A Geodesic Society?

[Robert Hettinga]

At 12:11 PM -0500 on 2/20/98, Bill Stewart wrote:


> Heh - West Coast Cypherpunks end up on Japanese TV :-)

So do Anguillan ones. And Boston ones, but they get edited out for talking
too much. And not having the requisite goatee ;-). Anyway, when they do pay
attention to these things moneypunks are more interested places in like
Financial Times, Institutional Investor, and of course Forbes. :-). Nikkei,
which is the Japanese equivalent of the Wall Street Journal, will do.  Of
course, J. Pierpont Morgan hired a PR man to keep J. P. Morgan & Co., Inc.,
*out* of the papers. I expect that'll happen soon enough... :-).

> Good article.

Thank you.

> If you're trying to emphasize the financial stuff,
> moving it up to the beginning would help, but I don't know the audience
> you wrote it for.

There were three lists, each with it's own group of paid ringers. One about
the net in general, with Rheingold on it, one on the net in Asia, with no
one I recognised, and one on net commerce, with me. :-). I was just warming
them all up for the next rant, which will be more on finance, with the
stuff at the end. That rant will only go to the commerce list.

> _Bell_ Labs,


Oops. Drag. Even a spelling checker would have caught that one...


> However, the Electro-Mechanical telephone switch was Not Invented Here -

I know the story about the mortician. The point I was trying to make was
that AT&T were "incentivized", by the cost of regulation, certainly, but
mostly by economics in general, to automate switching, not that they
invented the electromechanical switch in particular.

> The difficulty, of course, is that geodesic markets with bearer
> instruments make it easy to do business anonymously - so everyone
> may know that fraud was committed, but not know who committed it.

Actually, with anonymous bearer settlement, like with blind signatures, you
still need a perfect pseudonym to clear the trade, which, modulo a few
biometric peculiarities which I wrote a 40k rant about here in December
:-), is perfect anonymity. That pseudonym can have reputation, which is
(roughly) orthogonal to the biometric identity of the person owning that
pseudonym's private key.

Anyway, the whole point to bearer-settled transactions is that you're
trusting the issuer as far as the integrity of the certificates themselves
are concerned. First by the financial reputation of the issuer, and then by
the ability to inspect and validate the certificates when they're exchanged.

Since we haven't figured out a way to do a workable offline protocol,
modulo hints of one on the FC98 program :-), the problem of inspection is
handled by using an on-line protocol, which, in the case of Chaum,
essentially issues new, but blinded, certificates in the "name" of the
public key accepting them for payment or receipt. For larger value
transactions, anyway. The whole issue of doing a transaction offline with
current bearer settlement technology is obviously a question of financial
risk. I claim that the cost of bearer protocols, even when you reissue
blinded bearer certificates for every transaction, will still be cheaper
than book-entry settlement. It'll certainly be faster to clear and settle.

The exception to this, of course, is micropayments, where hash collision
tokens like MicroMint and hashcash, will probably be tested stocastically
for double spending, and expiration and other thing will probably handle
the rest. Since these will eventually be device-level payment systems, I
expect that fraudulent devices will have a harder time operating if their
reputation goes than people will, but maybe not.

The problem of the reputation of the issuer is simply a matter of
demonstrating nonperformance of the obligation represented by the bearer
certificate.

Which brings us to the parties using the certificates for exchange. I
expect the functional anonymity of blinded bearer protocols will be good
enough, but, like I said before, if someone wants to accept
second-generation offline blinded certificates in payment, their
willingness to do so is a function of financial risk. More to the point,
the reciever can test these certificates, and the person who offers them
for exchange is simply out their value if they turn out to be double spent,
so the risk is actually borne by the spender, same as it ever was.

Finally, there's the issue of fraud outside the integrity of bearer
certificates. Again, it's a function of financial risk. For low value
transactions, even the use of a perfect pseudonym is not necessary, and you
could use utterly anonymous transaction. However, I expect that persistant
perfect pseudonymity will be the rule, and that it will be functional
enough anonymity (modulo the biometric problems of transaction analysis I
talked about in December) for even the most decerning cypherpunk.


> The lack of need for accounts and reputation capital is part of what
> makes geodesic markets financially advantageous.  On the other hand,
> reconciling these differences is complex enough that cryptographers
> and financial folks can make big bucks getting it right :-)

Say 'amen', somebody. :-). If, as I claim, digital bearer settlement can
reduce the cost of transactions by three orders of magnitude over all forms
of book-entry settlement, then we'll have no choice to adopt them. As
people quite familiar with Moore's Law, we all know how much money can be
made when you reduce the cost of doing something so much. The rest, of
course, will be history. :-).

Cheers,



-----------------
Robert Hettinga (rah at shipwright.com), Philodox
e$, 44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
The e$ Home Page: http://www.shipwright.com/
Ask me about FC98 in Anguilla!: <http://www.fc98.ai/>