According to news on December 1, the Bank for International Settlements (BIS) and central banks of various countries recently published papers on legal issues and CBDC system design. Participating central banks include the Bank of Canada, the Bank of England, the Bank of Japan, the European Central Bank, the Board of Governors of the Federal Reserve, the Swedish Riksbank and the Swiss National Bank. One of the debates is whether CBDC systems adopt a centralized or decentralized model. In a two-tier system, one option is to adopt a hub-and-spoke model, where updates are controlled by the central bank but data ownership is decentralized. Or you can use a peer-to-peer design to share update permissions. The paper points out that centralized systems are less elastic, have single points of failure, and may even become bottlenecks. However, they do not believe it is appropriate to decentralize the core settlement powers of a CBDC system. In a modular design, core settlement can be centralized while other aspects (such as identity) can be decentralized. Additionally, privacy is a major issue facing CBDCs. While privacy can be achieved using existing technologies, some newer privacy-enhancing technologies (PETs), such as secure multi-party computation (SMPC) or zero-knowledge proofs (ZKP), can provide greater flexibility. However, based on the experience of both central banks and the Bank for International Settlements Innovation Centre, they are not yet convinced that PET is ready and question its real-time execution capabilities, complexity and reliability. Other topics explored in the paper include cybersecurity, offline CBDC and compatibility with existing point-of-sale systems.