For several years, seven central banks have been collaborating on various retail central bank digital currency (CBDC) topics. Today the BIS and the central banks published papers on legal issues and CBDC system design.
The central banks involved are the Bank of Canada, the Bank of England, the Bank of Japan, the European Central Bank, the Board of Governors of the Federal Reserve System, Sveriges Riksbank and the Swiss National Bank.
One of the debates is about whether to adopt a centralized or decentralized model for a CBDC system. In a two tier system, one option is a hub-and-spoke model, where updates are under the control of the central bank but ownership of the data is spread. Alternatively, there could be a peer-to-peer design that involves sharing the authority for updates.
The authors acknowledge that a centralized system has weaker resilience, represents a single point of failure and could even prove to be a bottleneck. However, they are unconvinced it’s appropriate to delegate authority for the core settlement of a CBDC system. In a modular design, the core settlement could be centralized while other aspects are decentralized, such as identity.
CBDC Privacy
Privacy is a massive issue for CBDCs. While it would be possible to achieve privacy with existing technologies, some of the newer privacy enhancing technologies (PETs), such as Secure Multi-Party Computation (SMPC) or Zero Knowledge Proofs (ZKP) could provide more flexibility. For example, they support privacy while still enabling anti money laundering compliance checks. These sorts of solutions usually provide yes or no on passing compliance tests without sharing personal information.
However, based on the experiences of two of the central banks and the BIS Innovation Hub, they are not yet convinced that PETs are ready for prime time. They question the ability for them to perform in real time, their complexity and reliability.
Other topics explored in the paper included cybersecurity, offline CBDC and the compatibility of existing point of sale systems.
CBDC cybersecurity
On cybersecurity, they conclude that current central bank practices apply. However, the two tier nature of CBDCs means there’s a larger attack surface because of other CBDC ecosystem players. They also considered the risk of double spending, which is not considerable for centralized settlement. But it’s a higher risk for offline CBDC, which they see as an area needing further work. In the meantime, offline holding limits can partially manage the risk. Another cybersecurity topic is quantum computing. Some post quantum cryptography (PQC) algorithms carry minimal overhead so they may be practical for a CBDC.
Regarding point of sale (PoS) systems operated by retailers, the Bank of England found that most modern PoS systems would be CBDC compatible. However, they recognize this could vary by jurisdiction.
Meanwhile, this is the fourth round of publications by the seven central banks. The initial work in 2020 explored foundational principles and core features. In 2021 they published three papers on user needs, CBDC design and financial stability. And last year they shared a short paper on how to achieve sufficient CBDC user adoption.
