[ilaksh]

Try to imagine you are building a new banking system, and you want it to be secure.

How would you

A) allow for secure payments without giving away something like a bank account # or debit card number

and

B) ensure that, even if those payments were secure, there was no other cheating, such as people at a bank just deciding to initiate an account with one million?

Generally speaking the way to handle those requirements is by employing cryptographic signatures and public blockchain(s), and the result is usually referred to as a cryptocurrency.

[tpxl]

> A) allow for secure payments without giving away something like a bank account # or debit card number

You can use PKI for this. The public key is public and the private key never has to be online. That's how (most?) crypto works, but the system doesn't have to be a cryptocurrency to work like this.

> B) ensure that, even if those payments were secure, there was no other cheating, such as people at a bank just deciding to initiate an account with one million?

You can have public ledgers without crypto, there's usually no reason to do so, and good reasons not to do it (privacy, funnily enough).

Crypto is _a_ solution for this, not _the_ solution, and not even the best solution at that.

[ilaksh]

Since you are using PKI but not a blockchain, it sounds like half a cryptocurrency to me.

I didn't actually say "cryptography" for the block chain. What do you propose other than a block chain for the public ledger? And if your system uses cryptography for the transaction security and has a public ledger, why would you not call it a cryptocurrency? It would seem to be in the same category if you ledger was secure.

[tpxl]

> What do you propose other than a block chain for the public ledger?

A csv file, SQLite file, mysql database dump, ... The blockchain is a distributed, trustless ledger, which is not necessary for most applications.

If I may paint a picture of why this matters with an example from the gaming industry - simply because I'm familiar with it: There are projects being made where the inventory/achievement/whatever system lives on a public blockchain, so that you may use/display it in another game, website, whatever.

But this already exists without blockchain! If you play Spiral Knights or Half Life on Steam, you get a hat in Team Fortress 2. There are various third-party websites where you can display your Steam/Team Fortress/Dota/LoL achievements, inventories, ... because those 'ledgers' are public already. You can trade Steam items on third-party websites (which interfaces with steam underneath) that dodge Steam's 30% store tax and will actually pay money out unlike Steam.

The above applications only require public (or even just shared) ledgers. Distributed and trustless is not a requirement for these use cases.

> And if your system uses cryptography for the transaction security and has a public ledger, why would you not call it a cryptocurrency?

You could just as easily transfer USD, GBP or EUR using such a system. The currency itself need not be 'crypto' for the system itself to use cryptography for transactions. You wouldn't publish such a ledger for obvious reasons, but technically you can.

[zeroclip]

> If you play Spiral Knights or Half Life on Steam, you get a hat in Team Fortress 2

A centralized MySQL database is not a "public ledger" in the same way that a decentralized blockchain is considered a "public ledger."

In the former, the database can be removed or censored easily by the central entity controlling it. This includes issuing API keys: the central controller decides who has permission to access, use, modify, and even retrieve the data.

In the case of a "decentralized, permissionless, public ledger" blockchain, no single entity controls the data structure.

[tpxl]

> A centralized MySQL database is not a "public ledger" in the same way that a decentralized blockchain is considered a "public ledger."

A public ledger is just that, a public ledger. It need not be distributed nor trustless to be public. The novelty of blockchain is the distributed and trustless, but most applications (as I outlined in the example above) only need to be public.

Trust me, I understand that a database dump is very different from a blockchain ala bitcoin, in exactly the ways you described, but that doesn't mean we need to shove blockchain everywhere.

[zeroclip]

I concede with this and your earlier point, you don't need a blockchain to build a new banking system. The current banking system is evidence of that: there is no blockchain needed when you ask your bank sends your funds to another bank.

But if you want to build a system that is not wholly dependent on "banks" and centralized actors securing consensus of financial transactions - which is effectively Proof of Authority - you end up having to look at alternative consensus mechanisms like Proof of Work or Proof of Stake.

The same logic applies to something like game assets. People buy and sell game assets already without a blockchain, but they do so only through centralized custodians and intermediaries.

[JulianHC]

>But this already exists without blockchain! If you play Spiral Knights or Half Life on Steam, you get a hat in Team Fortress 2. There are various third-party websites where you can display your Steam/Team Fortress/Dota/LoL achievements, inventories, ... because those 'ledgers' are public already. You can trade Steam items on third-party websites (which interfaces with steam underneath) that dodge Steam's 30% store tax and will actually pay money out unlike Steam.

That ledger is controlled/can be edited/changed by Vavle. Valve can delete your inventory and there is nothing you can do. Wouldn't that defeat the purpose of having a public ledger that no one can modify on a whim?

[onion2k]

The first one is easily solved with one-time-use card numbers, which credit card companies have offered for well over a decade.

The second one is a dubious benefit if you're at all interested in stopping crime (eg money laundering is very easy if no party can block a transaction.)

Thats not to suggest there's no benefit to ETH, or even that crypto might be better than traditional money in some ways, but those two specific points are fairly easily argued.

[aaa_aaa]

Second issue is more political-ideological. Stopping crime is just an excuse. Current states will never allow a competing currency (against Fiat).

[Nursie]

> A) allow for secure payments without giving away something like a bank account # or debit card number

We have a whole bunch of these systems, like Open Banking payments in the UK, Pix in Brazil, and to a lesser extent stuff like Apple/Amazon pay and other payment proxies which don't require you to expose account numbers to merchants. Physical credit-card transactions work this way too, as the chips have built-in cryptographic processors.

> such as people at a bank just deciding to initiate an account with one million?

This is not a problem people really have. Having a limited quantity of your means of exchange is not a desirable quality in a currency.

[ilaksh]

Credit card transactions may at some point involve cryptography, but at the bottom is the credit card number, and that can still be exposed.

Cryptocurrencies don't necessarily have to operate on an (effectively) fixed supply, and actually if you are concerned about modifying the supply frequently it is possible to design a cryptocurrency that gives you much better control over that.

[Nursie]

> Credit card transactions may at some point involve cryptography, but at the bottom is the credit card number, and that can still be exposed.

That's not really "at the bottom of things", for physical, customer-present transactions which I was talking about there. At the bottom of things are private keys stored on the card, which sign the transaction. Exposing the credit card number gets you no more than having someone's cryptocurrency wallet address, in fact a lot less as you can't look up their balance. The idea that credit card transactions are simply the handing over of a number, that a merchant can then do with whatever they like, is very outdated, though I guess still makes sense in countries that haven't moved on from magnetic strips.

Yes, plugging in your card number online to buy things is still distressingly popular for various reasons, I agree we should definitely get rid of it. And we can! Either by reforming the credit card payment process in the sort of way Apple Pay online payments and Paypal already have (though they still use the numbers themselves, it's true), or by ditching cards entirely and going with things like open banking payments and pix, which tend to have OAuth under the covers (among other measures) that don't involve 'card' infrastructure at all.

The question was how you design a system from the ground up that will "allow for secure payments without giving away something like a bank account # or debit card number". Well, I would use these sorts of technologies (that already exist and are in widespread use), rather than a blockchain.

[ilaksh]

It's amazing how well you seem to understand some of this stuff but aren't able to apply that knowledge in a holistic way.

[Nursie]

It's amazing how superior you've let yourself feel while not addressing anything.

Was I supposed to have a revelation that cryptocurrency is the answer, in some sort of holistic come-to-jesus moment? Sorry, no, cryptocurrency is still a crapfest.

[cowtools]

There's also chaum's e-cash

[AgentME]

It relied on a central authority to work, and that's very related to why it no longer works.

[wruza]

David Chaum opined then “As the Web grew, the average level of sophistication of users dropped. It was hard to explain the importance of privacy to them” https://en.m.wikipedia.org/wiki/Ecash

Not sure how this opinion relates to failure, but just in case, things only got worse since.