[Webfunds-users] Napster for Money?

Linas Vepstas linas@backlot.linas.org
Fri, 13 Apr 2001 19:07:39 -0500


--a8Wt8u1KmwUX3Y2C
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


Hi,

I'm the lead developer for GnuCash (www.gnucash.org) and I've been
eyeing webfunds (and other electronic money systems) for inclusion
into GnuCash (an open source (GPL'ed) accounting/finance
application).   Any actual work is not likely (our list of desired
enhancements is longer than my arm), but its fun to daydream every
now and then.   My curent scary daydream 'napster for money'.

So, with that in mind, some newbie questions:
I read almost every page on the website, and I swear, I still don't
understand how it works.  In fact, I'm so confused, I don't know
where to begin.

Some 5-6 years ago, I read some whitepapers about using crypto for
e-cash. I remember only the vaguest generalities, still, nothing in
the ricardian contracts seems to match.  I would really, really,
really appreciate an Alice-Bob explanation of how it works.

(BTW, the url for Edinburgh Financial Cryptography Engineering
efce.org, seems to point at european federation of chemical
engineers, and so the slides aren't viewable).

My confusion has to do with what roles the mint, the banks and the
individuals play with respect to each other.  Is the reicardian
contract between the individual and the mint? Between a pair of
individuals? If A received value from B, how can A send value to C?
Must it involve a 'market maker/trader', or can A & C exchange value
privately?  If thier interactions are 'public' (i.e. must be mediated
by a 'bank/mint' running a 'server' somehwere), then can they still
be anonymous?   What prevents A from spending the same 'value' twice?

I suspect the answer to that last question is probably easy, once I
'get' the paradigm. But I sure don't get it yet ...


(There's a host of related questions that I'll ask as soon as you
answer the above; many of which might have trivial answers, but
still...: for example, what happens if someone breaks into my
computer and 'steals' my wallet (i.e. makes a copy of it)?  What
if I was to aid  and abet such an action?  What about the=20
'man-in-the-middle' attacks?  Can someone pose as a bank,
and if so, does it matter?  What if a cracker got into the e-bank
server?  What sort of damage could be done?  What happens if=20
the e-bank or issueing authority is disreputable, dishonest, etc.
Can they damage the entire 'float' or is the damage limited? )


I hope you can answer these questions ... (and BTW, I think it would
be good if you did so on your website; a clear description would
engender a better understanding, and thus, hopefully, encourage=20
a broader acceptance of what your doing.)

Thanks,

--linas



--a8Wt8u1KmwUX3Y2C
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE615TJZKmaggEEWTMRAt//AJ4woG6hNLwEZQ4m3wDvmxb9hX0B5gCfZQ/z
xWspQxuGeivghFXo9Mc1kiE=
=G18Y
-----END PGP SIGNATURE-----

--a8Wt8u1KmwUX3Y2C--