Is this not strictly worse than cash, then? It’s still a centralized physical currency, but instead of a government with checks and balances that is ostensibly accountable to its citizens, Kong is controlled by an opaque organization accountable to nobody.
After reading the paper, I’m still not exactly sure how the lockdrop works. Could you elaborate on it?
As for verifying transactions offline, I’m skeptical of how useful that is. If you can lock down printing, the supply of fake or duplicate Kong should be low anyway. If you decentralize printing (or a lot of counterfeit/duplicate Kong gets introduced into the market some other way) then offline verification seems insufficient. What’s to stop me from printing and spending two copies of a note if I know the other parties won’t veriify the transaction online until much later?
We can only print Kong; we cannot remove it from circulation. We're limited in the total amount of Kong we can print.
We likely will need to have another document detailing how the lock drop works. The short version is that you lock up Ethereum in a smart contract for between 30 and 365 days; when you prove that fact to a given Kong lock drop contract instance you receive Kong token (at the end of the period).
> If you decentralize printing (or a lot of counterfeit/duplicate Kong gets introduced into the market some other way) then offline verification seems insufficient. What’s to stop me from printing and spending two copies of a note if I know the other parties won’t certify the transaction online until much later?
Here's how I see offline verification working:
(1) I sync up directly with an Ethereum node and cache all the Kong note smart contracts (ideally my own would be the most trustworthy). Most importantly this contains the public key for each Kong note known at the time and the token associated with that note
(2) I accept any notes that I can electronically verify from that cache. That's done by challenging the note to sign a message and verifying the response.
(3) I don't accept any notes not in my cache. The downside is that I can't accept very new notes, but we suspect that if we continue to produce Kong that we'll do so in large batches infrequently.
> We can only print Kong; we cannot remove it from circulation.
This isn't strictly true; you can buy notes from people.
> We likely will need to have another document detailing how the lock drop works. The short version is that you lock up Ethereum in a smart contract for between 30 and 365 days; when you prove that fact to a given Kong lock drop contract instance you receive Kong token (at the end of the period).
It sounds like the basic idea is that you "preorder" Kong with Ethereum, and then you visit a physical location (the "contract instance") to receive your cash ("Kong token"). If my understanding is correct, then this isn't outside of your control at all — you (or the "contract instance") can simply refuse to issue the cash.
Re: verification, here's my issue:
> Most importantly this contains the public key for each Kong note known at the time and the token associated with that note
What if someone counterfeits Kong not by wholesale faking currency, but by duplicating valid notes in circulation? The public key would be the same, so they would both pass offline verification.
> This isn't strictly true; you can buy notes from people.
Haha, sure.
> It sounds like the basic idea is that you "preorder" Kong with Ethereum, and then you visit a physical location (the "contract instance") to receive your cash ("Kong token"). If my understanding is correct, then this isn't outside of your control at all — you (or the "contract instance") can simply refuse to issue the cash.
Nope, it's in a smart contract that can be deployed into perpetuity.
> What if someone counterfeits Kong not by wholesale faking currency, but by duplicating valid notes in circulation? The public key would be the same, so they would both pass offline verification.
Section 2 in the paper explains how difficult this would be do. You need to duplicate the private key from a secure chip designed not to reveal the private key.
> Nope, it's in a smart contract that can be deployed into perpetuity.
But I would be receiving a physical object, correct? Which means one of the following must happen:
- you give me notes in a manner that is not controlled by you (e.g. in the mail) assuming I'll fulfill the contract in good faith
- you give me notes in a manner that is controlled by you (e.g. at a bank-like location) to prevent theft
- we introduce an oracle (i.e. centralization in a third party)
> You need to duplicate the private key from a secure chip designed not to reveal the private key.
Yeah, this is an example of a problem that becomes much more likely if you share "printing rights".
Ultimately, I remain unconvinced — this is as proposed today a centralized currency that is almost strictly worse than a government currency, with the possibility of new drawbacks were printing ever to become decentralized.
> But I would be receiving a physical object, correct?
Incorrect. The lockdrop is for completely virtual Kong token.
> Yeah, this is an example of a problem that becomes much more likely if you share "printing rights".
Correct, as elucidated above. Likewise each Kong self generates its own private key by design, as outlined in section 2 of the paper. By design, the key is non-extractable.
> Ultimately, I remain unconvinced — this is as proposed today a centralized currency that is almost strictly worse than a government currency
We can't inflate Kong infinitely unlike every other paper fiat currency. We can only print Kong for four years. After that the only digital Kong produced is via lockdrop.
> We can't inflate Kong infinitely unlike every other paper fiat currency. We can only print Kong for four years. After that the only digital Kong produced is via lockdrop.
So what? As soon as you share printing rights the other party can. So can anyone else who has the private key. Not even by minting new Kong but by physically duplicating existing Kong. That's a much bigger problem than a well controlled 2% rate of inflation.
After reading the paper, I’m still not exactly sure how the lockdrop works. Could you elaborate on it?
As for verifying transactions offline, I’m skeptical of how useful that is. If you can lock down printing, the supply of fake or duplicate Kong should be low anyway. If you decentralize printing (or a lot of counterfeit/duplicate Kong gets introduced into the market some other way) then offline verification seems insufficient. What’s to stop me from printing and spending two copies of a note if I know the other parties won’t veriify the transaction online until much later?