[rglullis]

I don't think you understood. The scenario I presented Charlie is malicious by making a double-spending attack against David and Eve, separately.

You can remove Bob from the scenario and the problem still stands. Say that Charlie gets the IOU directly from Alice, David and Eve are left with duplicate IOUs. Alice has trusted Charlie with $10, not $20, so she can not re-pay both of the creditors. If you say "David and Eve should not have trusted Charlie then, so too bad if they lost each $10", consider the systemic issue if the double spending is made against with thousands of participants.

Without a way to control for double-spending, everyone can mint IOUs freely and any credit note is essentially worthless. And if remove the idea of IOU and try to make all transactions "cash-based", you just turned a fungible-currency into a non-fungible one (are these $10 coming from Alice-the-good-creditor or are they coming from Dick-the-double-spender?)

[Kinrany]

Charlie doesn't give Alice's IOU to David and Eve, he gives his own IOUs. He can default on those, but that's implied by David and Eve interacting with Charlie directly.

[rglullis]

This is not at all what you said in your original comment, which implied transitive credit.

Without any transitive property, "Charlie gives his own IOUs" already exists. It is called "selling on credit". No crypto required. Shop owners have been doing that for centuries with pen and paper.

[Kinrany]

You get transitive credit from direct credit.

Alice wants to buy an apple from Charlie. Alice gives an IOU to Bob, Bob gives an IOU to Charlie, Charlie gives the apple to Alice.

And - sure, everything crypto does could be done with pen and paper and a phone line. But here Bob's computer can agree to do this without Bob's involvement.

[rglullis]

This only works at a minuscule scale, where people could actually get to meet face-to-face. On a global network, Alice can still create an attack against Charlie. She just needs to get more intermediaries. Even if the intermediaries thought "surely Alice won't put the relationship at risk over a small amount", no one in their right mind would be doing large scale, automated transactions based on "friend-of-a-friend" connections.

Another thing, if you want to make transactions like the one you described, you don't need to pass IOUs around, you just pass money. Alice gives the IOU to Bob, Bob gives her money and then she can buy from Charlie, David, Eve or anyone else.

[Kinrany]

Sufficiently automated IOUs are indistinguishable from money!

What is the scenario you're imagining of Alice attacking Charlie?

[rglullis]

Your design makes it in a way that the IOUs are not fungible. Alice can not buy something from Charlie unless she shows that Bob is the one backing her. If it is not fungible, it is not money.

What you want to do is an digital version of Hawala. Hawala works, but there is a reason it is not automated. You can not scale it and it gets very easy to hit liquidity bottlenecks.

I think your ideas are in the right place (if you look at Raiden's off-chain side payment channels, it works somewhat similarly with what you are attempting to design) but can we agree to the fact that if they were feasible to be done without BFT mechanisms, it would have been done already? It is not like people want to use blockchains.