corporatetechentertainmentresearchmiscwellnessathletics

Digital Pound paper explores privacy enhancing technologies for CBDC - Ledger Insights - blockchain for enterprise

By Ledger Insights

Digital Pound paper explores privacy enhancing technologies for CBDC - Ledger Insights - blockchain for enterprise

In the West there has been significant resistance to the concept of retail central bank digital currencies (CBDC) based on 'Big Brother' concerns. In other words, privacy fears that the government can monitor personal payment transactions. Or sometimes, even concerns that they might attempt to control behaviors. Hence, the Bank of England and the Massachusetts Institute of Technology Digital Currency Initiative (MIT DCI) published a paper exploring privacy enhancing technologies (PETs) for a possible digital pound.

Before delving into the paper, there's an overlap with another topical subject. In the United States, the FBI has suggested that people should use encrypted messaging apps instead of texts and normal calls, because allegedly China has hacked the major phone networks. WhatsApp provides end-to-end encryption, and even Meta does not have access to the data.

However, in recent years law enforcement has repeatedly requested back doors to encrypted messaging solutions, including Apple and Google messaging. Even if law enforcement has a warrant, Meta, Apple and Google can't help them decrypt the data. Private cybersecurity personnel resist backdoor access because it can be used by hackers and others with bad intentions.

There's a parallel with the digital pound, which is not for anonymous payments. The aim is to prevent the government from having all the private identity data, both in legislation and by using technical means.

However, as the paper highlights, if payments are not anonymous, then there is data to hack. The data might sit with payment providers rather than the central bank, but it's still there and could be mis-used.

What the paper does not mention is the existence of the data also means that a future government could change the law. Of if there's a Canada-style COVID trucker revolt, it could tell PIPs to block certain wallets (or bank accounts).

Meanwhile, the paper explores three PETs: pseudonymity, zero knowledge proofs (ZKP) and multi-party computation. One of the most interesting aspects is how pseudonymity affects wallet holding limits.

Pseudonymity avoids using a person's name, phone number or social security number to attempt to obfuscate a person's identity. Blockchains use pseudonymous identifiers, yet several service providers can identify wallet holders. That's in part because wallet addresses often persist across multiple blockchain transactions, but different wallet addresses can also often be linked. Hence, pseudonymity won't guarantee privacy.

The digital pound and other CBDCs often impose holding and transaction limits. If someone has CBDC accounts with multiple payment providers which use different pseudonymous identifiers, that makes it harder to police limits.

However, the paper makes three suggestions. One is for the user to have a personal wallet that connects to multiple payment provider balances and gives an aggregate proof of the total holdings or transactions to an automated auditor. But what if the person has more than one digital wallet?

Another solution is for each payment provider to provide a daily total for each user and that data is aggregated across payment providers. This clearly raises privacy issues. The authors suggest using additional PETs.

A third path is additionally to use pseudo-random identifiers. Based on a person's name or national insurance number, a pseudonymous hash would be inserted into all their transactions for a specific day, but the hash would change every day and not be linkable.

While some of these seem viable, they appear to have privacy trade offs.

Moving on to the other privacy technologies, Zero Knowledge Proofs (ZKPs) will provide a proof, giving an answer to a narrow question. For example, whether this person has passed KYC or do they have a sufficient balance for the transaction? It can provide a yes/no answer without revealing the person's name or the actual balance.

Multi-party computation (MPC) allows multiple parties to access data for use by an algorithm without releasing the underlying data. This could be used for sanctions screening.

Each of them has benefits and drawbacks. ZKP and MPC are both relatively new, although a particular type of MPC is widely used to safeguard cryptocurrency keys. ZKP is also heavily used for cryptocurrencies but can have performance challenges depending on design. Both technologies require specialist skills to implement properly. There are potential legal issues about whether payment firms can rely on them for compliance.

The paper is written in a way that makes it quite accessible to people who don't want to delve into the technical details. Some suggestions for future work relate to enhancing privacy for very small transactions. Earlier this year MIT DCI also partnered the Bundesbank for privacy work.

Previous articleNext article

POPULAR CATEGORY

corporate

10189

tech

11464

entertainment

12517

research

5669

misc

13262

wellness

10079

athletics

13241