[1] https://explore.fednow.org/resources/technical-overview-guid...
There may also be implementation details or code which are subject to NDA, either from the Fed itself or from service providers such as IBM in this case. Sometimes you can get that info from a FOIA request, but that doesn't negate the fact that the employees working on the system are bound by an NDA. The FOIA has to happen and run its course.
That smells like security through obscurity (which admittedly is the status quo in the banking world).
Contrasted to approaches like Bitcoin, for which full code and whitepaper are public, and which has managed to survive every attack vector thrown at it for the last decade and a half. Not arguing for Bitcoin as money here, just highlighting the diverse approaches to security and that it shouldn't be taken as a given that hiding those details makes it more secure.
This is exactly the thing you _shouldn't_ put under NDA. What on earth?
Fraud and people trying to mess with the system has been a long term problem and likely always will be. The results of which can hurt people. Keeping details private can make it more difficult for those folks.
If we try to prioritize goals of a system like this... security for people should be one of the highest. I think of the middle income single parent when I envision an example of a person in this system.
Hey, that's neat. I'm super curious how much the internals of this thing could be compared with something like a cryptocurrency. Are those signatures representative of the identities making the transaction? Might it be technically feasible some day for me to craft a transaction on my phone to send money to someone, then publish it directly, and have the person instantly confirm that they received a payment without needing to talk to a bank?
I'm really curious if this is what is going to eventually morph into the CBDC that everyone seems so excited about, or if that project is going to start from scratch.
