taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

re-add conclusion and discussion parts, misc FIXMEs addressed

Browse Source
This commit is contained in:
Christian Grothoff 2016-11-09 16:32:43 +01:00
parent d3db993d3a
commit 779af05be9
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
1 changed files with 33 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
doc/paper/taler.tex
View File

@ -231,11 +231,8 @@ major irredeemable problems inherent in their designs:
Bitcoin also lacks anonymity, as all Bitcoin transactions are recorded Bitcoin also lacks anonymity, as all Bitcoin transactions are recorded
for eternity, which can enable identification of users. Anonymous for eternity, which can enable identification of users. Anonymous
payment systems based on BitCoin such as CryptoNote~\cite{cryptonote} payment systems based on BitCoin such as CryptoNote~\cite{cryptonote}
(Monero), Zerocash~\cite{zerocash} (ZCash) and BOLOT~\cite{BOLT} (Monero), Zerocash~\cite{zerocash} (ZCash) and BOLT~\cite{BOLT}
% FIXME: exacerbate is very strong, lots of people wouldn't believe exacerbate the design issues we mention above. These systems exploit the
% this claim, it only exacerbates certain aspects (money laundering)
% and computational/storage cost.
exacerbate Bitcoin's design issues. These systems exploit the
blockchain's decentralized nature to escape anti-money laundering blockchain's decentralized nature to escape anti-money laundering
regulation~\cite{molander1998cyberpayments} as they provide anonymous, regulation~\cite{molander1998cyberpayments} as they provide anonymous,
disintermediated transactions. disintermediated transactions.
@ -1148,14 +1145,11 @@ perfectly balanced in between frontend and backend. Nevertheless,
these experimental results show that computing-related business costs these experimental results show that computing-related business costs
will only marginally contribute to the operational costs of the Taler will only marginally contribute to the operational costs of the Taler
payment system. payment system.
% FIXME: Say that storage costs dominated? Are storage costs comparable
% for a self hosted system? Didn't we reduce the storage costs with the
% key generation trick?
\section{Discussion} \section{Discussion}
% \subsection{Well-known attacks} \subsection{Well-known attacks}
Taler's security is largely equivalent to that of Chaum's original Taler's security is largely equivalent to that of Chaum's original
design without online checks or the cut-and-choose revelation of design without online checks or the cut-and-choose revelation of
@ -1181,7 +1175,7 @@ actually facilitates voluntary cooperation between the exchange and
criminals~\cite{sander1999escrow} and where the state could criminals~\cite{sander1999escrow} and where the state could
deanonymize citizens. deanonymize citizens.
%\subsection{Offline Payments} \subsection{Offline Payments}
Chaum's original proposals for anonymous digital cash avoided the need Chaum's original proposals for anonymous digital cash avoided the need
for online interactions with the exchange to detect double spending by for online interactions with the exchange to detect double spending by
@ -1192,19 +1186,19 @@ may be infeasible in practice. Furthermore, a customer may
accidentally deanonymize himself, for example by double-spending a accidentally deanonymize himself, for example by double-spending a
coin after restoring from backup. coin after restoring from backup.
%\subsection{Merchant Tax Audits} \subsection{Merchant Tax Audits}
%
%For a tax audit on the merchant, the exchange includes the business
%transaction-specific hash in the transfer of the traditional
%currency. A tax auditor can then request the merchant to reveal
%(meaningful) details about the business transaction ($\mathcal{D}$,
%$a$, $p$, $r$), including proof that applicable taxes were paid.
%
%If a merchant is not able to provide theses values, he can be
%subjected to financial penalties by the state in relation to the
%amount transferred by the traditional currency transfer.
% \subsection{Cryptographic proof vs. evidence} For a tax audit on the merchant, the exchange includes the business
transaction-specific hash in the transfer of the traditional
currency. A tax auditor can then request the merchant to reveal
(meaningful) details about the business transaction ($\mathcal{D}$,
$a$, $p$, $r$), including proof that applicable taxes were paid.
If a merchant is not able to provide theses values, they can be
subjected to financial penalties by the state in relation to the
amount transferred by the traditional currency transfer.
\subsection{Cryptographic proof vs. evidence}
In this paper we have use the term ``proof'' in many places as the In this paper we have use the term ``proof'' in many places as the
protocol provides cryptographic proofs of which parties behave protocol provides cryptographic proofs of which parties behave
@ -1221,7 +1215,7 @@ the participants have to disclose their core secrets.
%We performed some initial performance measurements for the various %We performed some initial performance measurements for the various
%operations on our exchange implementation. The main conclusion was that %operations on our exchange implementation. The main conclusion was that
%the computational and bandwidth cost for transactions described in %the computational and bandwidth cost for transactions described in
%this paper is smaller than $10^{-3}$ cent/transaction, and thus %this paper is smaller than $10^{-2}$ cent/transaction, and thus
%dwarfed by the other business costs for the exchange. However, this %dwarfed by the other business costs for the exchange. However, this
%figure excludes the cost of currency transfers using traditional %figure excludes the cost of currency transfers using traditional
%banking, which a exchange operator would ultimately have to interact with. %banking, which a exchange operator would ultimately have to interact with.
@ -1229,29 +1223,30 @@ the participants have to disclose their core secrets.
%aggregating multiple transfers to the same merchant. %aggregating multiple transfers to the same merchant.
%\section{Conclusion} \section{Conclusion}
%We have presented an efficient electronic payment system that We have presented an efficient electronic payment system that
%simultaneously addresses the conflicting objectives created by the simultaneously addresses the conflicting objectives created by the
%citizen's need for privacy and the state's need for taxation. The citizen's need for privacy and the state's need for taxation. The
%coin refreshing protocol makes the design flexible and enables a coin refreshing protocol makes the design flexible and enables a
%variety of payment methods. The current balance and profits of the variety of payment methods. The current balance and profits of the
%exchange are also easily determined, thus audits can be used to ensure exchange are also easily determined, thus audits can be used to ensure
%that the exchange operates correctly. The libre implementation and open that the exchange operates correctly. The free software
%protocol may finally enable modern society to upgrade to proper implementation and open protocol may finally enable modern society to
%electronic wallets with efficient, secure and privacy-preserving upgrade to proper electronic wallets with efficient, secure and
%transactions. privacy-preserving transactions.
% commented out for anonymized submission % commented out for anonymized submission
%\subsection*{Acknowledgements} \subsection*{Acknowledgements}
%This work was supported by a grant from the Renewable Freedom Foundation. We thank people (anonymized).
% FIXME: ARED? %This work benefits from the financial support of the Brittany Region
%(ARED 9178) and a grant from the Renewable Freedom Foundation.
%We thank Tanja Lange, Dan Bernstein, Luis Ressel and Fabian Kirsch for feedback on an earlier %We thank Tanja Lange, Dan Bernstein, Luis Ressel and Fabian Kirsch for feedback on an earlier
%version of this paper, Nicolas Fournier for implementing and running %version of this paper, Nicolas Fournier for implementing and running
%some performance benchmarks, and Richard Stallman, Hellekin Wolf, %some performance benchmarks, and Richard Stallman, Hellekin Wolf,
%Jacob Appelbaum for productive discussions and support. %Jacob Appelbaum for productive discussions and support.
\newpage
\bibliographystyle{alpha} \bibliographystyle{alpha}
\bibliography{taler,rfc} \bibliography{taler,rfc}