[CTRL] [1] The Digital Monetary Trust

[Kris Millegan]

 -Caveat Lector-

from:
http://zolatimes.com/V3.44/dmt1.html
Click Here: <A HREF="http://zolatimes.com/V3.44/dmt1.html">The Digital
Monetary Trust, Part 1, by J. Orlin…</A>
-----
The Digital Monetary Trust


Part 1: Introduction



by J. Orlin Grabbe

This article describes an Internet-based anonymous banking project, known as T
he Digital Monetary Trust, Ltd. The Digital Monetary Trust (hereafter: DMT)
is a proposed financial trust (which may be optionally viewed as a mutual
fund, or a money market fund) all of whose assets will be invested in cash,
commodities (such as gold), and high-quality (low credit-risk) securities
denominated in various national currencies. DMT is a Laissez Faire City
corporation.

The basic business of DMT will be the provision of private, anonymous
accounts, which may be used by individuals and entities within the system to
securely store anonymous capital or to make anonymous monetary transactions.
That is, the DMT will be in the business of providing privacy, and doing so
in a cryptographical framework which provides a more solid basis for customer
anonymity than the traditional ones of (allegedly) tight-lipped bankers or
(often-leaky) banking secrecy laws. In fact, much stricter provisions will be
made to protect against spies, hackers, and misguided law enforcement
agencies with subpoena or seizure powers. DMT will not know who its customers
are, but will nevertheless be able to securely determine when asset transfers
are authorized.

The DMT software system 1) will allow customers to securely access accounts
and transfer money via the Internet; 2) will anonymize transactions and
account creation within the DMT system, so that these activities cannot be
observed by other DMT customers, by the DMT itself, or by outside parties;
and yet, 3) will also provide a publicly observable accounting of DMT's asset
holdings. DMT is an anonymous account system—not a digital cash system. But
alliance with other (third-party) vendors will allow for the receipt or
withdrawal of anonymous digital coins. (That is, digital cash systems can be
layered on top of the anonymous account system.)

Employment information for those who wish to participate in the creation of
the DMT, or those who wish to participate as investors, will be given later
in this article.

There are conceptually three distinct layers to the Digital Monetary Trust
(DMT). These are:

Layer 1. A secure Internet webserver which acts as the public presentation of
the bank, and which interacts with bank customers via their web browsers over
a secure Internet channel. (Customers may optionally interact with the bank
via anonymous email.)

Layer 2. Digital account software which is layered on top of the secure
Internet channel. The software will include:

a. A customer module which generates and stores relevant customer numbers.
b. A trust module which generates the relevant trust numbers, and produces
reports.
c. A data base for storing trust account information.

Layer 3. An interface with the normal, non-anonymous banking system ("outside
system"). The anonymous digital bank (DMT) accepts payments from the outside
system, and makes payments back into the outside system. Ordinary wire
transfer payments into or out of the DMT system will be observable, although
they will not be linkable to a DMT account-holder's identity. Deposits or
withdrawals of anonymous digital coins will not be linkable to any outside
bank account, much less to a DMT account. Payments (account transfers) taking
place entirely within the anonymous system (DMT) will be neither observable
nor linkable.

The three-layered framework will allow DMT to carry out its basic business,
which is to provide privacy services to its customers. DMT will earn income
from interest payments on its holdings of government and other high-credit
quality securities (part of which may be returned to depositors, after
extraction of custody and transaction fees). DMT will also earn transaction
fees from transfers out of the anonymous system, and some fees from the
transfers of funds between accounts.

The structure of the system here is important. Without remote, Internet-based
banking access, DMT would have few customers. Without the elements of
security and privacy, DMT would not be able to service its citizens in a
manner consistent with its stated objectives. Without a convenient user
interface, DMT would not be able to efficiently manage such a process, and
customers would require a higher degree of motivation to use the available
services. Without demonstrable anonymity, the DMT accounts would be just one
more competitor in a vast sea of similar products.

Note that the profit mechanism here is the provision of privacy services in
return for interest earned on asset holdings. We believe that providing
anonymous assets is the market opportunity. It is the one service that no one
is providing—outside the traditional framework of "secret" accounts, which
are not in fact very secret. By holding assets and operating as a bank or
trust, the DMT will have reserves with which to provide earnings. Note that
if DMT captures only a small part of the privacy business now serviced by
Swiss and other banks, it will gain a substantial asset base.

Others in the digital cash world are hoping to earn seigniorage via the
traveler's check model, or by selling software. They face serious barriers to
profitability—the main one being public acceptance of particular digital
currencies. The only currency in this regard that has ever portended some
market acceptance was (the now defunct) Digicash's half- anonymous "ecash".
DMT can use the ecash coin format for its purposes, and provide additional
privacy services to its customers, without having to worry whether the ecash
activity is itself seriously profitable.

DMT as a Financial Intermediary

Before describing the technical and software aspects of the Digital Monetary
Trust project, it is important to address the nature and operation of the
institution as a financial intermediary.

For all practical purposes, DMT can be indifferently thought of as a money
market fund, a mutual fund, or a bank. Like all of those, it will have assets
and liabilities. The assets are the things the trust owns, while the
liabilities are the trust's obligations to its account holders. The
difference between total assets and total liabilities represents DMT
shareholder's equity.

The initial assets will be holdings of gold and high-quality interest-bearing
securities denominated in U.S. dollars, Euros, Japanese yen, and British
pounds, as well as some residual cash (if only because of the lump sum nature
of security purchases). The liabilities (trust accounts) are analogous to
ordinary checking accounts. The DMT balance sheet will thus have the
following initial form:

The Digital Monetary Trust Balance Sheet


Assets

Cash
Gold
Interest-Bearing Securities

*   U.S. dollar
*   Japanese yen
*   Euros
*   British pound


    Liabilitiies

Trust Accounts

Equity

Shareholder Equity
In order to create an anonymous account on behalf of a customer, the customer
will be required to make payment from some ordinary bank, credit, or
commodity account, or else deposit blinded coins. These payments must be made
into ordinary bank or commodity accounts owned or controlled by DMT. The
latter accounts will be termed DMT overt accounts.

Customer payment ---------------> DMT overt account

The overt accounts will be held in various banks or warehouses around the
world, and will be denominated in various currencies or commodities. From the
overt accounts, the money will be moved (perhaps after chaining) to other DMT-
controlled security and commodity accounts. The latter accounts will be used
to purchase securities, or to hold commodity assets.

DMT overt account--->[chain]--->DMT security or commodity account

Upon notification from the relevant bank that funds have been received from a
customer into a DMT overt account, the DMT will issue a customer claim ticket
in the Trust module. The customer will be able to access the Trust module via
the Internet, and claim value in terms of DMT allowed currencies, including
DMT rands.

The DMT rand will be a currency of denomination for Trust accounts at DMT,
along with dollars, euros, British pounds, and Japanese yen. If a customer
choses the rand as the currency unit of account for his/her deposit, money
paid into the Trust will be allocated 20 percent for purchases of gold, and
20 percent each for purchases of high quality securities denominated in
Japanese yen, euros, British pounds, and U.S. dollars. The exchange rate for
the rand with respect to money paid into the Trust system will be determined
by a daily price fix. The fixing rate of the rand with respect to the U.S.
dollar will be the total U.S. dollar market value of the gold and securities
that back the rand, divided by the number of rands issued at the time of the
fix. (Thus, new money entering the system will be neutral with respect to the
current value of the rand.)

A customer may, however, simply choose to hold accounts in dollars, yen,
pounds, or euros. These accounts will be backed, respectively, by dollar-,
yen-, pound-, or euro- denominated securities.

The Trust will charge transaction fees for money leaving the system
(anticipated to be 1/2 of 1 percent per transaction). Money that exits the
system will initially appear in a DMT security or commodity account, and from
there will be transferred to a DMT overt account for credit to the owner. In
addition, the Trust will earn interest on its assets denominated in
high-quality securities. Some of this interest may be returned to trust
account holders. If so, an account holder will be able to anonymously claim
interest according to the rand or designated currency value of his account.

DMT account holders will be able to conduct ordinary business with other DMT
account holders, and to make anonymous payments among themselves. Such
business dealings are at the discretion of the parties concerned, and take
place entirely outside the DMT system. But in a DMT monetary transaction
between two parties, each of the two parties will be required to communicate
with the Trust Module for an anonymous debit-credit transaction to be carried
out. (This communication will not be simultaneous. The receiving party will
supply the paying party a number to be associated with the payment or
transfer. The receiving party will then anonymously collect the payment in a
secure manner that is described later in Part 2 of this article series.) One
account will be debited and the other credited, but the overall liability of
DMT will not change. (The total liability will be slightly reduced by the fee
charged for such transactions, which is anticipated to be 1/10 of 1 percent
per transaction.)

New money entering the system will be used to purchase gold and government or
other low-risk securities. The net holdings of gold and high-quality
securities will be public knowledge to account holders, with the relevant
information as to total asset holdings displayed on a World Wide Web page.
Making this information available to account holders will increase user and
potential user confidence in the underlying soundness of the DMT operation.
(Potential adversaries, such as FinCEN-type mafias, will have to open a DMT
account in order to obtain the same information.)

The DMT will not accept physical (as opposed to electronic or digital or
"wired") cash payments into its system. All transfers have to be made through
the medium of a pre- existing banking relation. The requirement for a
pre-existing banking relationship will help screen out funds from possibly
questionable sources, such as the proceeds of fraud or theft or other
activities that do not respect the fundamental property rights of individuals.
 Of course, any bank that accepts cash will be able to wire or transfer the
funds to a DMT overt account. In addition, the DMT will accept direct
deposits of gold into system, upon presentation of the proper documents.

In short, the DMT is a fund that will take in money and invest it in a
predefined portfolio of commodities and high-quality securities. The total
assets of the fund will be known to account holders. But shares (deposits,
trust accounts) in the fund will be held anonymously, and moreover can be
transferred anonymously between account holders. In its basic operation, it
doesn't matter whether the DMT is considered a trust, a bank, a money-market
fund, or a mutual fund.

The basic problems to be solved by the software system are DMT security, in
that no value is to be given out without corresponding value paid into the
system; customer privacy, in that a customer's account ownership and account
transactions are not known to anyone except the customer himself; and public
accounting, in that information on DMT asset holdings is always available to
account holders.
Some of the computer system requirements implied by the DMT operation are
therefore:

*   bi-directional communication between the customer (or the customer's User
Module) and the Trust (Trust Module) over a secure Internet link
*   generation and management of customer (User Module) symmetric
communication keys
*   generation and mangement of Trust (Trust Module) symmetric and
public/private keys
*   generation and storage of account and collection numbers associated with
deposits into DMT anonymous accounts
*   return of bank digitally-signed account information to the collecting
party
*   generation and storage of numbers associated with withdrawals from DMT
anonymous accounts
*   return of bank digitally-signed modified account information to the
paying party
*   generation and storage of number associated with transfers between DMT
anonymous accounts
*   email interface to assist in the optional encryption and transfer of
module-created numbers to the DMT via anonymous email or a nym server
*   DMT asset accounting of invested funds (this will likely be handled by a
separate system)
*   DMT Web Page display of asset allocation
*   currency module (for keeping track of exchange rates, including the par
value of the rand, for currencies and commodities)
*   menu-driven customer (User Module) interface
*   menu-driven Trust (Trust Module) interface

More specific requirements will be discussed later.

Computer System Objectives

The Provision of Anonymous Accounts. There are many reasons for anonymity.
People with visible assets are inviting targets for theft or extortion; for
lawsuits from customers, strangers, wives, husbands, girlfriends, boyfriends,
family members, patients, and others seeking an easy and convenient way of
enhancing their own financial well- being; for arbitrary assessments from
governmental agencies which have budgetary problems or which have visions of
expanded influence through a greater command of resources; for asset seizures
based on inane and arbitrary laws such as those relating to minor drug
possession (laws which allow parents' assets to be seized as a result of
their children's activities); and for political pressures exerted by the
implicit threat that if one does not toe the current political line, then
one's personal belongings may become a government target.

In short, the possession of financial assets can limit freedom as well as
enhance it. Anonymity reduces the negative impact on freedom that comes from
building personal wealth. Hence there is a demand for anonymity from
freedom-seeking individuals.

An anonymous account provides much more security than does, say, a Swiss
numbered account. A Swiss numbered account is not anonymous. The identity of
a numbered account owner is not generally available within the Swiss bank,
but is nevertheless known to a small number of upper level managers. A Swiss
numbered account reduces the number of individuals who have access to
information in the account, but it does not reduce this number to zero.
Moreover, little consideration is given to the security of transactions made
with such an account.

Anonymity provides protection for the bank as well as the customer. Bank
employees cannot be placed under legal, economic, or physical pressure to
reveal what they know ("rubber-hose cryptanalysis"), because they will not
know anything. Bank employees cannot be bribed to give out information for
the same reason. If bank records are seized, the only data that can be gained
is information that is already public. Hence there will be no reason to take
such action in the first place. Neither will any customer be placed in the
position of worrying that information about his activities may be given to
others: the bank will not possess such information.

In short, there is a market demand for completely anonymous accounts, and
this demand is not being met by current purveyors of digital cash systems. Ano
nymity is a product for which the current demand clearly exceeds the
available supply: hence the provision of anonymity should earn rates of
return well above average.

Is anonymity practical? All current systems we have looked at fail to address
this issue. At best such systems are interested in the anonymity of digital
coins, not account holders. By contrast, the system presented here
concentrates on account-holder anonymity. But it also provides a mechanism
for transfers between anonymous accounts, which may take place for whatever
reason. Possible business deals between account holders are not the business
of DMT. Hence the DMT does not collect information on them—and does not
guarantee payment by one party to the other, in the manner of the credit-card
model. Rather, what DMT will do is make authorized, anonymous transfers
between accounts.

Because account balances are altered as needed, the total number of accounts
will be a simple multiple of the number of people in the system. (It is
assumed that individuals may desire several accounts.) Hence the size of the
database should not create on-line waits, unlike digital coin systems which
attempt to anonymize small-value, everyday payments.

This point cannot be emphasized enough. Money serves two principal functions.
It is a medium of exchange, and it is a store of value. A few digital cash
systems seek to anonymize money in its role as a medium of exchange. The DMT
project is primarily a project to anonymize money in its store of value
function.

Current and proposed digital cash systems that anonymize coins do not provide
anonymity in asset holdings: but only anonymity in payments.

Moreover, the biggest market opportunity, in our view, is not in the minor
seignorage recapture that can be obtained by issuing one's own coins (and
facing the difficulties of competing with ordinary government-sponsored
cash), but in providing a haven for flight capital. Swiss banks have made a
living from this for years. But Swiss banks are as now leaky as a sieve.

Anonymity is the market opportunity. The provision of anonymity will provide
high returns. Digital cash itself may not ever provide significant returns.
But the provision of anonymous accounts will allow DMT to earn significant
interest on its asset holdings.

Most individuals with dollars to hide want secure dollars. They are not
interested in seeing their well-understood, spendable dollars disappear into
what they may consider "flaky digital cash." On the other hand, if DMT is in
the business of anonymity, then it would be nice to make available
transactional anonymity in small, everyday payments also. We have had
discussions with projected suppliers of digital cash software, and reached
the following conclusion:

DMT can issue and accept anonymous digital coins in connection with its
anonymous digital accounts.

Keep in mind, however, that ordinary business transactions can be conducted
using DMT accounts. One party pays from his DMT account, and the second party
collects the payment into his (possibly newly created) DMT account. This will
be more practical for large payments than for the small everyday payments
envisioned by digital cash systems.

User Interface Via the Internet. The DMT software will involve two principal
parts. The first part will be a Trust Module that operates in connection with
a web server to control the overall DMT operation. The second is a User
Module that operates in connection with a generic web browser for access to
trust services. The reasons for the latter are now explained.

Mobility is important to the lifestyle of a Netizen. The demand for mobile
banking services can be met by providing access to DMT from anywhere in the
world Internet connections are available.
Of equal importance, Internet access has become a manditory part of any
future banking operation because of cost factors. A survey of European and
American banks by Booze, Allen & Hamilton found that the cost of the average
payment transaction on the Internet was 13 cents or less, compared with 26
cents for a personal computer banking service using the bank's own software,
54 cents for a telephone banking service, and $1.08 per transaction for a
bank branch.

Where the DMT itself is concerned, political factors are also important. The
DMT computer (computers) will be located in geographical jurisdictions where
it can carry on its business without political interference. The key to a
profitable DMT operation is therefore not neighborhood banking but rather
telecommunications access. As time progresses, political factors will become
increasingly important to the DMT operation for other reasons, in particular
the possible erroneous targeting of the DMT for "money laundering" (the usual
Statist rallying cry as a frivolous excuse to attack financial privacy).

There are essentially three approaches to Internet banking software. The fat
client model relies on the customer having dedicated banking software on his
PC, like Intuit's Quicken software. Data and business logic is stored on the
customer's PC. But this type of model has traditionally had little
flexibility, and is not easily integrated with other Internet applications.
The thin-client-stateless model only expects the customer to have generic
software, such as a web browser, and the interface relies on a generic
Internet language (such as the World Wide Web's HTML). This is sufficient for
supplying acount information or transferring funds, but it doesn't allow the
customer to add much value by processing the data in any way. It doesn't meet
specific security requirements.

The thin-client-stateful model represents the probable future direction of
most Internet banking. This model combines a generic interface like a web
browser with PC resident software. Here one might think of, for example, a
plug-in to Netscape which allowed the customer to set up her own parameters,
DMT-related encryption keys, and whatnot. Such a plug-in might allow security
parameters of the transactions process to be controlled without unduly
restricting customer convenience.

Be this as it may, the DMT software application proposed here is essentially
a stand- alone Java application (not an applet), for reasons made clear
later. Despite claims to the contrary, a browser with Netscape plug-ins or
Microsoft ActiveX components is not really very thin. Nor are the plug-ins
portable in the same way as a stand-alone Java application is. By contrast,
the DMT software envisioned here will operate much like the thin-client
stateful model. The DMT User Module can be thought of as a stripped down web
browser, number processor, number storage module, and email interface unit
that handles just a few MIME-types, and enacts the SSL/TLS protocol.

The User Module and the numbers stored therein will give the customer
Internet access to his account or accounts. Only the customer will know the
identity of his own anonymous accounts and the balances in those accounts.
(The Trust Module will always know its total liabilities to account holders,
but will never know who these account holders are.)

Asset Accounting and Banking Security. The Trust Module will allow the
transfer of money into and out of anonymous accounts, and the transfer of
money between anonymous accounts. Instead of tracking coins, the system would
keep track of balances, and may (depending on the protocol chosen by the
customer) create new accounts with new account numbers as these balances are
changed. Transfers between anonymous accounts can be done by anonymous email
or (more conveniently) by User Module on- line requests to the Trust Module.

The bank itself will know nothing about the accounts held by customers,
except for transfers into or out of the system. (When money is transferred
into the system, the bank may know the identity of the bank account from
which the money came, because the bank may receive the funds by wire
transfer. When money is transferred out of the system, the bank will have to
know the account to which funds are to be paid—payment of digital coins
excepted. Note, however, that there may be no observable connection between
the identity of the person transferring money in, and the customer who
collects it.) The bank will always know the sum total of individual account
obligations. Internal DMT transfers cannot change the total. In or out
transfers can change the total, subject to double-entry verification of funds
received/paid.
The bank asset accounting software (which may be separate from the Trust
module) will allow for the convenient updating of asset holdings and exchange
rates. Any changes will be automatically reflected in the publicly displayed
screens on asset holdings and exchange rates.

Interface With Existing Banking Systems. Interface with existing banking
systems is simple. Money transferred into the DMT system will come from
ordinary bank accounts, and will be paid into ordinary bank accounts owned by
DMT. The balance accounting in the latter case will be done by the banks of
which DMT is a customer.

The key is to provide a mechanism which allows these funds to be anonymously
deposited into anonymous accounts.

The funds in ordinary DMT bank accounts will be used to purchase commodities
and high-quality securities. Accounting for these assets is conceptually
separate from the operation of the anonymous deposit system. Bank transfers
and securities and commodities purchases will be entered into the bank asset
accounting system as they occur, both for accounting verification and for
public display. (In addition to accurate accounting, a principal concern in
this part of the DMT operation will be to preserve the value of the DMT's
assets from blockage, default, repudiation, or seizure. This, however, is
separate from the software operation.)

User Convenience. The software will be simple to use in that it will be
menu-driven. Both the User Module and Trust Module will feature
point-and-click functionality.

The customer will be able to access his account information at any time,
because the information relevant to his account(s) will reside in the User
Module on the customer's computer. Only if the customer wishes to change his
account—by making transfers to another customer, by adding to his account, or
by transferring money out of the account—will it be necessary to contact DMT.

The customer can also use the User Module software to view DMT asset
allocation and current exchange rates.

The User Module will handle all the necessary cryptography needed to interact
with the DMT system, and provide convenient export mechanisms for those who
prefer to conduct transactions via anonymous email.

Protection Against Hostile Intruders. The environment must be considered
hostile at all times for certain aspects of the DMT's operation. This
includes the possibility someone will casually acquire or tamper with the
DMT's secret keys (for public key cryptography), or corrupt, tamper with, or
maliciously monitor the execution of the operational code for performing
certain cryptographical operations. Such tampering could come from outside
intruders or possibly even DMT employees.

One aspect of addressing these problems is to use a secure cryptographic
coprocessor for storage of critical keys and cryptographical variables (such
as group generators and moduli) and for performing other critical
cryptographical operations (such as modular exponentiation and calculation of
hash values). In particular, it is intended that no customer "account number"
(see Part 2) will ever be observable in an unencrypted form by any DMT
employee. Such a customer account number, as will be seen in the description
of the banking protocols detailed later, is a public key (although not
attacted to an identity known to the DMT), and will be created by and known
to the customer. This number will be used by the bank, but does not need to
appear in an unencrypted form outside the secure coprocessor.

We are well aware that "secure" coprocessors do not provide any ultimate
security. We believe, however, they can be highly useful in keeping bank
employees ignorant of transaction information that could potentially be
linked to an account holder's identity. This in itself provides a large
measure of bank and customer security.

Another security risk is the possible seizure of the bank's records or
database. Such a seizure must yield no useful information about DMT's
customers to the seizing party. How this will be accomplished in explained
later in the banking protocols.

Digital Cash Extensions. As mentioned, the DMT is an anonymous account
system, not a blinded digital coin system. However, using third party
software, the DMT intends to allow digital coin transfers into, or out of,
anonymous accounts. Moreover, nothing precludes DMT becoming a digital coin
issuer itself at some point. The decision to do so will depend on an
evaluation that says this makes sense in terms of DMT's core business.

The digital cash extention will allow DMT to take advantage of markets
created by others, but ones that we do not feel will in and of themselves be
very profitable.

Part 2 in this series will provide a mathematical description of the
anonymous account system, along with a detailed numerical example and related
discussion.

------------------------------------------------------------------------
Those interested in employment opportunities please click here.
Those looking to invest in the DMT project please click here.

------------------------------------------------------------------------
J. Orlin Grabbe is the author of International Financial Markets, and is an
internationally recognized derivatives expert who has recently branched out
into cryptology, banking security, and digital cash. His home page is located
at http://www.aci.net/kalliste/homepage.html. He currently resides in Costa
Rica.
-30-
from The Laissez Faire City Times, Vol 3, No 44, November 15, 1999

-----
Aloha, He'Ping,
Om, Shalom, Salaam.
Em Hotep, Peace Be,
Omnia Bona Bonis,
All My Relations.
Adieu, Adios, Aloha.
Amen.
Roads End

DECLARATION & DISCLAIMER
==========
CTRL is a discussion and informational exchange list. Proselyzting propagandic
screeds are not allowed. Substance—not soapboxing!  These are sordid matters
and 'conspiracy theory', with its many half-truths, misdirections and outright
frauds is used politically  by different groups with major and minor effects
spread throughout the spectrum of time and thought. That being said, CTRL
gives no endorsement to the validity of posts, and always suggests to readers;
be wary of what you read. CTRL gives no credeence to Holocaust denial and
nazi's need not apply.

Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://home.ease.lsoft.com/archives/CTRL.html

http:[EMAIL PROTECTED]/
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]

To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]

Om