taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changes to first two sections based on referee reports

Browse Source
This commit is contained in:
Jeff Burdges 2016-05-21 16:56:22 +02:00
parent 93aaf1d172
commit 922175d308
1 changed files with 55 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
doc/paper/taler.tex
View File

@ -88,19 +88,24 @@ citizen's needs for private economic activity.
\section{Introduction} \section{Introduction}
The design of payment systems shapes economies and societies. Strong, The design of payment systems shapes economies and societies.
developed nation states are evolving towards fully transparent payment Strong, developed nation states are evolving towards transparent
systems, such as the MasterCard and VisaCard credit card schemes and payment systems, such as the MasterCard and VisaCard credit card
computerized bank transactions such as SWIFT. Such systems enable schemes and computerized bank transactions such as SWIFT.
mass surveillance and thus extensive government control over the
economy, from taxation to intrusion into private lives. Bribery and These systems enable mass surveillance by both governments and
corruption are limited to elites that can afford to escape the private companies, chilling customer activity \cite{???}.
dragnet. The other extreme are economies of developing, weak nation Aspects of this government control benifit the economy, by enabling
states where economic activity is based largely on coins, paper money taxation. Also, bribery and corruption are limited to elites who
or even barter. Here, the state is often unable to effectively can afford to escape the dragnet.
monitor or tax economic activity, and this limits the ability of the
state to shape the society. As bribery is virtually impossible to At the other extreme, weaker developing nation states have economic
detect, corruption is widespread and not limited to social elites. activity based largely on coins, paper money or even barter.
Here, the state is often unable to effectively monitor or tax economic
activity, and this limits the ability of the state to shape the society.
As bribery is virtually impossible to detect, corruption is widespread
and not limited to social elites.
%
ZeroCoin~\cite{miers2013zerocoin} is an example for translating such ZeroCoin~\cite{miers2013zerocoin} is an example for translating such
an economy into the digital realm. an economy into the digital realm.
% FIXME: Unclear referee comment : % FIXME: Unclear referee comment :
@ -115,13 +120,14 @@ anarchistic economies.
The Taler protocol is heavily based on ideas from The Taler protocol is heavily based on ideas from
Chaum~\cite{chaum1983blind} and also follows Chaum's basic architecture of Chaum~\cite{chaum1983blind} and also follows Chaum's basic architecture of
customer, merchant and exchange (Figure~\ref{fig:cmm}). The two designs customer, merchant and exchange (Figure~\ref{fig:cmm}),
share the key first step where the {\em customer} withdraws digital which Chaum termed the mint.
{\em coins} from the {\em exchange} with unlinkability provided via blind The two designs share the key first step where the {\em customer}
signatures. The coins can then be spent at a {\em merchant} who {\em withdraws digital {\em coins} from the {\em exchange} with unlinkability
deposits} them at the exchange. Taler uses online detection of provided via blind signatures. The coins can then be spent at a
double-spending, thus assuring the merchant instantly that a {\em merchant} who {\em deposits} them at the exchange.
transaction is valid. Taler uses online detection of double-spending, thus assuring the merchant
instantly that a transaction is valid.
\begin{figure}[h] \begin{figure}[h]
\centering \centering
@ -158,8 +164,8 @@ believe needs a payment system with the following properties:
%, even when taking aborted transactions into account. %, even when taking aborted transactions into account.
\item[Taxability] \item[Taxability]
In many current legal systems, it is the responsibility of the merchant In many current legal systems, it is the responsibility of the merchant
to deduct (sales) taxes from purchases made by customers, or for workers to deduct sales taxes from purchases made by customers, or for workers
to pay (income) taxes for payments received for work. to pay income taxes for payments received for work.
%Taxation is necessary for the state to %Taxation is necessary for the state to
%provide legitimate social functions, such as education. Thus, a payment %provide legitimate social functions, such as education. Thus, a payment
%system must facilitate sales, income and transaction taxes. %system must facilitate sales, income and transaction taxes.
@ -173,23 +179,24 @@ believe needs a payment system with the following properties:
Nevertheless, customers must never be able to defraud anyone, and Nevertheless, customers must never be able to defraud anyone, and
merchants must at best be able to defraud their customers by not merchants must at best be able to defraud their customers by not
delivering on the agreed contract. Neither merchants nor customers delivering on the agreed contract. Neither merchants nor customers
should ever be able to commit fraud against the exchange. Additionally, should ever be able to commit fraud against the exchange.
both customers and merchants must receive cryptographic proofs of In addition, both customers and merchants should receive cryptographic
bad behavior in case of protocol violations by the exchange. proofs of bad behavior in case of protocol violations by the exchange.
In this way, only the exchange will need to be tightly audited and regulated. In this way, only the exchange needs be tightly audited and regulated.
The design must make it easy to audit the finances of the exchange. The design must make it easy to audit the finances of the exchange.
\item[Ease of Deployment] %The system should be easy to deploy for % \item[Ease of Deployment] %The system should be easy to deploy for
% real-world applications. In order to lower the entry barrier and % real-world applications. In order to lower the entry barrier and
% acceptance of the system, a gateway to the existing financial % acceptance of the system, a gateway to the existing financial
% system should be provided, i.e. by integrating internet-banking % system should be provided, i.e. by integrating internet-banking
% protocols such as HBCI/FinTAN. % protocols such as HBCI/FinTAN.
% The protocol should
% be able to run easily over HTTP(S).
\item[No speculation] % It's actually "Specualtion not required"
The digital coins should be denominated in existing currencies, The digital coins should be denominated in existing currencies,
such as EUR or USD, to avoid exposing citizens to unnecessary risks such as EUR or USD, to avoid exposing citizens to unnecessary risks
from currency fluctuations. from currency fluctuations.
Moreover, the system must have an open protocol specification and Moreover, the system must have an open protocol specification and
a free software reference implementation. a free software reference implementation.
% The protocol should
% be able to run easily over HTTP(S).
\item[Low resource consumption] \item[Low resource consumption]
In order to minimize the operating costs and environmental impact of In order to minimize the operating costs and environmental impact of
the payment system, it should avoid the reliance on expensive or the payment system, it should avoid the reliance on expensive or
@ -208,11 +215,9 @@ the system must thus support giving change in the form of spendable coins,
say a \EUR{0,01} coin and a \EUR{50,00} coin. say a \EUR{0,01} coin and a \EUR{50,00} coin.
A merchant cannot simply give the customer their coins in another transaction; A merchant cannot simply give the customer their coins in another transaction;
however, as this reverses the role of merchant and customer, and however, as this reverses the role of merchant and customer, and
our taxability requirement would deanonymize the customer. The customer our taxability requirement would deanonymize the customer.
also cannot withdraw exact change from his account from the exchange, as this Also, the customer cannot withdraw exact change from his account with
would allow the exchange to link the identity of the customer that is revealed the exchange, as doing so deanonymizes her through a corrolation attack.
during withdrawal to the subsequent deposit operation that follows shortly
afterwards.
Instead, the customer should obtain new freshly anonymized coins that cannot be Instead, the customer should obtain new freshly anonymized coins that cannot be
linked with this transaction, the original \EUR{100,00} coin, or each other. linked with this transaction, the original \EUR{100,00} coin, or each other.
@ -243,7 +248,7 @@ As with support for fractional payments, Taler addresses these problems by
allowing customers to refresh tainted coins, thereby destroying the link allowing customers to refresh tainted coins, thereby destroying the link
between the refunded or aborted transaction and the new coin. between the refunded or aborted transaction and the new coin.
Taler ensures that the {\em entity} of the user owning the new coin is Taler ensures that the {\em entity} owning the new coin is
the same as the entity of the user owning the old coin, thus making the same as the entity of the user owning the old coin, thus making
sure that the refreshing protocol cannot be abused for money sure that the refreshing protocol cannot be abused for money
laundering or other illicit transactions. laundering or other illicit transactions.
@ -269,16 +274,16 @@ Yet, there are several major irredeemable problems inherent in their designs:
\begin{itemize} \begin{itemize}
\item The computational puzzles solved by Bitcoin nodes with the purpose \item The computational puzzles solved by Bitcoin nodes with the purpose
of securing the block chain consume a considerable amount of computational of securing the block chain consume a considerable amount of computational
resources and energy. So Bitcoin does not an environmentally responsible resources and energy. So Bitcoin is not an environmentally responsible
design. design.
\item Bitcoin transactions have pseduononymous recipients, making taxation \item Bitcoin transactions have pseduononymous recipients, making taxation
problematic, and leading to legal hurdles. problematic, and leading to legal hurdles.
The Zerocoin extension would only make this worse. The Zerocoin extension would only make this worse.
\item Bitcoins can not easily be bound to any fiat currency, leading to \item Bitcoin seemingly requires speculation to offset the mining cost,
significant fluctuations in value. These fluctuations may be desirable in creating fluctuations in value, and making it hard to bind to national
a high-risk investment instrument, but they make Bitcoin unsuitable as currencies. These fluctuations may be desirable in a high-risk investment
a medium of exchange. instrument, but they make Bitcoin unsuitable as a medium of exchange.
\item Worse, anyone can start an alternative Bitcoin transaction chain, \item Anyone can start an alternative Bitcoin transaction chain,
called an AltCoin, and, if successful, reap the benefits of the low called an AltCoin, and, if successful, reap the benefits of the low
cost to initially create coins via computation. As participants are cost to initially create coins via computation. As participants are
de facto investors, these become a form of ponzi scheme. de facto investors, these become a form of ponzi scheme.
@ -310,13 +315,15 @@ Taler avoids include:
\begin{itemize} \begin{itemize}
\item The use of patents to protect the technology; a payment system \item The use of patents to protect the technology; a payment system
should be free software (libre) to have a chance for widespread adoption. should be free software (libre) to have a chance for widespread adoption.
\item The use of off-line payments and thus deferred detection of \item Support for payments to off-line merchants, and thus deferred
double-spending, which could require the exchange to attempt to recover detection of double-spending, requires the exchange to attempt to
funds from customers via the legal system. This creates a recover funds from delinquent customers via the legal system.
significant business risk for the exchange, as the system is not Any system like this that fails to be self-enforcing creates a major
self-enforcing from the perspective of the exchange. In 1983 off-line business risk for the exchange. In 1983, there were merchants without
payments might have been a necessary feature. However, today network connectivity
requiring network connectivity is feasible and avoids the business need to have
been a necessary feature.
However, today requiring network connectivity is feasible and avoids the business
risks associated with deferred fraud detection. risks associated with deferred fraud detection.
\item % In addition to the risk of legal disputes with fraudulent \item % In addition to the risk of legal disputes with fraudulent
% merchants and customers, % merchants and customers,