Skip to content. | Skip to navigation

Personal tools


You are here: Home / What is opencoin?

What is opencoin?

A short intro explaining opencoin, also in the context of the blockchain


Opencoin is about electronic cash. It is based on the invention by David Chaum in the 80s [1]. While Mr. Chaum invented the core mechanism, opencoin seeks to define the protocol which around it which is necessary to allow everyday use of the invention.

Simplified protocol

We have three participants:

  • The issuer is the central authority minting coins, and exchanging them for real money (or whatever is promised)
  • Alice, a user of the system
  • Bob, another user of the system.


And this is how it works:
  1. Alice creates a (random) number
  2. An issuer signs this random number without seeing it. E.g. the issuer signs "this token is worth 1 EUR". Alice has to deposit 1 EUR for the signature.
  3. Alice now has a signed serial number which we call a "coin"
  4. Alice can now transfer the coin to Bob
  5. Bob is not sure if Alice has used the coin before, so he instantly goes to the issuer, and either redeems the coin (getting 1 EUR from the issuer) or he asks for a signature on a new serial number (step 2), effectively swapping Alice's coin for a new one.
    The issuer only accepts coins with a valid signature on a yet unknown number


This little setup implies:

  1. The issuer does not handle or observe the transfer of the coin from Alice to Bob, hence the issuer can not trace the transfer.
  2. Because the issuer hasn't seen the serial number the coin can't be traced this way either (core idea 2).
  3. Because the issuer hasn't seen the serial in step 2, there needs to be a database of coins that where used in step 5. Once redeemed or exchanged, the serial number/signature pair is worthless.
  4. The worth of the coin is based on the issuers promise to redeem it. If the issuer is trustworthy, the worth of the coin is very stable.
  5. While not tracing the transfer, the issuer still knows Alice and Bob and customers, and can e.g. observer the amount of money redeemed by Bob.


The core element is point number 2: the issuer doesn't see the number. Without getting into details: this is the core invention of David Chaum, "blind signatures". In this invention, Alice actually creates a secret multiplier, multiplies her random number with the secret, and send the product to the issuer. The issuer signs the product. The signature is then transfered back to alice, who can now divide the signature by her secret, and gets a signature for her secret number. Because we are talking really big numbers here, no one can cheat. Let's trust the mathematics on this. And because of the mathematics involved, Alice and Bob don't need to trust the issuer in regards to the anonymity of their transactions - it is guaranteed by the math.

Comparison to bitcoin

Because these days (2018) everybody thinks of electronic money as bitcoin, let's compare opencoin to bitcoin. Bitcoin is based on the concept of a blockchain. Transactions are added to a block of transactions (e.g. 50), and people verify if all the transactions make sense in regard to all preceeding transactions. They can do this because everybody has a copy of a all the transactions ever done. If everything is alright, they try (like crazy) to find a special number they can add to the block of transactions. The lucky finder of the transaction gets some fees, but more importantly some bitcoins, and the block of transactions counts as signed, and gets passed on to other network participants. This way everybody gets the update of the (shared) ledger, but also needs to keep it.


opencoin compared to bitcoin

open ledger
peer to peer
value open market exchange
based on issuer promise
value creation
randomly / mining
on customer deposit
no central instance
central issuer
anonymity of participants
unknown participants
customers can be verified entities
anonymity of transactions
known to all
data requirements
every participant needs a copy of the whole ledger
central issuer needs a list of used numbers
growing data ledger grows constantly and massively list of numbers is relatively small
cheatable >50% of the users issuer for redeeming coins, not privacy
transaction medium blockchain only all forms of electronic communication, but can also be printed
speed of settlement 30 mins to 16 hours next to instant
real world equivalent gold cash
status works / hyped proof of concept


Opencoin is a protocol for transfering electronic coins from user to user. The transfers are untracable to the issuer, who can't tell who is doing business with whom. The users of the system need to trust the issuer to redeem the value of the coin, but if they do so, they get a very stable currency. It transfers as fast as the users can manage, and it can be transfered in whatever way the customers like. While the transactions are untracable, the identity of the users can be verified, and transfers in and out of the system closely monitored.


[1] David Chaum, “Blind signatures for untraceable payments”, Advances in Cryptology - Crypto ‘82, Springer-Verlag (1983), 199-203.

Add comment

You can add a comment by filling out the form below. Plain text formatting. Comments are moderated.

Question: What is 4 + 4 ?
Your answer: