Yesterday the Bank of Israel shared details about its first set of technical trials for a central bank digital currency (CBDC). One test used smart contracts, raising the issue of who should be allowed to write smart contracts and how to police them. A second digital shekel test focused on a novel way of enabling limited quantities of private payments. Both experiments used a two-tier model intermediated by payment providers and blockchain, with different technologies for each.
The central bank emphasized that it hasn’t decided to issue a digital shekel and the technologies used in its experiments do not indicate any preferences.
The holy grail for CBDC: privacy
Physical cash provides not just privacy for payments, but anonymity. Central banks are reluctant to enable the same degree of anonymity for fear of money laundering and tax evasion. Yet many central banks worldwide are also aware that as cash usage declines, digital currencies threaten people’s right to privacy.
The Bank of Israel trialed a hybrid solution from VMware Blockchain where wallets had some ordinary digital shekels as well as a monthly allocation of 1000 private digital shekels where the transactions are not recorded openly on the blockchain. The VMware solution combines zero knowledge proofs (ZKPs) and eCash, a privacy concept developed by early digital currency inventor David Chaum that originally didn’t use blockchain.
eCash works by using a cryptographic concept called blind signatures, which is the most technical we’ll get. The key point is that the consumer’s coins can’t be linked to each other. When a retailer receives the CBDC they will verify the coin’s validity, but they don’t get to see the consumer’s identity.
The solution used by the Bank of Israel is based on VMware paper on Untraceable Transactions published in April that claims to be a scalable and performant solution.
The central bank noted that the technical solution raises policy questions such as how much money should the privacy budget include and how that might differ between businesses and consumers? And whether this creates an economic incentive to misuse private wallets.
On that point, we’d observe that bank accounts are already misused, with stories of students being paid so criminals can pass transactions through their accounts. Some level of misuse will need to be tolerated in the name of privacy.
Who writes the smart contracts?
The other experiment involved a delivery versus payment transaction relating to the sale of a car. For that test, the central bank used the Ethereum-based enterprise blockchain Quorum. The transfer of the car’s ownership and payment happened simultaneously.
Smart contracts ensure this atomicity; if one leg of the transaction fails, so does the other. One concern is that a trustworthy entity needs to develop the smart contract. Otherwise, there’s a possibility that there will be counterparty risk, whether inadvertently or with criminal intent.
That is a concern to the Bank of Israel, as is the potential for someone to write buggy smart contract code that could overload the system. Hence the potential to only allow payment providers to write the smart contracts, which would need auditing.
From the central bank’s perspective, both these cases are in line with the Bank of Israel’s potential motivations and requirements – to enable innovation and safeguard privacy.
Last week the Hong Kong Monetary Authority (HKMA) announced it’s collaborating on CBDC research with the Bank of Israel, focusing on Israel’s deep expertise in cybersecurity. In May, the central bank published feedback from its CBDC public consultation.