Some of Jim's points can be addressed with existing protocols. When the bank sends you cash which you have withdrawn they would want to send it in such a way that they get a return receipt from you. That way they can prove you have received it. Schneier's book describes such a "digital certified mail" protocol in section 6.3 of his book, but it looks like it uses a lot of data. More concise implementations may exist. Other forms of cheating could be imagined. I could send cash to a company, and they could refuse to send me goods, but claim that they had done so. Or I could receive goods from a company, but claim that they never arrived. These could also be addressed with certified mail, either paper or digital, depending on whether the goods are physical or electronic. In an online system, the bank could refuse to accept a cash deposit, even though it was valid cash, claiming that it had already been deposited. To prevent this, the bank would have to record who made each deposit in the past and stand ready to reveal this information. A merchant could collude with the bank to provide forged deposit records to help with this scam. I don't see how to solve this one, but if it were done on a large scale people might become suspicious about the excess of apparent double-spending via a small number of merchants. The bank's reputation would suffer, as long as people found out about it. Perhaps customers should demand that banks publish statistics about (apparent) double-spending in order to detect this scam. Hal Finney hfinney@shell.portal.com