[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Banque des Cypherpunks



-----BEGIN PGP SIGNED MESSAGE-----

C'punks,

What would a cypherpunk bank (being a bank the style of which some cypherpunks
would not hate too much :-) look like? How could it be made safe to run?

One avenue of safety - shepherding the idea through SEC etc scrutiny so as to
render the venture completely legal seems to lack something of a c'punk
flavour. After all, one idea that some of us are quite taken with is that
strong crypto and the changes it brings are not only important (they are), nor
good (as Tim has pointed out - it depends where you stand) but *inevitable*.

So, how safe would a cp style bank be today?

There seem to be a number of possible pressure points: the machine, the
operators, the managers/directors, the owners, the assets, getting money out of
the system and getting money into the system.

The Machine

The easiest way to shut down an ebank is probably to unplug the machine the
software is running on and take it away. A variation of this is to cut off
net/telecomms access, or even electricity. (In the US/UK/NZ etc this would
not seem to be too difficult - lie to a judge about a bit of child porn and
you can pretty much take what you like.) Restricting ourselves to legitimate
securities/banking enforcement, however, it would seem to be enough to move
the box to some appropriate offshore site away from the major markets for
the bank's services. Obviously, there is no need to actively advertise the 
physical location of the processor...

The Operators

Even if the authorities of the target jurisdictions (US, Europe, Asia) can't
reach the operators of the machine while they are tending to it, they could,
presumably, make it difficult for those people to leave their jurisdictions
once they had entered them - by, for instance, issuing arrest warrants, or
holding trials in absentia. Again, if the physical location of the machine
is sufficiently obfuscated, this attack can be foiled.

The Managers/Directors

Assuming the bank is some kind of artificial legal entity, it will require
some other legal entity to control its actions. That controlling entity
could be themselves an artificial legal entity - for instance, a corporate
director of an offshore company.

The Owners

Assuming the bank itself is not a natural person, it will be owned by someone
(at least one list member has indicated an interest in investing in some form
of ebank). These owners could be the subject of pressure. Using the same
technology that made the ecash anonymous, the ownership of the bank could be
made similarly unknowable.

The Assets

A bank isn't going to last long if the SEC can just take its 'deposits'. 
Fortunately there are still a number of jurisdictions left where the bank's
bank account should be safe.

Getting Money out of the System

Eventually Tim is going to want to turn his Blacknet earnings into USD to
reinforce his security perimeter. How do we stop the Feds effectively
making it illegal to receive cheques from Banque des Cp? Presumably, BCp
instructs its banks to issue bank cheques, or get bank cheques from other
banks. Receiving wire transfers from Citbank may be notifiably suspicious,
but that just makes you one of millions...

Getting Money into the System

This strikes me as the most serious problem. If we differentiate between
big ticket (wholesale pharmaceutical type) and small ticket (remailer stamp
type) transactions, it might just be possible that the former could be
managed without bringing down the wrath of the authorities on the customers
(having failed to effectivley attack the bank). Essentially the idea is to
route payments through enough appropriate jurisdictions that tracing back
from the ebank to the customer is impossible (or, rather, unlikely). Sticking
a Libyan bank in the chain could help, for instance...

But small ticket transactions can't use this route. The easiest thing to do
would be to accept credit cards - but it wouldn't take much to convince Visa
and Mastercard not to let their services be used, if not turn over details
of everyone who tried to buy ecash. Cheques, TTs etc seem too cumbersome to
be marketable, and, once again, too easy to trace - at least at first glance.

The problem stems, I think, from trying to satisfy two seemingly opposed
requirements - the customer must be sure who they are paying, but the
authorities must not know the customer is paying the bank.

Any ideas?

[Another problem occurs to me. Alice's Awsome XXX CD-Rom Shoppe accepts
BCp's BlackCash[TM]. Simon from the SEC buys a CD with BlackCash. "Asian
Teenage Leather Maidens" duly arrives, and Simon arrests Alice for dealing
in unauthorised securities (and unauthorised dealing in securities etc)...]

I think I'll stop before I talk myself out of the whole thing :-)

Cheers

Dm


-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHtVEVlo3j8JHzalAQHT9wP/TV0AN7o4/yfkKw3G4SPrZWUO+LUFdDnD
a9v6OKUZZ8LrPQ/XORq3dvtOFtJ6GNiOPZkAWQQI9Rm792PcW4mdF+ppKynjgt0A
olK/wFnbBVhYwoEOXvqaC+ZwCTbaewpydEi3OEPGRoXbpDaYxQkfAj7K0dPT21sz
TjV5qM+rt+M=
=dTqF
-----END PGP SIGNATURE-----

[Palmtop News Reader - Beta Version 3]