National digital currencies (NDCs) are potentially useful to supplement or replace national physical currencies. Distributed ledger technology (DLT) has been studied in this context. DLT provides a consensus network in which copies of a ledger are maintained and updated at each independent node of the consensus network. When a question is raised as to a transaction, a consensus among the nodes decides the answer to the question. For a variety of reasons such as efficiency, DLT is not particularly appropriate for use in implementing NDCs. The inventor(s) of the subject matter described in this and related applications have therefore investigated how to realistically efficiently implement NDCs with centralized tracking.
Example embodiments are best understood from the following detailed description when read in context with the accompanying drawing figures, in which:
In the following detailed description, for purposes of explanation and not limitation, representative embodiments disclosing specific details are set forth in order to provide a thorough understanding of the representative embodiments according to the present teachings. However, other embodiments consistent with the present disclosure may depart from specific details disclosed herein. Descriptions of known systems, devices, methods of operation and methods of manufacture may be omitted so as to avoid obscuring the description of the representative embodiments. Nonetheless, systems, devices and methods that are within the purview of one of ordinary skill in one or more of the numerous arts relevant to the present teachings are within the scope of the present teachings and may be used in accordance with the representative embodiments. It is to be understood that the terminology used herein is for purposes of describing particular embodiments only, and is not intended to be limiting. The defined terms are in addition to the technical and scientific meanings of the defined terms as commonly understood and accepted in the technical field of the present teachings.
If centralized tracking is to be used to implement NDCs, numerous efficiency aspects must be addressed. A CS for tracking an NDC must interface with the public, and for efficiency purposes should only accept one or very few predefined format(s) for incoming communications. Since the public may include any individual anywhere in the world connected to the internet, the CS must be accessible with minimal complexity while also being maintained safe. Inquiries and instructions to a CS may be provided as a short, formatted inquiry or instruction (SFIOI) which require minimal information including at least a unique identification of each virtual note (VN) specified in the SFIOI and a unique identification for each party involved in whatever is communicated in the SFIOI. Centralized tracking for NDCs may provide benefits such as the ability to proactively and authoritatively confirm ownership of VNs even in the absence of transactions or transfers, and the ability to cooperate with courts, law enforcement and security agencies such as to freeze transfers of VNs based on, for example, court orders.
After creation, a VN may be initially assigned to a financial institution by a CS, and then transferred between different parties before being provided back to the CS for retirement. VNs and SFIOIs may be packetized and communicated over packet-switched networks that switch packets in accordance with transmission control protocol/internet protocol (TCP-IP) and/or user datagram protocol (UDP-IP).
In tracking virtual notes (VNs) of NDCs shown in
In some embodiments, the transaction requester may provide an encrypted unique identification to the counterparty for the counterparty to check with the CS 150. Once the transaction requester confirms the transaction, the counterparty will obtain the unencrypted unique identification that uniquely identifies the VN. the transaction requesters may provide verification information uniquely identifying the transaction requesters. The counterparties may present the verification information to the CS 150 so that the CS 150 can assume that the transaction requesters have assented to transfer the VN. In these embodiments, counterparties proactively confirm validity of the VN and ownership of the VN by the transaction requesters by sending the verification information of the transaction requesters and the VN_info directly to the CS 150.
In some embodiments, transaction requesters may proactively notify a CS that VNs will be transferred.
In some embodiments, an executable program may be embedded within a VN. The executable program may be configured to initiate SFIOIs with the CS 150 periodically and/or when an internet connection is available after being unavailable, so as to initiate a report of the current location of the VN. Metadata may be sent to the CS 150 to update the electronic records at the CS 150 as a check-in process not initiated by a party. The metadata may include records of offline transactions involving the VN, such as transactions using near field communications (NFC).
Unique identifications for parties may be specified in as few as 5 bytes. Identification of the nations issuing the unique identifications may be built into the unique identifications, so that unique identifications may be used for different CS s. Unique identifications for VNs may be specified in four bytes or five bytes. Five bytes may be used to specify up to almost 1.1 trillion unique IDs for VNs, and four bits (e.g., the first four bits) of the five full bytes may be used to specify any of up to sixteen denominations for VNs with the remaining thirty six bits specifying almost 69 billion different unique IDs for VNs of any particular denomination.
SFIOIs may be strictly formatted for any particular CS, but may vary for different CS s. Since a typical packet size in some forms of communications is 512 bytes, and a minimum page size in flash memory is also 512 bytes, a logical format for a SFIOI to a CS 150 may require exactly 512 bytes. Fractions (e.g., 256) or multiples (e.g., 1024) of 512 bytes may also be logical choices for a format size in terms of processing and storage efficiency. Unique identifications for parties and unique identifications for VNs specified in the SFIOIs may be allocated full 64-bit words (or more). The number of VNs that may be specified in any SFIOI may be limited to, for example 7 or 9. SFIOIs may also specify the actual number of VNs specified in the SFIOIs, a type of the SFIOI, and so on. Since most or perhaps all of the data provided in different fields for a format for an SFIOI can be specified in fewer than 64 bits, the format for a SFIOI may specify that the data is to begin at the first bit of the field or is to end at the last bit of the field, so that either the end of the field or the beginning of the field has bits set as zero (0). Fields in a SFIOI may also be provided for unique identifications of currency reader programs (CRPs) and electronic wallet programs (EWPs) that handle the VNs. Approved CRPs and EWPs may operate in accordance with the expected format(s) for SFIOIs, so that they do not send SFIOIs that do not comply with the expected format(s). An example SFIOI format is shown in and described with respect to
In the functional network layout for a CS in
The ID management system 151 may be used to store and update records for parties authorized to use the NDC tracked by the CS 150. Identities may be standardized worldwide for multiple CSs including the CS 150. The party identifications may be formatted to explicitly or implicitly specify which nation or region is the source of each party identification. Fields of a party identification may be dedicated to identifying states/regions of a nation, ID types (e.g., for bank-issued IDs, national IDs, social media IDs, and the ID number itself. Additionally, the United States has approximately 5200 banks or similar entities. Identifications for banks and similar entities which handle VNs may be assigned using 16 bits. Unique party identifications may also be obtained through banks or similar entities. For example, the first 13 bits of a party identification may be an identification for a bank or similar entity through which the party identification was obtained. One benefit of implementing party identifications this way is that a profile managed by a CS may limit information of parties, since the banks and similar entities have records specifically identifying their customers, so that the identification of the end users may be retained by the banks or similar entities without requiring a complete profile to be managed by the CS 150. The ID management system 151 stores or is configured to store identification numbers for parties, and at least some of the identification numbers may be generated by third-party systems (e.g., for banks) for parties who are anonymous to the CS 150. Unbanked individuals may obtain unique identifications for using VNs via local branches of national postal services, such as via digital fingerprint pads which can be used by any individual with a finger to uniquely identify themself.
The LSS 152 is used to maintain records of current ownership of all VNs issued through the CS 150. The LSS 152 is used to address ownership inquiries from the public via the SGS 156. The LSS 152 is updated from the MMS 153 when VNs are transferred via SFIOIs. The LSS 152 may be effectively isolated from other elements of the CS 150. Inquiries in SFIOIs may be provided from the SGS 156 via first dedicated communication channels (e.g., dedicated wired connections), and updates from the MMS 153 may be provided via second dedicated communication channels (e.g., dedicated wired connections). The LSS 152 may be used to quickly track and verify ownership of a VN by hierarchically storing records for VNs in a alphabetical order, a numerical order, or an alphanumeric order. In this way, a record for a VN can be looked up using the unique identification of the VN. Using the LSS 152, the CS 150 is configured to proactively confirm ownership of instances of a tracked digital asset (e.g., the VNS of the NDC) based on inquiries in the packets of the SFOIs, and this may be done without transferring ownership of the tracked digital asset. The ability to proactively confirm or deny ownership of an instance of a tracked digital asset is an advantage provided by the CS 150.
The MMS 153 is used to store most or all types of records for the NDC, and may be distributed by type. In the context of any tracked digital asset including VNs of an NDS, the MMS 153 stores or is configured to store records of all instances of the tracked digital asset The MMS stores records for all instances of a tracked digital asset (e.g., the VNs of the NDC) for the CS 150. The MMS 153 receives updates to the records from the SGS 156 once instructions in a SFIOI packet pass processing by algorithms of complex software run by the SGS 156.
The ID management system 151 may send updates to the MMS 153 when an identification is updated, such as when an individual changes name, dies, retires a previous identification and obtains a new one, and so on. The SGS 156 may send ownership updates to the MMS 153.
The artificial intelligence and analytics system 154 may be provided access only to the MMS 153, and entirely closed off from the public.
The backup memory system 155 may also be entirely closed off from the public in normal operations, though if the backup memory system 155 is switching on, functionality of the main record system 153s may instead be switched to the backup memory system 155.
The SGS 156 may include servers assigned to handle incoming communications addressed to designated internet protocol (IP) addresses. The SGS 156 serves a function of shielding the MMS 153 and the other elements of the CS 150 from the public. The SGS 156 is a security system that executes complex software that systematically performs comprehensive checks on SFIOIs received at the CS 150. The software may include a set of sub-applications which may be adapted to any of a variety of formats set for SFIOIs used in any CS identical or similar to those described herein. Each of the software sub-applications performs a different task or different tasks then other of the software sub-applications. A first set of algorithms of the complex software at the SGS 156 may send inquiries outside of the SGS 156 but within the CS 150, and a second set of algorithms of the complex software at the SGS 156 check for responses to the inquiries sent outside of the SGS 156. No sub-application or core of a multi-core processor executes or processes the entirety of any SFIOI, and instead the sub-applications process different parts of each SFIOI.
The sub-applications may perform security checks, such as for compliance with a required format for SFIOIs. One sub-application may check one field to ensure that the source ID for a VN corresponds to the provider of the SGS 156. Other software sub-applications may be dedicated to coordinating checks with other elements of the CS 150, including the LSS 152 (confirming that VNs specified in a SFIOI belong to an owner specified in the SFIOI), with the ID management system 151 or another element (e.g., to check for owner-specific handling instructions), with the MMS 153 (e.g., to check greylists and blacklists for owners and VNs specified in a SFIOI) and so on. Proof of knowledge of ownership of each VN specified in each SFIOI may be a key safety measure, even though avoiding hang-ups waiting for a response from the LSS 152 or similar responses for similar inquiries to other elements of the CS 150 may be the key reason, or one of the key reasons, that all processes for SFIOIs are not implemented linearly by stand-alone cores of a multi-core processor. The software sub-applications may be provided as a software program, or as pre-programmed special-purpose multi-core processors that implement the software program, or as dedicated computers (e.g., servers) with one or more such multi-core processors programmed to implement the software program.
The SGS 156 may check to ensure that null fields of SFIOIs are null, that header information such as a hop count is exactly what is expected (e.g., 0), and so on. The sub-applications may run on the SFIOIs stored in the pages in a FIFO sequence. Each sub-application performs its assigned type of safety process in the same manner on each SFIOI it is authorized to process. Different sub-applications perform different types of checks. Processing for each page is highly coordinated by staggering the sub-applications to run in a predetermined order on each memory page until all sub-applications are finished with their processing of the SFIOI on the memory page.
The SGS 156 may include multiple nodes, and every node may be able to process tens of thousands (e.g., 40,000 or more) of legitimate SFIOIs per minute. Incoming SFIOIs may be stored at sequential address spaces of 512 bytes (i.e., flash memory pages which serve as uniform memory units). The last few words (e.g., 8 words) in each 64-word SFIOI may be formatted to be null and are not written to the page.
The processing at the SGS 156 may be visualized as 4-dimensional processing. The 512-byte pages are 2-dimensional memories with 64 64-bit word lines. Each sub-application incrementally moves between pages in a third dimension and processes the same byte(s) or word(s) on each page. The sub-applications are staggered in time as a fourth dimension, so that sub-applications avoid collisions trying to read from or write to the same byte(s) or word(s) at the same time. Additionally, the ownership checks and other types of external checks for the sub-applications necessarily involve a timing offset as one set of cores sends pairs to the LSS 152, and another set of cores processes the responses from the LSS 152 to avoid any core sending a pair and then being hung up waiting for a response.
A status update system of the SGS 156 may use the same memory pages as are used for storing the SFIOIs. The status update system is used to synchronize the sub-applications as they process the SFIOIs. By way of explanation, any form of tracking for a NDC may require enormous numbers of write cycles to the memory pages used to store the SFIOIs. If the same memory cells, or even the same type of memory cells, are used to update statuses 10 to 20 times during processing of each SFIOI, the number of write cycles to the status memory cells would be many times the number of write cycles to the memory cells used for storing the SFIOI, and this would result in the overall memory being fatigued much quicker when the status memory cells become fatigued. To address this, for example, 8 64-bit (8 byte) processing words at the end of the 512-byte SFIOIs may be mandatorily null, not written to the memory page, and the corresponding memory cells may be used for status updates instead of any substantive data in the SFIOIs. The SFIOIs may be stored on a 1-to-1 basis on 512-byte pages at the SGS 156, but without writing the 8 64-bit null processing words at the end of the SFIOIs to the pages. Instead, the memory cells at the end of the memory pages may be used for tracking statuses of the sub-applications so that the sub-applications can check the appropriate status word/byte before performing their processes on SFIOIs, and can each update a different status word/byte after performing their processes. The memory cells used for the status updates may be written at effectively the same rate as the memory cells used for storing the substantive data of the SFIOIs, and this may extend the memory life by at least 1000%.
A 24-core/48-thread (e.g., AMD) processor is an example of the type of multi-core processor appropriate for the SGS 156, so 8 processing words (64 bytes) provide more than enough bytes to dedicate on a 1-1 or better basis for each thread to update when the process implemented for the SFIOI by the thread is complete. Pairs of multi-core processors and flash memories may be rotated in and out of service in groups at the SGS 156. Each sub-application may check (read from) one assigned status field to ensure the sub-application is cleared to process an SFIOI before proceeding, and may update (write to) at least one different status field(s) upon completing the processing, so that the next sub-application(s) can check the update before performing its safety process on the SFIOI. After performing a safety check, the sub-applications may mark appropriate status fields for each 512-byte page or sector before proceeding, to notify successive sub-applications whether they should perform their processing. For example, if any sub-application detects an error in any SFIOI, the sub-application may update the status of all update bytes in the status field to show that no more processing is needed by any sub-application for the SFIOI on the page. This can be done by simply indicating that all necessary processing has already been performed so that successive sub-applications skip the SFIOIs in which an error is detected.
Some of the sub-applications may generate inquiries to external systems within the CS 150 (i.e., external to the SGS 156), and it would be inefficient to have any processing resource pause while waiting for answers to inquiries. For example, since verifications of ownership may be performed by sending inquiries as SFIOIs to the LSS 152 and receiving confirmations or denials of ownership from the LSS 152, the inquiries may be sent by one set of threads and responses may be checked by another set of threads to avoid hang-ups. This may avoid any particular thread accumulating latency delays while awaiting responses. As an example, ownership checks may require up to 18 threads total when each SFIOI may specify up to 9 virtual notes.
Communications within the CS 150 may use internal addressing so that an outside party may not be able to determine how a SGS 156 obtains information from the LSS 152 or the ID management system 151. The only element of the CS 150 assigned any IP address may be the SGS 156.
In some embodiments, 48 threads may be run simultaneously by different cores of the example 24-core processor to process SFIOIs. The SGS 156 may run 24/7/365 by switching in and out different pairs of multi-core processors and flash memories.
In some embodiments, different NDCs may be exchanged in a currency exchange, such as by a first CS and a second CS which communicate with each other. Each CS may receive information of VNs and purported owners to confirm with counterpart CSs that the VNs are owned by the purported owners. Accordingly, CSs may accept inquiries for VNs that they do not manage or track, as long as the VNs are managed or tracked by counterpart CSs. In some similar embodiments, the CSs may directly exchange VNs, such as to settle trade flows. Also or alternatively, custodial institutions may provide currency exchange services for VNs and assist one or more CSs in tracking different types of VNs.
SFIOIs may also specify amounts of change due to a sender of VNs. In the example of the currency exchange processes, CSs for multiple different digital currencies may facilitate change when they are used to exchange VNs of the different digital currencies.
Notifications may be provided to communications addresses of record for the owners of record as an anti-spoofing mechanism. Use of a multi-factor push service similar to AuthPoint may be required for users of approved CRPs or EWPs. In some embodiments, a service similar to AuthPoint may be used to implement multi-factor authentication for multiple applications and programs on electronic user devices, so that push notifications for the same service may be used to confirm VN transfers, transaction initiations, VPN log-ins, and/or other types of actions for which multi-factor authentication may be appropriate. In some embodiments, multi-factor authentication may include dynamically generating a code such as a set of 2 characters, and sending the code or characters to a predetermined communication address such as a telephone number for the actual owner of the VNs. The actual owner may be required to type in the 2 characters in a response confirming the transfer.
Instances of authorized CRPs and/or EWPs used for transactions involving VNs may be provided with unique identifications maintained in association with unique identifications of parties in records at the CS 150. A CRP is a program that is configured to read and properly interpret the file of a VN. An EWP is a program that provides access to one or more accounts under which a VN may be stored and transacted, and may be configured to read and properly interpret the file of a VN. In some embodiments, authorized CRPs and EWPs may be centrally controlled. For example, the CS 150 may coordinate with application servers of third-party service providers that provide the authorized CRPs and EWPs, so that parties using VNs can be automatically updated as to where to send SFIOIs. The CRPs and EWPs may include instructions to halt transactions and transfers at the same time each day, each week, each month, or each year. The CRPs and EWPs may also each include a subprogram that is activated by a signal sent from the CS, so as to be dynamically halted such as for urgent or emergency reasons. The CRPs and EWPs may be halted for set time periods, or until a notification is received from the CS 1350 to resume. The synchronization may also be provided for all CRPs and EWPs, subsets of CRPs and EWPs, or individual CRPs and EWPs.
Verification information for parties may include one or more forms of verification information which may uniquely identify parties such as unique communication addresses, unique identifications of program instantiations of programs used by the parties, unique account numbers of accounts assigned to the parties, unique device identifications of ECDs used by the parties, unique personal identifications assigned to the parties by governments, biometric information, and other forms of unique information that may be uniquely correlated to parties. In some embodiments, parties may be enabled to select which form of verification information will be used to confirm ownership by the parties, and the parties may also be enabled to change the form of verification information associated with their ownership of VNs.
Movement of VNs of NDCs may be detected and reported in a variety of ways. Primarily, movement of VNs will be detected and reported by programs involved in transferring the VNs, such as CRPs or EWPs. However, a VN may also or alternatively include an executable software subroutine of instructions that is retrieved from the VN whenever metadata is extracted, such as to generate VN_info. Executable software subroutines may be included in a specific field of a VN, such as in a metadata field or a separate instruction field. The executable software subroutine may be provided in duplicated forms in multiple software languages so that the VN can be processed by different computers using different types of operating systems. When the executable software subroutine is retrieved and processed, such as to generate the VN_info, the executable software routine may recognize that the VN is being moved or has moved, and the executable software subroutine may initiate a message to report the movement over an electronic communications network to the CS 150. The message may be sent to a predetermined hostname or IP address, and may report that the VN is being moved from one account to another account.
In the method for a CS to handle communications for batches of VNs and translatable party information in
In some embodiments, part or all of one or more files in a folder or application for a VN may comprise a lightweight database. The lightweight database may be activated by a triggering event such as a transfer of the VN or an automated report to the CS 150, such as to check in via an SFIOI with an update for current location. The lightweight database may include data in JSON format on a file within the application so that the data can be read by multiple different types of devices.
If a VN is lost, such as when a portable memory is lost, an owner may be provided an ability to present ownership credentials to the CS 150. The CS 150 may cancel the VN and any other VNs registered with the owner, and simply issue new VNs to the owner with the same denomination.
An electronic history for VNs may be maintained at the MMS 153. The electronic history may start with the unique identification and date/time of creation for the VN, and may be populated with the date and identification that identifies each party that owns the VN as the VN changes hands in transactions. For example, the electronic history may include a date, time and location of creation, a sequential list of each owner of the VN, identifying information of each owner, and a date or date/time combination for each transaction in which the VN is transferred between owners. The electronic history may be created and updated for each VN of a set of VNs of a NDC, such as VNs denominated at or above specified amounts. For example, records for VNs with value of $1000 may be updated each time the VNs are transacted.
In the method of confirming a transfer instruction for a VN for digital currencies in
The process of
In a second sub-process, at S156 the VN information is retrieved. At S157, VN blacklists and VN greylists are retrieved. At S158, the VN information for the VN subject to the transfer instruction is compared to the VN blacklists and VN greylists. At S159, an action is taken if there is a match from the comparison at S159.
In a third sub-process, at S160 registered owner information for the VN may be retrieved. The third sub-process may be an anti-spoofing process that is selectively applied or that is always applied, for VNs. At S161, a notification is generated for the registered owner VN, such as to a communication address of record for the registered owner of the VN. At S162, the notification is sent. At S163, affirmative confirmation is awaited from the registered owner before authorizing the transfer of ownership in the records. At S177, a determination is made whether the transfer is okay. The transfer of ownership is only okay if there is no match with a blacklist in the first sub-process and the second sub-process, if any requirements are met for greylists in the first sub-process and/or the second sub-process, and/or if confirmation is received in the third sub-process. At S178, the electronic history for the VN is updated if the transfer is okay (S177=Yes). At S179, the transfer is refused if the transfer is not okay (S177=No). A process as in
Greylists may be maintained for VNs for a variety of reasons including frequency of transference by a transaction requester, and frequency of activity (e.g., handling of many VNs) by a transaction requester, and economic and/or statistical reasons. Greylists may also be maintained for parties such as transaction requesters who are subject to extraordinary monitoring. Greylists may also be maintained for parties such as transaction requesters that are subject to extraordinary monitoring. Actions taken based on a greylist hit may include notifying a 3rd party such as a government agency, or simply adding an entry for the transfer to a record maintained for the recipient being monitored. Blacklists may be maintained for VNs and parties, and actions taken based on blacklists may include simply include informing the parties that the transaction is not authorized. In some embodiments, a greylist hit may result in initiating an inspection requirement for the VN by ordering that the VN be provided to the CS 150 for inspection of the file for the VN, or that the file for the VN be inspected by a CRP or EWP at an ECD.
As an example, VNs transferred to any address known to belong to a foreign central bank may be placed on a VN greylist, and addresses of foreign central banks may be placed on a party greylist. In this way, transfers of VNs from an account of a foreign central bank may trigger an alert based on both a VN greylist and a party greylist, and may result in notifications being sent to a system that monitors central bank currency flows.
In the method for a CS to process ownership inquiries for one or more VNs in
In
In some embodiments, the CS 150 may store different alternative IDs in different databases, so that each different set of alternative IDs is isolated from all other sets of alternative IDs. For example, a CS 150 may store a first database of translation tables for translating all telephone numbers in the United States to corresponding universal IDs used by the CS, and another database of translation tables for translating all CRP identifications to corresponding universal IDS. Of course, more than 2 separate database configurations may be used for translations to universal IDs. Isolation of memory arrangements for different memories used for translations of different types of IDs may be used to ensure the fastest possible lookups for universal IDs whenever an alternative ID is received as part of an incoming inquiry or instruction. As an alternative to lookup tables that store alternatives to universal IDs, a universal ID numbering system may be designed so that alternative IDs may be accepted from approved sources such as large social network providers and communication service providers. For example, if a 10 digit universal ID is used for a population up to 9.99 billion people, an 11th digit and 12th digit at the end may be used to specify up to 99 different accounts or other characteristics for an inquiry or instruction being sent to a central tracking system.
In some embodiments, change for VNs may be addressed by a CS. For example, a CS may interpret a change amount, if due field in SFIOIs. The change amount, if due field may specify an amount of change due to the sender of the VN(s) from the recipient of the VN(s). The CS 150 may store information of universal EWPs for parties who use VNs, and may credit and/or debit the universal EWPs for amounts of change agreed to in notifications from senders and recipients. Also or alternatively, the CS 150 may store information of third party (e.g., bank) accounts for senders and recipients of VNs, and may credit and/or debit the third party accounts for amounts of change agreed to in notifications from senders and recipients. In some embodiments, CS 150 may use universal EWPs as a default for crediting and debiting senders and recipients, but senders and recipients may be allowed to update the CS 150 to specify third party accounts to use instead of the universal EWPs.
In the monitoring, inspection, and replacement method for digital currencies in
In some embodiments, a permanent EWP may be provided for the life of an end user and fully or partially managed by a CS. The permanent EWP may be assigned after the birth of a party, and a unique identification may be assigned to the party. The permanent EWP may then be created, and may be capable of receiving and storing financial products such as digital currencies on behalf of the party. At any time during the life of the person, an entity that owes the party payment for any reason may transfer the payment to the permanent EWP, such as when the entity cannot find the party to arrange for payment. A government wishing to distribute stimulus funds to persons such as adult citizens may transfer the stimulus funds for the party to the permanent EWP. Nations may allow non-citizen residents or others to obtain unique identifications and permanent EWPs. Additionally, biometric identifiers such as a fingerprint, retina scan, DNA, or any other form of biometric identifier that can be electronically recorded may be obtained and correlated to the permanent EWP, so as to allow the party to present themself to an institution authorized to provide access to the permanent EWP. CS s may allow parties to designate access controls to the permanent EWP. For example, a party may require that subsequent withdrawals from the permanent EWP require a fingerprint of the party, a retina eye scan of the party, or one or more other forms of party-based inputs that can be used to control access.
In some embodiments, a CS may include a data center to handle large volumes of data managed by a CS, such as for the MMS 153 or for multiple elements of the CS 150. The data center may be configured to process instructions derived from SFIOIs by referring to or updating data in the data center. Data stored at a data center and retrievable for use from the data center may include VN electronic histories, VN group information (e.g., characteristics such as background imagery for groups of VNs), party information (e.g., unique electronic communication addresses and program/application identifications, nationality, residence, currently-owned and previously-owned VNs and dates of transfer), greylists for VNs, blacklists for VNs, greylists of owners, blacklists for owners, and so on. A data center may include more than one data center, and may use scalable memory. Structured query language (SQL) may be used if database configurations at the data centers must be compatible with legacy databases that already use SQL. SQL may be useful for handling structured data in relational databases.
Alternatively, non-SQL (NoSQL) may be used if the database configurations do not require relational databases, and may be useful for real-time inquiries such as ownership confirmations for VNs via the LSS 152. An example of a NoSQL configuration that can be used is a MongoDB configuration, which provides for a file system that may be used for storing VNs according to unique identifications, and which is considered a document-oriented database that may be used for storing user profile documents that include the history of ownership of various VNs. Data centers may be implemented in private cloud configuration that isolate equipment and operations for the digital currency from equipment and operations for other parties and uses. For example, data centers may use solid-state drive (SSD) arrays to store data. SSDs may be preferable to hard disk drives (HDD) in terms of faster speeds and lower power use etc. Databases may be implemented on a paired-basis by which each memory configuration is paired with a different dedicated server, or on a dynamically reconfigurable basis so that underused servers may be put to work to relieve overworked servers.
In some embodiments, VNs may be provided as folders that include several files. For example, a VN may include a relatively small amount of data including image data, variable data and so on. Some of the use data stored as metadata for a VN may be provided as an separate encrypted file with JSON or BSON data, and may be transmitted to the CSs via an application programming interface (API). The use data may be captured and stored in data fields within the JSON/BSON file. CSs may send signals via APIs to devices where VNs are stored, and the signals may indicate that the data in the JSON/BSON file has been stored at the CS and can be deleted from the device where the VN is stored, thereby reducing the amount of data sent with the VN as the VN is transferred. A VN and/or API may be configured to communicate via a specific port of a server or database in the data center to notify with updates, and this also may reduce the workload at the CSs. One or more types of SFIOIs described herein may include JSON/BSON updates, and these communications may be handled by updating records at a CS with details from the JSON/BSON updates once the SFIOI is cleared through a SGS 156. In some embodiments, VNs may include a private address that is useless to the public in a metadata field, but which is interpretable by the CS or another control system, and may include a private server or database address, or even a specific port address of a private server or database address. CSs may unpackage updates to identify which private server or database address stores the record for the VN, and this may serve as a supplement or alternative to addressing based on unique identifications of the VNs, so that even if a CS or control system even partially uses the unique identification of a VN to identify a sub-group of servers and databases used to store the record for the VN, the private address sent by the VN may be used to specify a server, a database, a server port, a database port, or another internal communications address within the sub-group for a component that is not reachable by any public address.
In the monitoring center for a digital currency in
In
As another example, a separate central subsystem (not shown) may be used to process VNs that are stored on legacy-type user devices without browsers. For example, a separate central subsystem may receive formatted messages as text messages from such user devices without browsers, and may have its own security protocols such as by verifying the user devices with wireless communication carriers and/or by initiating anti-spoofing messages to telephone numbers at the user devices requiring confirmation of instructions to transfer one or more VNs.
In the memory arrangement for a memory system in
In the memory arrangement for a memory system.
In the memory arrangement for a memory system in
Additionally, the CS may also require that communications comply to specific formats limited to a small set of types of communications approved for handling. The internal servers and databases may be assigned private local addresses meaningful only to the CS or another form of control system. Internal servers may be numbered 1 to 1000, and internal databases may be numbered 1 to 1000, so that the CS tracks records for updating and retrieval by the private local addresses and not any public addresses.
In some embodiments, artificial intelligence may be used to optimize operations for a CS 150 in embodiments herein. For example, problematic datasets that may be applied to artificial intelligence in training to detect features and patterns may include: data corresponding to detected attempts to counterfeit VNs, data corresponding to detected attempts to spoof parties or user devices, data corresponding to detected attempts to spoof authorized software programs, data corresponding to reported lost VNs, data corresponding to reported stolen VNs, and data corresponding to detected unauthorized attempts to validate ownership of VNs. The artificial intelligence may be used to automatically subject some incoming communications such as transfer instructions to additional processing such as multi-party authentication, spoofing checks with owners of record of VNs using the addresses on record for the owners, and other forms of additional processing. Artificial intelligence may be trained using transaction data, VN data, account data, party data, and/or any other data sets in the server system 350 as training data. For example, artificial intelligence may be used to detect suspicious or criminal transactions, likely mistaken transactions, likely unauthorized transactions, or any other concerning activity that can be detected based on patterns identified from artificial intelligence. Multiple different instances of artificial intelligence programs may be applied to new data and information stored in the server system 350, and may be applied for a variety of reasons such as to detect fraud and counterfeiting attempts based on, for example, accounts, types of transactions, locations where transactions occur, and types of VNs involved.
In the method for retiring a virtual note of a digital currency in
In some embodiments, a CS may be synchronized with ECDs. The synchronization may include a predetermined arrangement to not conduct transactions of transfers involving VNs managed by the CS for a time period. The time period in which transactions and transfers will not be made may be a time period in which the CS replaces equipment, updates backup memory such as electronic records and user profiles and account profiles, performs software updates, or otherwise will be unreachable. The time period may be a predetermined time each day, each week, each month, or each year, and may be at times when a minimal amount of activity is expected to be affected. In some embodiments, the time period may be dynamically set, such as for urgent or emergency reasons. In some embodiments, synchronization can be used to halt transactions and transfers at different times such as for different time zones. For example, halts may be set for 3:30 AM each Monday for five minutes, and may be stepped to each time zone when the time zone reaches 3:30 AM each Monday. Alternatively, ECDs may be grouped on other bases, such as manufacturer, wireless communication service provider, year of manufacture, service provider for the CRPs and EWPs, or any other logical basis, so that different groups can be halted at different times for set time periods or until a notification is received from the CS. In some embodiments, synchronization can be used to halt transactions and transfers in different places. For example, halts may be set for 3:30 AM each Monday in North America, 3:30 AM each Tuesday in Europe, 3:30 AM on Saturday in the Middle East, and so on. Synchronization may be provided for reasons other than halts, such as to update communication addresses for the CS.
In the electronic communications network integrated with a SGS of a CS in
The working memory configuration of a server in a SGS of
In some embodiments, SFIOIs may be sent as individual packets without any handshaking via UDP, and responses may be sent after a handshake via TCP. In this way, central systems may receive stand-alone SFIOIs as individual packets via UDP or via sequence-throttled TCP, and may engage in sessions only with familiar communication addresses of records.
In some embodiments, an entire SFIOI is stored in an isolated address space, and bytes of the SFIOI in the isolated address space are processed in a specific order for specific purposes. For example, a first process may check the size of the SFIOI when the predefined format for the SFIOI sets a size requirement for the packets of the SFIOI. The predefined format may also set one or more formatting requirement for party identifications included in the packets and for unique identifications of instances of the tracked digital asset (e.g., the VNs of the NDC) included in the packets. If the SFIOI is too big or too small, the SFIOI may be deleted. A second process may check the type of the SFIOI, such as by interpreting a specific byte or bytes which the format requires to describe the type of the SFIOI. Types may be limited, such as to an ownership inquiry, a transfer instruction, a special handling instruction (e.g., taking my VNs offline, require multi-factor authentication before allowing transfer of my VNs, etc.) Other processes are described elsewhere herein. The processes may be staggered sequentially on each packet, while different processes operate in parallel on different packets. Additionally, processes that involve checking with an external resource (e.g., ownership checks, special handling instructions for owners, multi-factor authentication checks) may be initiated by one set of processes that do not wait for answers. Instead, another set of processes may process answers from external resources.
The different bytes and bits of a SFIOI that are processed in isolation may be isolated using a mask, such as by effectively using a bitmask or byte mask to set data that are not to be effectively processed (i.e., data that is to be ignored) uniformly to zero. The data of the read word line being processed may then be processed in isolation. Each processor, core or thread may use a different mask. A thread may apply the same mask over and over, thousands of times per minute when working, as the thread is performing the same process over and over on different packets, and the process itself may include relatively few steps and operations compared to other processes applied by the SGS 556. Formatting for SFIOIs may specify that each of multiple or all different substantive element(s) (field(s)) of an SFIOI start every 64 bits, or end every 64 bits, and all other bits should be set to zero or one. In this way, a first VN may start at byte #33, a second VN (if any) may start at byte #41, a third VN (if any) may start at byte #49, and so on. Since individual threads process the different bytes according to the format of the SFIOI, a thread may isolate a value of whatever the thread is assigned to repeatedly process in isolation, and effectively ignore any other data.
In the method of a SGS processing a received SFIOI in
At S504A, a size of the packet payload in bytes is checked. The total length of the meaningful data in the packet payload may be specified in a header of the packet, and this header information may be compared with the actual length of the meaningful data stored in the address space. At S508A, the number of VNs purportedly identified in the SFIOI is determined. The number of VNs purportedly identified in the SFIOI may be specified in a specific byte according to the format set for the SFIOI. At S510A, the expected size of the meaningful data in the packet is established from the number determined at 5508A, and the expected size determined at S510A is compared with the actual size determined at 5504A. At S512A, the purported owner identification for the VNs specified in the SFIOI is determined. At S514A, the purported owner identification is sent along with each separate VN identification for an ownership check. The purported owner identification may be sent with each separate VN identification in a single communication or as batch of separate communications to the LSS 152. At S516A, a check is made for stored instructions from the actual owner of the VNs, if any such instructions exist. The check at S516A may be to the MMS 153 if the handling instructions from owners of VNs are stored there, or to the LSS 152 if the handling instructions from owners of VNs are stored there, or to another storage system that stores handling instructions if separate from LSS 152 and the MMS 153. At S518A, anti-spoofing is initiated, if indicated by the stored instructions checked at S516A. At S520A, a type of the SFIOI is checked. The type may include inquiry, instruction to transfer to another party, instruction to transfer to a different account or device of the same owner, instruction for special handling, and so on. At S522A, the SFIOI is processed, according to the checked type. If the instruction is an instruction to transfer ownership of the VNs, an instruction may be sent to the MMS 153 to update the ownership records for the VNs. Processing may also include decrypting unique identifications for VNs when the SFIOI is an ownership inquiry, and the unique identifications of VNs may only be decryptable by the CS 150, and specifically by the SGS 156. Other processing may involve notifications to other central systems that track other digital currencies, or other instructions or acknowledgements processed by the SGS 156.
In the memory arrangement for a SGS that processes a received SFIOI in
In the processing arrangement for a SGS that processes a received SFIOI in
In the processing arrangement for a SGS that processes a received SFIOI in
In the processing arrangement for a SGS that processes a received SFIOI in
In the processing arrangement for a SGS that processes a received instruction or inquiry in
In the processing order for packets received and stored at a SGS that processes received instructions and inquiries in
In the use of dedicated queues by processing resources at a SGS that processes received instructions and inquiries in
In the method of a SGS processing a received SFIOI in
At S602B, the packet payload is stored in an address space. The header of the packet with the packet payload may also be stored in the address space, and data from both the packet payload and the header may be retrieved and processed by resources. In
In the method for aggregate security checks at a memory system of a central system in
In the method of a SGS processing a received instruction or inquiry in
In the memory arrangement for a SGS that processes a received instruction or inquiry in
In the memory arrangement for a SGS that processes a received SFIOI in
In some embodiments, the format for SFIOIs may be set to the size of an addressable memory space such as a 512-byte page of flash memory, and some of the words at the end of the format may be set to null values and not written to the addressable memory space. Instead, the addressable memory space corresponding to the words at the end of the format is not written to with the SFIOI, and is instead used for the status tracking and updating described herein. In the example format for a SFIOI in
In some embodiments, the VN ID may be provided as part of VN_info sent to the CS 150. The VN_info may include a unique identification and a denomination, and may be provided as more than the 8 bytes shown in
Though the header shown in
The final fields of the SFIOI are empty, and are reserved for the status updates at the SGS 156. Two words of 16 bytes total may be enough to track statuses of 16 security checks, three words of 24 bytes total may be enough to track statuses of 24 security checks, and so on. So long as the number of VNs allowed in a packet is maintained at or under a maximum limit, even a 256-byte format for a SFIOI may be appropriate to handle processing at the SGS 156, though the present disclosure primarily uses the example of a 512-byte format. Of course, other sizes for formats for a SFIOI may be logically appropriate, such as if other types of predefined memory sizes and arrangements are being used at a SGS 156. For example, SFIOIs may be allowed to have different sizes and may be tracked sequentially once received at the SGS 156. However, ad-hoc sizes for SFIOIs are not optimal, and the best mode for implementing such SFIOIs is to specify a format that leverages network packetization, standard predefined memory sizes for ubiquitous memory types such as flash memory, standard instruction sizes for modern processors such as by using 64-bit words, and so on.
In some embodiments, another field for a SFIOI may also specify the total amount involved in a transaction, the amount of change (i.e., less than a $1.00 amount) involved in a transaction, or another amount. For example, in the event that small denominations are not issued for VNs or are otherwise not tracked by a central system, a SFIOI may still specify the amount of change to be credited and/or debited from accounts corresponding to the parties, depending on whether the SFIOI is specifying a transfer in a transaction. In this way, the format for SFIOIs may still accommodate transfers involving denominations which are not issued as VNs, or which are not otherwise tracked by the central system. As an example, if a party is paying $50.00 for an item in a transaction and expects 65 cents in change, the change may be automatically credited to the party's associated account and debited from the seller's associated account. The associated accounts may be maintained outside of the central system, so that the associated accounts are maintained by the financial institutions which provide the accounts as a service. The central system may simply notify the ID management system 151 or another node which maintains ID records for parties to initiate a debit or credit with the financial institutions. In some embodiments, parties registered with a central system may be required to have an associated account, though a government and/or central bank may facilitate accounts (e.g., by providing incentives to financial institutions) for the segments of populations who do not already have such accounts. For example, a government and/or central bank may pay the financial institutions to eliminate minimum balance or spending requirements, or may provide a form of insurance for any losses that would be incurred by the financial institutions in the event of fraud etc. Alternatively, the CS 150 may store information of third party (e.g., bank) accounts for senders and recipients of VNs, and may credit and/or debit the third party accounts for amounts of change agreed to in notifications from senders and recipients. In some embodiments, CS 150 may use universal EWPs as a default for crediting and debiting senders and recipients, but senders and recipients may be allowed to update the CS 150 to specify third party accounts to use instead of the universal EWPs.
One benefit of providing ample room for modifications to requirements for formatted SFIOIs is that the technology described herein may be used for many other purposes. For example, if central systems reserve 32 or 64 “types” in the SFIOI type field, private systems may use the same type of format to track other types of transactions, such as mortgages or other types of loans, real estate transfers, cars, and so on.
SFIOI formats may vary from what is taught herein while still being consistent with the intent and teachings herein. For example, the order of fields may vary, more fields or less fields than shown may be specified in a format, blank fields and blank spaces may vary, so long as the format is clear from the start so that parties worldwide can appropriately program end user devices, intermediate user devices and central system devices consistent with whatever the format is.
Additionally, the format for a SFIOI shown in
Financial institutions and other types of organizations may also be provided an ability to issue the party IDs described herein. For example, a financial institution may be provided a unique identification with 4 or 5 digits, such that the unique identification can be stated in two or three bytes. The financial institution may use its unique identification as the first two or three bytes of a full identification assigned as a party ID. Party IDs may then be something like three bytes, four bytes or five bytes for the party and two or three bytes for the financial institution. In this way, the central systems may not be required to store any identifying information of a party, and instead may rely on the financial institutions to know who the party IDs correspond to. At least in the United States, financial institutions may store party IDs and then simply require a warrant in the event that a governmental entity wants to know who the party ID corresponds to. Other types of organizations that may be allowed to issue unique identifications for customers may include entities such as Coinbase, Facebook, or other entities with large customer bases, so long as the customer bases include customers who actually trust such entities to maintain their privacy to the extent possible or even just reasonable. As an example, a central system may provide a unique ID for a party to a bank without even sending an account identification, and let the bank determine which associated account the VNs are to be credited to based on the unique ID for the party.
In some embodiments, CS 150 may accept several different types of SFIOIs, For example, a format type may be listed at the beginning of the incoming communications. The CS 150 may read the format type first (rather than towards the end of processing), so as to begin processing using an algorithm appropriate for the format type. Different algorithms may be applied to different types of SFIOIs, similar to how different processing is performed for different types of SFIOIs when the SFIOI type is processed after security checks. However, format types acceptable to a CS 150 may be fewer or greater than six without departing from the scope of the present disclosure. Different types may include ownership inquiries, transfer instructions
In some embodiments, parties trusted by the CS 150 may correspond to specific party IDs, and this may be used to eliminate some forms of security processing. In other embodiments, trusted parties may have dedicated communication links to the CS 150. In some embodiments, large entities that provide their own secure environments to customers (e.g., Apple, Google, JP Morgan) may be allowed to co-locate one or more servers at a data center used by the CS 150, so that their customers can send SFIOIs over the secure environments of the entities and then directly have the unpackaged SFIOIs input to the SGS 156.
In the descriptions herein, blockchain is not necessarily used to implement a digital currency. However, the use of blockchains is also not particularly prohibited, and may be useful for some circumstances. For example, recording transactions involving large amounts of VNs on a blockchain with individual ledgers of the distributed ledger at each of a group of cooperating central banks may be useful to resolve disagreements between the central banks as to the details of previous transactions. A group of users of a particular digital currency may also agree to record transactions involving VNs on a blockchain. Therefore, even if central systems herein are not particularly part of a blockchain for implementing a digital currency, the use of blockchains is not specifically prohibited or incompatible.
Additionally, the use of encryption has been described for specific embodiments and purposes herein. However, the use of encryption mechanisms such as SSL may be assumed for transmission of VNs in most or perhaps all communications. To the extent that different mechanisms for encryption may be used for handling of VNs, the teachings herein should not be considered particularly inconsistent with use of any particular encryption in appropriate circumstances.
Although centralized tracking for digital currencies has been described with respect to VNs, the teachings herein are not limited in applicability to VNs or any particular digital currency authorized by a government or issued by or on behalf of a central bank. Rather, various aspects of the teachings herein may be implemented for other forms digital currencies including stablecoins and other forms of cryptocurrencies, as well as other forms of digital tokens that are used as mediums of value, including digital currencies that do not share one or more characteristics of VNs as described herein.
Although centralized tracking for digital currencies has been described with reference to several exemplary embodiments, it is understood that the words that have been used are words of description and illustration, rather than words of limitation. Changes may be made within the purview of the appended claims, as presently stated, and as amended, without departing from the scope and spirit of centralized tracking for digital currencies in its aspects. Although centralized tracking for digital currencies has been described with reference to particular means, materials and embodiments, centralized tracking for digital currencies is not intended to be limited to the particulars disclosed; rather centralized tracking for digital currencies extends to all functionally equivalent structures, methods, and uses such as are within the scope of the appended claims.
Although the present specification describes components and functions that may be implemented in particular embodiments with reference to particular standards and protocols, the disclosure is not limited to such standards and protocols. For example, insofar as a legal framework for implementing digital currencies is not yet in place in the United States or Europe, standards compliant with such legal standards may be developed in the future and are expected to implement one or more of the mechanisms described herein.
In the foregoing Detailed Description, various features may be grouped together or described in a single embodiment for the purpose of streamlining the disclosure. This disclosure is not to be interpreted as reflecting an intention that the claimed embodiments require more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive subject matter may be directed to less than all of the features of any of the disclosed embodiments. Thus, the following claims are incorporated into the Detailed Description, with each claim standing on its own as defining separately claimed subject matter.
The preceding description of the disclosed embodiments is provided to enable any person skilled in the art to practice the concepts described in the present disclosure. As such, the above disclosed subject matter is to be considered illustrative, and not restrictive, and the appended claims are intended to cover all such modifications, enhancements, and other embodiments which fall within the true spirit and scope of the present disclosure. Thus, to the maximum extent allowed by law, the scope of the present disclosure is to be determined by the broadest permissible interpretation of the following claims and their equivalents, and shall not be restricted or limited by the foregoing detailed description.
This patent application claims priority to U.S. provisional application No. 63/148,335, filed Feb. 11, 2021, to U.S. provisional application No. 63/173,631, filed Apr. 12, 2021, to U.S. provisional application No. 63/209,989, filed Jun. 12, 2021, to U.S. provisional application No. 63/240,964, filed Sep. 5, 2021, to U.S. provisional application No. 63/294,732, filed Dec. 29, 2021, and to U.S. provisional application No. 63/304,684, filed Jan. 30, 2022, which are all herby incorporated by reference in their entireties.
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/US2022/015856 | 2/9/2022 | WO |
Number | Date | Country | |
---|---|---|---|
63148335 | Feb 2021 | US | |
63173631 | Apr 2021 | US | |
63209989 | Jun 2021 | US | |
63240964 | Sep 2021 | US | |
63294732 | Dec 2021 | US | |
63304684 | Jan 2022 | US |