On December 1st, the Bank for International Settlements (BIS) and central banks from various countries published a paper on legal issues and CBDC system design. Participating central banks included the Bank of Canada, the Bank of England, the Bank of Japan, the European Central Bank, the Federal Reserve Board, the Swedish Central Bank, and the Swiss National Bank.
One of the debates is whether the CBDC system adopts a centralized or decentralized model. In a two-tier system, one option is to adopt a hub-and-spoke model, where updates are controlled by the central bank, but data ownership is decentralized. Alternatively, a peer-to-peer design can be used, sharing update permissions.
The paper points out that centralized systems are less flexible, have single points of failure, and may even become bottlenecks. However, they do not believe it is appropriate to decentralize the core settlement power of the CBDC system. In modular design, core settlement can be centralized, while other aspects (such as identity) can be decentralized.
In addition, privacy is a major issue facing CBDC. Although privacy can be achieved using existing technologies, some newer privacy-enhancing technologies (PET), such as secure multi-party computation (SMPC) or zero-knowledge proof (ZKP), can provide greater flexibility.
However, based on the experience of two central banks and the BIS Innovation Center, they are not yet convinced that PET is ready and question its real-time execution capability, complexity, and reliability.
Other topics explored in the paper include network security, offline CBDC, and compatibility with existing point-of-sale systems.