Canadian Mint To Create Digital Currency

Oldcynic writes "The Canadian mint has allowed 500 developers to enter a contest to create a new digital currency. The currency would allow micro payments using electronic devices. From the article: 'Less than a week after the government announced the penny’s impending death, the Mint quietly unveiled its digital currency called MintChip. Still in the research and development phase, MintChip will ultimately let people pay each other directly using smartphones, USB sticks, computers, tablets and clouds. The digital currency will be anonymous and good for small transactions — just like cash, the Mint says. To make sure its technology meets the gold standard in a world where digital transactions are gaining steam, the Mint is holding a contest for software developers to create applications using the MintChip.'" It looks like the Canadian Mint might have a bit of Sweden envy.

A better name

[Megane]

They should call it the BitLoon.

Re:Canadian digital currency

[vux984]

"And unlike BitCoin, a peer-to-peer hosted digital currency with a fluctuating value, MintChip is simply a new way to exchange Canadian dollars. Plus, itâ(TM)s backed by the Canadian government. "

Wiping out our savings

[cpu6502]

Digital currency just means the Central bank can wipe-out our savings more efficiently (by devaluing the dollar). You work and scrimp to save a million dollars for retirement. But by the time you're an old man, its purchasing power will be diminished to just 100,000 thanks to the actions of the rich bankers,

We're heading in the wrong direction. We should be looking for a STABLE currency that can not be devalued.

Re:Wiping out our savings

[Hamsterdan]

Something like Canadian Tire money?

Security Through Obscurity

MintChip operates in either an online or an offline mode. The online most is basically the same as EMV cards used in europ. The offline mode relies entirely on a master secret key which is on every single mintchip.

Let me repeat that, the security of offline transactions is based entirely on a secret which is on every single mintchip.

Right, good luck with that.

But can they do it right?

[green1]

I'm actually all for digital currency. But there are a few caveats, the obvious security ones apply, don't want people copying my digital money, don't want people stealing my digital money, don't want people creating money out of thin air. But in addition it needs to have a few other characteristics:
- Doesn't cost me anything to use. This is why I currently ignore Interac email transfers and still write people cheques, it's much cheaper for me. (even if it should be in the bank's best interest to push me the other direction, the cheque should be a lot more expensive for them to process!)
- Isn't tied to any one platform. Don't tell me I need an iPhone, or a Windows PC, or any other specific device, make it work on just about anything (obviously within reason)
- Anonymous. (listed in the summary, so it's a good start, but I can't emphasize enough that you will never get rid of physical currency as long as you make all your digital currency leave a trail)
- Hard to lose. I don't want to lose all my cash to a hard drive crash, or other similar event, so I need to either be able to back it up, or better yet not have to. (of course this is very difficult to accomplish while maintaining both anonymity and security, but there are a lot of bright minds out there, hopefully someone can come up with a good way to do it.)
- Ideally non-network dependent. A couple of years ago requiring an internet connection for the transaction would have been a deal breaker, but with the increased ubiquity of the internet on mobile devices this has lowered somewhat in priority. I still think though that you need to be able to pay someone without necesarily having network access at the time.

Re:But can they do it right?

[dcbrianw]

You forgot one caveat: strip clubs now have to affix digital card readers to their employee's legs. "Please hold still, miss." :-)

Obscure, Proprietary, Patented

[Dwonis]

Let me repeat that, the security of offline transactions is based entirely on a secret which is on every single mintchip.

I don't think that's true. I had a look at some of their protocol documentation---which isn't all that detailed---and it looks like they're probably using PKCS#7 signatures and X.509 certificates.

Unfortunately, they aren't willing to publish enough information to actually analyze the security of the system to determine whether it's trustworthy (nothing about how the chip itself is secured, for example), but they have released enough information that we can figure out some limits on its security, and it doesn't look all that great. I'll probably get modded down for karma-whoring here, but here's what I posted on that forum, after looking at the limited documentation they provided on their website:

Let me get this straight: MintChip is a proprietary, patented, centralized, unpublished cryptosystem, where a trusted-third-party (the Mint) signs a certificate saying "this private key was stored in a tamper-resistant hardware token that is designed not to double-spend", so we're supposed to just be able to assume that any valid MintChip transaction signatures are trustworthy, even offline. As soon as one person extracts a private key from a MintChip token (which they will, given that there's a monetary incentive), the fundamental assumption that the whole system relies upon is destroyed.

Your organization appears to know this, which explains why you emphasize that MintChip is intended for "low value" transactions.

Fine, so the security of the whole system depends on the security of these hardware tokens, and yet you're "not in a position to release" any tangible information about them? Why should anyone invest in this system? Because you're The Mint?

You have the threat model wrong, too. Why on earth would you want to emulate cash? Cash is easy to counterfeit. It only remains useful because there's a high risk vs. payoff associated with uttering counterfeit cash. On the other hand, MintChip is supposed to be used online, so even if we detect a counterfeit, there's not much chance that the fraudster will actually go to jail. There's also a much larger number of potential fraudsters (basically, everyone connected to the Internet).

MintChip also doesn't deliver on its privacy claims. "No personal data is exchanged in the transaction." That's not true at all. According to your documentation, every MintChip has a *single*, 16-digit ID that's generated by the central authority and used in all transactions, so there's no reason why these IDs couldn't be tracked the way companies already track credit card numbers.

The funny thing is that this all could have been implemented on top of Bitcoin. Make some tamper-resistant hardware with some Bitcoin private keys inside it, and sign a certificate saying "the keys for these addresses are in tamper-proof hardware". For low-value transactions, they could be accepted at face value, but if we wanted greater certainty, we could inject the transaction into the Bitcoin network and wait for a few confirmations to avoid double-spend fraud.

Way back in 1999, Bruce Schneier posted a list of nine cryptography "snake oil" warning signs (http://www.schneier.com/crypto-gram-9902.html#snakeoil). I see 3 of the 9 warning signs here already.

Re:What advantage would this have over PayPal?

[cosm]

What would this service offer that PayPal didn't?>

'It wouldn't be PayPal' is a necessary and sufficient condition for its existence.

Re:Functioning Economies

[Phrogman]

Not an economist here. However, if I am not mistaken, what makes an economy effective, is the exchange of money between its members.

What most businesses, economists and governments seem focused on is growth. If that means more people exchanging money, no problem. But if it refers to expansion of the economy by means of producing increasing amounts of raw materials then surely that is not sustainable in the long term? For instance, there is only a fixed available amount of timber we can harvest before we are denuding the Earth of its forests (the current method it seems). Surely its better to try to build a sustainable economic model so that our resources last us as long as possible no?

The other fallacy I think we see banded about is that if we give the ultra-rich corporations breaks on taxes, or support them via government bailouts, that they will then take that money and use it to create jobs. It seems to me that a lot of businesses accept the bailout gratefully, then put most of it in the bank to hedge their bets on future success. I would like to see some proof of this "trickle-down" concept, because what I see is various businesses being propped up by various governments and then either walking away with the money, or using it to create jobs - overseas, where they can maximize the benefits to them by utilizing cheap labor.

It seems to me that most jobs are being created by the small companies that open up and close regularly all around us. It might only be a job here or there but I bet the net aggregate of all those jobs is far greater than that represented by the occasional mass expansion of a major corporation here or there. Unfortunately all I seem to see of late is small businesses going out of business with nothing to replace them.