In message <9402161539.AA13477@merde.dis.org> Pr0duct Cypher writes:
Being an accountless system, Magic Money can be operated through a remailer. But Magic Money is an online system. Offline systems depend on the bank knowing who the customers are, and being able to punish them for double spending. How could an offline system be made immune to this attack?
Is it necessarily the bank's job to worry about this? Suppose the bank simply honors the first request from "anyone" to re-mint a coin; after that the bank only knows about the new coin. If Jack pays Jill with already-spent money, Jill's attempt to deposit or re-mint the coin will fail, and it's Jill's responsibility to find another way to collect the money. So if she's smart, she'll make sure she can re-mint the money _before_ closing the deal. It's much like checks or credit cards work today: a transaction is not considered "complete" until it "clears". Bryan