-----BEGIN PGP SIGNED MESSAGE----- At 3:57 PM -0400 10/24/05, John Kelsey wrote:
More to the point, an irreversible payment system raises big practical problems in a world full of very hard-to-secure PCs running the relevant software. One exploitable software bug, properly used, can steal an enormous amount of money in an irreversible way. And if your goal is to sow chaos, you don't even need to put most of the stolen money in your own account--just randomly move it around in irreversible, untraceable ways, making sure that your accounts are among the ones that benefit from the random generosity of the attack. The payment system operators will surely be sued for this, because they're the only ones who will be reachable. They will go broke, and the users will be out their money, and nobody will be silly enough to make their mistake again.
Though I agree with the notion that anonymity is orthogonal to market demand at the moment, I think you lost me at the word "account", above. :-). That is to say, your analysis conflicts with the whole trend towards T-0 trading, execution, clearing and settlement in the capital markets, and, frankly, with all payment in general as it gets increasingly granular and automated in nature. The faster you can trade or transact business with the surety that the asset in question is now irrevocably yours, the more trades and transactions you can do, which benefits not only the individual trader but markets as a whole. The whole foundation of modern finance, and several -- almost posthumous, so pervasive was the homeopathic socialism that we now call Keynesianism -- Nobel prizes in economics are based on that premise, and it has been proven empirically now for many decades: The entire history of the currency futures markets would be a good example, though now that I think of it, any derivative market, since the time of Thales himself, would prove the point. However "anonymous" irrevocability might offend one's senses and cause one to imagine the imminent heat-death of the financial universe (see Gibbon, below... :-)), I think that technology will instead step up to the challenge and become more secure as a result. And, since internet bearer transactions are, by their very design, more secure on public networks than book-entry transactions are in encrypted tunnels on private networks, they could even be said to be secure *in spite* of the fact that they're anonymous; that -- as it ever was in cryptography -- business can be transacted between two parties even though they don't know, or trust, each other. For instance, another "problem" with internet bearer transactions, besides their prima facie "anonymity" (they're only prima facie because, while the protocols don't *require* is-a-person and-then-you-go-to-jail identity, traffic analysis is still quite trivial for the time being, onion routers notwithstanding) is that the client is responsible not only for most of the computation, but also for the storage of notes or coins, instead of a central database in a clearinghouse or bank somewhere "storing" various offsetting book-entries in, as you noted above, "accounts". :-). Of course, simply backing up one's data off-site, much easier with internet bearer certificates than with whole databases, solves this problem, and, as we all know here, the safest way to do *that* is to use some kind of m-of-n hash, stored, someday, for even smaller bits of cash :-), in many places on the net at once. Obviously, we don't need small cash to store big assets, any more than we need big servers to distribute big files in BitTorrent, but it will only accelerate, if not complete, the process, when we get there. As I have said, too many times :-), about these things, transaction cost is always going to be the critical factor in any change from book-entries to chaumian-esque internet bearer transactions. And I believe that, hand-in-hand with increased security, reduced transaction cost is more a function of the collapsing cost and the ubiquity of distributed processing power and network access than anything else. So, anonymity is, in fact, orthogonal to market demand, primarily because it's an *effect*, and not a cause, of that demand. As we all do now with the current proctological state of book-entry finance, the anonymity of a proposed internet bearer transaction infrastructure will just be a "cost" that the market would have to bear. :-). To channel Schopenhauer a bit, like the emergence of industrialism and the abolition of slavery was before it, once anonymity becomes a "feature" of our transaction infrastructure, people will eventually declare it to be not only self-evident all along, but a moral *prerequisite* of any transaction as well. To put it another way, it's a pity for acrophobics that the fastest way to get anywhere these days is to fly, but it is still a physical fact, nonetheless. Cheers, RAH -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.2 (Build 2425) iQEVAwUBQ15P8cUCGwxmWcHhAQFpBQgAho3Tq+19xPsosyD0KLIfxrqUG2gQT9dM F0gOAr/+STjbT53JwqCm+ofucDYSwN3c339dCMTclPcI/5SPdWcrLg4/mtnfDqtd 8Pw6tTqtN9/qO01NyhmQmnYo070RC/cSmA3meAsHKrtUKoS1ypigX5ehHP2kNHS7 rPguFYeAuBDpfha9XCTg0qYEwJZvJUb+ph+kBs/fys1U+zzT4Dj3ibF6kMpSmrav rkhYnXUiFJ7DsMhwhVPmpwcQ4W2ghiqNFls+COULSAfTnWSZwLn6flLlM9YXQure F7Dnn4orOgAJFsnsEhk0skikb5XV+FlQrGTuWSHaM5mYVlpdQx5H+A== =aDV5 -----END PGP SIGNATURE----- -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'