Protocol
How the webcash protocol works — bearer secrets, replace operations, and double-spend prevention.
What is Webcash?
Webcash is e-cash made to pay, not to store value. The protocol uses a central server to prevent double-spending. Webcash secrets are bearer instruments: whoever holds the secret can spend it. There is no account, no identity requirement, and no fees.
Unlike decentralized cryptocurrencies, webcash is instant and final. No blockchain synchronization, no confirmation wait. You receive webcash, you replace it to transfer ownership, and the server ensures each webcash is spent exactly once.
Webcash String Format
e{amount}:{type}:{value} | Type | Example | Description |
|---|---|---|
| secret | e1.00:secret:a1b2c3... | Private — the holder owns the value |
| public | e1.00:public:d4e5f6... | Public — SHA256 hash of the secret, stored on server |
- Amounts use up to 8 decimal places (1 webcash = 100,000,000 wats)
- Secrets are 32 bytes (64 hex characters)
- Public hash:
SHA256(secret_ascii_hex_bytes)
The Replace Operation
POST /replace is the core transaction. It atomically spends input webcash and creates new output webcash. Total input must equal total output (conservation of value).
Use cases:
- Payment — split into payment output + change
- Insert — re-key received webcash to your HD-derived secret
- Merge — combine many small outputs into one
- Transfer — rotate ownership to a new secret
Server API
| Endpoint | Method | Purpose |
|---|---|---|
| /api/v1/replace | POST | Atomic webcash transfer (spend inputs, create outputs) |
| /api/v1/health_check | POST | Check if outputs are spent or unspent |
| /api/v1/target | GET | Current mining difficulty and reward |
| /api/v1/mining_report | POST | Submit proof-of-work solution |
Full API documentation: API Reference
Trust Model
- Server trust — the webcash server is trusted to maintain the ledger honestly
- Bearer instrument — whoever holds the secret owns the value. No accounts, no identity.
- Double-spend prevention — the server rejects any attempt to spend already-spent outputs
- Privacy — secrets never leave the client. The server only sees public hashes.
- Atomicity — replace operations are all-or-nothing