" So one solution that came up to that was, let's introduce key epochs. A very simple solution is that we have one set of private keys for the mint that is valid for one year, let's say, and then after one year, we make a cut, and then we rotate the keys to a new set of private keys. And then we slowly rotate all the ecashu from the old epoch to the new epoch. And then once all the ecashu is redeemed from the old epoch, we can just prune it from the database and keep going on with the new key epoch basically. So for scalability reasons we've come up with this rotation of keys initially. Now it turns out that you can use this same mechanism to build a proof of liability system and the way it could work is that the Mint now publishes these two lists that it has. So there is a list of all the blind signatures it gave out and then there is a list of all the secrets that it redeemed. These are two different lists and usually they are kept inside the Mint. No one is interested in them. But now in this new scheme, the Mint could publish these reports, let's say once a month. It would publish a whole list of money I gave out to everyone and the whole list of money I redeemed by everyone. And you could tally it all up. And the end result would be how much money is in all the wallets out there. So if you have all the issued money minus all the redeemed money, that is the open balance of this mint basically. So you would publicly open these, publish these lists and now here comes the kicker, a user that has a wallet now could basically, once these lists, these reports are published, could go back and check whether the money that I ever owned is included in this list or not. " 13 April, 2023

Cashu & Fedimint: ecash, Bitcoin's layer 3 & scalability

There was a time when you considered this as a solution. I liked it. (What led you to abandon it again?)