BritCoin, ahoy? Digital pound moves into ‘design phase’, says Bank of England
The BritCoin has moved into its design phase, but questions remain over the role of the private sector, what infrastructure will be used, as well as privacy and security.
The BritCoin cometh… perhaps. The digital pound, a Central Bank Digital Currency (CBDC) for the UK – a Bank of England-issued stablecoin – is one step closer to becoming a reality, according to a techUK event this week. It confirmed that the project is now moving from its early, explorative consultations into the design phase.
However, spokespeople were clear that ‘design phase’ should not be interpreted as meaning that the BritCoin has been greenlit for introduction, with at least two to three years likely to elapse before firm decisions are made.
Appropriately enough, the event took place in both the real world and digitally, under Chatham House rules. So, discussions were anonymous, yet not really – authenticated and overseen by a central authority. In these ways and more, the event was not unlike the digital pound itself.
At this stage, the BofE foresees the ‘BritCoin’ as being all of the following things (some of which were outlined in February in its Technology Working Paper and Consultation Paper):
- A retail digital token, used by households and businesses – initially offered in limited amounts per user, to explore adoption and overall usage patterns
- Public digital money issued by a central platform operated by the Bank of England, for everyday use online and instore via smartphones and tablets, and offline by cards
- A token that is seamlessly exchangeable with other forms of money, including cash and bank deposits – yet not envisaged as a replacement for cash, which will persist
- A currency that does not, in itself, pay interest
- A national solution first and foremost, yet one accessible to both UK and non-UK residents
- A public-private partnership (a phrase that, over the past 25 years, diginomica observes has often been associated with overpriced, overlong projects that address private needs more than public goods)
- Digital wallets would be offered by the private sector – including, by implication of the project’s stated aims in 2021, to the unbanked
- Privacy protected, but “not anonymous”.
Despite this “Neither the Bank nor the government would have access to users’ personal data”, explained a spokesperson. This may allay fears that the digital pound could be used by government departments to track people, or to control/limit their spending behaviour.
The Bank “would not collect or analyse users personal data” he added. Even so, there is nothing to prevent private companies issuing services, cards, or wallets that have their own conditions or programmable elements attached to them.
On that point, the Bank revealed that the CBDC would not support any Bank-initiated programmable functions. A fascinating revelation, as until this point programmable money has been considered a major differentiator with current payment systems. However, private companies could – with users’ permission – implement programmable features, such as smart contracts.
Overall, the role of the private sector will be significant, explained the event, providing pass-through wallets and other services. But users’ digital pounds would not be held on those companies’ balance sheets.
Innovation, choice, and efficiency would be the watchwords of the day, widening participation in markets, improving speed, and reducing costs to the end-user. At least in theory. It is hard to imagine financial institutions rushing to implement a new generation of free products when their momentum is towards charging customers for basic banking.
Either way, Payment Interface Providers (PIPs) will be critical, as will non-finance External Service Interface Providers (ESIPs), which may be private companies of any type that wish to offer services.
The event showcased a more confident and discursive team, at least compared with the strangely ambivalent statement we quoted in our earlier report on public vs private money. Back in February, the BofE said:
At this stage, we judge it likely that the digital pound will be needed in the future. It is too early to decide whether to introduce the digital pound, but we are convinced preparatory work is justified.
An innovation that is necessary – yet it is too early to say that, no less. Also in February, the Bank added that such a major infrastructure project would “take years” to create, yet it was apparently too early to start it.
At the time, this suggested a central bank that wanted to have its cake, but not eat it. At the techUK event, however, the team seemed determined to present a more forward-looking face as the design phase begins. Put another way, two months on and it is no longer too early to start.
A spokesperson explained:
Enhancing monetary policy is not an objective that we're going for here. That's not part of what we are aiming to achieve.
And we also propose limits on how much an individual can hold, at least at first. The financial system should adjust over time to digital pounds during the introductory phase, so we think it is probably right to show a little bit of caution. That's why we talk about this limit. We put numbers of £10-20,000 pounds out there.
There will probably be a need for some kind of a limit on corporate holdings. It would likely have to be higher than that for obvious reasons […] That is very much an area of active research for us.
Infrastructure, security and privacy
As for the core infrastructure, that is still being discussed. No ledger has been chosen, but the outline requirements have. It will record the state information of digital pounds in issue, and the movement of funds; it will provide the minimum necessary functionality; and it must be able to support 30,000 transactions a second in the early stages, and be scalable to 100,000. Both seem modest figures to us.
Asked by one delegate if the team had ruled out AWS – now a strategic supplier to the government – as an infrastructure partner, a technical spokesman explained that nothing has been ruled in or out; a statement no doubt designed to be even handed. A Schrodinger’s statement, in fact: eventually the box will be opened and the cat is either dead, or alive and angry.
So, what is the team’s technical vision? A spokesperson said:
The technology design considerations include privacy, security, resilience, performance, extensibility and energy usage on privacy, building on the policy objectives which are set out in the Consultation Paper.
What about people’s privacy concerns and even fears? The spokesperson said:
The CBDC system should protect user privacy while facilitating legal and regulatory compliance. Any information accessed by the bank should be anonymized off ledger, so this would be done by PIPs. Also, the PIP and ease of access to personal data should be limited to the legal and regulatory minimum.
We think that privacy-enhancing technologies might have applications here. So, for example, zero knowledge proofs could be used by PIPs, to attest to Know Your Customer [KYC] completion without sharing personal data with other parties.
But privacy-enhancing technologies could introduce system complexities. For example, creating tension with the system security or interoperability. Some further work is needed to better understand the implications that privacy-enhancing technologies present.
The system could assign aliases – including temporary ones – for transactions. ‘Token people’ is a proposal that makes logical and practical sense, perhaps, yet would seem to run the risk of the same alias, over time, being used by different people, in isolated cases for dishonest purposes.
What about overall system security and resilience? The spokesperson continued:
The CBDC system should secure against existing risks. As well as new risks, such as quantum computing. Crypto agility would therefore be a design goal for the CBDC.
We might also employ a layered security approach that includes the use of multiple layers of security controls. The Bank would be responsible for managing the security of the Bank- managed infrastructure, while PIPs and ESIPs would be responsible for the security of their own components.
The CBDC system should also be resilient to disruption. So, it should be able to reduce the likelihood of disruption, as well as being able to mitigate and recover from any disruption that does occur.
So, will the digital pound be a welcome disruption, or a problematic one? A means to control finance, or to free it – offering the prospect of salad days to the financially excluded and unbanked?
To some extent, that depends on how involved the government wants to be, and how this project plays in a world in which this administration seems less keen on privacy, egality, equity, and security than the banks do.
Stand by for 2025: the earliest possible date for introduction.