What is eCash? The beginnings of electronic money

8 min read

Cryptocurrencies have not always existed. Contrary to what many users believe, Bitcoin was not the first idea of digital money that existed, but rather eCash. Below we will look at one of the first phrases that gave way to the creation of cryptocurrencies:

“You can pay to have access to a database, buy software or a newsletter, play a computer game over the internet, receive $5 USD that you owe a friend or simply order a pizza. The possibilities are truly limitless.” 

When you read this sentence you are probably thinking about Bitcoin. However, nothing could be further from that. This sentence is from 1994, specifically from cryptographer David Chaum at the first CERN conference in Geneva. This sentence was referring to eCash.

We have all heard at least once about the Cypherpunk movement. This movement had its beginnings thanks to David Chaum. Chaum was always ahead of his time, as the Internet was just becoming normalized at this time. Chaum’s main concern was about online privacy.

Who is David Chaum?

As mentioned above, David Chaum is a pioneer of cryptography applied to the digital world.

Chaum was born in 1955 in the United States. He received his PhD in Computer Science and Business Administration from the University of Berkeley, California. He is currently considered the father of digital money. We will see why later on.

Chaum is well known for his career as a researcher, teacher and developer of cryptographic protocols. Chaum was a promoter and organizer of what were the first annual cryptography and cryptology conferences. These were held in Santa Barbara, California starting in 1982. This conference was annual and was called CRYPTO. It was attended by professionals of high knowledge in the field with the aim of showing the world exhibitions of new developments.

At the conference known as CRYPTO ’82, Chaum presented the white paper of what would officially become the first digital money protocol in history. The seed of this project was the possibility of developing a new digital payment system based on cryptography by introducing the concept of blind signature.

By 1990 David Chaum developed DigiCash Inc. This company aimed at creating electronic money services implemented in their research. This company was the developer of the outstanding project, eCash.

eCash was an improved version of the digital payment system previously developed by David. He did not carry out all this work alone, as he collaborated with other relevant cryptographers such as Nick Szabo or Eric Hughes. 

The eCash project was introduced to the world at the first WWW94 (World Wide Web) conference held in 1994 in Geneva, Switzerland. At this conference, all participants were shown how eCash was able to make electronic money payments through computers using simple software.

Chaum has made his mark in the digital world, and not just with eCash. He has made countless contributions. Among some of the ones he has made for digital money we can find: the Trusted Voting System in 1981, the Blind Signature for untraceable payments in 1982, the Zero Knowledge Protocol in 1988, Untraceable Electronic Money in 1988, and finally DigiCash in 1990.


Digital Money

Chaum was not concerned with the privacy of traditional communication but with a privacy system that would preserve digital money:

“The choice between keeping information in the hands of individuals or organizations is made whenever any government or business decides to automate another set of transactions.”

This phrase was expressed by Chaum in Scientific American in 1992. Ten years before these statements, the cryptographer had already discovered blind signatures for untraceable payments. When the bitcoin veterans had not yet appeared, Chaum had already discovered the solution for an anonymous payment system for the Internet.

Blind Signatures

It took several systems to make digital money work, but at the heart of digital money were “Blind Signatures“.

This system works by means of public key cryptography and cryptographic signatures. Public key cryptography employs two keys. Each consists of a public key, which in turn is a completely random string of numbers that is mathematically derived from another truly random string of numbers that would be the private key. 

With the private key, it is extremely important to generate the public key. However, if we only have the public key, it is almost impossible to generate the private key. In other words, it is a one-way street.

Public key cryptography can be used to establish a private communication between two users. Imagine that users A and B share only their public keys with each other, but their private keys remain private. User A knows that only user B will be able to see the information he sends, but user B cannot know who is sending the information. 

To check this, both users can cryptographically sign the data sent. To do this, user A must mathematically combine the data used with his private key. The result is a seemingly random string of numbers known as a “signature“. Thanks to this process, user B can verify the signature with user A’s public key. 

Blind signatures develop this concept by taking it a step further, allowing data to be encrypted and verified for accuracy.



The blind signature scheme was the one used by Chaum to create a functional digital money system. In this case, user A would be a bank like any real bank, with customers, bank accounts, and so on. Let’s imagine that bank A has two customers C1 and C2.

Two of the customers (C1 and C2) want to trade by buying something from the first customer. C1 requests a withdrawal in order to pay. For this withdrawal, digital checks with unique serial numbers are generated. C1 hides the ownership of these checks and sends them to the bank. The bank blindly signs each check and sends them back to C1.

Since the bank blind signed the checks, your signature will be linked to the original unconcealed checks. C1 can now use the original unconcealed checks to pay C2 for his purchase.

When C2 receives the checks, he must forward them to the bank. The bank will verify with its public key its signature on these checks and will also verify that the checks have not been deposited by another user to ensure that they have not been spent twice (double spending attack).

As the checks are verified, the bank adds the equivalent dollar amount to the balance in C2’s bank account and notifies C2. After this confirmation, C2 knows that C1 has paid with valid checks and can now finalize the sale.

This Chaum solution, which offers privacy in payments, is something that already existed, but had never been seen in a digital form.