Once again, Hettinga shoots from the hip, and hits an expert instead... ;-) At 9:07 AM 12/5/95, Nathaniel Borenstein wrote:
There are some interesting unspoken assumptions here. To calculate anyone's "cost" on a transaction requires the complex amortization of costs over many transactions, with assumptions/projections about the transaction volume. I have no idea where you came by either of your numbers, MTB's or FV's, but I can tell you that your guess about FV is off the mark. And I'm sure that MTB is no more eager than we are to publicly dissect all the underlying cost structures, so I have no idea what the 50 cents that you cite really means.
The 50 cents actually comes from this week's InfoWorld, Bob Metcalfe's column. I have know idea where he got the 50 cents, but he did say digital cash, so i expect that he means MTB.
To be perfectly clear: our minimum service charge is 30 cents, not 5 dollars. If we didn't think it was worthwhile to take transactions that small, we wouldn't do so.
Fine. Are we including the cost of the credit card transaction to the consumer? Fees, interest, that stuff? There are lots of hidden costs in a book entry system. With a bearer-certificate system, the price is the spread between the certificate's bid and asked prices for (a traveller's check, for instance, is asked at a primium, and redeemed at face value, for instance. That's all the cost of using them.)
A true geodesic structure is self-supporting and self-structuring. A cryptographic infrastructure can and should be similar, I agree completely. However, a *monetary* infrastructure needs convertability, and the points of conversion are always the best targets of attack for criminals. (I've been casting about for an analogy to physical geodesics, and it's hard to find one. The best I can come up with is to imagine that in order to convert a carbon buckyball to a more conventional set of carbon molecules, you had to do it through a service bureau that was capable of error, fraud, or subversion by outside criminals. This would ONLY matter if you ever wanted to do such conversions, but it would matter a lot then, especially if you had to suffer a serious financial loss if you got the wrong carbon molecules at the end of the process.)
Sometimes I feel like I'm beating this geodesic metaphor like a dead horse sometimes... ;-).
IF you wanted to settle for a totally non-convertible economy (like rubles in the old Soviet Union, or like the LETS system on the net today, as I understand it) then you could build it geodesically.
Really?
But if you want to be able to convert back and forth between Internet payment systems and non-Internet payment systems, it can never be truly geodesic. It will always be attackable at the points of conversion. (You may "trade digital certificates", but how do you know the ones you're receiving were obtained for legitimate real-world value?) Because of this, the underwriting financial institutions, who have a very reasonable desire to limit their own risk, will inevitably seek the protection-by-traceability offered by something less than perfect anonymity. We may not like it, but it's a very natural position to be taken by those who are actually bearing the financial risks at the point of conversion.
That may be true, Nathaniel, but just because the people who bring the money off the net need to be identified to the digital cash underwriter's (actually the underwriter's bank's) satisfaction, doesn't mean that the trades on the net can't be totally anonymous. We've gone over this before. Let's build a model to talk about this, and then you'll see what I mean. Suppose I open an anonymous bank account with ATM card. Then, on the net, I buy digital cash from a digital cash underwriter. The web-page reads my ATM swipe and PIN, and then pumps it (without the underwriter being able to read it) through to my bank, who says to the underwriter, "Yup, there's money here, send it to him, and I'll wire it you (now/overnight/whatever)." The digital cash underwriter then issues me my digital cash, and I put it on my hard drive. I buy stuff on the net. I sell stuff on the net. Sometimes I go online with the trade to check my buyers' cash, sometimes I don't. Element of risk there, but this risk can be made accountable. It's probably always going to be cheaper to do offline transactions, but there's the possibility that when I cash in that money, it has been spent already. Fair trade. It's probably quantifiable and thus can be dealt with. We won't know till we have data. Being an astute businessman (you can tell this is a model, right?), I end up with positive cashflow. So, that money I don't invest with a portfolio manager on the net by buying anonymous bearer certificates for his mutual fund, ;-), I decide to take off of the net and buy Netscape puts, March 1996, $10. So, I go to the underwriter's page (maybe I go to multiple underwriters' pages, or maybe there's an enterprising third-party money changer who honors all comers for a cut), and I cash out. I swipe my ATM and punch my PIN, and my bank says to the underwriter "OK, I know that account, how much are you sending me?", and the underwriter says how much, and how and when the money would arrive (wire? Rollerblade messenger? bunch of militia types in a purple Hummer?, anyway...). And there's money back off of the net. In this model, there's no reason why I can't send an anonymous software agent to buy stuff for me, why I can't buy anonymously or sell anonymously. So, given that model, what's the problem? Now, I've also been thinking about something else. Wei Dai has been talking about how anonymity will always cost more, and certainly, in the model above, there's a certain risk with doing off-line transactions. You don't know if the cash in the transaction is double-spent, like I said above, but that "special stuff" has to be done to accomodate anonymity, which will always cost more. I'll come back with a whole blather on this next week when I get back from the CyberDog Kitchen (I'm here, and Gromit says "hi"), but I think it comes from what the default mechanism for commerce is going to be, threaded, audit-trailed x.blabla or anarchic, geodesic, bearer-certificates. I bet you can guess where I'm going to come down on this... Cheers, Bob Hettinga ----------------- Robert Hettinga (rah@shipwright.com) e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971 "Reality is not optional." --Thomas Sowell The NEW(!) e$ Home Page: http://thumper.vmeng.com/pub/rah/
Phree Phil: Email: zldf@clark.net http://www.netresponse.com/zldf <<<<<