2021-3: "Why a Digital Euro should be Online-first and Bearer-based " published
We are happy to announce the publication of our paper on "Why a Digital Euro should be Online-first and Bearer-based".
The European Central Bank’s “Report on a Digital Euro” considers two distinct types of designs for a digital euro. It argues that all functional requirements laid out in the report can be fulfilled by operating the two systems in parallel:
- A bearer-based digital euro based on trusted hardware that can be used offline, anonymously, and without third-party intervention.
- An account-based digital euro that can be used online, is fully software- based and excludes the possibility of anonymity.
We argue that operating a bearer-based payment system to complement an account-based CBDC in order to gain offline and privacy features is not a good trade-off. Adding permanent, regular offline capabilities via the bearer-based payment instrument constantly exposes the CBDC to the severe issues inherent in offline-capable payment systems. Instead, the offline mode of operation should be restricted to scenarios where it is actually required, which mitigates the risks.
Download links
Related exploits published after our article
- TCG TPM 2.0 (2023)
- Intel SGX (2023)
- AMD Trust Zone (2022)
- ATECC608B (2022)
- AMD Platform Security Processor (2023)
- Intel SGX (2023)
- Smart cards from 60 feet distance
- Intel TPM (2024)
- Intel SGX root of trust private key extraction (2024)
- Yubikey, Infineon SLE78 / Infineon Optiga Trust M / Infineon Optiga TPM (2024)