Title page
Contents
Foreword 6
Executive Summary 7
Background: How the United States Currently Secures Its Payment Systems 10
PAYMENTS OVERVIEW 10
LOOKING AHEAD TO CBDCS 12
Chapter 1: Cybersecurity of CBDCs-Threats and Design Options 13
ROLES AND TRUST ASSUMPTIONS 13
THREAT MODEL 15
CBDC DESIGN VARIANTS 19
ADDITIONAL KEY DESIGN CHOICES 32
Chapter 2: Policy Recommendations-Principles for Future Legislation and Regulation 38
PRINCIPLE 1: WHERE POSSIBLE, USE EXISTING RISK MANAGEMENT FRAMEWORKS AND REGULATIONS 38
PRINCIPLE 2: PRIVACY CAN STRENGTHEN SECURITY 39
PRINCIPLE 3: TEST, TEST, AND TEST SOME MORE 41
PRINCIPLE 4: ENSURE ACCOUNTABILITY 41
PRINCIPLE 5: PROMOTE INTEROPERABILITY 42
PRINCIPLE 6: WHEN NEW LEGISLATION IS APPROPRIATE, MAKE IT TECHNOLOGY NEUTRAL 44
Conclusion 46
Appendix: Lessons from the Federal Reserve's Current Cybersecurity Measures for Deploying CBDCs 47
PUBLIC WHOLESALE LAYERS 47
PRIVATE WHOLESALE LAYERS 49
RETAIL PAYMENTS 50
About the Authors 52
Acknowledgments 53
Table 1. Which Layers of the CBDC Stack Can Different Adversaries Access or Corrupt? 18
Table 2. Summary of Currency Variant Analysis 31
Table 3. Summary of US Congressional Activity Related to Cryptocurrency/CBDCs 44
Figure 1a. Main Roles Involved in a Retail CBDC System 14
Figure 1b. Main Roles Involved in a Wholesale CBDC System 14
Figure 2. CBDC Technical Stack 17
Figure 3. CBDC Design Variants Discussed in This Chapter 21
Figure 4. Breakdown of Current Adoption/Exploration of Different CBDC Design Variants Globally 30