Explore the vast range of titles available.

For decades, proponents of the Internet have promised that it would one day provide a seamless way for everyone in the world to communicate with each other, without introducing new boundaries, gatekeepers, or power structures. What happened? This article explores the system-level characteristics of a key design feature of the Internet that helped it to achieve widespread adoption, as well as the system-level implications of certain patterns of use that have emerged over the years as a result of that feature. Such patterns include the system-level acceptance of particular authorities, mechanisms that promote and enforce the concentration of power, and network effects that implicitly penalize those who do not comply with decisions taken by privileged actors. We provide examples of these patterns and offer some key observations, toward the development of a general theory of why they emerged despite our best efforts, and we conclude with some suggestions on how we might mitigate the worst outcomes and avoid similar experiences in the future.

In recent years, electronic retail payment mechanisms, especially e-commerce and card payments at the point of sale, have increasingly replaced cash in many developed countries. As a result, societies are losing a critical public retail payment option, and retail consumers are losing important rights associated with using cash. To address this concern, we propose an approach to digital currency that would allow people without banking relationships to transact electronically and privately, including both e-commerce purchases and point-of-sale purchases that are required to be cashless. Our proposal introduces a government-backed, privately-operated digital currency infrastructure to ensure that every transaction is registered by a bank or money services business, and it relies upon non-custodial wallets backed by privacy-enhancing technology, such as blind signatures or zero-knowledge proofs, to ensure that transaction counterparties are not revealed. Our approach to digital currency can also facilitate more efficient and transparent clearing, settlement, and management of systemic risk. We argue that our system can restore and preserve the salient features of cash, including privacy, owner-custodianship, fungibility, and accessibility, while also preserving fractional reserve banking and the existing two-tiered banking system. We also show that it is possible to introduce regulation of digital currency transactions involving non-custodial wallets that unconditionally protect the privacy of end-users.

Data harvesting and profiling have become a de facto business model for many businesses in the digital economy. The surveillance of individual persons through their use of private sector platforms has a well-understood effect on personal autonomy and democratic institutions. In this article, we explore the consequences of implementing data-rich services in the public sector and, specifically, the dangers inherent to undermining the universality of the reach of public services, the implicit endorsement of the platform operators by the government, and the inability of members of the public to avoid using the platforms in practice. We propose a set of good practices in the form of design principles that infrastructure services can adopt to mitigate the risks, and we specify a set of design primitives that can be used to support the development of infrastructure that follows the principles. We argue that providers of public infrastructure should adopt a practice of critical assessment of the consequences of their technology choices.

Many proposals for the design and implementation of digital wallets assume that the purpose of the wallet is to enable offline payments via custodial accounts, ignoring the real problems faced by individuals and businesses that engage in retail payments, such as the anticompetitive behaviour of payment platforms and the decline of cash. More importantly, the proposals ignore the raison d'être of digital currency as a kind of digital money that can be held independently of custodians. Finally, the proposals demonstrate a profound lack of imagination about the nature of digital money and the devices that could be used to hold, manage, and exchange it. From these presumptions flows a set of architectural requirements that stifle the promise of digital currency to deliver novel and efficient ways to exchange value in the digital economy. In this article, we critically assess the essential problems that digital currency solutions are being proposed to solve, particularly with respect to the future of payments and the future of cash. We assess the validity of common justifications for account-based payments and certified hardware in the context of alternative designs, limitations, and trade-offs. We conclude that the interests of consumers would be better served by design approaches to digital currency that anticipate that digital assets would be held outside accounts, stored offline, but transacted online, without requiring the use of trusted hardware.

Many proposals for the design and implementation of digital wallets assume that the purpose of the wallet is to enable offline payments via custodial accounts, ignoring the real problems faced by individuals and businesses that engage in retail payments, such as the anticompetitive behaviour of payment platforms and the decline of cash. More importantly, the proposals ignore the raison d'être of digital currency as a kind of digital money that can be held independently of custodians. Finally, the proposals demonstrate a profound lack of imagination about the nature of digital money and the devices that could be used to hold, manage, and exchange it. From these presumptions flows a set of architectural requirements that stifle the promise of digital currency to deliver novel and efficient ways to exchange value in the digital economy. In this article, we critically assess the essential problems that digital currency solutions are being proposed to solve, particularly with respect to the future of payments and the future of cash. We assess the validity of common justifications for account-based payments and certified hardware in the context of alternative designs, limitations, and trade-offs. We conclude that the interests of consumers would be better served by design approaches to digital currency that anticipate that digital assets would be held outside accounts, stored offline, but transacted online, without requiring the use of trusted hardware.

We describe a protocol for creating, updating, and revoking digital diplomas that we anticipate would make use of the protocol for transferring digital assets elaborated by Goodell, Toliver, and Nakib. Digital diplomas would maintain their own state, and make use a distributed ledger as a mechanism for verifying their integrity. The use of a distributed ledger enables verification of the state of an asset without the need to contact the issuing institution, and we describe how the integrity of a diploma issued in this way can persist even in the absence of the issuing institution.

We describe a protocol for creating, updating, and transferring digital assets securely, with strong privacy and self-custody features for the initial owner based upon the earlier work of Goodell, Toliver, and Nakib. The architecture comprises three components: a mechanism to unlink counterparties in the transaction channel, a mechanism for oblivious transactions, and a mechanism to prevent service providers from equivocating. We present an approach for the implementation of these components.

In this article, we consider the roles of tokens and distributed ledgers in digital payment systems. We present a brief taxonomy of digital payment systems that use tokens, and we address the different models for how distributed ledger technology can support digital payment systems in general. We offer guidance on the salient features of digital payment systems, which we comprehend in terms of consumer privacy, token issuance, and accountability for system operators.

This document constitutes a response to a Consultation Paper published by the Bank of England and HM Treasury, \"The digital pound: a new form of money for households and businesses?\", the latest document in a series that includes \"Central Bank Digital Currency: opportunities, challenges and design\" in 2020 and \"New forms of digital money\" in 2021. The Consultation Paper concerns the adoption of central bank digital currency (CBDC) for retail use in the United Kingdom by the Bank of England. We shall address the consultation questions directly in the third section of this document.

Digitisation is often viewed as beneficial to a user. Whereas traditionally, people would physically have to identify to a service, pay for a ticket in cash, or go into a library to access a book, people can now achieve all of this through a click of a button. Such actions may seem functionally identical to their analogue counterparts, but in the digital case, a user's actions are automatically recorded. The recording of user's interactions presents a problem because once the information is collected, it is outside of the control of the person whom it concerns. This issue is only exacerbated by the centralisation of the authentication mechanisms underpinning the aforementioned services, permitting the aggregation and analysis of even more data. This work aims to motivate the need and establish the feasibility of the application of a privacy-enhancing digital token management service to public transit. A proof-of-concept implementation is developed, building upon a design proposed by Goodell and Aste. This implementation was optimised for the public transport use case. Its performance is tested in a local environment to better understand the technical challenges and assess the technical feasibility of the system in a production setting. It was observed that for loads between one and five requests per second the proof-of-concept performs comparably to other contactless payment systems, with a maximum median response time less than two seconds. Due to hardware bottlenecks, reliable throughput in our test environment was limited to five requests per second. The demonstrated throughput and latency indicate that the system can feasibly compete with solutions currently in use. Yet, further work is needed to demonstrate their performance characteristics in an environment similar to that experienced in production.