On December 1st, the Bank for International Settlements (BIS) and central banks recently published papers on legal issues and the design of CBDC systems. Participating central banks include the Bank of Canada, the Bank of England, the Bank of Japan, the European Central Bank, the Federal Reserve Board of Governors, the Riksbank, and the Swiss National Bank. One of the debates is whether the CBDC system adopts a centralized or decentralized model. In a two-tier system, one option is a hub-and-spoke model, where updates are controlled by the central bank but data ownership is decentralized. Or a peer-to-peer design can be adopted, with shared update permissions. The paper points out that centralised systems are less resilient, have single points of failure and can even become bottlenecks. However, they do not believe it is appropriate to decentralise the core settlement of a CBDC system. In a modular design, core settlement can be centralised while other aspects, such as identity, can be decentralised. In addition, privacy is a big concern for CBDCs. While privacy implementation can be leveraged with existing technologies, some newer privacy-enhancing technologies (PETs), such as Secure Multi-Party Computing (SMPC) or Zero-Knowledge Proof (ZKP), can provide greater flexibility. However, based on the experience of the two central banks and the BIS Innovation Center, they are not yet convinced that the PET is ready and question its actual execution capabilities, complexity, and reliability. Other topics explored in the paper include cyber security, offline CBDC, and compatibility with existing point of sales systems.