When the CBDC revolution comes, it won’t be on the blockchain

Bank of England Deputy Governor Jon Cunliffe, who oversees the bank’s work on central bank digital currencies (CBDC), recently said the bank plans to release a research paper at the end of the year on what a retail CBDC might look like. . He expects it will take five or more years for digital pounds to be available to consumers, and I’m sure this is a conservative estimate, because a retail CBDC will have to satisfy the demands of many competing stakeholders, and that will take time to elucidate and unite such.

The deputy governor went on to say that any proposed digital pound would do so probably managed through some sort of account instead of functioning as coins or bills. His comments seemed to suggest that tokens on a blockchain weren’t all that when it comes to a population-scale cash alternative or form of electronic legal tender.

These comments were met with dismay by many cryptocurrency supporters who envision some form of blockchain at the heart of any digital currency system. But the Bank of England’s views in this regard echo the findings of The Federal Reserve Bank of Boston and the Massachusetts Institute of Technology’s Digital Currency Initiative (DCI). Their “Project Hamilton” Summary of Phase 1 notes that they found that “a distributed ledger operating under the jurisdiction of different actors was not necessary to achieve our goals”.

In plain English, they said that no blockchain is needed to implement a CBDC. Moreover, they said that a distributed ledger did not conform to the “trust assumptions of Project Hamilton’s approach” which assumes that the platform will be managed by a central actor (e.g. a central bank), and they found that even when it was run under the control of such a single actor creates architecture “performance bottlenecks”.

(In other words, the gist of their discovery was that a blockchain is a very specific solution to the problem of forming consensus in the presence of untrustworthy third parties, but in a Federal Reserve digital currency of any kind there would be no such parties.)

As the Project Hamilton folks note, CBDC design choices are more granular than commonly believed, and the categorization of “tokens or accounts” is limited and insufficient to highlight the complexity of choices in access, dissemination, institutional roles, and data storage in CBDCs. Generally speaking, the distinction between the two – as mentioned in various reports from BIS, Bank of Canada, IMF and so on — is that an account-based system requires verification of the identity of the payer, while a token-based system requires verification of the validity of the object used to pay.

In reality, however, no central bank will allow a token-based system that operates anonymously, and so digital identity will be an integral part of the CBDC rollout. This is why I think it will take some time for all these architectural choices to be worked out even after the requirements, goals and limitations of a national digital currency are agreed upon. I don’t see this wide range of design choices as a problem, but rather an optimistic cry to policymakers and regulators: if you can actually tell us (ie the digital financial industry) what you want from a digital currency, then we can deliver it because we know all the technology needed to build it already exists (unless your requirements include time travel or perpetual motion.)

(To choose an example in the customer interface, wallets can support both an account balance view and a coin-specific view for the user regardless of how funds are stored in the wallet, database, or AI-powered quantum blockchain in the cloud.)

To summarize, then: the Bank of England’s apparent view that a retail CBDC is best implemented through the transfer of account balances is consistent with other findings. Also, in my view, the ability to transfer limited balances directly between offline entities is central to creating a CBDC as a viable population-scale alternative to cash.

Turn it off

One of the reasons some believe a blockchain is necessary for a digital currency is because of the potential for smart, programmable money. I agree that programmability will certainly be one of the most interesting features of digital currency for retail, but that does not mean “smart” “contracts” and blockchains.

(I’m talking about retail CBDC here. In the case of wholesale CBDC for institutions, which trade more complex instruments, the full range of smart contract options may be appropriate.)

The Bank of England, and as far as I can tell pretty much every other central bank, has no interest in running a digital currency scheme themselves. Everyone envisions “two-tier” arrangements where they control the arrangement but have it delivered through third parties. The Bank of England calls these third parties Payment Interface Processors (or PIPs), which I think is a bit too generic: I would have gone with Currency Connectors (CCs) or something like that, but whatever.

Lee Braine and Shreepad Shukla of the Chief Technology Office at Barclays Bank have a paper “An illustrative industry architecture to reduce potential fragmentation across central bank digital currency and commercial bank money” which extends the Bank of England’s platform model of CBDC to make some suggestions for what the PIP ecosystem will look like. They point out that implementing programmability in this ecosystem, rather than on a blockchain using smart contracts, should “reduce security risks and complexity”, and I’m sure they’re right.

Smart contracts (or “persistent scripts”, as they should be called) have some interesting possibilities. But they impose an incredible level of responsibility on their creators, which is required to write perfect code to implement perfect logic. Should there be a flaw in the logic or an error in the code, it will inevitably be exploited by attackers. This goes on all the time, as even a cursory glance at cryptocurrency news feeds will confirm. I simply cannot imagine a central bank forging a nation’s currency to correct a mistake in a smart contract!

Instead of smart contracts, what if the intermediaries (i.e. PIPs/CCs) provide a rich and well-defined set of APIs that the wallet providers can use to deliver services to end consumers, then we have the foundation for creative new products and services without the problem of testing, certification and police control of smart contracts. Given the frequent and severe nature of the smart contract failures we see on public blockchains, such APIs are very attractive.

All things considered, then, it appears that blockchains are neither necessary nor desirable for a retail digital currency, and since – according to the Bank of England, the Fed, the Bank of Japan and others – there is no “burning platform” for retail CBDC and that will take time for them to reach the general public, there is plenty of time to explore other architectures more suitable for an electronic fiat alternative.