Offline Central Bank Digital Currency (CBDC) Face Limitations Discussed by Bank of England

Offline Central Bank Digital Currency (CBDC) Face Limitations Discussed by Bank of England

The Bank of England is delving into the realm of offline central bank digital currencies (CBDCs) for its digital pound, with trials underway involving technology providers such as Thales, Secretarium, IDEMIA, Quali-Sign, and Consult Hyperion.

The primary focus of these trials is to address the challenges of double spending and fraud in offline CBDCs. Two major areas requiring attention are the security of the secure element and the detection of compromised cryptographic keys.

Offline payments, typically using secure elements on smartphones, special SIM cards, or smart cards, have limited storage capacity. To balance usability with security, current solutions employ hybrid architectures that combine online and offline validation, cryptographic digital IOUs, and limited offline transaction parameters.

One key solution demonstrated in recent trials is the Hybrid Account- and Token-based Model, where wallets are account-identified but support token-like offline transactions recorded on permissioned distributed ledgers. This ensures immutability and traceability while enabling offline usability.

Another solution is the Cryptographically Signed Digital IOUs with Reserved Balances, as implemented by Crunchfish Digital Cash (CDC). Offline payments generate digital IOUs cryptographically signed by the payer, which can be validated by the payee offline. These IOUs are later synchronized and validated against central records to prevent double spending.

To contain risk, offline transaction platforms impose constraints on how long and how many sequential offline transactions can occur before mandatory re-synchronization with the central ledger. This reduces the window for double spending and fraud.

To safeguard offline wallets against hacking and counterfeiting, multilayer cryptographic techniques including multi-signature schemes and biometric verification (e.g., fingerprint sensors on smart cards) have been trialed. Central banks also maintain a critical role in reviewing the architecture, cryptographic algorithms, and operational thresholds for offline CBDC systems to ensure monetary stability and fraud prevention.

Challenges remain, notably around scalability, long-term real-world testing, trade-offs between usability and security, cybersecurity vulnerabilities, and the impact on complex monetary operations. The trials have demonstrated that it might be technically feasible to implement an offline payment functionality for a digital pound, but there are security, performance, and user experience challenges that need further exploration.

In the offline CBDC design phase, privacy preserving technologies have been tested to safeguard personal information, and a centralized system for uploading offline transaction data was tested using confidential computing to protect personal data. Offline and online CBDC balances are kept separate in the wallet, which users might find odd. An alternative to time limits for transaction restrictions is to limit the number of transactions, but this can be manipulated if the secure element is compromised.

As the trials progress, the Bank of England and its partners continue to explore solutions to these challenges, emphasizing multi-provider collaboration to address unique offline challenges, such as secure device binding, cryptographic transaction validation, and identity-proofing mechanisms.

1. The trials for the digital pound's offline CBDC are examining the Hybrid Account- and Token-based Model, which uses account-identified wallets for offline transactions recorded on permissioned distributed ledgers, ensuring immutability and traceability.
2. Crunchfish Digital Cash's (CDC) Cryptographically Signed Digital IOUs with Reserved Balances was also demonstrated in the trials, where offline payments generate digital IOUs, which can be validated offline and later synchronized with central records to prevent double spending.
3. To safeguard offline wallets against hacking and counterfeiting, multilayer cryptographic techniques have been trialed, including multi-signature schemes and biometric verification like fingerprint sensors on smart cards.
4. As offline CBDC trials progress, privacy-preserving technologies are being tested to safeguard personal information, and a centralized system for uploading offline transaction data is being tested using confidential computing to protect personal data.

Read also: