Cyrus Minwalla is a Security Lead and Researcher in the FinTech Research Department. His research interests include secure hardware and embedded cryptosystems, with applications to offline, machine to machine and IoT payments. He also retains an interest in selected topics of network modeling and machine learning. Cyrus is a licensed Professional Engineer in the Province of Ontario.
Offline functionality is a key consideration for a potential CBDC. We describe the different types of offline functionality based on their duration outside of network connection—either intermittent (for short periods) or extended (for longer periods). We discuss the advantages and drawbacks of each and consider implications for end-user devices, system resilience and universal accessibility.
Security is an important element in ensuring public confidence in a central bank digital currency (CBDC). This note highlights the required security properties of a CBDC system and the challenges encountered with existing solutions, should the Bank of Canada choose to issue one.
In this note, we highlight a range of technical options and considerations in designing a contingent system for a central bank digital currency (CBDC) in Canada and explore how these options achieve stated public policy goals.
Oracles are constructs used in decentralized finance to price assets relative to each other. However, oracles contain defects that could lead to manipulation attacks. Such attacks exploit pricing models embedded within oracles to defraud creators and users. We automatically verify defects, which if mitigated, improves the security of digital currency.
An anonymous credential mechanism is a set of protocols that allows users to obtain credentials from an organization and demonstrate ownership of these credentials without compromising users’ privacy. In this work, we construct the first secret-free and quantum-safe credential mechanism.
Digital payments and decentralized systems enable the creation of new financial products and services for users. One core challenge in digital payments is the need to protect users from fraud and abuse while retaining privacy in individual transactions. We propose a pseudonymous credential scheme for use in payment systems to tackle this problem.
