This design document discusses support for offline payments.
Many proposed CBDCs claim to support offline payments. Taler is explicitly meant to be an online payment system. However, since there recently seems to be an increased interest in offline CBDC solutions, we have decided to still explore how Taler could support offline payments in the future.
While we still recommend online-only payments, this work operates under the the following theme: “If Taler can support offline payments that are no worse than those of competing systems (that often offer less freedom and privacy to users), why should we claim we can’t support them and fare worse in comparisons”?
TBD.
The merchant simply trusts payments without depositing them at the exchange, up to a certain threshold and when an emergency mode is activated.
Advantages:
Disadvantages:
Implement the full wallet in a hardware security module. When paying, the HSM wallet attests itself to the merchant, who then (if configured appropriately) trusts that the coins are still valid without talking to the exchange first.
Advantages:
Disadvantages:
The HSM maintains an offline balance, effectively as a single, HSM protected register. To obtain offline cash, the software wallet spends coins to get a signature that can be passed to the HSM to increment the offline balance. To spend, the software wallet requests an “offline deposit permission” that decrements the HSM balance register. The exchange accepts these offline deposit permissions in lieu of a normal coin deposit permission.
Advantages:
Disadvantages:
(This should be filled in with results from discussions on mailing lists / personal communication.)