system by itself is superior. As Hal(?) said here recently, expect a mix of systems. However, please note that any offline system where the receiver of cash runs right to the underwriter and cashes out is a defacto online system, without the cost of a live link. And, yes Virginia, offline cash is a superior network solution because it's just plain cheaper. You don't need to keep a bank wired in, you don't need all the other costs (I should just bind the list to a key and paste them in) you get with online systems.
Reliance on law enforcement flies in the face of cypherpunk goals, and indeed against the goals of good cops as well -- one of their most vocal complaints is about people setting up systems that are vulnerable to crime, putting them in unecessary danger.
One should rely on law enforcement to the extent that it creates privacy. If you can call a cop and he throws a mugger in jail, and you can go about your business otherwise, that's cool. If you can shoot the mugger when he tries to shoot you, it's messy but it's cool. If there's a way to deal with preventing accidental double spending, or indemnifying those victims of accidental double spending, that's cool. If it takes a cop to slap a few frauds in jail for deliberate double spending, that, too, is also cool.
It also goes against political reality to think that a startup operation can lobby governments all across the globe to protect a system that is ideal for money laundering and tax evasion. Ain't gonna happen -- they'll let those "dirty money banks and money laundering net sites" rot; they may even give Irving a helping hand.
You don't have to lobby governments all over the globe. You just get them to enforce their own laws about theft. Let's see, in Tehran, it's your left hand for the first offense... Uh, I hate to break this to you, but startups do this all the time. With enough success that a business will do it the next time if the crime happens twice, I might add. As far as Binky, the Third Horse of the Apacolypse (otherwise known as as the Illegal Drug Trade), that's a tough one....Hey, I got it! Let's charge them with money laundering! Wow, I'm surprised I thought of *that* one...
I disagree that "there is no excuse" for double spending. If the software is implemented badly (no fault of the user), it might get mixed up with systems programs in such a way as to cause double spending.
Cool. Should be caught before it gets out of hand, probably in prototyping, seing as how "double spending" is the semantic bug highest on the wanted list once the app comes up without barfing, I bet. If not in beta testing. Maybe even once it's gone out there; not much by then. The point is, look at bug occurance distributions in any development process and tell me what the chances of this particular kind of bug poping up once a piece of code has gone into production. Homeopathy doesn't even play with percentages that small...
For example, if the system crashes and one must recover from a month old backup, one has to go through that old purse and determine which coins have been spent. If the software and/or user makes a mistake in this process, we get double spending. If a network burps and sends a vendor two coins where there should have been one, we get double spending.
Then, the purchaser is probably legally bound to run those notes through the underwriter to find out if they've been spent. If the network burps, you say "excuse you" and if the money bounces and nobody's tried to spend it twice on purpose, the "trade" will just "DK" (don't know) until it settles on it's own. Typically, this means sending a notice to the person who spent the money twice so he knows to expect a call from a redeemer who got burned. If that doesn't happen, Burp Over, Man...
In the online system the consequences of double spending (or million spending) are far more benign. At worst one customer is out stolen coins. In a networked offline system those same few coins are a potential loss for every vendor on the net. As Tim May noted, we may not even need to recongize fraud in online cash -- just treat all online double spending as accident. No bonding, secured accounts, investigators, ID badges or cops with guns busting down Janes's door after Iriving has million-spent her coins. Here we both have a simple liability system and much less chance of fraud.
The reason that you want an offline system is that you can point to point clearing of transactions without the involvement of a third party like a bank. A third party you have to pay at the very least, a party you have to develop a sophisticated and costly relationship with at most, and at the very most a party you have to invent outright down to the protocols for working with them. With an offline system, you have an underwriter, a means to convert money on and off the net into real money somewhere, the buyer, and the seller. Only two of whom are necessary at any one time to effect a transaction. In other words, it can happen now and it doesn't presuppose a clusterfuck infrastructure (no anger intended there, I'm going to propose "clusterfuck" as an official jargon word here real soon now) which is too contingent to be compilable, much less economical, right now.
Tim May also suggested that most offline protocols are intended for manually used smart cards. This makes sense -- unlike an network environment with automated spending agents, the scope of multi spending for manually used pruchases in small amounts is quite limited. On the network even fraud of a few cents per transaction can quickly add up to big $$$ across thousands of vendors.
The point in the entire above section is "thousands of vendors". Again, the fallacy of composition. Bob, a Buffalo, ;-) is becoming extinct, in other words. Becoming extinct is not something one buffalo can do. A few cents per transaction doesn't show up as a big deal to one vendor, to the underwriter, it's at the very least a pain in the ass, and worth calling the cops about, even if the people bringing in that double spent cash don't really care much. You forget also that the point of concentration of all this fraud is the underwriter. Since you have the miscreant identified, nym or not, they you can sick our friend Dick, noted above, onto the case.
What are the communications costs of online clearing anyway? Don't credit card clearings cost about two cents per transaction these days? If clearing costs are less than plausible offline cash fraud and fraud prevention costs, online cash is a winner, both now and increasingly in the future as bandwidth becomes even cheaper.
Yes, when we all have Dark Fiber, and all is valhalla, online transactions will be Virtually Frictionless. (Sounds sexual, doesn't it? I bet it is, at that...) In the meantime, offline digital cash works now. Or at least it's claimed to work now, by most people on this list. All we need to do is try it out.
sincerely, -- An Unauthenticated Agent with no credentials: whizzywig
My, that was fun. Sorry for attacking you so vociferously, but I don't know who you are... ;-). Somehow, I feel I can get away with it. Not fair at all, I'm sure. ----------------- Robert Hettinga (rah@shipwright.com) "There is no difference between someone Shipwright Development Corporation who eats too little and sees Heaven and 44 Farquhar Street someone who drinks too much and sees Boston, MA 02331 USA snakes." -- Bertrand Russell (617) 323-7923