WO2024044021A1 - Mécanismes de mise en œuvre pour monnaies numériques - Google Patents

Mécanismes de mise en œuvre pour monnaies numériques Download PDF

Info

Publication number
WO2024044021A1
WO2024044021A1 PCT/US2023/029127 US2023029127W WO2024044021A1 WO 2024044021 A1 WO2024044021 A1 WO 2024044021A1 US 2023029127 W US2023029127 W US 2023029127W WO 2024044021 A1 WO2024044021 A1 WO 2024044021A1
Authority
WO
WIPO (PCT)
Prior art keywords
sgs
mfa
communications network
packetized
identifier
Prior art date
Application number
PCT/US2023/029127
Other languages
English (en)
Inventor
Joshua M. POVSNER
Original Assignee
National Currency Technologies, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National Currency Technologies, Inc. filed Critical National Currency Technologies, Inc.
Publication of WO2024044021A1 publication Critical patent/WO2024044021A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup

Definitions

  • NDCs National digital currencies
  • PCT provisional patent applications and patent cooperation treaty (PCT) international patent applications already filed, National Currency Technologies, Inc. described a central system (CS) for a NDC.
  • CS central system
  • Several key aspects of the CS include the use of a security gateway system (SGS) and a requirement for short, formatted inquiries or instructions (SFIOIs) as the mechanism to communicate with the SGS.
  • SFIOIS provide inquiries and instructions from parties for making inquiries or for instructing updates to the CS.
  • the requirement for SFIOIs for communications to the CS from the public helps ensure safety since a uniform format for SFIOIs enables thorough safety checks.
  • FIG. 1A illustrates a CS for tracking NDCs
  • FIG. IB illustrates a method for implementing multifactor authentication (MFA) in the context of a CS which accommodates intermediary systems
  • MFA multifactor authentication
  • FIG. 2A illustrates a hybrid arrangement for a CS and partial communication flow for tracking NDCs
  • FIG. 2B illustrates an example format for a SFIOI
  • FIG. 2C illustrates an arrangement of intermediary systems with a singular SGS
  • FIG. 2D illustrates an arrangement of intermediary systems with multiple SGSs
  • FIG. 2E illustrates a cursory communication flow between intermediary systems and a SGS
  • FIG. 2F illustrates a private communications network between a representative electronic communication device and an endpoint system (ES) interfaced with a SGS.
  • FIG. 3A illustrates a status updating progression for processing SFIOIs
  • FIG. 3B illustrates a status updating progression for processing SFIOIs
  • FIG. 3A illustrates a status updating progression for processing SFIOIs
  • FIG. 3B illustrates a status updating progression for processing SFIOIs
  • FIG. 3C illustrates a method for processing MFA instructions at a SGS
  • FIG. 3D illustrates a progression of status updates for a SGS
  • FIG. 3E illustrates another hybrid arrangement for a CS and partial communication flow for implementing MFA
  • FIG. 3F illustrates an arrangement of a CS with one or more separate MFA system(s)
  • FIG. 3G illustrates example MFA instructions from a SGS.
  • FIG. 4 illustrates a computer system, on which a method for implementation mechanisms for digital currencies is implemented, in accordance with another representative embodiment.
  • FIG. 5 illustrates a partial system layout for a SGS, in accordance with a representative embodiment.
  • centralized tracking for a NDC is used as the basis of explanations for tracking any of a variety of digital assets including NDCs.
  • Standardizing formats for virtual notes (VNs), for unique identifications for parties, and for SFIOIs is used as a mechanism to accomplish a variety of goals including safety, speed, efficiency and maximum functionality.
  • VNs virtual notes
  • SFIOIs SFIOIs
  • the concepts primarily being introduced and developed in this disclosure relate to how to integrate ISPs (intermediary service providers) with a CS, and how to integrate third-party service providers as accessories to a CS for purposes such as MFA services.
  • the ISPs are intermediary systems between end users and the CS.
  • the third-party service providers provide services such as MFA on behalf of the CS.
  • the ISPs may include, for example, financial institutions, communication service providers, and technology companies, any of which may wish to provide services on behalf of parties who use a NDC.
  • the integration of the ISPs may be relatively easier to implement at the SGS than the integration of third-party service providers as accessories. Accordingly, FIG. 2A to FIG. 2E are used to explain mechanisms for integrating ISPs, and the more complex subject matter of integrating third party-service providers is explained afterwards using FIG. 3A to FIG. 3H.
  • FIG. 1 A illustrates a CS for tracking NDCs.
  • a SGS 156 (security gateway system) is used as the interface between the public and other elements of the CS 150 in terms of processing SFIOIs.
  • the CS 150 includes the SGS 156, an ID management system 151 (identification management system), a LSS 152 (ledger storage system), a main memory system 153, an artificial intelligence and analytics system 154, and a backup memory system 155.
  • the SGS 156 receives packetized communications in a required packet format via the network 130.
  • the network 130 is representative of the Internet, and carries both unprotected packetized communications over the open Internet and protected packetized communications over one or more private communications networks such as virtual private networks.
  • instances of a SGS 156 may be provided on the West Coast of the United states, in the Midwest of the United States, and on the East Coast of the United States, as well as possibly in more places. In regions with several small nations, for example, a SGS 156 may serve multiple nations. Communications between any instance of the SGS 156 and any instance of other elements in the CS 150 may be provided over a private communications network with dedicated private communication lines and/or via semipermanent or permanent encrypted communication links using the public internet, such as via virtual private network (VPN) or similar connections.
  • VPN virtual private network
  • An example format for SFIOIs is shown in and described with respect to FIG. 2B.
  • Safety mechanisms include: o communications between elements of the CS 150 may be sometimes or always restricted to one-way communications over dedicated physical and/or virtual channels; o communications from the public to the CS 150 for SFIOIs may be restricted to the SGS 156, at least in terms of SFIOIs; o acceptable incoming communications to SGS 156 may be limited to SFIOIs; o the SGS 156 may include complex hardware and software that perform comprehensive safety checks to quickly and efficiently process enormous volumes of proper SFIOIs and detect and delete anything else, o the complex software may include a set of synchronized software sub-applications with different algorithms that each perform a different task or different tasks than other of the software sub-applications, so that each of the software subapplications may be dedicated to one or more unique and different task relative to other of the software sub-applications; o no sub-
  • the ID management system 151 may be used to store and update records for parties authorized to use the NDC tracked by the CS 150.
  • the LSS 152 is used to maintain records of current ownership of (e g., all) instances of VNs of a digital currency tracked by the CS 150.
  • the LSS 152 may be used to confirm ownership as part of security checks at the SGS 156.
  • the SGS 156 may potentially confirm ownership of instances of each of the VNs listed in SFIOIs with the LSS 152 for all proper instances, insofar as confirming that the sender of a SFIOI has accurate knowledge of ownership of all VNs listed in the SFIOI may be an important safety check for the SFIOI.
  • the LSS 152 may be updated directly from the SGS 156 or from the main memory system 153 when VNs are transferred via SFIOIs.
  • the main memory system 153 includes one or more memory systems, solid state storages (SSDs), random-access memory (RAM) such as DRAMs/SDRAMs, HDDs, and/or other forms of memory appropriate for storing data items such as VN histories, and unique identifications for VNs, for electronic wallet programs, for currency reader programs, for parties, for ECDs and so on.
  • the artificial intelligence and analytics system 154 applies artificial intelligence and analytics to the data items in the main memory system 153.
  • the backup memory system 155 stores a backup of the records at the main memory system 153. More than one backup memory system 155 may be provided for the main memory system 153 and one or more backup systems (not shown) may be provided for the LSS 152.
  • Some of the safety sub-applications implemented at the SGS 156 may generate inquiries to external systems within the CS 150 (i.e., external to the SGS 156), and it would be inefficient to have any processing resource pause while waiting for answers to inquiries. Communications within the CS 150 may use internal addressing so that an outside party may not be aware of how a SGS 156 obtains information from the LSS 152 or the ID management system 151. The only element of the CS 150 assigned any IP address may be the SGS 156.
  • ISPs 190 and MFA system(s) 159 are shown.
  • the ISPs 190 may be allowed to interface with the SGS 156 for a variety of reasons including communication security and efficiency.
  • ISPs 190 with large customer bases may provide assurances to customers that communications with the CS 150 will be provided directly from the ISPs 190 to the CS 150.
  • the ISPs 190 may be co-located with the SGS 156, or may be closely located to the SGS 156.
  • the ISPs 190 may be physically hardwired into the SGS 156, or may be physically and/or logically linked via a virtual private network with the SGS 156.
  • MFA may be provided in a variety of ways for the CS 150.
  • the SGS 156 may be provided with one internet protocol (IP) address to which any SFIOIs over the open internet, and not via a preauthorized intermediary system, should be sent.
  • IP internet protocol
  • ISPs may also be instructed to send any SFIOIs that require MFA to the IP address that requires MFA processing.
  • ISPs may be instructed to perform MFA for their customers if required, so that the CS 150 does not implement MFA processing for SFIOIs that arrive via ISPs.
  • SFIOIs may all be sent to the SGS 156 and the SGS 156 may selectively implement MFA processing when indicated by the SFIO1.
  • the selective MFA determinations are explained more for embodiments described with respect to FIG. 3 A to FIG. 3G.
  • the MFA system(s) 159 may be provided as an independent service of the CS 150, or may be provided by one or more third-party service providers that closely interoperate with the CS 150. Insofar as SFIOIs are received and quickly processed at the SGS 156, completion of the processing may be delayed by MFA operations.
  • the MFA system(s) 159 may receive MFA requests from the SGS 156.
  • the MFA requests may include party identifications and logical, virtual and/or physical memory addresses at the SGS 156 for responding to the MFA requests.
  • Parties who do not particularly use or at least trust security provided by the ISPs 190 may elect to require MFA before VNs are transferred from their ownership in the records by the CS 150.
  • a requirement for MFA may be imposed for parties not using a preapproved ISP 190 insofar as a malicious first party with knowledge of a second party’s party identification may otherwise send one or more improper SFIOIs to the SGS 156 using the second party’s party identification with the intent of triggering the SGS 156 to impose restrictions on the second party, whereas ISPs 190 are expected to have internal mechanisms in place to thwart such conduct.
  • the sizes of various data used for specifying information for NDCs may be relatively small. 32 bits (4 bytes) is more than enough to uniquely identify the U.S. population with unique identifications for NDCs. Eight bits (1 byte) is more than enough to uniquely identify each individual nation with a unique identification for NDCs. 16 bits (2 bytes) is more than enough to uniquely identify each bank or similar entity in the U.S. with a unique identification for NDCs. Concerns have been raised as to party privacy relative to any form of ledger system such as the CS 150. One way to enhance party privacy is to have the unique identifications for parties issued by third parties such as banks. Unique identifications issued by third parties may implicitly indicate the third-party issuer.
  • two bytes of data may be used to identify more than 65000 potential third-party issuers such as the ISPs 190, so up to two bytes of a party identification with six bytes or eight bytes may simply reflect the party and the third-party issuers of many, most or potentially all party identifications.
  • a unique identification of the bank or similar entity may be part of the unique identification for a party.
  • Unique party identifications assigned by banks or other entities may require more than 4 bytes, such as five bytes, to accommodate banks or other entities with very large customer bases over 1/2 million.
  • One benefit of having banks or similar entities assign unique party identifications for NDCs is that profiles for the parties may be retained at the banks or similar entities, or by third-party identification managers, rather than at the CS 150.
  • unique party identifications for NDCs for unbanked individuals may be provided through local branches of national postal services. Branches of national postal services may be provided with digital fingerprint pads which can be used by any individual with a finger to uniquely identify themself. The postal services may confirm existing identities using the digital fingerprint pads, and may send the unique party identifications to the ID management system 151 while retaining the fingerprint, name, and/or other information provided by an unbanked party.
  • a single bit of a party identification may indicate that MFA is to be performed before, for example, VNs owned by a party are transferred from ownership by the party.
  • the SFIOI may otherwise separately specify that MFA should be performed.
  • the nature of a transaction may determine that MFA is required independently of unique identifications for parties, such as for transactions involving large amounts of money or for any SFIOI not received via a preapproved ISP 190.
  • FIG. IB illustrates a method for implementing MFA in the context of a CS which accommodates intermediary systems
  • a SGS 156 receives a SFIOI at S105, and at SI 10 the SGS 156 determines whether the SFIOI is in the right place.
  • the SGS 156 may store the SFIOI in a memory unit such as a memory page or a predetermined grouping of physical and/or virtual columns in one or more physical and/or virtual row(s) of a physical and/or virtual bank in a physical and/or virtual bank group of an SDRAM. Once stored, the group of sub-applications may begin performing safety checks on the SFIOI.
  • the safety check for SI 10 may check a source identification field in the SFIOI to ensure that the proper source of the VNs listed in the SFIOI is listed for the SFIOI.
  • a source identification field in the SFIOI For example, the United States may use a source identification of 187, and some or all SFIOIs received at the SGS 156 may be checked to ensure that the source identification is correct.
  • the SGS 156 determines whether an ISP system is indicated as the source of the SFIOI.
  • the ISP system may be indicated by the presence or absence of data in a specific field of the SFIOI.
  • the ISP system may be interfaced with the SGS 156, such as by a dedicated cable with one or more individual wire or virtual private network (VPN) channel, and the SGS 156 may in some embodiments recognize the ISP system from such an interface.
  • VPN virtual private network
  • MFA Mobility Management Function
  • S115 No
  • MFA Mobility Management Function
  • MFA may be used, for example, for some or all parties who do not use ISP systems. As explained later, one good way to indicate MFA for SFIOIs is by building the MFA indication into party identifications for parties who wish to use MFA. MFA may be provided as an option for all users or one or more subsets of users. For safety and security reasons, MFA may also be required for users who choose to directly communicate with the SGS 156 without a supervised ISP system, whereas MFA may be provided selectively for users who use a supervised ISP system.
  • a secondary processing system in the SGS 156 may await a MFA response for 15 or 20 or 30 seconds, or potentially even more, whereas processing in a primary processing system that does not involve MFA may be completed in one or two seconds, or perhaps less than one second in some instances.
  • the owner identification of the purported owner of the VNs listed in the SFIOI is sent to MFA service for MFA processing. This may result in MFA being performed by the MFA system(s) 159 in FIG. 1A while other processing is performed in parallel at the secondary processing system.
  • the secondary processing system may wait for a response.
  • one or more threads that check for MFA responses may be entirely dedicated to such a task, so that no particular thread initiates the MFA request and awaits the MFA response for the MFA request. Similar distributions of tasks of sending out inquiries and waiting for responses may be performed for ownership checks with the LSS 152, for blacklist or greylist checks sent outside of the SGS 156, and/or any other external checks.
  • SFIOIs may be identically processed at a primary processing system and a secondary processing system at the SGS 156.
  • MFA may impose delays of 15 or 30 seconds or more, and may be completed entirely out of order. Time limits such as 15 or 20 or 30 seconds may be provided for completion of the MFA checks, but this will be significantly longer than the time required for processing SFIOIs that do not require MFA checks. Therefore, initially separating out packets that require MFA processing may enhance efficiency of the SGS 156 overall.
  • MFA may be selectively triggered for all SFIOIs sent directly without using a preapproved ISP, by inspection of party IDs for users using a preapproved ISP, by a dedicated field in the SFIOI format for users using a preapproved ISP, or by other trigger mechanisms.
  • the owner identification and each VN identification are sent to the LSS 152 for an ownership check.
  • only one VN identification, or at least fewer than all VN identifications may be sent for the ownership check, to reduce processing requirements at the LSS 152.
  • the format for SFIOIs may require that the highest denomination VNs be listed first, or last, or at least in a predetermined place in the order of VN identifications when multiple VNs are specified in a SFIOI. That is, the ownership check may include all VN identifications, or only the highest denomination VN identification or the two highest denomination VN identifications.
  • the reduced number of VN identifications in a ownership check may greatly increase efficiency at the LSS 152 and the SGS 156, by greatly reducing the volume of ownership checks imposed for SFIOIs. Additionally, the threads that send VN identifications may be different than the threads that way for responses from the LSS 152, as this avoids any thread waiting unnecessarily for a response. To the extent possible, threads at the SGS 156 may be systematically allocated minimal repetitive tasks, so that the threads perform the same task(s) for each SFIOI. Multicore processors, including potentially video cards or other image processors, may be programmed to implement the threads separately and systematically to increase efficiency and as a safety measure to avoid processing open-ended instructions in corrupted packets sent as purported SFIOIs.
  • DRAM/SDRAM may be used for the memory units, so that SFIOIs may be stored in physical and/or virtual rows.
  • SFIOIs formatted in a 512-byte format may be stored in physical and/or virtual order in 2048-byte rows or 4096-byte rows of a SDRAM structure.
  • the SFIOIs may be stored, for example, one per row, two per row, four per row or eight per row in the same relative locations of each row relative to the start of each row, so that the processing by the threads run by the cores of the multicore processor may consistently reference the proper relative locations of the stored SFIOIs in each row, and then proceed to the next row once processing for the SFIOIs in the current row is complete.
  • the LSS 152 may store ownership records by owner, so that ownership checks may simply reference the purported owner listed in the SFIOI to compare all VN identifications or a subset of the VN identifications in a SFIOI to the ownership records of the purported owner. This type of arrangement may also or alternatively be used to reduce processing requirements at the LSS 152.
  • the secondary processing system at the SGS 156 receives the MFA response and ownership check responses, and marks status spaces complete when done.
  • parties may be authorized to automatically transfer received VNs to a bank or other ISP upon receipt.
  • the automatic transfer may be provided for parties always or selectively, such as when VNs are received over the open internet from a counterparty who sent the SFIOI without using an ISP.
  • One of the instruction types for the SFIOI may designate that the receiving party has an auto-deposit instruction to transfer received VNs to a specific account at a specific ISP.
  • FIG. 2A illustrates a hybrid arrangement for a CS and partial communication flow for tracking NDCs
  • FIG. 2B illustrates an example format for a SFIOI
  • FIG. 2C illustrates an arrangement of intermediary systems with a singular SGS
  • FIG. 2D illustrates an arrangement of intermediary systems with multiple SGSs
  • FIG. 2E illustrates a cursory communication flow between intermediary systems and a SGS;
  • ISPs are represented in FIG. 2A by a first ES 101 (endpoint system), a second ES 102, and a ninety-ninth ES 199.
  • ES 101 endpoint system
  • second ES 102 endpoint system
  • ninety-ninth ES 199 There is no particular limit to the number of ISPs that may be interfaced with the SGS 156 via a dedicated ES.
  • the public may also be allowed to communicate directly with the SGS 156, such as via software capable of building SFIOIs on user devices or accessories.
  • the type B SFIOIs in FIG. 2A may be sent by the public without particularly requiring encryption, any ISP, or any particular electronic wallet program or currency reader program.
  • the ISPs may include intermediaries such as banks and other types of financial companies, communication service providers and consumer electronic companies.
  • the ISPs may provide electronic wallet (EW) applications or similar applications to their customers, and one service provided by such applications may be to ensure the ability to safely carry SFIOIs to the SGS 156 such as by using encryption, dedicated lines, virtual private networks and so on.
  • EW electronic wallet
  • the SGS 156 may refuse responsibility for decrypting incoming communications, insofar as the SGS 156 may be responsible for interfacing with numerous diverse known and unknown people and organizations.
  • services provided by an ISP may include encrypted communications to an ES of the ISP, such as ESs interfaced with the SGS 156.
  • An ES may include one or more computers such as servers, as well as other types of communication and/or storage and/or processing devices used to terminate a private communications network for a provider of the private communications network. Each ES may be similar to a data center, even when multiple different ESs are provided in the same facility. The ES may also be used by the ISPs to initiate responses to their customers. The ESs may each be assigned a separate internet protocol (IP) address, or be connected by a dedicated line to another system controlled by the provider and assigned an IP address. The ESs may receive communications for a plurality of customers over their corresponding private communications networks, and the communications may comprise packets in proprietary formats for the providers of the private communications networks or packets in a required packet format required by the SGS 156.
  • IP internet protocol
  • the ES may be required to provide packetized communications to the SGS 156 in the required packet format required by the SGS 156.
  • each ES is provided in a facility with a plurality of ESs each provided for a different private communications network.
  • encryption and other security mechanisms may be provided by ISPs all the way through ESs represented by the first ES 101, the second ES 102, through the ninetyninth ES 199.
  • the SGS 156 may not be required to maintain encryption/ decry ption keys.
  • the ISPs may be required to provide SFIOIs to the SGS 156 in the same format as the public, even if the ESs in FIG. 2A are hardwired or otherwise directly interfaced with the SGS 156.
  • Some or all of the ESs may be configured to send packetized communications to the SGS 156 for each of a plurality of customers in a required packet format for SFIOIs.
  • the term packetized communications may include internet protocol (IP) packets such as internet protocol version 4 (IPv4) packets and/or internet protocol version 6 (IPv6) packets.
  • IP internet protocol
  • IPv4 internet protocol version 4
  • IPv6 internet protocol version 6
  • IPv6 internet protocol version 6
  • the SGS 156 receives the packets with the required packet format from the plurality of ESs and provides responses to each of the plurality of ESs based on identifiers that identify corresponding providers of the different private communications networks.
  • the identifiers may be included in a space “reserved for temporary use” as shown in the SFIOI format in FIG. 2B, and each private communications network may be assigned its own unique identifier to use for communications sent to the SGS 156. Two bytes of sixteen bits total may be used to potentially uniquely identify more than 65,000 different providers, though even more than two bytes may be used when so allowed by the SFIOI format.
  • the responses from the SGS 156 may be in a format different than the required packet format required for communications to the SGS 156.
  • a response from the SGS 156 may be addressed to an ES, may identify the owner of the VNs listed in the SFIOI for which the response is being provided, may list one or all of the VNs in the SFIOI, and may provide an answer to the instruction or inquiry specified by the SFIOI.
  • both the SFIOI and the response may include an arbitrary identifier so that the provider may recognize which SFIOI the response is for.
  • the responses from the SGS may be sent to be customers over the private communications network in the same form as received by the endpoint from the SGS 156, or in a proprietary form used by the provider and specific to an electronic wallet program or other application and/or website of the provider.
  • the addressing scheme for the SFIOIs routed through ISPs in embodiments herein may include space in the SFIOI for an identifier that identifies the ISP corresponding to the SFIOI.
  • the identifier may be inserted at electronic wallet programs and/or currency reader programs when SFIOIs are generated on user devices, or may be first inserted at the ESs or at least within private communications networks managed by the ISPs and ending with an ES.
  • the SFIOI When the identifier for an ISP is inserted at an electronic wallet program, the SFIOI may be partially or entirely built at the user device which executes the electronic wallet program, and the SFIOI with the inserted identifier may be carried through the private communications network implemented by the ISP.
  • An ES for the ISP may be configured to receive each SFIOI with the identifier pre-inserted into a predetermined field of the SFIOI, and send the SFIOI with the pre-inserted identifier to the SGS 156.
  • the ES may separate received data into two parts so as to add the identifier at the end of the first part or beginning of the second part and then recombine the two parts after the identifier is added. In this alternative, the ES still sends the SFIOI with the newly-inserted identifier to the SGS 156.
  • the identifier may be inserted into some or all portions of an SFIOI at another element within the private communications network.
  • the ES is configured to newly packetize communications for customers into the required packet format for the SGS 156, including the identifier that identifies the provider of the private communications network.
  • data used to build the SFIOI may be carried in a proprietary format in the private communications network, and then the SFIOI is newly built in the required SFIOI format at the ES.
  • the ISPs may be identified at the SGS 156 by the dedicated channels, including dedicated lines, over which SFIOIs arrive from their ESs.
  • hardware at the SGS 156 may be configured to recognize each channel, and insert an identifier into the SFIOIs in reserved space so that even the ISPs are not aware of which identifier is assigned to them for internal processing at the SGS 156.
  • equipment at the SGS 156 may be dedicated permanently or semi-permanently to an ISP, such as a large ISP. In this way, SFIOIs that arrive over a channel dedicated to an ISP may be processed by hardware at the SGS 156 dedicated to that ISP.
  • some governments may allow some ISPs to place equipment within the SGS 156.
  • some very large ISPs such as Apple and Google may be allowed to place equipment within the SGS 156, such as within the same building, so that they can provide assurances that SFIOIs will be encrypted all the way into the SGS 156.
  • the decrypted SFIOIs may still be passed from the ESs within the SGS 156 to the processing systems of the SGS 156 for processing in the manners described herein.
  • FIG. 2B illustrates an example format for a SFIOI.
  • the format for an SFIOI shown in FIG. 2B is based on a 64-byte format previously described by National Currency Technologies, Inc. In previous descriptions, the example format included empty space for several purposes, including flexibility for future uses and status space towards the end of the format set aside for status updates when different threads of a multi-core processor have to synchronize the processing by checking completion of previous tasks before proceeding and by updating the dedicated status space after proceeding.
  • 16 bytes are reserved for temporary use. The 16 bytes may be used to coordinate processing between the SGS 156 and the ISPs. In short, each ISP may be assigned a unique identification so that the SGS 156 knows where to provide responses to SFIOI inquiries and confirmations to SFIOI instructions.
  • ISPs may know their unique identification, and may populate the dedicated space with their unique identification at the ES, or even internally in their own systems before the ES.
  • the SGS 156 may provide dedicated equipment such as servers to handle SFIOIs from the ISPs, and the dedicated equipment may be configured to insert the unique identification for each ISP when the SFIOI is received.
  • the responses and confirmations may be routed back to the ES for the ISP rather than over the public internet. In this way, the security mechanisms provided by the ISPs such as encryption, virtual private networks, and more may be used for the responses and confirmations.
  • This 16-bit field may be used by ISPs to insert their own ISP identification into SFIOIs, so that the SGS 156 will know where to provide the response to inquiries and confirmations for instructions.
  • the ISPs may insert their ISP identification into SFIOIs when the SFIOIs are generated at user devices such as by wallets or other applications.
  • the ISPs may insert their ISP identification into SFIOIs when the SFIOIs are received and processed at systems of the ISPs.
  • the ISPs may insert their ISP identification into SFIOIs at the ESs which are interfaced with SGSs.
  • the SGS 156 may process SFIOIs and know which ES to respond to.
  • one or more ESs of ISPs may be interfaced with dedicated processing units at the SGS 156.
  • three or four ISPs may be interfaced with a single processing unit that performs the processing at the SGS 156, and the single processing unit may only be required to respond to the three or four ESs for the three or four ISPs by referring to the “Reserved for Temporary Use” field once processing is complete.
  • FIG. 2C illustrates an example wherein the SGS 156 is interfaced with other elements of a CS including the LSS 152 and the main memory system 153, as well as the endpoints of a facility 290.
  • dedicated line one and dedicated line two are examples of dedicated lines that interface the SGS 156 to the facility 290.
  • the facility 290 may comprise a facility where different ISPs are each enabled to install ESs that interface with the SGS 156, and resources at the SGS 156 may be dedicated to different individual or groups of ISPs such as by using the dedicated line one and the dedicated line 2.
  • dozens or even hundreds of different dedicated lines may be used to connect a SGS 156 with different ESs for ISPs.
  • An addressing scheme for the facility 290 may provide a different identification for each ISP, and the identification may be inserted into SFIOIs by the ISP and used to return responses to the ISP. For example, 256 different ISPs may be separately identified by a single byte (8 bits), and more than 65000 different ISPs may be separately identified by two bytes (16 bits).
  • an ES may be used by multiple different financial institutions, such as a group of banks that together provide the Zelle service or by a group of banks that simply wish to share expenses given relatively small customer bases.
  • a single financial institution or technology company may use multiple ESs, such as when a large financial institution has multiple subsidiaries.
  • FIG. 2D illustrates an example where different elements of a CS interface with multiple different SGSs including a first SGS 156-1 and a second SGS 156-2.
  • Each of the first SGS 156-1 and the second SGS 156-2 interfaces with different facilities including the first facility 290-1 and the second facility 290-2. Interfaces between the SGSs and ESs are again dedicated in FIG. 2D, including DL 1-1, DL 2-1; DL 1-2 and DL 2-2.
  • the first SGS 156-1 may be placed on the East coast of the United States, such as in Virginia
  • the second SGS 156-2 may be placed on the West coast of the United States, such as in California.
  • FIG. 2E illustrates an example communication flow between a facility 290 and a SGS 156.
  • a ninety-ninth ES 199 may provide a SFIOI and the unique identification of 199 to the SGS 156, and the SGS 156 may respond with a Response or Acknowledgement addressed using the unique identification of 199.
  • the ninety-first ES 191 may provide a SFIOI and the unique identification of 191 to the SGS 156, and the SGS 156 may respond with a Response or Acknowledgement addressed using the unique identification of 191.
  • FIG. 2F illustrates a private communications network between a representative electronic communication device and an ES interfaced with a SGS 156.
  • an electronic communication device 202 with an electronic wallet program 111 (EWP) communicates via a private communications network 131 with the first ES 101 interfaced with the SGS 156.
  • the first ES 101 is provided in a facility with a plurality of ESs each provided for a different private communications network.
  • the computer system 400 illustrated in FIG. 4 and explained below may be representative of the electronic communication device 202, a server 132 or another ES communications and computing element within the private communications network 131, or a server or another computer implemented at the first ES 101.
  • the private communications network 131 is a private communications network
  • the first ES 101 is an ES for the private communications network.
  • the private communications network for the first ES 101 may be one of a plurality of private communications networks that terminate in ESs such as the first ES 101.
  • Each private communications network may carry communications for a plurality of customers, and the terminating ES for each private communications network may receive the communications for the plurality of customers for the private communications network.
  • the first ES 101 in FIG. 2F includes a memory that stores instructions and a processor that executes the instructions.
  • the ES may be configured to send packetized communications for each of the plurality of customers to the SGS 156.
  • Each different ES may include a different identifier in the packets it sends, and the identifier identifies the provider of the private communications network that terminates in the corresponding ES.
  • the packet with the identifier may be constructed at the electronic communication device 202, at the server 132 within the private communications network 131, or at the first ES 101.
  • the SGS 156 receives packets with the required packet format from the plurality of ESs and provides responses to the packets to each of the plurality of ESs based on identifiers that identify corresponding providers of the different private communications networks.
  • the ESs may be included in the packets at a user device such as the electronic communications device 202, at a network element within a private communications network such as the private communications network 131, or at an ES such as the first ES 101.
  • the first ES 101 is configured to send the packets with the required packet format to the SGS 156 without newly establishing a connection with the SGS 156.
  • a dedicated line may be established between the first ES 101 and the SGS 156 so that the only traffic sent from the first ES 101 to the SGS 156 over the dedicated line is packets constructed in the required format with the identifier that identifies the provider of the private communications network 131 so that the SGS 156 knows where to send responses.
  • the first ES 101 is configured to insert the identifier that identifies the provider of the private communications network into a predetermined field of each packet sent to the SGS 156.
  • the identifier may be inserted when the first ES 101 constructs the packet, or else may be written in a predetermined blank field if the first ES 101 receives the packet without the identifier inserted, such as from a network element within the private communications network 131 or else from the electronic communications device 202.
  • the ES is configured to receive each packet with the identifier pre-inserted into the predetermined field of the packet, and the ES is configured to send the packet with the pre-inserted identifier to the SGS 156.
  • the first ES 101 may be configured to receive packetized communications for each of a plurality of customers in the required packet format for the SGS 156, including the identifier that identifies the provider of the private communications network, and then transmit the packetized communication in the required packet format to the SGS 156.
  • the identifier may be included in the packet at user devices used by customers when an application for the provider of the private communications network builds the packetized communication. Alternatively, the identifier may be inserted into the packet at an element within the private communications network 131.
  • the first ES 101 may be configured to packetize communications for each of the plurality of customers into the required packet format for the SGS, including the identifier that identifies the provider of the private communications network 131.
  • the provider of the private communications network 131 may send all required data for the packet in a proprietary format, and have the first ES 101 construct the packets to send to the SGS 156.
  • a method performed by the first ES 101 may include creating the packet in the required packet format, including the identifier that identifies the provider of the private communications network.
  • FIG. 3A illustrates a status updating progression for processing SFIOIs
  • FIG. 3B illustrates another hybrid arrangement for a CS and partial communication flow for implementing MFA
  • FIG. 3C illustrates example MFA instructions from a SGS
  • FIG. 3D illustrates a method for processing SFIOIs at a SGS
  • FIG. 3E illustrates another method for processing SFIOIs at a SGS.
  • MFA may be performed by simply providing a party identification from the SGS 156 to the MFA system(s) 159 in FIG. 1A, the MFA system(s) 159 identifying a communication address for the party corresponding to the party identification, and the MFA systems 15(9) then sending a message to or activating a user interface via an application at the communication address.
  • parties involved in transactions may be notified by the MFA system(s) 159 in real time, the parties should typically be expecting the MFA authentication checks, and delays may be minimized such as to several seconds.
  • An example MFA check provided by the SGS 156 or the MFA system(s) 159 is generation of a small code to send with the MFA check used to confirm transfer instructions.
  • a small code may be sent with a message to the communication address of record of the owner or for display on a pop-up window on a device corresponding to the communication address of record of the owner.
  • the owner may be required to manually return the small code, such as two or three characters, to confirm the transfer.
  • the spoofers may be blocked when they cannot guess the characters which are dynamically generated and sent by the SGS 156 or the MFA system(s) 159. Having the check performed by the MFA system(s) 159 may enhance privacy by ensuring that communication addresses for owners of VNs are not particularly stored in records at the SGS 156 or the main memory system 153.
  • FIG. 3A shows a primary gateway memory 363 and a secondary (MFA) gateway memory 364.
  • Each of the primary gateway memory 363 and the secondary (MFA) gateway memory 364 is divided between a SFIOI space and a status space.
  • the SFIOI space stores substantive content of SFIOIs in each memory unit used to store and process SFIOIs, and the status space is used to track status updates as the SFIOI is processed.
  • FIG. 3A introduces a concept wherein SFIOIs are first stored in the primary gateway memory 363, and then if MFA is to be performed SFIOIs are transferred to the secondary (MFA) gateway memory 364.
  • the processing involving MFA may be separated since MFA processing may take significantly more time to complete than processing for SFIOIs received, for example, from the ISPs.
  • the primary gateway memory may correspond to processors that check whether SFIOIs require MFA, and the check may be made based on the purported owner of VNs listed in the SFIOI, and the check may be the first, or one of the first, processing checks performed on SFIOIs at the primary gateway memory 363.
  • the need for MFA processing may be identified using user identifications that indicate the users have requested MFA, and the check for such user identifications may be performed first when SFIOIs are stored at the primary gateway memory 363.
  • FIG. 3B illustrates a more detailed breakdown of the separated memory and processing systems in FIG. 3A.
  • a bay for processing SFIOIs at the primary gateway memory 363 may include, for example, 40000 or more memory units such as flash memory pages of 512 bytes or a predetermined grouping of columns of 512 bytes of an SDRAM.
  • the bay may receive all incoming SFIOIs for a short time period such as 15 seconds or 60 seconds, and processing of the SFIOIs may begin as soon as the first SFIOIs are stored.
  • the SFIOI is copied and transferred to the secondary MFA gateway memory 364 which also may include, for example, 40000 or more memory units such as flash memory pages of 512 bytes or a predetermined grouping of columns of 512 bytes of an SDRAM.
  • the processing is separated since the MFA processing will take significantly more time than processing of SFIOIs that do not require MFA, and also because MFA responses for inquiries sent out for the SFIOIs stored in the secondary (MFA) gateway memory 364 will not come back in a first in first out order, insofar as the responses are being returned from thousands of different parties, if at all.
  • the MFA thus adds a significant amount of latency to processing, and the processing at the secondary (MFA) gateway memory 364 may be significantly more complex than processing for SFIOIs at the primary gateway memory 363.
  • the method starts at S310 when a CS receives a SFIOI.
  • the method includes determining if MFA is indicated.
  • MFA may be indicated by a user identification that indicates that MFA is required, such as a user identification that starts with or ends with one or more characters that indicate the requirement for MFA.
  • a SFIOI may have a dedicated field separate from the user identification to instruct for a MFA check.
  • the owner identification from the SFIOI is sent to a MFA service and the SGS 156 waits for a response from the MFA service.
  • the SFIOI may first be transferred to the secondary (MFA) gateway memory 364 before proceeding to S330.
  • the status space for the SFIOI is updated to complete if the response is affirmative, and to indicate deletion of the SFIOI if negative. Deletion may be marked in a status area by simply marking all statuses as complete so that no further processing is needed.
  • the status space is at the secondary (MFA) gateway memory 364.
  • the SFIOI (if an instruction) is transferred, or a confirmation for an inquiry in the SFIOI (if an inquiry) is sent if the owner has responded affirmatively.
  • FIG. 3D illustrates a progression of status updates for a SGS.
  • each box represents a specific unit of memory in a status memory area.
  • specific units include bytes (8 bits) or words (64 bits for the purposes of this description).
  • the column for byte/word #1 may be used to track a first sub-process performed by a first core of a multi-core processor.
  • the column for byte/word #2 may be used to track a second sub-process performed by a second core of a multi-core processor.
  • the column for byte/word #3 may be used to track a third sub-process performed by a third core of a multicore processor.
  • Separate units in the status memory area may be provided for each sub-process and each core, though all statuses may be marked complete when any status determines that a SFIOI does not meet a safety check.
  • the core Before performing a sub-process, the core may check the status area for that process for the SFIOI, and after performing the sub-process, the core may mark the status area for that process. If when checking the status area for a process a core determined that the process is complete, the core simply increments to the next SFIOI.
  • the first three sub-processes are complete for SFIOI #1 and SFT0I#2.
  • the first two sub-processes are complete for SFIOI #3 and SFIOI #4.
  • the first sub- process is complete for SFIOI #5.
  • No sub-processes are complete for SFIOI #6.
  • a CS may expect to receive tens of thousands of SFIOIs in a second or within several seconds. Up to twenty four or more sub-processes may be performed on any particular SFIOI, and that is assuming the SFIOI meets each safety check. For example, a twenty-four core processor may be matched with the SFIOI memory that includes the status area shown in FIG. 3D.
  • the status memory area in FIG. 3D may be provided separately for the primary gateway memory 363 and the secondary (MFA) gateway memory 364 in FIG. 3A and FIG. 3B.
  • the corresponding status memory area for the SFIOI in the primary gateway memory 363 may be marked complete and tracking of sub-processes including MFA completion may be performed at the secondary (MFA) gateway memory 364.
  • FIG. 3E illustrates another hybrid arrangement for a CS and partial communication flow for implementing MFA.
  • a type B SFIOI is received from the communications network 330 at the SGS 356 in a CS 350 at S310.
  • the type B SFIOI may be sent by the public without using any ISP which sends type A SFIOIs.
  • open source programs may be made available for the public to generate and send type B SFIOIs directly to the SGS 356, without requiring encryption, any particular ISP, or any particular electronic wallet program or currency reader program.
  • the SGS 356 sends a MFA instruction to the MFA system(s) 359.
  • the MFA system(s) 359 sends the MFA request to the communication address for the owner of record via the communications network 330.
  • the MFA system(s) 359 send the MFA response to the SGS 356.
  • Responses from the MFA system(s) 359 may be handled by a different processor than the multi-core processor that updates the status update areas as in FIG. 3D.
  • a SFIOI memory area may be accessed by multiple processors at the same time, though most or all processing in most or all embodiments is performed by the multi-core processors that perform the safety checks.
  • multiple different processors may process responses for multiple exterior checks from the primary gateway memory 363 and from the secondary (MFA) gateway memory 364. For example, responses may be handled by a first processor for blacklist and greylist checks, a second processor for ownership checks at an LSS such as the LSS 152 in FIG. 1 A, and a third processor for responses to MFA inquiries.
  • the SGS 356 may test the boundaries for how many different processors can be used to simultaneously read from and write to the memory for SFIOIs.
  • multiple additional processors may be provided for a memory bay or memory block in addition to the primary multi-core processor that performs most safety checks on the SFIOI.
  • responses may be received from the MFA system(s) 359, from a main memory system or another element of a CS that maintains blacklists and/or greylists, and/or from a LSS 152 that performs ownership checks for owners listed in some or all SFIOIs.
  • a memory page or grouping of columns of an SDRAM for a SFIOI may have status space updated by up to or even more than four processors including the multi-core processor.
  • FIG. 3F illustrates an arrangement of a CS with one or more separate MFA system(s).
  • a SGS 356 includes a main memory and processing area 3561 separate from a MFA memory and processing area 3562. Different sets of memories and processors may be provided to each of the main memory and processing area 3561 and the MFA memory and processing area 3562. SFIOIs that require MFA may be initially handled by the main memory and processing area 3561, and then transferred to and handled by the MFA memory and processing area 3562. The MFA memory and processing area sends MFA requests to the MFA system(s) 359, and receives responses from the MFA system(s) 359.
  • the MFA system(s) 359 are shown separate from the CS 350.
  • MFA may be performed outside of a CS so as to provide assurances to parties that their identities will remain private under normal circumstances, such as in the absence of a warrant signed by a judge.
  • FIG. 3G illustrates example MFA instructions from a SGS.
  • an MFA instruction includes a MFA system ID, such as when the MFA system(s) 359 include numerous different MFA providers.
  • a first party ID may indicate a party ID for the MFA provider to look up and attempt to contact.
  • a status indicator may indicate whether the SFIOI is for an instruction or inquiry.
  • a second party ID may specify a counterparty to which a SFIOI is purportedly transferring ownership of VNs.
  • a memory return address for the SGS 156 is provided.
  • a memory return address may specify a memory bay that contains multiple memory blocks and each memory block may include multiple memory pages or groupings of columns.
  • Memory pages such as 512-byte flash memory pages or 512-byte groupings of columns of an SDRAM may serve on a 1-to-l basis for storing SFIOIs and tracking status of processing of the SFIOIs.
  • a memory block may include forty thousand or more memory pages or differentiated groupings of columns, and a bay may include 60 memory blocks.
  • the memory return address may specify a bay, a block, and a page or grouping of columns for an MFA response to be written.
  • Example #2 also shows a VN count, such as when an MFA instruction specifies how many VNs is purportedly the subject of the SFIOI for which the MSF instruction is being sent.
  • Example #3 also shows a transfer amount, such as an when a MFA instruction specifies how much money is purportedly the subject of the SFIOI for which the MFA instruction is being sent.
  • Example #4 also shows a VN denomination summary, such as when a MFA instruction specifies the number of VNs of each denomination for the SFIOI for which the MFA instruction is being sent.
  • the formats in FIG. 3G are examples of a variety of formats that may be required for processing in a CS such as the CS 150 or the CS 350. However, the formats may be internal within a CS, and may be used by elements of the CS that are not exposed to the public via the internet. Formats may be required for separate ownership checks at a LSS 152, blacklist and/or greylist checks at the main memory system 153 or another element that maintains updated blacklists and/or greylists for parties and/or even specific VNs, MFA checks at the MFA system(s) 159, and more.
  • FIG. 4 illustrates a computer system, on which a method for implementation mechanisms for digital currencies is implemented, in accordance with another representative embodiment.
  • the computer system 400 includes a set of software instructions that can be executed to cause the computer system 400 to perform any of the methods or computer- based functions disclosed herein.
  • the computer system 400 may operate as a standalone device or may be connected, for example, using a network 401, to other computer systems or peripheral devices.
  • a computer system 400 performs logical processing based on digital signals received via an analog-to-digital converter.
  • the computer system 400 operates in the capacity of a server or as a client user computer in a server-client user network environment, or as a peer computer system in a peer-to-peer (or distributed) network environment.
  • the computer system 400 can also be implemented as or incorporated into various devices or systems, such as an ES, a SGS, an LSS, ISPs, MFA system(s), a workstation that includes a controller, a stationary computer, a mobile computer, a personal computer (PC), a laptop computer, a tablet computer, or any other machine capable of executing a set of software instructions (sequential or otherwise) that specify actions to be taken by that machine.
  • the computer system 400 can be incorporated as or in a device that in turn is in an integrated system that includes additional devices.
  • the computer system 400 can be implemented using electronic devices that provide voice, video or data communication.
  • the term “system” shall also be taken to include any collection of systems or sub-systems that individually or jointly execute a set, or multiple sets, of software instructions to perform one or more computer functions.
  • the computer system 400 includes a processor 410
  • the processor 410 may be considered a representative example of a processor of a controller and executes instructions to implement some or all aspects of methods and processes described herein.
  • the processor 410 is tangible and non-transitory.
  • non- transitory is to be interpreted not as an eternal characteristic of a state, but as a characteristic of a state that will last for a period.
  • non-transitory specifically disavows fleeting characteristics such as characteristics of a carrier wave or signal or other forms that exist only transitorily in any place at any time.
  • the processor 410 is an article of manufacture and/or a machine component.
  • the processor 410 is configured to execute software instructions to perform functions as described in the various embodiments herein.
  • the processor 410 may be a general- purpose processor or may be part of an application specific integrated circuit (ASIC).
  • the processor 410 may also be a microprocessor, a microcomputer, a processor chip, a controller, a microcontroller, a digital signal processor (DSP), a state machine, or a programmable logic device.
  • the processor 410 may also be a logical circuit, including a programmable gate array (PGA), such as a field programmable gate array (FPGA), or another type of circuit that includes discrete gate and/or transistor logic.
  • the processor 410 may be a central processing unit (CPU), a graphics processing unit (GPU), or both. Additionally, any processor described herein may include multiple processors, parallel processors, or both. Multiple processors may be included in, or coupled to, a single device or multiple devices.
  • processor encompasses an electronic component able to execute a program or machine executable instruction.
  • references to a computing device comprising “a processor” should be interpreted to include more than one processor or processing core, as in a multi-core processor.
  • a processor may also refer to a collection of processors within a single computer system or distributed among multiple computer systems.
  • the term computing device should also be interpreted to include a collection or network of computing devices each including a processor or processors. Programs have software instructions performed by one or multiple processors that may be within the same computing device or which may be distributed across multiple computing devices.
  • the computer system 400 further includes a main memory 420 and a static memory 430, where memories in the computer system 400 communicate with each other and the processor 410 via a bus 408.
  • main memory 420 and the static memory 430 may be considered representative examples of a memory of a controller, and store instructions used to implement some or all aspects of methods and processes described herein.
  • Memories described herein are tangible storage mediums for storing data and executable software instructions and are non-transitory during the time software instructions are stored therein. As used herein, the term “non-transitory” is to be interpreted not as an eternal characteristic of a state, but as a characteristic of a state that will last for a period.
  • the term “non-transitory” specifically disavows fleeting characteristics such as characteristics of a carrier wave or signal or other forms that exist only transitorily in any place at any time.
  • the main memory 420 and the static memory 430 are articles of manufacture and/or machine components.
  • the main memory 420 and the static memory 430 are computer-readable mediums from which data and executable software instructions can be read by a computer (e.g., the processor 410).
  • Each of the main memory 420 and the static memory 430 may be implemented as one or more of random access memory (RAM), read only memory (ROM), flash memory, electrically programmable read only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), registers, a hard disk, a removable disk, tape, compact disk read only memory (CD-ROM), digital versatile disk (DVD), floppy disk, blu-ray disk, or any other form of storage medium known in the art.
  • the memories may be volatile or non-volatile, secure and/or encrypted, unsecure and/or unencrypted.
  • “Memory” is an example of a computer-readable storage medium. Computer memory is any memory which is directly accessible to a processor.
  • the computer system 400 further includes a video display unit 450, such as a liquid crystal display (LCD), an organic light emitting diode (OLED), a flat panel display, a solid-state display, or a cathode ray tube (CRT), for example.
  • a video display unit 450 such as a liquid crystal display (LCD), an organic light emitting diode (OLED), a flat panel display, a solid-state display, or a cathode ray tube (CRT), for example.
  • the computer system 400 includes an input device 460 such as an alpha-numeric input device such as a keyboard/virtual keyboard or touch-sensitive input screen or speech input with speech recognition, and a cursor control device 470, such as a mouse or touch-sensitive input screen or pad.
  • the computer system 400 also optionally includes a disk drive unit 480, a signal generation device 490, such as a speaker or remote control, and/or a network interface device 440.
  • the disk drive unit 480 includes a computer- readable medium 482 in which one or more sets of software instructions 484 (software) are embedded.
  • the sets of software instructions 484 are read from the computer-readable medium 482 to be executed by the processor 410.
  • the software instructions 484 when executed by the processor 410, perform one or more steps of the methods and processes as described herein.
  • the software instructions 484 reside all or in part within the main memory 420, the static memory 430 and/or the processor 410 during execution by the computer system 400.
  • the computer-readable medium 482 may include software instructions 484 or receive and execute software instructions 484 responsive to a propagated signal, so that a device connected to a network 401 communicates voice, video or data over the network 401.
  • the software instructions 484 may be transmitted or received over the network 401 via the network interface device 440.
  • FIG. 5 illustrates a partial system layout for a SGS, in accordance with a representative embodiment.
  • a system 500 shows an arrangement around a facility for a SGS 556.
  • multiple SGSs may be provided for a CS for implementing a digital currency.
  • ISP systems 590A and ISP systems 590B may be provided in facilities around the facility for the SGS 556.
  • a facility for MFA systems 559 may also be provided adjacent to the SGS 556.
  • these facilities may include enormous amounts of electronic equipment including servers, memory, communications lines, high-end routers and more.
  • the facilities around the SGS 556 may be part of the protections systems for the SGS 556.
  • the facilities around the SGS 556 may be physically taller than the SGS 556, and may provide a form of electromagnetic shielding around the SGS 556.
  • the facility for ISP systems 590A may include ESs for financial institutions that wish to have direct access to the SGS 556.
  • the facility for ISP systems 590B may include ESs for technology companies that wish to have direct access to the SGS 556.
  • an addressing scheme may be created so that each financial institution and each technology company may send SFIOIs to the SGS 556, and the SGS 556 will know where to send acknowledgements and responses.
  • the facility for the MFA systems 559 may include equipment for one or more MFA providers to initiate outbound MFA inquiries, and responses to MFA inquiries may be provided to the SGS 556.
  • MFA inquiries may be provided in forms as simple as “are you transferring VNs or expecting an inquiry” or “you are transferring the specific amount X”, to a more complicated notification indicating the specific VN IDs being transferred.
  • dedicated hardware implementations such as application-specific integrated circuits (ASICs), field programmable gate arrays (FPGAs), programmable logic arrays and other hardware components, are constructed to implement one or more of the methods described herein.
  • ASICs application-specific integrated circuits
  • FPGAs field programmable gate arrays
  • programmable logic arrays and other hardware components are constructed to implement one or more of the methods described herein.
  • One or more embodiments described herein may implement functions using two or more specific interconnected hardware modules or devices with related control and data signals that can be communicated between and through the modules. Accordingly, the present disclosure encompasses software, firmware, and hardware implementations. None in the present application should be interpreted as being implemented or implementable solely with software and not hardware such as a tangible non-transitory processor and/or memory.
  • the methods described herein may be implemented using a hardware computer system that executes software programs. Further, in an exemplary, non-limited embodiment, implementations can include distributed processing, component/object distributed processing, and parallel processing. Virtual computer system processing may implement one or more of the methods or functionalities as described herein, and a processor described herein may be used to support a virtual processing environment.

Abstract

Un système de point d'extrémité pour un réseau de communication privé comprend une mémoire qui stocke des instructions ; et un processeur qui exécute les instructions. Lorsqu'il est exécuté par le processeur, le système de point d'extrémité est configuré pour : recevoir des communications pour une pluralité de clients sur le réseau de communication privé ; mettre en paquets des communications pour chaque client de la pluralité de clients dans un format de paquet requis pour un SGS (système de passerelle de sécurité), comprenant un identifiant qui identifie le fournisseur du réseau de communication privé ; envoyer des paquets ayant le format de paquet requis au SGS sans établir une connexion avec le SGS ; recevoir du SGS des réponses aux paquets sur la base de l'identifiant qui identifie le fournisseur du réseau de communication privé, et envoyer les réponses du SGS aux clients sur le réseau de communication privé.
PCT/US2023/029127 2022-08-24 2023-07-31 Mécanismes de mise en œuvre pour monnaies numériques WO2024044021A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US202263400743P 2022-08-24 2022-08-24
US63/400,743 2022-08-24

Publications (1)

Publication Number Publication Date
WO2024044021A1 true WO2024044021A1 (fr) 2024-02-29

Family

ID=90013897

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2023/029127 WO2024044021A1 (fr) 2022-08-24 2023-07-31 Mécanismes de mise en œuvre pour monnaies numériques

Country Status (1)

Country Link
WO (1) WO2024044021A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050165953A1 (en) * 2004-01-22 2005-07-28 Yoshihiro Oba Serving network selection and multihoming using IP access network
US20090198996A1 (en) * 2008-02-04 2009-08-06 Contineo Systems System and method for providing cellular access points
US20120044908A1 (en) * 2007-10-25 2012-02-23 Cisco Technology, Inc. Interworking gateway for mobile nodes
US20190306762A1 (en) * 2015-03-02 2019-10-03 Corning Optical Communications LLC Enhanced features for a gateway coordinating multiple small cell radio access networks
US20200296776A1 (en) * 2009-01-28 2020-09-17 Headwater Research Llc Enterprise Access Control and Accounting Allocation for Access Networks

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050165953A1 (en) * 2004-01-22 2005-07-28 Yoshihiro Oba Serving network selection and multihoming using IP access network
US20120044908A1 (en) * 2007-10-25 2012-02-23 Cisco Technology, Inc. Interworking gateway for mobile nodes
US20090198996A1 (en) * 2008-02-04 2009-08-06 Contineo Systems System and method for providing cellular access points
US20200296776A1 (en) * 2009-01-28 2020-09-17 Headwater Research Llc Enterprise Access Control and Accounting Allocation for Access Networks
US20190306762A1 (en) * 2015-03-02 2019-10-03 Corning Optical Communications LLC Enhanced features for a gateway coordinating multiple small cell radio access networks

Similar Documents

Publication Publication Date Title
US20240154807A1 (en) Partitioning a blockchain network
US10484376B1 (en) Authenticating a user device associated with a user to communicate via a wireless network in a secure web-based environment
CN109716707B (zh) 分布式电子记录和交易历史的服务器设备和方法
US11849051B2 (en) System and method for off-chain cryptographic transaction verification
WO2017076193A1 (fr) Procédé et appareil de traitement de demande client
US20220239496A1 (en) Blockchain consensus method, device and system
CN112087502B (zh) 处理请求的方法、装置、设备及存储介质
KR20090086226A (ko) 중간자 피싱 공격의 검출 및 방지
CN109359992A (zh) 一种新型的区块链分区分片方式和装置
US20190272530A1 (en) Resource allocation method and device, and electronic payment method
CN109710695B (zh) 事务请求有效性识别和发起方法、装置、设备和介质
CN109509108B (zh) 基于区块链技术的保险保单处理方法、装置和计算机设备
CN113572715A (zh) 基于区块链的数据传输方法和系统
CN109936620B (zh) 基于区块链的存储方法及装置、系统与存储介质
JP6666441B2 (ja) Ipアドレス取得方法及び装置
KR20190052033A (ko) 일시적인 트랜잭션 서버
CN114297304A (zh) 一种产品信息区块链交易存储方法、服务器及可读介质
US11153093B2 (en) Protection of online applications and webpages using a blockchain
WO2024044021A1 (fr) Mécanismes de mise en œuvre pour monnaies numériques
US20150295918A1 (en) User authentication system in web mash-up circumstance and authenticating method thereof
CN112860805A (zh) 一种区块链数据交互方法及系统
KR20230038162A (ko) 가상자산의 주소 공증 방법 및 장치
CN113592645B (zh) 数据验证的方法和装置
CN112788021A (zh) 一种身份验证方法基于云数据的数字化城市管理数据共享系统
CN113449497A (zh) 业务申请表填写方法及装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23857894

Country of ref document: EP

Kind code of ref document: A1