零售层面央行数字货币的技术白皮书（白皮书）-50页

Request for Commentse-HKD: A technical perspectiveIn Collaboration with BISIH Hong Kong Centre Executive Summary 1. The HKMAs CBDC journey in a nutshellThe HKMA began researching CBDC under Project LionRock in 2017, and has since thenactively collaborated with other central banks in broadening our knowledge of wholesale CBDC.In 2019, the HKMA and the Bank of Thailand (BOT) jointly initiated Project Inthanon-LionRock to study the potential of wholesale CBDC for cross-border payments. The projectentered the second phase in 2020 and was subsequently renamed to Multiple CBDC Bridge(mBridge) in February 2021, when it was joined by the Central Bank of the United Arab Emiratesand the Digital Currency Institute of the Peoples Bank of China (PBoC), and strongly supported bythe Bank for International Settlements (BIS) Innovation Hub Centre in Hong Kong.Building on the knowledge and experience in wholesale CBDC, in June 2021, the HKMAcommenced Project e-HKD, which is a retail or general-purpose CBDC (rCBDC) project thataims to study the feasibility of e-HKD. It comprises two components: a technologyexperimentation study and a comprehensive study of other issues, including legal and policyconsiderations.2. Aim of this technical whitepaperThis whitepaper is part of the technology experimentation study under Project e-HKD. Itexplores potential architectures and design options that could be applied to the construction ofthe infrastructure for distributing e-HKD, and reports the initial thoughts and findings.Specifically, it aims to explore technology solutions that address the problems of cross-ledger1synchronisation, over-issuance prevention, privacy-preserving transaction traceability , andflexible instantiations of different two-tier distributions models.3. Proposed architectureThe architecture proposed in this whitepaper is most notable for its ability to flexibly andefficiently instantiate different two-tier distribution models of rCBDC while achievingbreakthroughsinprivacy-preservingtransactiontraceabilityandcross-ledgersynchronisation of decoupled ledgers.In gist, the proposed architecture consists of two layers: a wholesale system for the centralbank to issue and redeem CBDC, and a retail system for commercial banks to distribute andcirculate either rCBDC or CBDC-backed e-money. The design of the proposed architecture wasguided by three key principles, namely: safety, efficiency, and openness to change, innovation, andcompetition.4. The HKMAs stance1 This whitepaper is aware of the existence of different notions of privacy with more a precise meaning in the academic literature (e.g. privacy, confidentiality, anonymity and pseudonymity, unlinkability, l-diversity, t-closeness). For the purpose of this whitepaper, the term privacy is loosely used as a broad concept to refer to the general protection of personally identifiable information in transactions. 1 It should be noted that the proposed architecture is not a blueprint for e-HKD, nor does itapproach a decision on the CBDC distribution models chosen for implementing e-HKD. Rather, itshould be seen as the outcome of initial research as well as a basis for initiating dialogues withcentral banks, the academia, and the wider fintech community to collaboratively explore solutionsfor rCBDC.5. Solicitation of inputBased on an initial, preliminary analysis of the proposed architecture, the HKMA has identifieda number of areas for further discussion, which are summarised as seven problem statements(Table 1). We would like to invite the academia and industry to comment on our proposedarchitecture by making reference to the seven problem statements; as well as solicit new ideas andproject proposals from them.In particular, security modelling and analysis for the proposed design, as well as ideas fornovel use cases and capability that can be uniquely enabled by rCBDC are sought. Feedback onthe proposed architectural design and suggestions for improvement to the design can be submittedto fintechhkma.gov.hk by 31 December 2021.Problem Statements:· To study different privacy models (e.g. anonymity, pseudonymity, metadata obfuscation, and transaction confidentiality) and their applicability to the context of rCBDC and CBDC-backed e-money · To propose new designs which maintain user privacy while assuring integrity of systems (i.e. free from unauthorised manipulation) and transactions (i.e. correct recording of transactions and prevention of frauds) 1Privacy· To research the interoperability between conventional Financial Market Infrastructures (FMIs) and emerging Dis