| > How can they make it work offline while protecting the money from being duplicated? It's not actually possible to prevent this entirely. It's not even possible with physical currency. You can always look at a bank note and make an exact-enough duplicate, then spend it twice. > they're planning to make it so that you have to go online every set period of time and then they verify the money. That's not a hard requirement, but yes. The central bank is the final authority on what currency is counterfeit or not. ----- For current technology, I think it's probably sufficient to have a smart card issued by the central bank, with an embedded certificate chained to the central bank. For offline transactions, the two cards can establish an encrypted stream, mutually verify that they were attested by the central bank, and then mark notes as transferred to the other party in TXN#X, run the transfer, then delete the notes entirely. Interrupting the process might leave the notes in a partial state (marked for transfer to a particular smart card), but the connection can be reestablished to try again, so long as the TXN# isn't incremented by another transaction. Now you have to hack a smart card processor to double spend (and only offline, and still detectable), which is of similar difficulty and risk to making counterfeit banknotes. Maybe North Korea will sell you an infinite money card, but it will only get you free coffee when hiking in the Alps, and only until that card's certificate is added to the revocation list and people update their transfer boxes. |