Go to DBLP homepageOpen-Cash: An Anonymous Electronic Cash Scheme With Open-Source Observers Based on BBS+ Signatures
Abstract: Electronic cash (e-cash) systems must provide users with anonymity while preventing criminal misuse and enabling selective tracing of malicious actors, such as double-spenders. One of the most ingenious solutions, introduced by Chaum and Brands, involves deploying observers on users’ devices to enforce legitimate payment behavior without compromising anonymity. In this paper, we propose a novel e-cash scheme based on BBS+ signatures and open-source observers running within Attested Execution Secure Processors (AESPs). Our construction employs zero-knowledge proofs to conceal private information, while the open-source observer program—installed within a tamper-proof secure element—acts as a proactive gatekeeper, preventing double-spend attempts before they succeed. The AESP-based attestation mechanism binds each output to the program’s hash, guaranteeing that the officially vetted observer is indeed installed and operating unmodified on the user’s device. This scheme provides three key properties. First, it achieves anonymity and one-more unforgeability using a technique inspired by Brickell et al.’s EPID. Second, it ensures robust double-spend prevention and traceability of double-spenders, even if the AESP assumption is compromised. Third, the scheme remains reversible: if the observer is compromised, it gracefully reverts to the basic scheme without the observer, which preserves anonymity and unforgeability. Overall, this work bridges cryptographic privacy and practical regulatory oversight, providing a transparent and extensible foundation for secure digital payments.
External IDs:dblp:journals/access/HiguchiO25
Loading