The United States is seriously planning to issue FedCoin, a CBDC (Central Bank Digital Currency), following the lead of the Chinese government and others around the world. I have previously spelled out why we don’t need Fedcoin, basically because the currency of the United States is already largely digital. In this article I argue that not only don’t we need FedCoin, but that issuing such a CBDC has a strong potential for disaster. For a perspective that is broad and deep on this subject, see Oonagh McDonald’s recent book Cryptocurrencies: Money, Trust and Regulation.
The Eastern Caribbean Central Bank
Did you know that in 1983 eight countries in the eastern Caribbean banded together to create a central bank with a common currency? The ECCB resembles the Federal Reserve in the US for Anguilla, Antigua and Barbuda, Commonwealth of Dominica, Grenada, Montserrat, St Kitts and Nevis, Saint Lucia, and St Vincent and the Grenadines.
The ECCB’s experiment with a Digital Currency
After considerable planning, the ECCB kicked off a pilot for a digital currency in 2019. According to their website:
The Eastern Caribbean Central Bank (ECCB) launched its historic DXCDCaribe pilot, on 12 March 2019. ‘D’, representing digital, is prefixed to ‘XCD’ - the international currency code for the EC dollar.
The pilot involves a securely minted and issued digital version of the EC dollar - DCash. The objective of this pilot is to assess the potential efficiency and welfare gains that could be achieved: deeper financial inclusion, economic growth, resilience and competitiveness in the ECCU - from the introduction of a digital sovereign currency.
DCash will be issued by the ECCB, and distributed by licensed bank and non-bank financial institutions in the Eastern Caribbean Currency Union (ECCU). It will be used for financial transactions between consumers and merchants, people-to-people (P2P) transactions, all using smart devices.
The pilot was declared a success. The phase 2 rollout of DCash started March 31, 2021.
The ECCB provides a detailed description of the excellence of the implementation and security of the DCash system. For example:
The DCash platform is being developed through security-by-design principles. Applications are subject to rigorous quality assurance, and independent security testing, prior to live deployment. Hyperledger Fabric is being utilized to create an enterprise-grade, private-permissioned, distributed ledger (blockchain). Modular and configurable architecture is used to facilitate DCash transfer, payment processing, and settlement across authenticated and authorized API’s. Additionally, all DCash users must be authenticated and authorized.
The application framework was designed with built-in mitigations against common web application vulnerabilities, and goes through a quality assurance process that includes rigorous security testing. Multi-factor authentication is required for financial institutions, all APIs are authenticated and authorized, and all participants are vetted. In addition, secure hardware elements are being used on mobile devices.
More details were provided to demonstrate the security and high quality of the system. In addition to unspecified data centers, the website states:
Google Cloud is the current service provider. With the exception of the minting system, all system services are hosted in Google Cloud. Connections between different system layers is secure (SSL/HTTPS) and permissioned (IP Address restrictions, username/ passwords, and JWT tokens).
There’s a Problem
So what happened to this wonderful, highly secure digital currency? It went down!
The ECCB announced on January 14, 2022 that there was a system-wide outage.
This break in service has been caused by a technical issue and the subsequent necessity for additional upgrades. Therefore, DCash transactions are not being processed at this time.
There were lots of words about how things would be OK.
Did it go down for an hour? Bad. A day? REALLY bad. A week or more? A complete, unmitigated, no-excuses disaster.
What if you were a user of DCash and you couldn’t use it? It would be like having money in your bank account, but the bank claims it’s unable to give you any! What are you supposed to do? To whom can you appeal? No one!
It’s worse than that. As this writing at the end of February, a full six weeks after DCash D-Crashed, it’s still down.
Why did DCash go down?
We don’t know much. In early February it was reported:
The Eastern Caribbean Central Bank has revealed that an expired certificate caused its pilot central bank digital currency (CBDC), DCash, to go offline from January 14. Karina Johnson, the ECCB project manager for the DCash pilot, told Central Banking that “the version of Hyperledger Fabric (HLF)”, the network that hosts DCash’s distributed ledger, “had a certificate expire”. To install an up-to-date certificate, the currency’s operators are undertaking “a version change of HLF and associated...
This is really strange. If the language used is correct, a “certificate expiration” has nothing to do with digital currency or blockchain. An expired certificate is something that is issued by a “certificate authority” It’s used all over the web. For example, most web addresses start with https://www. Etc. The “s” means secure, which means that the traffic between your browser and the website is encrypted. When a browser sees the https, it goes to the site, which sends a certificate issued by a CA (certificate authority) that says that the public/private key pair used by the site is legit.
There are NO certificate authorities in Bitcoin or other cryptos! There are just public/private key pairs, with the private key being used to “sign” a transaction sending Bitcoin from the corresponding public key – which assures that it really is the owner of the public key sending the BTC.
So what's going on and how could a "certificate expiration" have caused this? No one is saying. By the way, a expiration of this kind can normally be fixed very quickly, less than a day.
The next (and most recent as of this writing) thing that was publicly announced was this on Facebook on February 14:
Why did DCash go down? Why is it still down after all this time? How are the consumers and merchants being helped with their funds being locked and inaccessible? No one is talking.
Conclusion
ECCB seems to have done everything right. They carefully studied. They worked with an experienced vendor, who had experience doing CBDC. They used the leading blockchain fabric. They used Google for hosting. They did a limited trial, released it in one of their regions, and then made it more widely available. And then something went wrong. Very wrong. What it could possibly be that involves "certificates expiring" is mysterious. How they could have built something that could be dead for over six weeks is extremely rare in software.
CBDC's are a terrible idea. We don't need them. They add nothing in terms of cost or speed to the digital fiat currency and associated software that we already have. How can any government guarantee that they won't have a DCash disaster when their own CBDC rolls out? So governments are suddenly wonderful bringing out great software that works? I've got this bridge, by the way, and I can let you have it for a limited-time-only bargain price...
Note: this was originally posted at Forbes.
Comments