Smart Money and
Concrete Contracts
in GNU Taler

Özgür Kesim

Programmable Money and
Concrete Contracts
in GNU Taler

Özgür Kesim

GNU Taler Logo

Marketing Pitch

GNU Taler is a payment system that makes
privacy-friendly online transactions
fast and easy.

✅ Payments without registration
✅ Data protection by default
✅ Fraud eliminated by design
✅ Not a new currency!
✅ Empowers communities to run their own payment infrastructure
✅ Free Software


  1. Be Free/Libre Software
  2. Protect the privacy of buyers
  3. Be Auditable
  4. Prevent payment fraud
  5. Collect the minimum information
  6. Be usable
  7. Be efficient
  8. Fault-tolerant design
  9. Foster competition

Core Protocols

(refresh protocol not shown)

Implementation Details

Conditional Payments and Programmable Money


Conditional payments are state-machines for the flow of money and allow the transfer when predefined rules hold.

Programmable money are e-cash tokens, augmented with additional data. They can further parameterize conditional payments.

Smart Contracts is a term used in the context of DLT's for programs that implement conditional payments. These programs are usually deployed in the DLT and execute on a virtual computation environment specific to the payment system.

Concrete Contracts

GNU Taler's philosophy:

Code is not law and payment needs both.

Code for conditional payments must work and also be verified to

GNU Taler defines a process for design, verification, implementation and deployment of Concrete Contracts.

Age Restriction in GNU Taler

Programmable Money

Our goal

A design and implementation of an age restriction scheme with the following properties:

Sketch of scheme

Independent of a payment service protocol, the scheme is as follows:

  1. Guardians commit to a maximum age
  2. Minors attest their adequate age
  3. Merchants verify the attestations
  4. Minors derive age commitments from existing ones
  5. Exchanges compare the derived age commitments
  6. GOTO 2

Sketch of Functions

Attest & Verify:
Derive & Compare:

Achieving unlinkability


Integration with GNU Taler

Conditional Payments

Escrow service

Example scenario: Bike rental; user puts E-cash into escrow with the GNU Taler exchange, provides merchant with a proof.

Unlocking conditions and payee(s) are defined in contract, can be f. e. per signature or timeout.

Also, refund offering for purchases can be implemented this way.

Design Document exists, with general idea sketched out.

Finalizing design and implementation is future project.

Sealed Bid Auctions

We started integrating libbrandt as PoC,a privacy preserving, Vickrey-style auction protocol

Found better design: Bag et al. - 2020

SEAL Sealed-Bid Auction Without Auctioneers
Based on a Veto-protocol, extended to an auction.


  1. Integration into GNU Taler
  2. Making it scalable. Think: Ticketsell for UEFA cup.



Project website
Community website
Open Calls