non-custodial cashu ecash mints inside an enclave.
ecash mint + bitcoin private keys are generated inside the enclave and never leave it.
the mint operator can't rug the bitcoin.
neither can it rug...
there are some technical nuances worth mentioning, but they're well worth the tradeoffs IMO.
biggest win: regulatory. you can't access the bitcoin, so you're not a custodian. this would be massive.
inflation: ecash mint can't print more than it receives in btc. this is what hal finney did with his rPoW back in the day, but it wasn't tied to an existing currency.
reproducible builds: the mint is reproducible meaning that anyone can verify whether the version running in the enclave is malicious or not. the operator could potentially run malicious code but transparent logs would prove that the operator acted maliciously.
denial of service: this the biggest practical risk. the mint operator could simply turn it off and stop processing payments. since they can't rug the bitcoin, it doesn't really benefit the operator. if the operator used a funding source that expires, like ark, they would even risk losing their bitcoin which would disincentivize this behavior.
just to be clear: this does not reduce the risk to zero, but it does get rid of the biggest regulatory concerns which means that public organizations that can be held accountable have a realistic path for running mints without becoming custodians.
it's not a pipe dream, feasibility has been demonstrated internally. this is coming.
it's a win win win for bitcoin and bitcoiners.
biggest win: regulatory. you can't access the bitcoin, so you're not a custodian. this would be massive.
inflation: ecash mint can't print more than it receives in btc. this is what hal finney did with his rPoW back in the day, but it wasn't tied to an existing currency.
reproducible builds: the mint is reproducible meaning that anyone can verify whether the version running in the enclave is malicious or not. the operator could potentially run malicious code but transparent logs would prove that the operator acted maliciously.
denial of service: this the biggest practical risk. the mint operator could simply turn it off and stop processing payments. since they can't rug the bitcoin, it doesn't really benefit the operator. if the operator used a funding source that expires, like ark, they would even risk losing their bitcoin which would disincentivize this behavior.
just to be clear: this does not reduce the risk to zero, but it does get rid of the biggest regulatory concerns which means that public organizations that can be held accountable have a realistic path for running mints without becoming custodians.
it's not a pipe dream, feasibility has been demonstrated internally. this is coming.
it's a win win win for bitcoin and bitcoiners.
124โค๏ธ17๐งก3โค๏ธ2๐2๐1๐1
