Questions/Comments on ecash protocol (fwd)

[Lucky Green]

Hal wrote:
[parts elided]

>BTW since apparently both deposit and payment messages are not encrypted,
>coins made out to "@" are in danger of being stolen both while en route
>from customer to shop and from shop to bank.  This is significant from
>the point of view of payee anonymous systems, which will need to use such
>coins.  More encryption will be necessary when such coins are passed
>around.

Absolutely. Wildcard coins are stealable in transit. However, one might
safely assume that transactions conducted using such coins be encrypted by
other methods.

>Well, I would think identification of the payer's bank will be
>necessary for any coin based system so you know where to cash in the
>coins, so I don't think this is going to go away.  Of course as of now
>everyone has the same bank so it is not an issue.

Your analysis is correct. The good news, for the free marketers on this
list :-), is that there will be other banks issuing Ecash in the near
future. However, they are unlikely to offer the flexibility you have with
Mark Twain Bank.

>There is no such thing!  This is one of the most common misconceptions.
>This version of ecash does not trace double spenders.  It prevents double
>spending by checking each coin to make sure it has not already been
>spent.  Tracing of double spending is only necessary in offline systems
>where coins are not checked right away, but that is not present here.

True.

>Very good comments.  I'm sure the next version will be much better if
>they are careful to clear up the kinds of issues you have raised.

Will do.

<insert standard disclaimer here>


-- Lucky Green <mailto:shamrock at netcom.com>
   PGP encrypted mail preferred.