What is opencoin?
Opencoin is about electronic cash. It is based on the invention by David Chaum in the 80s [1]. While Mr. Chaum invented the core mechanism, opencoin seeks to define the protocol which around it which is necessary to allow everyday use of the invention.
Simplified protocol
We have three participants:
- The issuer is the central authority minting coins, and exchanging them for real money (or whatever is promised)
- Alice, a user of the system
- Bob, another user of the system.
- Alice creates a (random) number
- An issuer signs this random number without seeing it. E.g. the issuer signs "this token is worth 1 EUR". Alice has to deposit 1 EUR for the signature.
- Alice now has a signed serial number which we call a "coin"
- Alice can now transfer the coin to Bob
- Bob is not sure if Alice has used the coin before, so he instantly goes to the issuer, and either redeems the coin (getting 1 EUR from the issuer) or he asks for a signature on a new serial number (step 2), effectively swapping Alice's coin for a new one.
The issuer only accepts coins with a valid signature on a yet unknown number
This little setup implies:
- The issuer does not handle or observe the transfer of the coin from Alice to Bob, hence the issuer can not trace the transfer.
- Because the issuer hasn't seen the serial number the coin can't be traced this way either (core idea 2).
- Because the issuer hasn't seen the serial in step 2, there needs to be a database of coins that where used in step 5. Once redeemed or exchanged, the serial number/signature pair is worthless.
- The worth of the coin is based on the issuers promise to redeem it. If the issuer is trustworthy, the worth of the coin is very stable.
- While not tracing the transfer, the issuer still knows Alice and Bob and customers, and can e.g. observer the amount of money redeemed by Bob.
Comparison to bitcoin
property | bitcoin | opencoin |
---|---|---|
transfer |
open ledger |
peer to peer |
value | open market exchange |
based on issuer promise |
value creation |
randomly / mining |
on customer deposit |
centrality |
no central instance |
central issuer |
anonymity of participants |
unknown participants |
customers can be verified entities |
anonymity of transactions |
known to all |
untracable |
data requirements |
every participant needs a copy of the whole ledger |
central issuer needs a list of used numbers |
growing data | ledger grows constantly and massively | list of numbers is relatively small |
cheatable | >50% of the users | issuer for redeeming coins, not privacy |
transaction medium | blockchain only | all forms of electronic communication, but can also be printed |
speed of settlement | 30 mins to 16 hours | next to instant |
real world equivalent | gold | cash |
status | works / hyped | proof of concept |
Summary
Opencoin is a protocol for transfering electronic coins from user to user. The transfers are untracable to the issuer, who can't tell who is doing business with whom. The users of the system need to trust the issuer to redeem the value of the coin, but if they do so, they get a very stable currency. It transfers as fast as the users can manage, and it can be transfered in whatever way the customers like. While the transactions are untracable, the identity of the users can be verified, and transfers in and out of the system closely monitored.
Literature
[1] David Chaum, “Blind signatures for untraceable payments”, Advances in Cryptology - Crypto ‘82, Springer-Verlag (1983), 199-203.