SNB Favours a Token-Based CBDC Design
The Swiss National Bank (SNB) issued its working paper 3/2021 'How to issue a central bank digital currency'.
Written by David Chaum, Christian Grothoff and Thomas Moser, the paper presents the SNB’s thinking about a token-based retail CBDC, a rather different approach from most other central banks. The overriding priority for the SNB is privacy and it believes this approach can deliver that and achieve the broader benefits claimed for CBDCs.
The paper is clear that this is about how one might design a CBDC, and not a decision to issue one.
Theory and hazards of CBDCs
As with many papers, this one describes the two forms of central bank money.
First, reserves in the form of settlement accounts used by selected financial market participants to settle interbank transactions. Wholesale CBDCs are the equivalent and the SNB is clear that for domestic settlements, tokenisation and Distributed Ledger Technology (DLT) do not offer compelling benefits compared with today’s alternatives, particularly Real Time Gross Settlement systems.
Second, currency in the form of banknotes. Retail CBDCs are intended to replicate the functions of currency.
The benefit of electronic central bank money without counterparty risk available to all is that it could improve the stability and resilience of the retail payment system. A retail CBDC needs to be able to support online micropayments. A neutral payment infrastructure could promote competition, efficiency and innovation.
On the other hand, if a CBDC competes for commercial bank deposits, it could have an impact on bank credit and economic activity.
Privacy is at the heart of the SNBs thinking about CBDCs. It gives three reasons why privacy is important:
It protects users from scrutiny and surveillance by the government
It protects users from data exploitation by payment service providers
It protects users against the other party in a transaction who may ex-post fail, or neglect, to protect customer data, allowing opportunistic behaviour or security risk.
It is usually argued that cryptographic privacy protection takes so much computing power that it is not suitable for use on mobile devices. This may be true in the context of DLT, where public traceability is necessary to stop double-spending, but the SNB’s design is based on a centralised database rather than DLT.
Its view is that DLT is useful if there is no central party that is trusted. That is not the case for Switzerland.
The SNB’s focus
The SNB’s focus is on CBDCs used as a medium of exchange rather than as a store of value. To achieve that, the value must be stable, and it must be commonly accepted. Today central bank policy maintains the value of money. Commercial banks peg their private money to central bank money to maintain its value. Central banks manage the counterparty risk faced by the banks’ customers through regulation.
The simplest form of CBDC would be an account-based system with the account held at the central bank. All of the regulations concerning know your customer (KYC), anti-money laundering (AML) and counter terrorist financing (CTF) would apply.
The central bank could outsource tasks such as authenticating customers and managing fraud. It would be easy (and cheap) to access customer data, and the central bank would become the target of hackers after the data and other government agencies interested in it too.
An account-based system potentially makes the central bank a competitor to commercial banks, with risks of disintermediation and instability in the case of a run on the banks. There are arguments that this could be managed by options such as a cap on deposits, interest rates set a level lower than commercially available rates, or only issuing accounts against securities such as government bonds.
The SNB has focused on a token-based approach.
Different token-based options
Cryptocurrencies are based on tokens, but they are not suitable for transactions due to their nature and the underlying technology.
Stablecoins are also token-based, coming in three forms:
1. Algorithmic stablecoins. These use algorithms to adjust supply to maintain price stability. An example of this is Nubits.
2. Asset-backed stablecoins. The asset could be money (central bank reserves, banknotes or bank deposits), commodities (eg. gold), or other cryptocurrencies. Since stablecoins are not covered by deposit insurance and central banks do not act as lender of last resort for them, to have confidence in them they need to be fully backed. The type of asset and the legal rights of the holder are key to whether there is confidence in the stablecoin. The profitability of the asset to the provider and their own funding model is a part of assessing the stablecoin.
3. Synthetic CBDC. If bank deposits are used to back a stablecoin, the risk that the commercial bank may default still exists. An option is, therefore, to use central bank reserves as the asset. When this happens, they can be regarded as a CBDC even though not a liability on a central bank.
The SNB suggests that if there are CBDCs, then the advantages of stablecoins will be significantly reduced.
The SNB’s approach
The SNB has explored token-based CBDCs designed specifically to guard privacy. It has based this on Free/Libre and Open Source Software (FLOSS), known as 'free software'.
It believes that the central bank should create CBDCs and manage the database, while commercial banks should manage consumer and merchant interactions. Customer identity is authenticated when the token is issued and deposited and at this stage KYC, AML and CFT applies. The transaction itself is private, it is not authenticated but authorised. That makes the transaction cheaper, easier, faster and private to carry out. The CBDC is a genuine digital bearer instrument.
When the money is withdrawn, it assigns a number to a 'coin' which is not known by the central or commercial bank. This is 'blended', hidden by a special encryption. There is a private key, known to the coin owner, and public key that is given by the central bank and assigned a denominational value.
When the merchant receives the coin, the coin is referred back to the central bank to check if it has already been spent against its database. It is the public key that is being checked and so the privacy of the individual is maintained.
The paper also looks at some options in the design which could be used to resolve some of the problems sometimes associated with CBDCs.
The coin could be time limited to ensure it is used and not hoarded. This has the advantage that the database against which the public key is checked is smaller. It also reduces the security risk because the central bank does not have to worry about attacks against expired keys. It also reduces the window for attacks.
An exchange fee could be introduced to allow negative interest rates.
There could be a conversion limit per customer for AML/CFT reasons or for financial stability, against hoarding or bank runs. It is also feasible to limit the number of transactions per day.
This approach does mean that this CBDC can only be used if the internet is available.
Attributes of the system
SNB are confident that this approach is scalable.
The cost will be low. Its estimate for the cost of storage, bandwidth and computation at scale would be below $0.0001 per transaction.
Commercial banks will be able to see merchant activity, allowing unusual patterns to be identified and investigated. This will make tax evasion, under-reporting of income or sales tax evasion impossible.
Merchants won’t know the identity of the customer, the bank will only know its own customer activity and the central bank is completely separated from detailed knowledge. This means that this approach is compliant with the European Union’s General Data Protection Regulation.
The risk of disintermediation or cross-border capital flows is less with this token-based approach because people are unlikely to hold very high values as a token – the risk of theft is too great. In addition, expiration dates, exchange limits and fees to refresh time-expired coins are all tools to discourage this.
A token-based approach can support smart contracts and is capable of being integrated through DLT in the future. Since change is a certain, the ability to innovate from the start point is important.
Final thought
This paper lays out a persuasive case for a token-based software-only retail CBDC to mimic today’s physical cash used for transactions rather than bank deposits. It delivers transaction privacy, meets regulatory requirements and offers protection against systemic privacy risks. It avoids the risks to monetary policy and financial stability created by other approaches. The solution is scalable and credible in terms of speed, cost and ease to use whether online or face-to-face.
On the other hand, the requirement to be online means that it cannot match the resilience functionality of cash. It also requires the user to have access to and be able to work with technology.
This review of a token-based approach is a useful contribution to the CBDC discussions.
Subscriber content
Read the full article
Full access to Cash & Payment News articles, newsletters and archives.