DCash, a digital version of the Eastern Caribbean dollar (XCD), is working again after being down since January 14. The two-month outage happened when the identity certificate on nodes in the Hyperledger Fabric network expired.
DCash is a central bank digital currency (CBDC) commissioned by the Eastern Caribbean Central Bank (ECCB), which is the monetary authority for a group of island economies including Antigua and Barbuda, Grenada, St Kitts and Nevis, Saint Lucia, and St Vincent and the Grenadines.
When rolling out the DCash digital payment platform last March, the ECCB partnered with banks, credit unions, and businesses. Bitt Inc was commissioned to develop the CBDC.
Responding to the outage in January, ECCB said that the DCash platform “experienced an interruption in service that has affected all users.”
About two months later, on March 9, the ECCB issued an advisory saying “full functionality of the DCash digital payments platform has been restored.”
A major part of the fix was better certificate management.
“As part of the restoration, the platform now benefits from several upgrades including an enhanced certificate management process and an updated version of the software which provides the foundation for the DCash system,” the ECCB said.
A “Bold Caribbean Experiment in E-Cash”
When the ECCB announced the pilot program it explained:
The pilot involves a securely minted and issued digital version of the EC dollar - DCash. The objective of this pilot is to assess the potential efficiency and welfare gains that could be achieved: deeper financial inclusion, economic growth, resilience and competitiveness in the ECCU - from the introduction of a digital sovereign currency.
Then things went south in January.
“This is an important case study in things that can go wrong in the rollout and expansion of a digital currency,” Josh Lipsky, the director of the Atlantic Council’s GeoEconomics Center, told Bloomberg in an article titled "A Bold Caribbean Experiment in E-Cash Hits a Major Obstacle."
“Every country trying do a large rollout has had problems,” Lipsky added.
The problem was related to an expiring certificate on the version of the Hyperledger Fabric that hosts the DCash ledger, which “forced the bank to roll out updates,” Karina Johnson, a DCash project manager at ECCB, said in an email to Bloomberg.
How to deal with expired certificates
Expired certificates not only cause outages but can also act as the gateway for criminals to infiltrate corporate networks, notes Pratik Savla, Lead Security Engineer at Venafi.
“Not only can expired certificates cause unplanned system or service outages as has been seen several times over in different incidents, but what is not equally well-known is that they can also open the door through which malicious actors can find entry into one’s environment,” Savla said.
Proper and timely renewal of expired certificates is key to mitigating man-in-the-middle attacks, notes Savla. “The first step is to make sure that you develop and continuously update a detailed certificate inventory. Next, expiry notifications should be setup to ensure it reaches the right owners ahead of time. This includes a set period starting at least a month before the expiry date for non-critical systems and starting with at least two months before the expiry date for systems deemed critical.”