Talking about the combined application of CBDC system and blockchain

Introduction to CBDC

Since 2016, many countries, including China, have begun to build their own CBDC (central bank digital currency) systems. So what is CBDC, which can be summed up in one sentence. It is a digital form of cash issued by the central bank that works in conjunction with physical cash. It can give the cash system higher security and is more convenient for the central bank to manage.

CBDC can be divided into those for the general public and those for financial institutions. The former, such as the digital RMB APP that is already available in China, can be used in stores after downloading. The latter can be used for real-time settlement between banks, improving the efficiency of cross-border transfers.

The main needs of CBDC can be summarized as:

1. controllability

The central bank should have the ability to issue, monitor, transfer and freeze assets.

2. integrity

As a cash ledger, historical transfer records should be immutable to ensure data integrity.

3. Verifiability

In the case of cross-border transfers, both parties to the transaction should have the ability to independently verify whether the transfer is true and valid.

At the same time, the central bank digital currency can help the development of the economy in these areas:

1. It is easier to spot counterfeit money than real money.
2. Prevent financial institutions from becoming regulatory black boxes within them.
3. Facilitate cross-border settlement business.
4. Conducive to the fight against transnational crime, within the framework of mutual trust, national regulators can cooperate to verify the legitimacy of each transaction and freeze specific transactions.
5. Protect the privacy of citizens' everyday transactions from intrusion.

Introduction to Blockchain

The history of blockchain dates back to 1991, with the paper "How to Timestamp Electronic Documents" by Bell Labs scientists Haber and Stornetta. Through hash digest algorithm (hereinafter referred to as hash) and Merkle tree structure, massive files are connected to a short piece of data, called Merkle root. The next thing to figure out is how to connect the Merkel roots to a point in time. In 1996, they founded suerty.com, a technology that regularly publishes Merkel roots in the latest issue of The New York Times International. In this way, through the huge circulation and audience of the newspaper, the timeliness and integrity of Merkel root are guaranteed. The company's electronic document timestamping scheme has been successful, and major companies including Xerox and Samsung have become their customers.

Fast forward to 2009, the person who signed Satoshi Nakamoto published the Bitcoin white paper: "Bitcoin - A Peer-to-Peer Electronic Cash System". In the white paper, Satoshi Nakamoto cited 3 papers from Haber and Stornetta, which is enough to illustrate the technical inheritance relationship between them. Bitcoin also uses a Merkle tree structure to connect transactions. The key innovation is the use of proof-of-work in place of newspapers for the distribution of Merkel roots.

Due to the openness of the code of the Bitcoin technology itself, various similar projects are emerging one after another, which leads to mixed good and bad in the blockchain industry. Quite a few projects carry out Ponzi fraud activities in the name of blockchain, and we should also wipe them out. Brighten your eyes, improve your ability to discern, and avoid becoming a tool to endorse fraudulent projects. So, is there a simple standard to judge the quality of a blockchain technology? The answer is yes, one is the transaction throughput, also called TPS (Transaction Per Second), and the other is the cost of each transaction. The higher the TPS, the better the scalability and availability of the system; the lower the transaction fee, the higher the energy utilization efficiency of the system. Conversely, the lower the TPS, the higher the handling fee, indicating that the system is less efficient. When the system is low to a certain extent, the system may be considered by some countries and regions as a backward industry that should be eliminated. Although their prices soared due to investors buying them, and miners made a fortune as a result, these systems didn’t actually create value to match their prices.

There is now an opinion that blockchain technology must be inefficient. In fact, this view is untenable. First of all, the binary tree structure of the Merkle tree determines that the number of leaf nodes is in a logarithmic relationship with the number of tree layers. For 100 million leaf nodes, only a 27-layer tree is needed. can hold. In other words, to verify whether any one of the 100 million leaf nodes belongs to a tree represented by a Merkle root, we only need to obtain 27 hash data along the way. Secondly, due to the openness and competition of proof of work, it will inevitably lead to the scale and centralization of the "mining" industry. Data center-style giant mining factories will gradually replace illegal scattered mining factories. The number of these data centers will not be many, and the network connections between them will also be very specialized. In a distributed system, the number of nodes is inversely proportional to the difficulty of achieving consistency in the network. Fewer specialized nodes effectively improve the efficiency of network processing transactions.

Technology Architecture

So what role can blockchain technology play in the architecture of the CBDC system? Before discussing this issue, we should first understand how electronic data is managed in ordinary banks. According to reports, 2020, the South African Post Bank suffered a huge loss due to the leak of the root key . It is reported that although the bank lost only $3.2 million due to the resulting fraud, the bank will have to It would cost $58 million to report the loss and replace 12 million cards.

Banks highly rely on PKI (Public Key Infrastructure) and CA (Certification Authority) when dealing with electronic business, which makes the root key become the lifeblood of bank data security. Once the root key is leaked, all previous signature data will face huge risks. risk.

On the other hand, in the PKI system, the root key needs to be changed regularly, and this process is often very cumbersome and primitive. For example, in the DNSSEC (a security scheme for signing DNS data) system, the KSK (Key Signing Key) needs to be replaced every once in a while. The key's memory card is destroyed using scissors to prove that the key has been completely destroyed.

The blockchain innovatively designs a new security model that no longer relies on any signature algorithm to ensure data integrity. Some friends may say, don't you need ECDSA signature to use Bitcoin to transfer money? Yes, but using the blockchain to verify the timestamp of a transaction does not require any signature or key. Combining blockchain with a PKI system provides the following benefits:

1. Tamper-proof historical data.

Even if the key has been leaked, due to the characteristics of WORM (Write Once Read Many) of the blockchain, attackers cannot forge past timestamps.

2. Ability to revoke specific certificates

Certificate modifications, including revocation, can be made in near real-time by sending a new transaction. CAs and certificate users can flexibly formulate certificate usage policies, including creating time-limited valid certificates through smart contracts such as time locks.

Summarize

To sum up, we first discussed two key indicators to measure the pros and cons of blockchain systems--TPS and transaction fees; secondly, we discussed the importance of the bank's internal PKI system and its potential security risks; finally, we It proposes how we can eliminate these hidden dangers and help build a CBDC system by combining blockchain technology.