PRCash: Centrally-Issued Digital Currency with Privacy and Regulation

Decentralized cryptocurrencies based on blockchains provide attractive features, including user privacy and system transparency, but lack active control of money supply and capabilities for regulatory oversight, both existing features of modern monetary systems. These limitations are critical, especially if the cryptocurrency is to replace, or complement, existing fiat currencies. Centralized cryptocurrencies, on the other hand, provide controlled supply of money, but lack transparency and transferability. Finally, they provide only limited privacy guarantees, as they do not offer recipient anonymity or payment value secrecy. We propose a novel digital currency, called PRCash, where the control of money supply is centralized, money is represented as value-hiding transactions for transferability and improved privacy, and transactions are verified in a distributed manner and published to a public ledger for verifiability and transparency. Strong privacy and regulation are seemingly conflicting features, but we overcome this technical problem with a new regulation mechanism based on zero-knowledge proofs. Our implementation and evaluation shows that payments are fast and large-scale deployments practical. PRCash is the first digital currency to provide control of money supply, transparency, regulation, and privacy at the same time, and thus make its adoption as a fiat currency feasible.

[1]  Abhi Shelat,et al.  Efficient Protocols for Set Membership and Range Proofs , 2008, ASIACRYPT.

[2]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[3]  Jan Camenisch,et al.  A Signature Scheme with Efficient Protocols , 2002, SCN.

[4]  Ghassan O. Karame,et al.  Evaluating User Privacy in Bitcoin , 2013, Financial Cryptography.

[5]  Pierangela Samarati,et al.  Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression , 1998 .

[6]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[7]  Wenbo Mao,et al.  Guaranteed Correct Sharing of Integer Factorization with Off-Line Shareholders , 1998, Public Key Cryptography.

[8]  Jan Camenisch,et al.  Balancing accountability and privacy using E-cash , 2006 .

[9]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[10]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[11]  George Danezis,et al.  Centrally Banked Cryptocurrencies , 2015, NDSS.

[12]  Jan Camenisch,et al.  Signature Schemes and Anonymous Credentials from Bilinear Maps , 2004, CRYPTO.

[13]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[14]  Georg Fuchsbauer,et al.  Anonymous Transferable E-Cash , 2015, Public Key Cryptography.

[15]  Ueli Maurer,et al.  Unifying Zero-Knowledge Proofs of Knowledge , 2009, AFRICACRYPT.

[16]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[17]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[18]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[19]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[20]  D. Boneh,et al.  Bulletproofs : Efficient Range Proofs for Confidential Transactions , 2017 .

[21]  Ghassan O. Karame,et al.  Scalable Byzantine Consensus via Hardware-Assisted Secret Sharing , 2016, IEEE Transactions on Computers.

[22]  Jan Camenisch,et al.  Compact E-Cash , 2005, EUROCRYPT.

[23]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[24]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[25]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[26]  David Pointcheval,et al.  Short Randomizable Signatures , 2016, CT-RSA.

[27]  Yevgeniy Dodis,et al.  A Verifiable Random Function with Short Proofs and Keys , 2005, Public Key Cryptography.

[28]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[29]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[30]  Peter Bernholz,et al.  Monetary Regimes and Inflation , 2015 .