Re: All our eggs in one basket?
Perry Metzger writes
Jim Miller says:
However, proving them wrong while also retaining your anonymity may be a trick.
If all transactions require digitally signed confirmation from the bank, you have an audit trail from them that they can't deny was theirs.
So to prove that the bank is lying you show a third party your copy of the digitally signed receipt of the disputed transaction? I assume the third party uses the bank's public key and your public key to verify the receipt. This brings up a good question: How does the withdraw of digital money from a bank account work? In particular, how does the bank simultaneously give you money and a receipt that neither party could repudiate? I can see how they could give you the money and a receipt signed by the bank. I do not yet see how they could simultaneously give you the money and a receipt signed by both parties. I imagine the bank would use one of the simultaneous contract signing protocols and somehow produce an encryption key as the last step. The key would be used to decrypt the digital money, which was sent in an earlier step in an encrypted form. However, how can the person withdrawing the money verify the digital money is for the amount stated in the receipt if they only get the key after the last step in the receipt signing protocol. I am confused. I must not be thinking of the correct protocol. How is this situation handled? Jim_Miller@suite.com
Jim Miller says:
So to prove that the bank is lying you show a third party your copy of the digitally signed receipt of the disputed transaction? I assume the third party uses the bank's public key and your public key to verify the receipt.
Presumably something like that.
This brings up a good question: How does the withdraw of digital money from a bank account work? In particular, how does the bank simultaneously give you money and a receipt that neither party could repudiate?
I can see how they could give you the money and a receipt signed by the bank.
I do not yet see how they could simultaneously give you the money and a receipt signed by both parties.
It needn't be signed by both parties. The bank could always simply claim that you'd never given them an order to withdraw money and refuse to give it to you -- cheating halfway into giving you a receipt isn't interesting, so it also needn't be simultaneous. What needed is a) the bank has to be able to show a third party a signed request for every transaction they've performed, and b) you have to be able to show a third party a signed (by the bank) receipt for every transaction you've performed. In other words, you are protected because the bank can't simply claim to the arbitrator "oh, he withdrew all his money yesterday" because they can't show an order. The bank is protected because you can't claim "oh, I deposited ten million dollars yesterday" if you can't show a receipt. Perry
participants (2)
-
jim@bilbo.suite.com -
Perry E. Metzger