CBDC with "Cash-Like"anonymity is ground breaking but gives up off-line transfers.
The BIS and the Swiss National Bank explore David Chaum's eCash at scale.
Project Troubillon is a masterpiece! It shows that “payer anonymity” can be maintained in a CBDC, but because there is no “free lunch,” it sacrifices offline transfers for privacy. Is this a fair trade?
CBDCs can be built to deliver privacy, and Project Tourbillon delivers true “cash-like” “payer anonymity,” but not without sacrifices!
Payer anonymity means that when a consumer pays they do “not disclose personal information to anyone, including the merchant, banks, and the central bank.”
A merchant on the receiving side of the payment would have their identity “disclosed to the merchant’s bank (as part of the payment) and is kept confidential there.”
UNDERSTANT that passing merchant data to banks MAINTAINS the EXISTING role of banks in AML, CFT and tax evasion. This is what banks do now!
The central bank does not see any personal payment data but can monitor CBDC circulation at an aggregate level.
Crypto hero David Chaums eCash is behind this trial, and it will likely pass muster for many CBDC skeptics in the crypto world.
The project is in two parts, with eCash 2.0 pushing security to even higher levels to ensure that central bank ledgers of coins cannot be compromised.
eCash 2.0 innovations include a coin mixer and a central bank ledger of unspent coins rather than spent, both intriguing but unlikely to be built into a CBDC.
The project also tested quantum-safe cryptography, which “exhibited slow performance and limited functionality, with throughput reduced by a factor of 200.”
There is no “free lunch,” and when compared with more traditional “pseudo-anonymous” CBDC, it gives up significant capabilities:
No offline payments are possible
The system requires all users to have a bank account
High complexity compared to existing CBDC designs
Less suited to developing nations.
Quantum-safe is slow and expensive, though this will change.
Oddly the scheme is Person to Business P2B, NOT P2P.
Quantum-resistant cryptography would future-proof a CBDC from our coming quantum world. The problem is that it is slow and expensive. Quantum-resistant tech is growing in leaps and bounds I see this as a surmountable problem.
I like this CBDC I really do, and think it represents a significant advance in CBDC design.
Let’s make it clear that while this design gains in privacy it also gives up key features that are critical to some users.
This CBDC design requires that:
CBDC wallets are always online.
Users MUST have a bank account.
These requirements make it clear that this CBDC will not meet the requirements of developing nations.
In fact, I would go further. I believe that CBDCs’ most important feature is off-line transfers. I have written repeatedly that citizens must all demand offline transfers for the digital euro and other projects.
While privacy is a key characteristic of cash transactions, so is the ability to transact off-line. So here we have a conundrum. Which is cash’s most precious characteristic, privacy or offline use?
Let me restate my support for Project Tourbillon. I think this is a fabulous design and may work brilliantly in Switzerland or other advanced nations.
Tourbillon won’t “tick” in Sub-Saharan Africa, the mountains in China’s Yunnan province, or even in Brussels. Tourbillon may be pushing the privacy needle too far by killing offline payments.
Remember that offline payments are a mandatory design feature for both the digital yuan and euro!
So which is more important to you, offline transfer or iron-clad privacy?
This is a real question that central banks and society must figure out.