the technology behind cbdcs - oenb

The technology behind CBDCsState of the art, design options, and implications

Rainer BöhmeBIS/OeNB workshop on Digital currencies Central Banks and the blockchain: policy implications, Vienna, 25 October 2019.

Simply Scaling ?

“Although scaling is not innovative per se, it may be technologicallychallenging.

For example, in the case of the Eurosystem, the number of accounts couldgrow from around 10,000 to some number between 300 and 500 million.”

Ulrich Bindseil, Central bank digital currency – financial system implications and control, Working Paper, 2019.

The technology behind CBDCs, Rainer Böhme 1

Outline

1. Distributed systems: implementation and control

2. Design options: distribution of control for CBDCs

3. Resilience

4. Privacy


Money is Shared Memory . . .

Account

Transaction

Conflictingtransaction


Reasons for Distributed Systems

Communication as primary goal• Transmit messages between locations• Establish shared memory across multiple sites

Performance• Local processing• Parallelization

Availability• Load balancing• Redundancy

Distribution of control• Unobservability• Censorship-resistance• Joint decision-making

soci

o-e

conom

ical

tech

nic

al

control

implementation


Distribution of Control

in selected stylized topologies

centralized federated decentralized

(hierarchical) (localized)

asymmetric

Distribution of control

symmetric


Example

Conventional banking

Centralized control

Hierarchical topology

Distributed implementation for coverage and scaling

central bank

commercial bank

household

Internet technology lets us revisit this topology→ CBDCs


Outline



3. Resilience

4. Privacy


Control Points in CBDCs

Integrity of the system state∗

∗: system state ≈ globally shared memory, in the case of CBDCs: assignment of values to accounts

“local”

Authorization to transfer funds

Individual objective

Options: distributed or centralized

Issues

• revocation

• disputes

• theft

• credential recovery

“global”

Sum of all accounts equals some target

Social objective

Recommendation: centralized

Issues

• counterfeiting

• uncontrolled monetary expansion


Comparison of Selected Payment Technologies

by the distribution of control

Local integrity Global integrity

(authorization) (verification)

Cash distributed centralized

end users exchange physical tokens mints: superior access to capital and technology

Electronic payments centralized centralized

intermediaries take risk laws, audits, CB-run payment infrastructure

Cryptocurrency distributed distributed

end users hold private keys transaction verification in a consensus protocol

“Cryptography without a safety net.”Not advisable for the generalpopulation w/ consumer devices.

Competition on userexperience and cost


Example

Centralized authorization

settlement system

intermediary (takes some risk)

authentication and proxy authorization

(can use 2FA and other consumer-grade technology)

authority to update accounts

financial identity = public key

authorize with private key

or computer program (“smart contract”)


Risk Acceptance Enables Global Scale

Payment intermediaries substantially relax the consistency requirements.

Account

Transaction

Conflictingtransaction


Example

Centralized vs distributed authorization

settlement system

intermediary (takes some risk)

authentication and proxy authorization

(can use 2FA and other consumer-grade technology)

authority to update accounts

financial identity = public key

authorize with private key

or computer program (“smart contract”)


Outline



3. Resilience

4. Privacy


Assumption

Successful CBDCs marginalize other forms of money

universally accessible

electroniccentral bank-issued

M. Bech & R. Garratt. Central bank cryptocurrencies. BIS Quartely Review, September 2017, p. 59.


Studying Systems under Stress

“A distributed system is one in which the failure of acomputer you didn’t even know existed can renderyour own computer unusable.”

DEC SRC bulletin board, May 1987

Leslie B. Lamport, born 1941, retired from Microsoft Researchinitial developer of LATEX, Turing Award 2013

Image source: Wikipedia


ResilienceResilience is the ability to recover from failures.

Technical perspective:

Electrical power

Telecommunications

Network services

Central banks

provide

supervise

· · · Electricity · · ·

Behavioral perspective: commercial bank branches are “the face of the currency”.

financial education troubleshooting


Outline



3. Resilience

4. Privacy


Privacy

(at least) two dimensions of CBDC privacy

“local”

WRT transaction counterparties

Options: keep or change default

Issues

• tracking and targeting

• price discrimination→ challenges the “unit of account”

• stigmatization/criminalization ofpeople who circumvent identificationfor legitimate reasons

“global”

WRT the operator of the system

Recommendation: high safety margin


Comprehensive Payment Records Are a Prime Target

Worst case: the system operator is the attacker.

Seltzer, W. & Anderson, M. in Social Research 68 (2), 2001

fiction reality

Bad, but almost unavoidable case: the system operator makes mistakes.


Data Breaches Scale with Heavy TailsCumulative distribution of published data breaches 2007–2016

101 103 105 107 109

0.1

1

10

100

1,000

Yahoo 2013

Yahoo 2014

Target 2013

Number of records compromised per breach

Expect

ed

num

ber

of

bre

ach

es

per

year

Data source: Privacy Rights Clearinghouse, own analysis following the method in Wheatley et al. 2016

Simply Scaling ? — Think Again

“Although scaling is not innovative per se, it may be technologicallychallenging.

For example, in the case of the Eurosystem, the number of accounts couldgrow from around 10,000 to some number between 300 and 500 million.”

Ulrich Bindseil, Central bank digital currency – financial system implications and control, Working Paper, 2019.


Summary

Design options and recommendations

Q1 Distribution of control (given distributed implementation)

• Global integrity to remain centralized.• Local integrity / authorization of payments TBD

Q2 Resilience• CB’s control of cash distribution today will shift to the control (and redundant provision)

of network services in the future. This requires significant technical capacity in-house.• Weak link/TBD: telecommunications layer and the “face of the currency”

Q3 Privacy• TDB: set the default for transaction partner identification to some form of pseudonym.• Main concern: the only effective way to prevent abuse of payment records is not to store

them in the first place. This concerns the backend (under CB control) as well as popularconsumer interfaces (likely under private control).


Next Steps

I am looking forward to:

• your feedback and questions

• working on a policy paper with Raphael Auer of the BIS.


Thank you for your attention.The technology behind CBDCs

Rainer Böhmerainer.boehme @ uibk.ac.at

the technology behind cbdcs - oenb

Documents