

How would one acquire tokens anonymously but in a way that you can verify that you acquired genuine tokens, and what keeps those tokens from being given to multiple people? This is really where the privacy aspects fall down. It’s a hard problem to solve in Bitcoin, but at least you can have Bitcoin ATMs that you can verify that you received the funds.
A Taler ATM it seems could issue invalid tokens or issue the same tokens to every client and there would be no way to know until you tried to spend it or deposit it in your account (thus defeating the anonymity).
Very interesting thanks for the explanation.
I think that makes some sense to me. I’m moderately familiar with signatures and encryption. I’m going to do some more research into blind signatures now since that’s one thing I have never had to implement.
Without doing that research, I still feel that the bank or whatever could store the signature info at the time of signing with the account that requested it, but perhaps the blind signing even protects against that if the verification process is done in some way that the original signing request info isn’t present in the same form.
Anyway, thanks for the response!
ETA:
Oh the other hole in the ATMs I was talking about assuming a malicious ATM. Since the coin can only be verified by depositing it, (without doing more research on this) I still don’t see a way to verify that the ATM actually gave you a valid signature. Maybe it’s possible to validate the signature before unwrapping the coin, then impossible to validate the unwrapped coin that is given to the merchant. I could see that.
Also presumably these could be bank ATMs and not sketchy Bitcoin ATMs so maybe the malicious case isn’t as much to worry about.