--- begin forwarded text
Status: U Date: Fri, 29 Mar 2002 12:33:32 -0500 (EST) From: Ian Grigg <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: XML/X - part III - Governance Cc: [EMAIL PROTECTED], [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Sender: <[EMAIL PROTECTED]> List-Subscribe: <mailto:[EMAIL PROTECTED]> Let's face it, the governance in the gold world sucks. Just simply utterly sucks. With rocks, as our American friends would say. There is, of course, the rather fine part to do with the physical metal. Granted, with some of the systems, you can have some sort of confidence that there are some gold bars there. London, Zurich, Dubai. Other places that only get visited by us mere net-mortals when our dotcom shares ship in. According to some big 5 (whoops, big 4 and [ac]counting) audit firm, maybe there are some bars somewhere. It is not a system that you can rely on to any great extent, but it can certainly be built upon. But, my gripe here today (and, it is a gripe, but with a purpose) is not with the protection of the bars. (Previously I talked about the use of XML/X for the vanilla communication of transaction information. Now, I'm going to leap 2 layers up in the financial cryptography pyramid and talk about governance. Not, specifically the protection of the bars of metal in a DGC, but the protection of the electronic gold.) What really truly sucks, absent little pebbles but with the thunder of great rolling boulders that pressage avalanches to sweep away tiny struggling economies in the shadow of the mountains of the old world, is the digital side. Let's face it (2), it is rather easy to count bars, but how in all of our experience of 6000 years of counting do we calculate how many electrons are circulating out there and making this gold stuff mean .. well, gold? Actually, it's rather difficult. And it is no surprise that every metallic money system has made a complete hash of it. There is no confidence whatever that there are X golden units on that server related to the apparently escrowed same X' worth of mass of physical gold. Why is this? Simply because ... nobody watches those numbers. Or, the same people that watch the numbers are the ones signing the transfers on the metal. Or, the ones in control of the numbers are not being watched by the ones watching the bars. Or, the ones doing the transactions (wake up, dear reader) are the ones who have no idea whatsoever as to what happened when they clicked that [OK confirm now] button. It's a fact, faceable (3) or deniable, as you choose, that your average DGC has no, zilch zero governance in the digital side of the equation. If you are unsure, consider this. Which system out there publishes the way in which the metal float is increased? Who signs off on that? Does our chosen metal system use outsourced float creation, hand-typed SQL to add a little extra into some table, or something even more arcane? For that matter, how do we know that, when a transfer is done, the same amount of digital gold exists before and after? What is to stop a system administrator simply adding some extra to his account? What system has any methods in place to detect insider access to user accounts? One could go on, but you (yes, that's you, the nominal owner of these transactions) should be getting the point by now. Into all this planetary wasteland of governance lies the unfortunate fact that there is, in (yadda yadda) information theoretic terms absolutely no way that the average DGC can do anything to 'govern' the digital value. Shock horror, what does this mean? Well, look at it from first principles. Someone has to run the server. What does that server do? It runs numbers, hopefully ones formed into nice precise double-entry transfers. Anyone who has access to that server can ... change the transactions. They can move value into secret accounts (cunningly numbered 88888 for convenience). They can create unauditable movements of funds by activating frozen accounts in the morning, moving money through them and inactivating the accounts by lunchtime. See the Clearstream operating manual for more information. These gnomes of the backend system can rewind transactions, wind them forward where before there were none, or simply steal value from unwatched accounts and sell it to ... well, who cares. In the same sense that you, the owner of the metal (electronic and/or physical) care about your bars, it is very clear that you should also care about your numbers. Governance of the computer system that is driving the accounts for your average DGC is a most important thing, and a most forgotten thing. What this has to do with XML/X is ... to be described in the following Part IV. --- end forwarded text -- ----------------- R. A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA The IBUC Symposium on Geodesic Capital April 3-4, 2002, The Downtown Harvard Club, Boston <mailto: [EMAIL PROTECTED]> for details... "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' --- You are currently subscribed to e-gold-list as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
