Re: ecash remailer

[Michael Froomkin <froomkin@law.miami.edu>]

Now I am fully confused.

I thought a property of Chaumian DigiCash was that a coin *had* to go back
to the bank before it could be spent again.  Yet all "coin exchange"
schemes discussed here recently involve Alice paying Bob who then sends
the coin to Carol's Exchange who then sends it to the bank while sending
some other value, maybe a Carol coin, to Bob. 

Logically, I can see at least four possibilities:

1) payee data is encoded onto the coin at time of payment, making it 
impossible for Carol to bank the coin.  I see no evidence of this in the 
docs at the Digicash site, but I just rechecked quickly and may have 
missed it.

2) No payee data as such is encoded on the coin but it is marked "spent" 
to prevent multiple uses by payee to the detriment of payor.  ditto on 
the evidence.

3) the Digicash software only allows you to send a "spent" coin to the 
bank.  You have to hack the software to send the coin to Carol (do you 
have to break your own key?).

4) nothing in the DigiCash software or protocol prevents you from sending 
a coin to Carol so long as you trust Carol not to get you in trouble by 
misusing the coin in some way.  That's why Chaum is interested in 
hardware based agents that would keep you from respending coins you receive.

No doubt there are others.  Anyone know what the reality is?

A. Michael Froomkin        | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law | 
U. Miami School of Law     | froomkin@law.miami.edu
P.O. Box 248087            | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's warm here.