‘Godfather of Crypto’ Wants to Create Privacy-Focused CBDC: Here It Is

When it comes to the “crypto” part of cryptocurrencies, David Chaum’s work predates the crypto ecosystem. His efforts as a renowned cryptographer date back to 1989, long before Bitcoin (BTC) was a thing.

Chaum developed the protocols behind DigiCash, the world’s first cryptographically protected digital currency. As CEO of privacy-focused network developer Elixxir, David Chaum is working with the Swiss central bank to develop a central bank digital currency (CBDC) that could also attract the crypto ecosystem due to its privacy features.

Dubbed “eCash 2.0,” the new project aims to develop a quantum-proof digital cash that is “inexperienced private” and anti-counterfeiting. Since the technical details require a deep understanding of cryptography, Cointelegraph caught up with Chaum at Istanbul Blockchain Week to better understand the mechanics behind this crypto-friendly CBDC project.

Censorship-resistant CBDC

It all started when Thomas Moser, a board member of the Swiss National Bank, invited David Chaum to Zurich for a conference, telling him he wanted to “make eCash great again” and asking him for help with a new project.

“[Moser] He couldn’t understand why people weren’t using eCash for CBDC,” Chaum began to explain. Big banks have a lot to consider in terms of reliability and future-proofing. So they’re not keen on investing in something that isn’t quant-resistant.

As part of what is internally called Project Tourbillon, Chaum has developed a cryptographic protocol that proves CBDC can be privacy-preserving, censorship- and quantum-resistant, scalable, and even compatible with decentralized finance (DeFi) blockchains. One of its goals was to make the total supply of coins transparent.

At first, the project team tried to use the old eCash, but quickly realized that it was not what they had in mind. Therefore, the BIS Innovation Center, the Swiss National Bank and the xx Network have established a joint project based on eCash 2.0. Chaum noted that user-driven privacy, “the best feature of the original eCash,” is being carried over to this new project.

According to the official announcement, Project Tourbillon aims to reconcile the trade-offs between cyber resilience, scalability and privacy by combining technologies such as blind signatures and blending networks with the foundation developed by David Chaum and Thomas Moser.

Chaum noted that privacy is very important for banks, along with scalability and blockchain compatibility, because the public is very concerned about it. He noted the European central bank’s open call for comments on CBDC, noting that 40% of comments were about privacy.

End: Will FTX’s ill wind reach the Global South? Maybe not

“You can withdraw $500 every day with your ATM card, but you can’t go to a bank and withdraw $1,000,000 in cash — that’s privacy for people,” Chaum said. He noted that it should be similar in electronic payment systems. “These systems should make it very difficult for someone to collect enough and use it for nefarious purposes, such as unwittingly hiring an assassin.”

Unbreakable keys: A new approach to privacy

To meet the privacy requirements of digital currency, Chaum envisioned a privacy system where a user could prove they knew their secret phrase without revealing it. It’s a relatively new approach that Chaum calls “inexperienced.”

The name unalienable key comes from its keyability: This new type of private key cannot be given or taken away by nature. The key itself is a phrase or sentence that can be easily memorized by the owner, but cannot be guessed by third parties.

In the context of central bank digital currencies, when a user wants to join a CBDC system as a user, they can go to a bank office to prove that they know their unique key by confirming the special placement of random letters in the statement.

When implemented in a privacy-oriented physical setting, as exemplified by Chaum in the figure below, it helps users prove they know the key without revealing the private key.

Once users have verified their identity, they can create a whole family of linked aliases that don’t appear together, even though they’re all linked to the user’s password.

In an integral system, the user does not have to go through the physical authentication step after the first time. Chaum explains that they can send their confirmations electronically and also create a pseudonym for each specific situation. He likened pseudonyms to notebooks with special signatures or “credentials.” He believes that the use of integral keys goes beyond finance.

“They can state that the user has paid their taxes this year. Or they graduated with honors,” said Chaum, adding, “If any of them were asked for proof, they could use one of these aliases and confirm with zero knowledge.”

Quantum resistance cannot wait for quantum computers

Any conversation with David Chaum, the “godfather of crypto,” the nickname he gave to cryptography over the decades, is incomplete without discussing quantum resistance. Although not a direct threat to this cryptocurrency, quantum computers that can easily break Bitcoin’s SHA-256 cryptographic protocol are expected to arrive within the next decade. Therefore, being prepared against attacks from such devices is essential for future-proof systems and services.

Chaum advised that quantum resistance should be on everyone’s agenda. “Because the data, even though it can’t be read now, is easily stored.” Once quantum computers arrive on the scene without warning, today’s encrypted data will be much easier to crack.

His company Elixxir focuses on the quantum resistance aspect of cryptocurrencies with the xx Network, which uses quantum-resistant backup keys to support xx coins. Chaum claimed that the xx Network was able to perform 3,500 quantum continuous transactions per second during a public test of its xx coin.

The end: Decentralized solutions to climate change are key as the COP disappoints

But money isn’t everything; communication is also important. Chaum pointed out that most of today’s chat services use end-to-end encryption as a promotional tag. He added that most modern messengers mislead people into not realizing that there is no metadata fragmentation, adding that anyone who taps into one of these messengers can see “who they’re talking to” on a global scale:

“We thought we’d apply quantum-resistant encryption to protect the message content, then announce it and see what happens. We did, and we have, and none of the other messengers followed.”

Instant messaging services aren’t interested in so-called strong end-to-end encryption “because they don’t have it,” Chaum said.