First learnings on Digital Euro

The European Central Bank just released a report about a nine month's period of experiments about the Digital Euro. According to the report, the experiments were conducted without endorsing any specific solution, in a multidisciplinary environment and involved participants from both academia and the private sector. Will try to describe the first results in the following areas:

• implementation of the Digital Euro ledger
• secure hardware devices and offline payments
• privacy, anti-money laundering (AML) and know-your-customer (KYC)
• adoption of Digital Identity techniques

The original document "Digital euro experimentation scope and key learnings", July 14th, 2021, is here https://www.ecb.europa.eu/pub/pdf/other/ecb.digitaleuroscopekeylearnings202107~564d89045e.en.pdf

In a subsequent article, I will detail how the tests were staged and set up, what the ECB document calls the "workstreams".

The digital euro ledger

Experiments were conducted both on a blockchain-based prototype and on an upgraded version of the (centralized) TIPS system. Relevant results are the throughput, that is the number of transactions started (or completed) in a second, and the latency, the actual time a transaction takes to be confirmed. As a reference, the #BTC platform is presently operating at less than 4 transactions per second and 90% of its transactions complete after 15 seconds. Also, the Eurozone is running at about 300 transaction billion in a year, meaning an average of 10,000 transactions/second.

The blockchain-based harness achieved a throughput of 15,000 retail payments per second on a complete transaction lifecycle (signed by the sender, settled and cryptographically verified by the receiver). 95% of the transactions were processed in fewer than three seconds. Additional testing showed the blockchain could be scaled up to 325,000 retail payments per second and a latency of 1.3 seconds.?

The solution based on the TIPS system simulated a partial lifecycle, based only on the settlement phase of payments received by the intermediaries. These intermediaries may be the Payment Service Providers, or the Commercial Banks themselves, in the case of a two-tier CBDC distribution system. The payment instructions received by TIPS were originated by a transaction injector, pushing the system up to 40,000 transactions per second, with a very low latency: 95% of the transactions were settled in fewer than 0.8 seconds. This scenario is not contrived: sooner or later, Payment Service Providers will have to connect to TIPS and their transactions will be the main load of that system.

The test seems to confirm a time-proved rule of thumb: centralized systems exhibit a very low latency, while DLT-based ones may reach higher throughput. However, the mixed architectures that were tested (interfacing a centralized platform with a number of decentralized ledgers) inherited both limitations and performed unfavourably either on throughput or on latency.

The experiments tested three implementations of programmable money on DLTs: tokenization, general purpose Virtual Machines, or a very restricted set of operations.?However, the most promising scenario, featuring a centralised ledger relying on off-line blockchains for issuing payment orders, was not tested.

About the environmental impact, the report assumes it to be relatively low. The order of magnitude of power consumption is comparable to that used by a single electric car on a motorway.

Secure hardware devices and offline payments

Secure hardware devices can perform internal validation checks when processing the payments, offloading the system. These devices may also be programmed to perform application logic, as putting a cap on the transferred amounts, or registering high value transactions.

With regard to offline payments, the experiments confirmed their technical feasibility. However, they did not yet provide a robust solution to control the risk of double spending, and underlined that in order to maintain the integrity of the system an offline transaction can be started, but cannot be kept offline indefinitely.

For example, it remains a challenge to design and enforce time-sensitive rules, such as setting a transaction limit over a certain time frame, since that limit could be breached just by keeping the device permanently offline.

Privacy, anti-money laundering (AML) and know-your-customer (KYC)

The TIPS-based experiments focused on making the settlement system work without knowing all the information originated by the sender.

A first solution is forcing the intermediary to use constantly changing pseudonyms to hide the senders' identities from the TIPS system and from the receiver. During judicial proceedings, the real identity of the sender could still be obtained from the intermediary.

Another solution is based on an “anonymity card”, an anonymous TIPS account that can be topped up with limited amounts of cash for everyday expenses.

A third solution could be the deployment of payment channels supporting a programmable level of privacy, enabling the users to decide which part of their identity they want to anonymize. In the event of an investigation, the manager of the channel may still be forced to surrender all the information about a specific user, enabling the judicial authority to trace the payment flow.

One of the big issues about privacy is that in a true modular architecture, the privacy mechanisms cannot be established at design time. Privacy is something that should be continuously protected against all the technical improvements that may compromise it. From this point of view, the approach based on the anonymizing channels has probably the best potential.

Digital Identity

Linking a person’s e-ID to digital euro holdings would enable the application of limits on the amount of digital currency a person may hold. Also, it could reduce KYC and AML costs, enable reliable remuneration/taxation and easy switching between euro intermediaries.

The experiments tested two different types of state-issued e-IDs: the Baltic SmartID, a hard-identification system, based on available e-ID services, and the Spanish e-IDAS compliant certificate more akin to the self-sovereign identity model.

The report concludes that in many countries the adoption of a government-issued e-ID is not wide enough to base the Digital Euro on a European Digital Identity plan, although the proposed update to the e-IDAS regulation may have great potential in defining national identity wallets.

The conclusions

The report ends auspicating that the insights gained in this experimentation phase may contribute to the development of a minimum viable product that should become available for live experimentation in the future.