NOTICE: If you copy the following notice from your web browser, the signatures will NOT validate. Download a time-stamped copy to use for validation purposes.
-----BEGIN PGP SIGNED MESSAGE-----
########################################################
#
# The text of this message was stamped by
# stamper.itconsult.co.uk with reference 0013566
# at 16:51 (GMT +0000) on Wednesday 31 December 1997
#
# For information about the Stamper service see
# http://www.itconsult.co.uk/stamper.htm
#
########################################################
- -----BEGIN PGP SIGNED MESSAGE-----
Public Notice
Common Law Copyright
31 December 1997
West El Paso Information Network (WEPIN)
6112 N. Mesa #218
El Paso { 79912 }
Texas
wepinsto@colossus.net
The following cryptographic protocol allows fully anonymous electronic
currency with protection against double-spending. The protocol may be
used by anyone in any product without payment or notice.
Anonymous Currency (Coins)
In the following protocol, an issuer is an entity that sets up
accounts, manages reserves, and issues electronic currency. A user is
an account holder that withdraws, spends, receives, exchanges, or
deposits electronic currency.
The key to the growth of electronic commerce is the availability of
fully anonymous currency, called coins in this protocol. The coins are
anonymous in the sense that, except for the initial withdrawal of coins
from an account and the final deposit of coins to an account, no one
will be able to determine the past history of the coins, i.e., cannot
determine who spent the coins, in what transactions the coins
participated, or who accepted the coins. While the coins must be fully
anonymous, there must also be a mechanism to prevent, or at least
significantly reduce, the possibility that the coins can be copied and
respent.
The general protocol used is as follows.
When a user wants to withdraw some coins from his account, his software
will generate a random and time-stamped 110-digit serial number for
each coin. The serial numbers will be stored locally and an MD5 hash of
each serial number will be generated and added to the coin request. The
coin request, but NOT the serial number, will be sent to the issuer.
The issuer will time-stamp the coin request with an expiration date six
months from the date of the coin request. The issuer will encrypt the
MD5 hash of the serial number and will then clearsign the coin request,
which now contains the encrypted MD5 hash of the serial number, turning
it into a proto-coin. The clearsigned proto-coins will be returned to
the user.
The user software will then add the serial numbers to the appropriate
proto-coin turning them into coins. (Care must be exercised to ensure
that each serial number is attached to the correct coin. Otherwise, the
serial number will not validate.) The coins are now ready to spend.
The user spends the coins by sending them to a recipient, another user,
who has agreed to accept them. The recipient sends the coins, unsigned
but encrypted in the issuer's public key, to the issuer for validation.
(There are two options here allowing more or less anonymity. See
below.) The recipient can elect to accept the coins without validation
but then the recipient accepts the risk that the coins have already
been spent. The issuer will perform three checks to validate the coins.
a. The issuer will verify that the proto-coin portion of the coin
was clearsigned by the issuer and that nothing in the signed portion
has changed since it was signed.
b. The issuer will verify that an MD5 hash of the plain-text
serial number matches the encrypted MD5 hash, once it has been
decrypted, contained in the signed portion of the coin.
c. The issuer will search for the serial number in the issuer's
spent-coin database. If the serial number is there, then the coin has
already been spent. If the serial number is not there, then the issuer
adds it to the database and validates the coin. (This database is
potentially quite large and must be very efficient. This is the main
reason behind the six-month expiration date.)
On validation, the issuer will deposit the value of the coins into the
recipients account or, at the option of the recipient, generate new
proto-coins, possibly in different denominations, and return them to
the recipient. The recipient now has new coins in his preferred
denominations that can be spent. There are two levels of anonymity for
the recipient.
a. If the recipient elects to have the coins deposited into his
account, there is minimal anonymity for the recipient since the issuer
will have to have the user account id in order to deposit the coins
although the issuer will not be able to determine in what transactions
the coins were involved nor who spent the coins.
b. If the recipient elects to have the coins exchanged for new
coins, there is a fair bit of anonymity for the recipient since the
only information the issuer will have is the IP address of the
recipient which can change each time the recipient logs on to his ISP.
For the truly paranoid, the recipient can use different ISPs for each
transaction. In my opinion, this level of anonymity should be
sufficient for most business transactions.
- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBNKp29p5C4hMDAC3JAQGHIgQAhsyzrN4Gl/R99Sz42uY3Ai0Bfh8Ek1vh
VhVRUMjCclhc4SsRbyOCO8zIm+JsAnj9fL00G24pTjBatVPefZeYDZwwxaDJzsPK
ODD+YNqRyuDf7+8r5POHkKbL0ceRcXpE7X/FZ+2kedns3XGRyInpI12EBMLTihcH
iAA4axoN0hg=
=R7A9
- -----END PGP SIGNATURE-----
Donald Dale Henson, sui juris
All authority is assumed authority. Assume some today!
Visit WEPIN Store at http://colossus.net/wepinsto/wshome.html
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: Stamper Reference Id: 0013566
iQEVAgUBNKp4I4GVnbVwth+BAQEfwQf8CRAwHB6BDrI0kCF7RRILeIF0YJNdAGBk
soXuiXIaEeTzVeZkicFqbOGI43R14wPWV00NnGTqSKbtdJOV9HgFsw9dDiaoqDom
BaNyhj2WfhHxYi6oc4ikjrNfuEd+Z3hfBrhJ4zkz88djR9AkBmBCZM5ccQtqX/uR
W0S32XTHVGfqLAfZjGcsV/pO18vXIfJlrW/BVULSCe4NBgaPAVV7/+XVT7Pg7mED
2vylJkRLadIYzXeKM/JIVfgTAf6tpS+UT9KS8oycRZnfDeH9t0GTJ8n0QkgNMXCo
8FjKoyNa9L7vudSC/LVv8n+ALhS8Cqom9gQ2DpdtPV/4HRdp4CHzSQ==
=THT7
-----END PGP SIGNATURE-----
Copyright at Common Law, West El Paso Information Network, 1997