WhisperCash

WhisperCash is an offline payment solution for CBDCs using secure hardware and a unique value transfer protocol based on short numeric codes. It works on featurephones, smartphones and cards.

Comment

Inspiration

Back in 2013 we have developed the first offline payment solution for Bitcoin called OtherCoin . While it was ahead of its time, the reasons for its development were similar to those of the later WhisperCash - most digital payment solutions stop working when the Internet goes down. CBDCs are vital parts of a country's infrastructure and cannot fail when natural disasters happen. Also, developing nations may have weak or non-existent Internet infrastructure and low smartphone penetration to begin with, ruling out online-only smartphone-based solutions.

Finally, in many jurisdictions, cash is still the payment instrument of choice due to its private nature and ease of use. Central Banks would face an uphill adoption battle if a similarly private / easy solution was not offered in digital format, balancing privacy with AML/KYC regulations.

What it does

WhisperCash allows payments to be sent and received offline, person to person, between secure wallets ranging from cheap feature phones or cards to high end smartphones. Value is transferred by relaying a 3-10 digit numeric code from payer to payee. The code is generated by secure hardware inside the wallet and is unique per transaction.

We offer a variety of form factors for the tamper-resistant secure hardware that guarantees the correct operation of the system and prevents double spending and counterfeiting:

WhisperCash Pro

WhisperCash Pro - an advanced battery powered contactless smartcard containing an E Ink screen and a capacitive keyboard

WhisperCash Basic

WhisperCash Basic - an electronic sticker that attaches to any GSM SIM card. It works on any mobile phone manufactured after 1999 and uses the screen and keyboard of the phone for input and output.

WhisperCash Lite

WhisperCash Lite - a contactless (NFC) keyring tag that can be tapped to contactless readers in shops or to the user’s own NFC capable phone for balance verification or top-up

How we built it

For the Ripple CBDC Innovate hackathon, to showcase the flexibility of our solution, we have developed a smartphone (Android) wallet application to display a rich UI to a WhisperCash Basic secure chip installed in the phone.

In view of the upcoming EVM sidechain on XRPL, we have simulated a CBDC using a smart contract written in Solidity using the popular ERC20 protocol. We expect similar interfaces to become available for all online CBDC deployments in the future.

Finally, to bridge the gap between the blockchain / smart contract and the secure WhisperCash Basic chips, we have developed an oracle running inside an isolated computing environment powered by AWS Nitro Enclaves. The oracle runs a light blockchain node that monitors deposits in cryptocurrency to the simulated CBDC contract and emits a cryptographically signed confirmation to the user's wallet to acknowledge the deposit. A solution similar to the one used by the XRP Labs xPOP project was not possible in our case due to the limitations in the processing power on the secure hardware chips, but a better system could be developed for CBDC by allowing validators to sign the proofs of payment in a format that is directly usable by the secure hardware. We are also exploring collaboration with Secretarium/Klave as an alternative to our AWS Nitro Enclave solution.

Challenges we ran into

While very secure, the JavaCard-based chips we use do not have the necessary processing power to understand blockchain structures or parse Merkle trees. We also wanted to minimize the amount of data being exchanged for transactions, not pass full proofs between wallets (given that we only transmit 3-10 digits). The oracle solution, while not fully decentralized, allowed us to bridge the blockchain and secure hardware worlds. The oracle functionality, while not present in the public XRP Ledger, could easily be added to a CBDC system based on the XRP Ledger.

Accomplishments that we're proud of

We showed that a small hardware modification (a $10 SIM sticker on the SIM card) allows any mobile phone to become a secure offline wallet, with strong guarantees against counterfeiting and double spending. One that can work offline indefinitely and protects the user privacy but can connect to the online world when connectivity is available (and with the explicit approval from the user). We also demonstrated that the short 3-10 digit payment codes we generate can be sent and received over expensive satellite connections that are becoming increasingly available for smartphones (Garmin, Bullitt, etc). While these do not qualify as offline, the ability to transfer any value across the world within seconds by simply texting 10 digits to another person directly via satellite is a breakthrough in our opinion.

What we learned

We chose to simulate the PSC stablecoin that Ripple has developed for use in Palau as a CBDC, so we used Solidity and the ERC20 standard to make it compatible with the Ripple EVM sidechain and maintain compatibility with other blockchains. We learned the limits of both secure hardware and blockchain smart contracts and successfully made them talk to each other.

What's next for WhisperCash

We are working on applying the knowledge from this hackathon to launch a cryptocurrency version of WhisperCash for use on EVM-compatible blockchains, to allow offline payments using stablecoins or the native currency of those blockchains. If and when an online CBDC is launched on the XRP Ledger or one compatible with it, we can add an offline layer to that within days, either as an official sanctioned Offline CBDC or simply as a commercial offering of one of the banks or authorized financial institutions in the country for their clients.

Share this project:

Updates