Introduction 介绍

This paper brings together financial cryptography innovations such as the Signed Receipt with the standard accountancy techniques of double entry bookkeeping.
本文将金融密码学创新（如签名收据）与复式簿记的标准会计技术结合在一起。

The first section presents a brief backgrounder to explain the importance of double entry bookkeeping. It is aimed at the technologist, and accountancy professionals may skip this. The second section presents how the Signed Receipt arises and why it challenges double entry bookkeeping.
第一部分简要介绍了复式簿记的重要性。它针对的是技术专家，会计专业人士可能会跳过这一点。第二部分介绍了签名收据是如何产生的，以及为什么它挑战复式簿记。

The third section integrates the two together and the Conclusion attempts to predict wider ramifications into Governance issues.
第三部分将两者结合在一起，结论试图预测治理问题的更广泛影响。

Credits 学分

This paper benefitted from comments by Graeme Burnett and Todd Boyle [TB].
本文得益于 Graeme Burnett 和 Todd Boyle [TB] 的评论。

A Very Brief History of Accounting
会计简史

Accounting or accountancy is these days thought to go back to the genesis of writing; the earliest discovered texts have been deciphered as simple lists of the counts of animal and food stock. The Sumerians of Mesopotamia, around 5000 years ago, used Cuneiform or wedge shaped markings as a base-60 number form, which we still remember as seconds and minutes, and squared, as the degrees in a circle. Mathematics and writing themselves may well have been derived from the need to add, subtract and indeed account for the basic assets and stocks of early society.
如今，会计或会计被认为可以追溯到写作的起源;最早发现的文本已被破译为动物和食物库存计数的简单列表。大约 5000 年前，美索不达米亚的苏美尔人使用楔形文字或楔形标记作为以 60 为底的数字形式，我们仍然记得它是秒和分，平方是圆圈中的度数。数学和写作本身很可能源于对早期社会的基本资产和存量进行加减和解释的需要。

Single Entry 单次入境

Single entry bookkeeping is how 'everyone' would do accounting: start a list, and add in entries that describe each asset. A more advanced arrangement would be to create many lists. Each list or 'book' would represent a category, and each entry would record a date, an amount, and perhaps a comment. To move an asset around, one would cross it off from one list and enter it onto to another list.
单项簿记是“每个人”进行会计核算的方式：开始一个列表，并添加描述每个资产的条目。更高级的安排是创建许多列表。每个列表或“书”将代表一个类别，每个条目将记录一个日期、金额，也许还有一条评论。要移动资产，需要将它从一个列表中划掉，然后输入到另一个列表中。

Very simple, but it was a method that was fraught with the potential for errors. Worse, the errors could be either accidental, and difficult to track down and repair, or they could be fraudulent. As each entry or each list stood alone, there was nothing to stop a bad employee from simply adding more to the list; even when discovered there was nothing to say whether it was an honest mistake, or a fraud.
非常简单，但这是一种充满错误可能性的方法。更糟糕的是，这些错误可能是偶然的，难以追踪和修复，也可能是欺诈性的。由于每个条目或每个列表都是独立的，因此没有什么可以阻止坏员工简单地在列表中添加更多内容;即使被发现，也没有什么可说的，这是一个诚实的错误，还是一个欺诈。

Accounting based on single entry bookkeeping places an important limitation on the trust of the books. Likely, only the owner's family or in times long past, his slaves could be trusted with the enterprise's books, leading to a supportive influence on extended families or slavery as economic enterprises.
基于单项簿记的会计对账簿的信任施加了重要的限制。很可能，只有主人的家人，或者在很久以前，他的奴隶才能被信任，可以信任企业的账簿，从而对大家庭或奴隶制作为经济企业产生支持性影响。

Double Entry 双人入境

Double Entry bookkeeping adds an additional important property to the accounting system; that of a clear strategy to identify errors and to remove them. Even better, it has a side effect of clearly firewalling errors as either accident or fraud.
复式簿记为会计系统增加了一个额外的重要属性;识别错误并消除错误的明确策略。更好的是，它有一个副作用，即显然将错误视为事故或欺诈。

This property is enabled by means of three features, being the separation of all books into two groups or sides, called assets and liabilities, the redundancy of the duplicative double entries with each entry having a match on the other side, and the balance sheet equation, which says that the sum of all entries on the asset side must equal the sum of all entries on the liabilities side.
该属性通过三个功能实现，即将所有账簿分为两组或两方，称为资产和负债，重复重复分录的冗余，每个分录在另一侧都有匹配项，以及资产负债表等式，即资产方所有分录的总和必须等于负债方所有分录的总和。

A correct entry must refer to its counterparty, and its counterpart entry must exist on the other side. An entry in error might have been created for perhaps fraudulent reasons, but to be correct at the local level, it must refer to its counterparty book. If not, it can simply be eliminated as an incomplete entry. If it does refer, the existance of the other entry can be easily confirmed, or indeed recreated depending on the sense of it, and the loop is thus closed.
正确的条目必须引用其交易对手，并且其对应条目必须存在于另一方。一个错误的条目可能是出于欺诈的原因而创建的，但要想在地方一级正确，它必须参考其交易对手簿。如果没有，可以简单地将其作为不完整的条目删除。如果它确实引用了，那么另一个条目的存在可以很容易地被确认，或者根据它的意义重新创建，从而关闭循环。

Previously, in single entry books, the fraudster simply added his amount to a column of choice. In double entry books, that amount has to come from somewhere. If it comes from nowhere, it is eliminated above as an accidental error, and if it comes from somewhere in particular, that place is identified. In this way, fraud leaves a trail; and its purpose is revealed in the other book because the value taken from that book must also have come from somewhere.
以前，在单次记账簿中，欺诈者只需将他的金额添加到选择的列中。在复式记账簿中，这笔钱必须来自某个地方。如果它不知从何而来，则在上面将其作为意外错误消除，如果它来自特定的地方，则会识别该位置。这样，欺诈就留下了痕迹;它的目的在另一本书中被揭示出来，因为从那本书中获取的价值也一定来自某个地方。

This then leads to an audit strategy. First, ensure that all entries are complete, in that they refer to their counterpart. Second, ensure that all movements of value make sense. This simple strategy created a record of transactions that permitted an accountancy of a business, without easily hiding frauds in the books themselves.
然后，这导致了审计策略。首先，确保所有条目都是完整的，因为它们引用了对应的条目。其次，确保所有价值变动都有意义。这种简单的策略创建了一个交易记录，允许对企业进行会计处理，而不会轻易将欺诈行为隐藏在账簿本身中。

Which Came First - Double Entry or the Enterprise?

Double Entry bookkeeping is one of the greatest discoveries of commerce, and its significance is difficult to overstate. Historians think it to have been invented around the 1300s AD, although there are suggestions that it existed in some form or other as far back as the Greek empire. The earliest strong evidence is a 1494 treatise on mathematics by the Venetian Friar Luca Pacioli [LP]. In his treatise, Pacioli documented many standard techniques, including a chapter on accounting. It was to become the basic text in double entry bookkeeping for many a year.

Double Entry bookkeeping arose in concert with the arisal of modern forms of enterprise as pioneered by the Venetian merchants. Historians have debated whether Double Entry was invented to support the dramatically expanded demands of the newer ventures then taking place surrounding the expansion of city states such as Venice or whether Double Entry was an enabler of this expansion.

Our experiences weigh in on the side of enablement. I refer to the experiences of digital money issuers. Our own first deployment of a system was with a single entry bookkeeping system. Its failure rate even though coding was tight was such that it could not sustain more than 20 accounts before errors in accounting crept in and the system lost cohesion. This occurred within weeks of initial testing and was never capable of being fielded. The replacement double entry system was fielded in early 1996 and has never lost a transaction (although there have been some close shaves [IG1]).

Likewise, the company DigiCash BV of the Netherlands fielded an early digital cash system into a bank in the USA. During its testing period, the original single entry accounting system had to be field replaced with a double entry system for the same reason - errors crept in and rendered the accounting underneath the digital cash system unreliable.

Another major digital money system lasted for many years on a single entry accounting system. Yet, the company knew it was running on luck. When a cracker managed to find a flaw in the system, an overnight attack allowed the creation of many millions of dollars worth of value. As this was more than the contractual issue of value to date, it caused dramatic contortions to the balance sheet, including putting it in breach of its user contract and at dire risk of a 'bank run'. Luckily, the cracker deposited the created value into the account of an online game that failed shortly afterwards, so the value was able to be neutralised and monetarily cleansed, without disclosure, and without scandal.

In the opinion of this author at least, single entry bookkeeping is incapable of supporting any enterprise more sophisticated than a household. Given this, I suggest that evolution of complex enterprises required double entry as an enabler.

Computing Double Entry in Quick Time

Double Entry has always been the foundation of accounting systems for computers. The capability to detect, classify and correct errors is even more important to computers than it is to humans, as there is no luxury of human intervention; the distance between the user and the bits and bytes is far greater than the distance between the bookkeeper and the ink marks on his ledgers.

How Double Entry is implemented is a subject in and of itself. Computer science introduces concepts such as transactions, which are defined as units of work that are atomic, consistent, isolated, and durable (or ACID for short). The core question for computer scientists is how to add an entry to the assets side, then add an entry to the liabilities side, and not crash half way through this sequence. Or even worse, have another transaction start half way through. This makes more sense when considered in the context of the millions of entries that a computer might manage, and a very small chance that something goes wrong; eventually something does, and computers cannot handle errors of that nature very well.

For the most part, these concepts simply reduce to "how do we implement double entry bookkeeping" ? As this question is well answered in the literature, we do no more than mention it here.

A Slightly Less Brief History of the Signed Receipt

Recent advances in financial cryptography have provided a challenge to the concept of double entry bookkeeping. The digital signature is capable of creating a record with some strong degree of reliabilty, at least in the senses expressed by ACID, above. A digital signature can be relied upon to keep a record safe, as it will fail to verify if any details in the record are changed.

If we can assume that the the record was originally created correctly, then later errors are revealed, both of an accidental nature and of fraudulent intent. (Computers very rarely make accidental errors, and when they do, they are most normally done in a clumsy fashion more akin to the inkpot being spilt than a few numbers.) In this way, any change to a record that makes some sort of accounting or semantic sense is almost certainly an attempt at fraud, and a digital signature makes this obvious.

The Digital Signature and Digital Cash

A digital signature gives us a particular property, to whit:

"at a given point in time, this information was seen and marked by the signing computer."

There are several variants, with softer and harder claims to that property. For example, message digests with entanglement form one simple and effective form of signature, and public key cryptosystems provide another form where signers hold a private key and verifiers hold a public key [MB]. There are also many ways to attack the basic property. In this essay I avoid comparisons, and assume the basic property as a reliable mark of having been seen by a computer at some point in time.

Digital signatures then represent a new way to create reliable and trustworthy entries, which can be constructed into accounting systems. At first it was suggested that a variant known as the blinded signature would enable digital cash [DC]. Then, certificates would circulate as rights or contracts, in much the same way as the share certificates of old and thus replace centralised accounting systems [RAH]. These ideas took financial cryptography part of the way there. Although they showed how to strongly verify each transaction, they stopped short of placing the the digital signature in an overall framework of accountancy and governance. A needed step was to add in the redundancy implied in double entry bookkeeping in order to protect both the transacting agents and the system operators from fraud.

The Initial Role of a Receipt

Designs that derived from the characteristics of the Internet, the capabilities of cryptography and the needs of governance led to the development of the signed receipt [GH]. In order to develop this concept, let us assume a simple three party payment system, wherein each party holds an authorising key which can be used to sign their instructions. We call these players Alice, Bob (two users) and Ivan (the Issuer) for convenience.

When Alice wishes to transfer value to Bob in some unit or contract managed by Ivan, she writes out the payment instruction and signs it digitally, much like a cheque is dealt with in the physical world. She sends this to the server, Ivan, and he presumably agrees and does the transfer in his internal set of books. He then issues a receipt and signs it with his signing key. As an important part of the protocol, Ivan then reliably delivers the signed receipt to both Alice and Bob, and they can update their internal books accordingly.

The Receipt is the Transaction

Our concept of digital value sought to eliminate as many risks as possible. This was derived simply from one of the high level requirements, that of being extremely efficient at issuance of value. Efficiency in digital issuance is primarily a function of support costs, and a major determinant of support costs is the costs of fraud and theft.

One risk that consistently blew away any design for efficient digital value at reasonable cost was the risk of insider fraud. In our model of many users and a single centralised server, the issuers of the unit of digital value (as signatory to the contract) and any governance partners such as the server operators are powerful candidates for insider fraud. Events over the last few years such as the mutual funds and stockgate scandals are canonical cases of risks that we decided to address.

In order to address the risk of insider fraud, the written receipt was historically introduced as being a primary source of evidence. Mostly forgotten to the buying public these days, the purpose of a written receipt in normal retail trade is not to permit returns and complaints by the customer, but rather to engage her in a protocol of documentation that binds the shop attendant into safekeeping of the monies. A good customer will notice fraud by the shop attendant and warn the owner to look out for the monies identified by the receipt; the same story applies to the invention of the cash till or register, which was originally just a box separating the owner's takings from the monies in the shop attendant's pockets. We extend this primary motive into the digital world by using a signed receipt to bind the Issuer into a governance protocol with the users.

We also go several steps further forward. Firstly, to achieve a complete binding, Alice's original authorisation is also included within the record. The receipt then includes all the evidence of both the user's intention and the server's action in response, and it now becomes a dominating record of the event. This then means that the most efficient record keeping strategy is to drop all prior records and keep safe the signed receipt.

This domination effects both the Issuer and the user, and allows us to state the following principle:

The User and the Issuer hold the same information.

As the signed receipt is delivered from Issuer to both users, all three parties hold the same dominating record for each event. This reduces support costs by dramatically reducing problems caused by differences in information.

Secondly, we bind a signed contract of issuance known as a Ricardian Contract into the receipt [IG2]. This invention relates a digitally signed document securely to the signed receipt by means of a unique identifier called a message digest, again provided by cryptography. It provides strong binding for the unit of account, the nature of the issue, the terms, conditions and promises being made by the Issuer, and of course the identity of the Issuer.

Finally, with these enabling steps in place, we can now introduce the principle:

The Receipt is the Transaction.

Within the full record of the signed receipt, the user's intention is expressed, and is fully confirmed by the server's response. Both of these are covered by digital signatures, locking these data down. A reviewer such as an auditor can confirm the two sets of data, and can verify the signatures.

The Signed Receipt as a Bookkeeping system

The principle of the Receipt as the Transaction has become sacrosact over time. In our client software, the principle has been hammered into the design consistently, resulting in a simplified accounting regime, and delivering a high reliability. Issues still remain, such as the loss of receipts and the counting of balances by the client side software, but these become reasonably tractable once the goal of receipts as transactions is placed paramount in the designer's mind.

As Single Entry

In order to calculate balances on a related set of receipts, or to present a transaction history, a book would be constructed on the fly from the set. This amounts to using the Signed Receipt as a basis for single entry bookkeeping. In effect, the bookkeeping is derived from the raw receipts, and this raises the question as to whether to keep the books in place.

The principles of Relational Databases provide guidance here. The fourth normal form directs that we store the primary records, in this case the set of receipts, and we construct derivative records, the accounting books, on the fly [4NF].

Recovering Double Entry

Similar issues arise for Ivan the Issuer. The server has to accept each new transaction on the basis of the available balance in the effected books; for this reason Ivan needs those books to be available efficiently. Due to the greater number of receipts and books (one for each user account), both receipts and books will tend to exist, in direct contrast to fourth normal form. A meld between relationally sound sets of receipts and double entry books comes to assist here.

Alice and Bob both are granted a book each within the server's architecture. As is customary, we place those books on the liabilities side. Receipts then can be placed in a separate single book and this could be logically placed on the assets side. Each transaction from Alice to Bob now has a logical contra entry, and is then represented in 3 places within the accounts of the server. Yet, the assets side remains in fourth normal form terms as the liabilities entries are derived, each pair from one entry on the assets side.

By extension, a more sophisticated client-side software agent, working for Alice or Bob, could employ the same techniques. At this extreme, entries are now in place in three separate locations, and each holding potentially three records.

Triple Entry Accounting

The digitally signed receipt, with the entire authorisation for a transaction, represents a dramatic challenge to double entry bookkeeping at least at the conceptual level. The cryptographic invention of the digital signature gives powerful evidentiary force to the receipt, and in practice reduces the accounting problem to one of the receipt's presence or its absence. This problem is solved by sharing the records - each of the agents has a good copy.

In some strict sense of relational database theory, double entry book keeping is now redundant; it is normalised away by the fourth normal form. Yet this is more a statement of theory than practice, and in the software systems that we have built, the two remain together, working mostly hand in hand.

Which leads to the pairs of double entries connected by the central list of receipts; three entries for each transaction. Not only is each accounting agent led to keep three entries, the natural roles of a transaction are of three parties, leading to three by three entries.

We term this triple entry bookkeeping. Although the digitally signed receipt dominates in information terms, in processing terms it falls short. Double entry book keeping fills in the processing gap, and thus the two will work better together than apart. In this sense, our term of triple entry bookkeeping recommends an advance in accounting, rather than a revolution.

Software Considerations

The precise layout of the entries in software and data terms is not settled, and may ultimately become one of those ephemeral implementation issues. The signed receipts may form a natural asset-side contra account, or they may be a separate non-book list underlying the bookkeeping system and its two sides.

Auditing issues arise where construction of the books derives from the receipts, and normalisation issues arise when a receipt is lost. These are issues for future research.

Likewise, it is worth stating that the technique of signing receipts works both with private key signatures and also with entanglement message digest signatures; whether the security aspects of these techniques is adequate to task is dependent on the business environment.

Roles of the Agents

It will be noted that the above design of triple entry bookkeeping assumed that Alice and Bob were agents of some independence. This was made possible, and reflected the usage of the system as a digital cash system, and not as a classical accounting system.

Far from reducing the relevance of this work to the accounting profession, it introduces digital cash as an alternate to corporate bookkeeping. If an accounting system for a corporation or other administrative entity is recast as a system of digital cash, or internal money, then experience shows that benefits accrue to the organisation.

Although the core of the system looks exactly like an accounting system, each department's books are pushed out as digital cash accounts. Departments no longer work so much with budgets as have control over their own corporate money. Fundamental governance control is still held within the accounting department by dint of their operation of the system, and by the limited scope of the money as only being usable within the organisation; the accounting department might step in as a market maker, exchanging payments in internal money for payments in external money to outside suppliers.

We have operated this system on a small scale. Rather than be inefficient on such a small scale, the system has generated dramatic savings in coordination. No longer are bills and salaries paid using conventional monies; many transactions are dealt with by internal money transfers and at the edges of the corporation, formal and informal agents work to exchange between internal money and external money. Paperwork reduces dramatically, as the records of the money system are reliable enough to quickly resolve questions even years after the event.

The innovations present in internal money go beyond the present paper, but suffice to say that they answer the obvious question of why this design of triple entry accounting sprung from the world of digital cash, and has relevence back to the corporate world.

Patterns of Commerce

Todd Boyle looked at a similar problem from the point of view of small business needs in an Internet age, and reached the same conclusion - triple entry accounting [1]. His starting premises were that:

1. The major need is not accounting or payments, per se, but patterns of exchange - complex patterns of trade;

2. Small businesses could not afford large complex systems that understood these patterns;

3. They would not lock themselves into proprietary frameworks;

From those foundations, Boyle concluded that therefore what is needed is a shared access repository that provides arms-length access. Fundamentally, this repository is akin to the classic double-entry accounting ledger of transaction rows ("GLT" for General Ledger - Transactions), yet its entries are dynamic and shared.
从这些基础上，Boyle得出结论，因此需要的是一个共享的访问存储库，提供公平的访问。从根本上说，这个存储库类似于交易行的经典复式记账账本（“GLT”表示总账 - 交易），但它的条目是动态和共享的。

Simple examples will help. When Alice forms a transaction, she enters it into her software. Every GLT transaction requires naming her external counterparty, Bob. When she posts the transaction, her software stores it in her local GLT and also submits it to the shared repository service's GLT.
简单的例子会有所帮助。当 Alice 形成交易时，她会将其输入到她的软件中。每笔 GLT 交易都需要命名她的外部交易对手 Bob。当她发布交易时，她的软件会将其存储在本地 GLT 中，并将其提交到共享存储库服务的 GLT。

The Shared Transaction Repository ("STR") then forwards the transaction on to Bob. Both Bob and Alice are now expected to store the handle to the transaction as an index or stub, and the STR then stores the entire transaction.
然后，共享事务存储库 （“STR”） 将事务转发给 Bob。现在，Bob 和 Alice 都应该将事务的句柄存储为索引或存根，然后 STR 存储整个事务。

Boyle's ideas are logically comparable to Grigg and Howland's, although they arive from different directions (the STR is Grigg's Ivan, above) and are not totally equivalent. Where the latter limited themselves to payments, the accuracy of amounts, and protection with hard cryptographic shells, Boyle looked at wider patterns of transactions, and showed that the STR could mediate these transactions, if the core shared data could be extracted and made into a single shared record. Boyle's focus was on the economic substance of the transaction.
波义耳的想法在逻辑上与格里格和豪兰德的想法相当，尽管它们来自不同的方向（STR是格里格的伊万，上图），并不完全等同。后者仅限于支付、金额的准确性和硬加密外壳的保护，而 Boyle 研究了更广泛的交易模式，并表明如果核心共享数据可以被提取并制作成单个共享记录，STR 可以调解这些交易。博伊尔的重点是交易的经济实质。

Extending the Humble Invoice
延长简陋的发票

Imagine a simple invoicing procedure. Alice creates an invoice and posts it to her software (GLT). As she has named Bob, the GLT automatically posts it to Ivan, the STR, and he forwards it to Bob. At this point Bob has a decision to make, accept or reject. Assuming acceptance, his software can then respond by sending an acceptance message to Ivan. The STR now assembles an accepted invoice record to replace the earlier speculative invoice record and posts that threeways. At some related time (to do with payment policy) Bob also posts a separate transaction to pay for the invoice. This could operate in much the same way as a separate transaction, linking directly to the original invoice.
想象一下一个简单的开票程序。Alice 创建发票并将其发布到她的软件 （GLT）。当她给 Bob 起名字时，GLT 会自动将其发布给 STR Ivan，然后他将其转发给 Bob。在这一点上，Bob 可以决定是否接受或拒绝。假设接受，他的软件可以通过向 Ivan 发送接受消息来做出响应。STR 现在汇总已接受的发票记录，以取代以前的推测性发票记录，并以三种方式过帐。在某个相关时间（与付款政策有关），Bob 还会发布单独的交易来支付发票。这可以以与单独交易大致相同的方式运作，直接链接到原始发票。

Now, as the payment links back, and the invoice is a live transaction within the three entries in the three accounting systems, it is possible for a new updated invoice record to refer back to the payment activity. When the payment clears, the new record can again replace the older unpaid copy and promulgate to all three parties.
现在，由于付款链接回来，并且发票是三个会计系统中三个条目中的实时交易记录，因此新的更新发票记录可以引用付款活动。付款结清后，新记录可以再次取代旧的未付款副本，并公布给所有三方。

Patterns of Transactions
交易模式

Software could be written to facilitate and monitor this flow and similar flows. If the payments system is sufficiently flexible, and integrated with the needs of the users, if might be possible to merge the above invoice with the payment itself, at the Receipts level. Seen in this light, the Signed receipt of Ricardo is simply the smallest and simplest pattern within the more general set of patterns. We could then suggest that the narrow principle of the Receipt is the Transaction could be extended into The Invoice is the Transaction.
可以编写软件来促进和监控此流程和类似流程。如果支付系统足够灵活，并且与用户的需求集成，如果有可能在收据级别将上述发票与付款本身合并。从这个角度来看，里卡多的签名收据只是更一般的模式集中最小和最简单的模式。然后，我们可以建议收据的狭义原则是交易可以扩展到发票是交易。

A particular transaction in business almost never stands alone. They come in patterns. For example offers and acceptances form a wider transaction but seldom encapsulate the entire fulfillment and payment cycle. Even if there has been a payment accompanying a PO message, the customer then waits for fulfillment.
商业中的特定交易几乎从来都不是孤立的。它们有模式。例如，要约和接受形成了更广泛的交易，但很少涵盖整个履行和付款周期。即使 PO 消息附带了付款，客户也会等待履行。

There is a large body of science and literature built around these patterns of transactions. These have been adopted by the Business Process workgroup of ebXML and other standards bodies, where they are called "Commercial Transactions." Where however the present work distinguishes itself is in breaking down these transactions into the atomic elements. It is to that we now turn.
围绕这些交易模式，有大量的科学和文献。这些已被ebXML的业务流程工作组和其他标准机构采用，它们被称为“商业事务”。然而，目前的工作与众不同的地方在于将这些交易分解为原子元素。我们现在转向这一点。

The Requirements of Triple Entry Accounting
复式记账法的要求

The implementation of Triple Entry Accounting will in time evolve to support patterns of transactions. What has become clear is that double entry does not sufficiently support these patterns, as it is a framework that breaks down as soon as the number of parties exceeds one. Yet, even as double entry is "broken" on the net and unable to support commercial demands, triple entry is not widely understood, nor are the infrastructure requirements that it imposes well recognised.
复式记账法的实施将及时发展以支持交易模式。显而易见的是，复式记账法并不能充分支持这些模式，因为复式记账法是一个框架，一旦当事方数量超过一个，就会崩溃。然而，即使复式记账在网络上被“打破”并且无法支持商业需求，三重记账也没有得到广泛理解，它所强加的基础设施要求也没有得到很好的认可。

Below are the list of requirements that we believed to be important [2] [3].
以下是我们认为重要的要求列表[ 2][ 3]。

1. Strong Psuedonymity, At Least. As there are many cycles in the patterns, the system must support a clear relationship of participants. At the minimum this requires a nymous architecture of the nature of Ricardo or AADS. (This requirement is very clear, but space prevents any discussion of it.)
1. 至少要有很强的假名性。由于模式中有许多周期，因此系统必须支持明确的参与者关系。至少，这需要一个具有 Ricardo 或 AADS 性质的 nymous 架构。（这个要求非常明确，但空间不允许对它进行任何讨论。

2. Entry Signing. In order to neutralise the threats to and by the parties, a mechanism that freezes and confirms the basic data is needed. This is signing, and we require that all entries are capable of carrying digital signatures (see 1, above, which suggests public key signatures).
2. 参赛作品签名。为了消除各方对当事方的威胁，需要一种冻结和确认基本数据的机制。这就是签名，我们要求所有条目都能够携带数字签名（参见上面的 1，它建议使用公钥签名）。

3. Message Passing. The system is fundamentally one of message passing, in contrast to much of the net's connection based architecture. Boyle recognised early on that a critical component was the generic message passing nature, and Systemics proposed and built this into Ricardo over the period 2001-2004 [4].
3. 消息传递。从根本上说，该系统是一种消息传递，与网络的大部分基于连接的架构形成鲜明对比。波义耳很早就认识到一个关键的组成部分是通用信息传递的性质，Systemics在2001-2004年期间提出并把它建立在李嘉图中[4]。

4. Entry Enlargement and Migration. Each new version of a message coming in represents an entry that is either to be updated or added. As each message adds to a prior conversation, the stored entry needs to enlarge and absorb the new information, while preserving the other properties.
4. 入境扩大和迁移。传入的每个新版本消息都表示一个要更新或添加的条目。当每条消息添加到先前的对话中时，存储的条目需要放大和吸收新信息，同时保留其他属性。

5. Local Entry Storage and Reports. The persistent saving and responsive availability of entries. In practice, this is the classical accounting general ledger, at least in storage terms. It needs to bend somewhat to handle much more flexible entries, and its report capabilities become more key as they conduct instrinsic reconciliation on a demand or live basis.
5. 本地条目存储和报告。条目的持续保存和响应式可用性。在实践中，这是经典的会计总账，至少在存储方面是这样。它需要在某种程度上弯曲以处理更灵活的条目，并且当它们在需求或实时基础上进行内在对账时，其报告功能变得更加关键。

6. Integrated Hard Payments. Trade can only be as efficient as the payment. That means that the payment must be at least as efficient as every other part; which in practice means that a payment system should be built-in at the infrastructure level. C.f., Ricardo.
6. 综合硬支付。交易的效率只能与支付一样有效。这意味着付款必须至少与其他部分一样有效;这在实践中意味着支付系统应该内置在基础设施级别。C.f.，里卡多。

7 Integrated Application-Level Messaging. As distinct to the messaging at the lower protocol levels (1 above), there is a requirement for Alice and Bob to be able to communicate. That is because the vast majority of the patterns turns around the basic communications of the agents. There is no point in establishing a better payment and invoice mechanism than the means of communication and negotiation. This concept is perhaps best seen in the SWIFT system which is a messaging system, first and foremost, to deliver instructions for payments.
7 集成的应用程序级消息传递。与较低协议级别（上面的 1）的消息传递不同，Alice 和 Bob 需要能够通信。这是因为绝大多数模式都围绕着代理的基本通信。建立比沟通和谈判手段更好的付款和发票机制是没有意义的。这个概念也许在SWIFT系统中得到了最好的体现，SWIFT系统首先是一个消息传递系统，用于传递支付指令。

Conclusion 结论

Double Entry bookkeeping provides evidence of intent and origin, leading to strategies for dealing with errors of accident and fraud. The financial cryptography invention of the signed receipt provides the same benefits, and thus challenges the 800 year reign of double entry. Indeed, in evidentiary terms, the signed receipt is more powerful than double entry records due to the technical qualities of its signature.
复式记账法提供了意图和来源的证据，从而制定了处理事故和欺诈错误的策略。已签署收据的金融密码学发明提供了同样的好处，从而挑战了 800 年的复式记账统治。事实上，就证据而言，由于其签名的技术质量，已签名的收据比复式记账记录更有力。

There remain some weaknesses in strict comparison with double entry bookkeeping. Firstly, in the Ricardo instantiation of triple entry accounting, the receipts themselves may be lost or removed, and for this reason we stress as a principle that the entry is the transaction. This results in three active agents who are charged with securing the signed entry as their most important record of transaction.
与复式簿记严格比较，仍然存在一些弱点。首先，在三重记账的 Ricardo 实例中，收据本身可能会丢失或删除，因此我们强调分录即交易作为原则。这导致三个活跃的代理负责保护已签名的条目作为他们最重要的交易记录。

Secondly, the software ramifications of the triple entry system that are less convenient than that offered by double entry bookkeeping. For this reason, we expand the information held in the receipt into a set of double entry books; in this way we have the best of both worlds on each node: the evidentiary power of the signed entries and the convenience and local crosschecking power of the double entry concept.
其次，复式记账系统的软件后果不如复式记账系统方便。出于这个原因，我们将收据中的信息扩展为一套复式记账簿;通过这种方式，我们在每个节点上都拥有两全其美的优势：签名条目的证据能力以及复式记账概念的便利性和本地交叉检查能力。

Both of these imperitives meld signed receipts in with double entry bookkeeping. As we end up with a logical arrangement of three by three entries, we feel the term triple entry bookkeeping is useful to describe the advance on the older form.
这两种 imperives 都将已签署的收据与复式簿记相结合。当我们最终得到三乘三分录的逻辑安排时，我们认为三重记账簿记一词对于描述旧形式的进步很有用。

Drawing in the Agents
拉入代理

To fully benefit from triple entry bookkeeping, we have to expand accounting systems out to agents and offer them direct capabilities to do transactions. That is, we make the agents stakeholders by giving them internal money [5]. Use of digital cash to do company accounts empowers the use of this concept as a general replacement for accounting using books and departmental budgets, and is an enabler for verifying and auditing the centralised accounts system by way of signed receipts.
为了充分利用复式记账法，我们必须将会计系统扩展到代理商，并为他们提供直接的交易能力。也就是说，我们通过给代理人内部资金来使他们成为利益相关者 [ 5 ]。使用数字现金进行公司账目，使这一概念能够作为使用账簿和部门预算的会计的一般替代品，并且是通过签署收据验证和审计中央账户系统的推动者。

Solving Frauds 解决欺诈问题

Once there, governance receives substantial benefits. Accounts are now much more difficult to change, and much more transparent. It is our opinion that various scandals and failures of governance would have been impossible given these techniques: the mutual funds scandal would have shown a clear audit trail of transactions and thus late timing and otherwise perverted or dropped transactions would have been clearly identified or eliminated completely [NG]. The emerging scandal in the USA known as Stockgate would have been impossible as forgery of shares and value for manipulative trading purposes is revealed by signed receipts. Likewise, Barings would still be a force in investment banking if accounts had been organised around easily transparent digital cash with open and irreducible signed receipts that evidence invisible accounts (88888). Enron style scandals would have permitted more direct "follow the money" governance lifting the veil on various innovative but economically meaningless swaps.
一旦到达那里，治理就会获得实质性的好处。账户现在更难更改，也更加透明。我们认为，鉴于这些技术，各种丑闻和治理失败是不可能的：共同基金丑闻将显示出对交易的清晰审计跟踪，因此延迟的时间安排以及以其他方式被歪曲或放弃的交易将被清楚地识别或完全消除[NG]。美国新出现的被称为“股票门”的丑闻是不可能的，因为伪造股票和用于操纵交易目的的价值是通过签署的收据揭示的。同样，如果账户是围绕易于透明的数字现金组织起来的，并有公开和不可简化的签名收据来证明不可见的账户，霸菱仍将是投资银行业务的一股力量（88888）。安然式的丑闻本来可以允许更直接的“跟着钱走”的治理，揭开各种创新但经济上毫无意义的互换的面纱。

References  引用