EPISODE: 0.1.6
BLOCK: 678040
PRICE: 1719 sats per dollar
TOPICS: bitcoin privacy, coinjoin
chris belcher: https://twitter.com/chris_belcher_
streamed live every tuesday:
https://citadeldispatch.com
twitch: https://twitch.tv/citadeldispatch​
bitcointv: https://bitcointv.com/video-channels/citadeldispatch/videos
podcast: https://anchor.fm/citadeldispatch​
telegram: https://t.me/citadeldispatch​
support the show: https://tippin.me/@odell
stream sats to the show: https://www.fountain.fm/
join the chat: http://citadel.chat/
[00:00:00]
Unknown:
Coming from cmbc.com. Banking reporter, Houston. Goldman Sachs is getting close to offering Bitcoin investment products to its wealthy clients. Kewsan joins us now. Does Goldman know Bitcoin was, like, $4,000, like, 18 months ago, and now it's, like, 57,000?
[00:00:20] Unknown:
They're this is part of their, their expertise view?
[00:00:24] Unknown:
Well, Joe, I think the, those dizzying charts that everybody has, is looking at and salivating over, that's one of the reasons why, Goldman and others are are getting into this. You know, they are in a client business. So when clients of Goldman Sachs or clients of Morgan Stanley, you know, call up their financial adviser and say, should I have an allocation to Bitcoin? Look look at what it's done. You know? Should I have a 1%, 2%, 3% allocation to this emerging asset class? You know, they've had to say, well, as as a firm, we can't really recommend that. Well, that changes, and that changes very, very soon. So as we report exclusively on, cbc.com, Goldman Sachs is is very close and in the second quarter will begin offering Bitcoin and other digital asset related investments to its private wealth management clients. This is the, this is sort of the Tony private bank of Goldman Sachs. You know, they really target people and endowments with at least 25,000,000 in assets under management.
[00:02:02] Unknown:
Happy Bitcoin Tuesday, freaks. It's your boy, Matt O'Dell, here for another episode of Citadel Dispatch, the interactive live show about Bitcoin distributed systems privacy and open source software. To those freaks joining us from our various audio streams, whether that's our 2 podcast feeds, our Sphinx tribe, or through the recent Breeze integration with podcasting 2 point o. That clip out in the beginning was our boy Joe Kernan from CNBC Squawk Box, who's currently running the largest, most popular Bitcoin entertainment show in the world.
And he had a lot of fun trolling Goldman Sachs there with that with that massive announcement coming from them. Shout out to all the rider dive freaks that are joining us live in the comments. This is another earlier episode to to help our guests with time zones. So I hope you don't find it too early. I know some people preferred it. I know some people didn't. It is what it is. We will probably be switching between the 2, time slots, whether that's 1700 UTC, which is right now, or 21 100 UTC, which we've have done historically. I am fortunate enough to be joined here by Chris Belcher and Waxwing, the 2 lead maintainers of JoinMarket, the oldest and most reputable CoinJoin implementation in existence.
And we are gonna have a great conversation focused on Bitcoin privacy, past, present, future, and and just the current state of all these tools. I think it's gonna be a very great follow-up discussion to last week's discussion we had with Open Arms and NoPara, and, obviously, plenty of previous discussions we've had on here. With with all that said, I'd like to welcome both of them. It seems like Chris is having some audio issues, so we will start with, Waxwing. How's it going, Waxwing?
[00:04:08] Unknown:
It's good. Thanks for having me on. This is all, scarily professional.
[00:04:12] Unknown:
I wanna say that. I I appreciate that. Me and the freaks have only been doing this for a couple months now. So
[00:04:22] Unknown:
Actually, the bottle pop was the most impressive, but yeah.
[00:04:25] Unknown:
It's the only audio effect I have in the show. So I think Chris can't hear us. Chris, can you hear us? Exactly. So we're gonna have him try and reset. And while we're doing that, I I guess, Waxwing, let's just start off with, you know, like, why why should the freaks care about using Bitcoin privately? Why should they care about Bitcoin privacy best practices? You know, why should they care about privacy in general? Why why are you so focused on this this aspect of Bitcoin?
[00:05:01] Unknown:
Why care about it? I always prefer to answer that question more around security. Just thinking about average users are not, like, either or massive, you know, massively important people or whatever. Just you're just an ordinary user. It's to me, it's mostly about security. And you could there's there's different flavors of security. Right? There's the defense against someone literally coming at you violently with a with a hammer or whatever. And there's there's also just like, I don't really wanna when I pay someone for them to know where my my money came from, it could even be like business business intelligence. You know, you don't want your competitors to know what you're doing with your money. And, of course, the other thing about privacy is don't forget, it's it's kind of intertwined with with fungibility. People often use these two terms when they're advocating Bitcoin privacy, whether it be CoinJoin or other tech. They often say, oh, we we need Bitcoin to be fungible, and that's very true. And it's it's kind of it's not the same concept, but it's a very closely interrelated concept. So, you know, essentially, at the end of the day, money shouldn't have a memory. I think that's the simplest way to to express it. But the fact that the the way Bitcoin's designed is intrinsically kind of not like that, at least not at a surface level, it creates a need for us to really work on this stuff. Yeah.
[00:06:21] Unknown:
I really like that money shouldn't have a memory. I feel like that should be like a a plaque on a, like, a housewife's wall. Mhmm. Yeah. One of the inspirational quotes.
[00:06:32] Unknown:
Yeah. It's a shame that we don't live in that world, but we we don't I can hear you. Oh, excellent.
[00:06:39] Unknown:
Chris, so we were talking about why privacy is important. I I think it's a very I like, it seems, like, so basic, especially in in, a show like this, discussions like this that we have on Citadel Dispatch that are that tend to to lean more technical. But today, I mean, I was the last 2 days, I've been called a FUDster, that I'm spreading FUD, for saying that people should be skeptical of their governments, and then not your keys, not your coins is a thing. Now now I'm being told that saying not your keys, not your coins is is FUD. So I think it's important that we keep coming back to the basics as we have new people join. So just in in your own words, why should people care about Bitcoin privacy best practices?
We definitely lost him again. You might be muted. That's unfortunate.
[00:07:39] Unknown:
He's so he's so private that he we can't even hear him.
[00:07:44] Unknown:
So while we wait for him to come back again, where should we start? I wanna start with with your work on Join Market. You know, JoinMarket, when did the project start? 2015, I think?
[00:08:03] Unknown:
So Chris originally came up with the idea late 2014 and started writing, like, a a first version of the code, I think, in December of 2014. And so it's, like, December, January that time. Yeah. It was interestingly, it it coincides almost exactly with the the the bottom on the looking at the price chart here. I'm just thinking about the prices That that January 2015 was the the sub 200 plunge, if you remember. It was kind of a special time. Yeah. How can you forget? Indeed. Okay. Looks like Chris is gonna try and rejoin. That that would be a good idea, I think. We're doing it live, freaks. We're doing it live. That's what it's about.
[00:08:41] Unknown:
So 2015, it was a ridiculously brutal bear market as you so thoughtfully recounted.
[00:08:49] Unknown:
Yes. That was a group. Yeah. Go on. It was quite a special time. Like, psychologically, I remember, like, hanging out with friends on IRC, and we were all just, like, sitting there. It was like, this is where the, this is where the rubber meets the road. That there there were, I'm sure there were several people who just gave up because it's just like, because don't forget, that was the end of a very long period of sort of comedown, you know, that we had so much may and people that forget this now because they all think about 2017, but we had a a ton of mainstream attention at the end of 2013 and especially the beginning of 2014 because, you know, after that spike, that's when everyone sort of caught on. And, indeed, often how it works is you get tons and tons of new users just flooding in post the spike, you know, because they they think, oh, this is this new thing. And they all came in, and they all just said, yeah. This is great. And then they just watched the price collapse for an entire year.
It was absolutely brutal. Yeah. And I was I was sitting there thinking I I remember having more than one moment where I was thinking to myself, well, this is it. You know? I've just I'm am I gonna go down with this ship? You know, and I I I mean that in a kinda literal way because I'd given up my my job as a teacher a couple years earlier. And, I thought, you know, fuck it. Yeah. I am gonna go to coffee shop.
[00:09:58] Unknown:
Yeah. I'm not ashamed to say that I I I was not stacking I was not stacking at the bottom of that bear market. Like, I I had I I had decided that I was gonna go down with the ship. I would go to 0 if I had to, but I I was did not have that much faith. I was losing the faith.
[00:10:15] Unknown:
I did actually buy a little bit sub 200. I'm very proud of that. But Okay. Because I'm trying to 2 of the most
[00:10:23] Unknown:
I got 2 of the most respected privacy, developers on the show, and we've started it off with price talk in potential dispatch fashion. Chris, can you hear us now? Yeah.
[00:10:35] Unknown:
Chris, Help Chris. Come back. He says he's back. Well,
[00:10:45] Unknown:
he could be muted now too. Maybe try a different browser if you can hear us, Chris. So, Matt, losing faith. I, yeah. I'm telling you, the bit the Bitcoin price hit, like, 180 or something. And I was just I was a young kid, and I was, like, fuck. My dad was right. It's, it it was a bubble. It's all the tulips, and, and I I just I just had found solace in the fact that, you know, I wasn't gonna sell, so we're really gonna go to 0 or I was gonna be right. Yeah. But, it was definitely a very different bear market than than today's than than the one we had recently. But maybe maybe that's just because of experience. Maybe it's just because we I think so. Yeah. That last one.
[00:11:30] Unknown:
Yeah. I think so. I mean, time scale seem to expand out, but also the fact that if you've been through it before, it's a totally different perspective. Yeah.
[00:11:37] Unknown:
But do like, that's the meme everyone's been saying over and over that timescales span out, but they don't like, do they really? Like, I felt like 2015 was longer and most more painful than than this one. Like, this one, like, March was kind of brutal, but it was a quick brutal. Right? Like, it
[00:11:55] Unknown:
I mean, I don't know. I mean, I I done quantitative analysis of it or something, but, like, in 2017 to I don't know to know when when you decide when it started going up again. I don't know. But anyway, maybe not. It's just that my how it feels to me. Honestly, I think somebody hear me.
[00:12:10] Unknown:
Oh, yes. He's here. Can he hear you? Okay. That's good. Great. And just to check, is does this sound better?
[00:12:17] Unknown:
I think we've lost the buzz. It's a bit distorted, but we've lost the buzz.
[00:12:21] Unknown:
Honestly, we're just happy to hear you, Chris. Yeah. It's true. Yeah. So, Chris, Waxwing was telling everyone about how you believe that Bitcoin is designed pump forever. Do you want to elaborate on that at all? I think we lose them again. Oh. Do we lose you again? We could price talk.
[00:12:44] Unknown:
It's the price talk. He he can't stand it.
[00:12:47] Unknown:
That's the that's the best thing too that I'm I've I've been accused of of spreading FUD, and I constantly remind everyone that Bitcoin's designed to pump forever, the most effective FUD ever. So, we've had joined market since 2015. Mhmm. Lot of time lot of time you guys have been working on it. Lot of time you guys have been using it. What lessons what lessons have you guys learned? What what, you know, what lessons have you learned? Thoughts on on the whole process of of maintaining this this implementation?
[00:13:21] Unknown:
Well, it's it's it's difficult, but it's also fun to to work in open source software. I think it's there's something very sort of beautiful about the process. And, in terms of learning, like I mean, the thing about CoinJoin is this weird case where on the one hand, it seems like this super technical thing, and it is. On the other hand hear me? Oh, he's back again. Okay. Right. Sorry about that. No worries.
[00:13:50] Unknown:
Oh, Matt, are you there? Was that Matt? No. No. I'm here. I'm here. I'm I'm just I don't wanna jinx it. Continue.
[00:13:57] Unknown:
Yeah.
[00:13:58] Unknown:
Okay, Chris. Go. Go.
[00:14:00] Unknown:
I think I think I've learned is because joint market's based on, like, a market mechanism with the makers and takers. I've learned that you can never there's often things that you'll try to predict with the market, and then that you'll just be completely wrong because markets and users, they they they have their own mind. So for example, right to the beginning of joint market, we had this this kind of operation. Those are scripts called the patient send payment. And the idea was that you could be a market maker, and then you could send the coin train it, but it it would be much cheaper because you wouldn't be paying fees. And I thought a lot of people use this, and it'll be a way to, have more payments merged into one transaction. And then it turned out that was basically never used. So the script was broken for about a year, and nobody even noticed.
[00:14:43] Unknown:
That's interesting one that. Yeah.
[00:14:45] Unknown:
So actually, now that I've now that we have you, and let let's pull it back for a second. Can we just explain to the freaks what makes, join market special? How does join market work? Let's explain the maker taker function, etcetera.
[00:14:58] Unknown:
High level. The biggest part of it is, there is, obviously, Coin Joins require many people to come together in one transaction. And the way join markets works is that one of the one of the entities in a coin join can control things about it. They'll control the amount, and they'll control the time of when it actually happens. And for this privilege, they have to pay a small fee, and everyone else in the coin join is just waiting there. They wait. They have their computers always turned on, and they'll do coin joins. They basically have an advert that says, I'll do any amount of coin join at any time you want, and all I want is a fee, like a 100 associate or whatever it might be. Then the effects of that means if you're this taker, I. E. You take liquidity from the marketplace, then you can make a coin join for what whatever amount you want, whatever time you want.
And the other people in the coin join, they'll just they'll go along with you. Like, they'll they'll earn their fee, and they don't know what the amount is. And that's the that's the unique thing that joint market does.
[00:15:53] Unknown:
And there's there's something about there's something to be said or highlighted about the idea of when trying to set up these systems to create a financial incentive to participants Yeah. To to act to act not necessarily in their best interest, but greedy. Right?
[00:16:10] Unknown:
Yeah. That's right. So historically, there was actually an earlier CoinJoin implementation called Dark Wallet. Right. And that was a little bit like JoinMarket, but it didn't have any fees. So people were there was also you could call them makers and takers, but the makers didn't make any money. They just they were just expected to sit there and do coin joints without, you know, leave their computer on all the time for no reason. And, of course, the problem was that there were no makers.
[00:16:33] Unknown:
Yeah. But they didn't actually make that distinction of role, did they? Because they they they were just a little there was a lot they called it a lobby server. And essentially, the idea was you wanna do a coin join, you make the intention, and you would be sitting on the lobby server waiting for actually, they were only doing 2 parties, so they would just wait for one other party to do a coin join. Yeah. Yeah. Did it ever actually fully launch? I think. Okay. Oh, yeah. Yeah. It was used quite a bit. Yeah.
[00:16:56] Unknown:
I remember being, like, really hyped for it and then just, like, it just the hype died.
[00:17:02] Unknown:
I remember about 3 years after it stopped they stopped updating it. Like, I had user come to me, and I had to, like, extract his coins. It it took forever. It was really but that's the thing. They just abandoned it after, like, I don't know, 6 months of development. They worked really hard on it, and they just said, no. We don't care anymore. And everyone was just left eye and right. Kind of funny.
[00:17:20] Unknown:
Yeah. That's the problem. That's one of the things we see a lot with open source software. I I guess if we're going down in history, right, we also had before that, we had, what, shared send, right, from blockchain dot info. No disclosure, no one should use a blockchain dot info anything, nowadays.
[00:17:38] Unknown:
Do you guys remember shared send at all? Do we wanna talk about that? Or I don't even know. Yeah. I remember, but they didn't they didn't have equal output coin joins. That's right. If you saw this coin join on the blockchain, it was impossible. In fact, really plausible, really easy to actually unmix them and say these inputs goes to these outputs.
[00:17:54] Unknown:
Except except they did actually use a pretty large anon set. So it comes back to that whole discussion about, subset some, you know, feasibility of subset some extraction. It was kinda interesting. But, of course, it's not a cryptographically strong concept because, you know, individual payments might be trivially easy to find even if the
[00:18:11] Unknown:
entire graph might be difficult to to to displace. It was like custodial privacy. Right? Because they you didn't they didn't force Tor or anything, so you just connected through their web wallet, and just a lot of people probably weren't even using VPNs.
[00:18:24] Unknown:
Yeah. That's true. Yeah. You had to use their web wallet to use it.
[00:18:28] Unknown:
So that's why they stopped it presumably because it became a massive liability for them,
[00:18:33] Unknown:
and it didn't work. Right? Yeah. It was speculation. Yeah. It was speculation, certainly. I speculated it. I think a lot of other people did that they were probably somebody sort of quietly knocked on their door and said, turn it off, and they said, okay. Because, you know, I I think it was used quite heavily in those early days. The UX was fantastic.
[00:18:51] Unknown:
Mhmm. And then the other and then before that and still today, right, probably one of the most common and it's so funny because, like, in technical communities, we almost never talk about it. One of the most common Bitcoin privacy tools is this idea of a custodial of custodial mixer, where you send your coins in, and they send you someone else's coins. Yeah. You know, Silk Road had their own. Right? And then since then, there was a bunch of independent services that popped up, like, was it, like, Bitcoin Fog and, like, BitMxer and stuff. Yeah.
And the concern there was always that they could be honeypots. Right?
[00:19:30] Unknown:
Yeah. And they could steal your money as well. Like, you you'd maybe use them for small you know, if you want to buy an anonymous VPN, but you wouldn't use them in your life savings if they could just walk away with them. But then the positive side of it was it completely breaks the transaction graph
[00:19:44] Unknown:
Yeah. If you if you trust them.
[00:19:47] Unknown:
Right? Yeah. Although
[00:19:48] Unknown:
yeah. Even that's not a complete panacea, but it but it certainly in principle is is better from Blockchain analysis point of view. Yeah. Okay. So we just went down history road, enter join market in 2015.
[00:20:00] Unknown:
Right? Yeah. Creating creating this this market with makers and takers, this idea that you don't have to have a centralized entity involved at all, and that the whole thing is is p to p, with this financial incentive for people to provide 247 liquidity. Revolutionary. Right? What what what is it fair to say? I I think well, you tell me if it's unfair to say, but is it fair to say that that CoinJoin adoption JoinMarket adoption has not meet met your expectations of of what you had hoped, the amount of people, services, users would be using join market.
[00:20:50] Unknown:
Yeah. I guess in one way, you could, I way back at the start in 2016 or wherever, I sometimes thought exchanges would do this. And the idea being that an exchange doesn't want its traders to be spied on. Like, if a trader sends those of coins in exchange, someone could front run them, like, you know, open a short position before they before the coins confirm. So I thought exchanges would use some kind of coin join or join market, and that never happens. Obviously, now we know, because the regulator stopped them. Right? So they went, they went through it for that reason.
So, yeah, I guess it hasn't really met my expectation. Also, back then, I've just remembered now, back then, this was before the the block size debates, before people really like, the whole community really accepted the idea that minor fees were were like a big deal that you always had to plan for them. In fact, in the very first versions of joint market, the minor fee was a constant number. It was 10,000 satoshis, like, for every coin ring, just because fees were so cheap that every transaction would confirm. And then and because these because coin joints are bigger than regular transactions, then they they're a bit more expensive.
So in that sense, that's maybe another reason why they haven't been as adopted as you might hope. It's not that every single transaction is a coin joint.
[00:22:05] Unknown:
I mean, it's
[00:22:07] Unknown:
been traders that joins and they're expensive.
[00:22:10] Unknown:
Right. The cheapest way to use Bitcoin, I've just I've I've come to I've come to the the realization or the understanding with myself that I think using Bitcoin privately will always be the more expensive option.
[00:22:25] Unknown:
Am I right? I don't agree. Because Lightning is quite private, and and it's also cheaper. Like, the way we Wouldn't wouldn't custodial lightning be cheaper and less private? Oh, purely custodial PayPal would be even even cheaper as well. Just a completely centralized thing where Yeah. Yeah. Okay. You're right. But if you if you away all other trade offs, then the cheapest way of using it would be to have something that can censor you, that can steal your money, and that can spy on you. Well, I was thinking more from, like, on chain because because, yeah, layer
[00:22:57] Unknown:
the 2nd layer side chain, stuff like that does change the equation a little bit. But on chain, right, even if we get if we we get we get Snore, Taproot, signature aggregation later, right, which is it's not even coming with Taproot, but let's say we get it later Cross input aggregation is not coming. Right. Signature aggregation and multi sig is coming, but that's Right. Right. Cross input signature aggregation. Yeah. If if even even when we get all that, on chain, the cheapest option in a high fee can sustained high fee environment is to combine all your UTXOs into a single UTXO and spend from that.
[00:23:34] Unknown:
Yeah. You could put it that way, but then you could think that's exactly what another way. Never had You could look at another way that suppose you've been censored. Suppose you want to use Bitcoins and you get censored, then your funds get stolen. Basically, they get frozen. You've lost a 100% of your money, if you put it in the custodial system. But if you then pay your own minor fees and use your own wallet that you control, you only lose 10% for minor fees. Right? So if you take into account censorship and having your funds frozen, then it might end up being more expensive to use a custodial solution.
[00:24:05] Unknown:
Right. But I'm saying not custodial. I'm saying on chain. We saw this in 2017. A lot of the large education accounts and stuff on on Twitter and Reddit, we're we're and we're suggesting that people, you know, combine all their UTXOs into a single into a single output so that their fees going forward, their fee burden going forward would be the lowest possible.
[00:24:27] Unknown:
Yeah. But can I can I just can I just say that that it's not I don't think it's technically correct to say that, the cheapest option would always be, non coin join because in the case of cross input aggregation, CoinJoin, you you at least save some of the the, so to speak, header bytes, the the the the constant overhead? It's a very small difference, but sort of philosophically, it's kind of critical. And I think one of the reasons that a lot of the, what you might call, Bitcoin gray beards have have been sort of not particularly enthusiastic about CoinJoin, but they're more enthusiastic about some future version of CoinJoin of the type that you just described involving Schnorr and cross and push signature aggregation because well, even if it's only 1¢ cheaper, if there's an economic incentive rather than just purely a privacy incentive, it encourages the crowd to come in.
[00:25:15] Unknown:
Right. Like, in a good example of that is is the often like,
[00:25:18] Unknown:
often floated something is is this idea that make every Lightning open a coin joint. Right? Yeah. And then Lightning opens cheaper and more private, and then you go into Lightning for forward privacy. Yeah. And also the nice thing about Lightning with CoinJoin is it it tends somewhat ameliorate or completely solve the, denomination problem, which is one of the main reasons join market was created as Chris explained earlier. The fact that, you know, it's a problem with coin joiners that you want to have equal sized outputs, but then you gotta you gotta have a negotiation agreement on what size of the output is. In the case of Lightning, you don't really care so much about what the size of the channel is.
[00:25:53] Unknown:
Yeah.
[00:25:54] Unknown:
Yeah. I I mean, I still think you're you're in a situation where to use Bitcoin privately, you have to make more on chain transactions than not. Today, that's definitely true. Yeah. Do we think that's gonna change going forward?
[00:26:09] Unknown:
I don't know. Probably not.
[00:26:11] Unknown:
It's difficult to be sure. And then I But but hang on. Hang on. I I would argue that we could say that that's true today, but only on a certain perspective. I mean, clearly, if you see Lightning as a privacy technology, as as not just a scalability technology, then it's clearly the case that it you you you're reducing on chain usage from using it rather than increasing.
[00:26:31] Unknown:
Right.
[00:26:34] Unknown:
And that would be true for other second layer technology in theory, although we don't really have anything well built out.
[00:26:40] Unknown:
Okay. But we all agree that so so, hopefully, we can get it cheaper than not using Bitcoin privately. But we all agree that for adoption, you know, the one of the main things is keeping costs down. Right? Yeah. Yeah. To get more people to use privacy. Another thing I was thinking, and I don't know if I'm just gonna throw us into a tangent, but fuck it. You know, today, I was arguing with people about all the the the newest hottest craze in Bitcoin land is these interest bearing accounts. Oh, yeah. Oh. And, you know, private Bitcoin users, Bitcoin users who care about their privacy, like, they can't get 6% interest, in a regulated custodian.
So in a in a way, that kinda changes the mathematics,
[00:27:25] Unknown:
I guess, a little bit. Right? Uh-uh. It comes back to Chris's point about risk, though, doesn't it? I mean, he's pointing out that you can't think of privacy without the the concomitant, you know, risk of the the the cost that we are the reason I personally am not using those kind of services today is mainly because I think it's very dangerous. So if somebody says they're gonna give me 6% per annum on Bitcoin that they take from me and holding their wallet, I'm gonna think very differently than than than the case of, you know, the fiat current fiat system where I just maybe hold some stock when I never really owned it in the first place.
[00:27:56] Unknown:
I mean, but we we agree there. Obviously, we all agree on that. Like, I would never use that service. I tell I tell my audience not to use to consider the risks, like, to actually appropriately assess the risk. People don't they're not able to they're I but but then I'm on Twitter, you know, and I I tell people not your keys, not your coins, and they're like, it's not Mt. Gox anymore. The industry has moved up. There's it's not like it's riskless to hold your own keys. More people will lose their money if they go self custody. Yes. This time is different. Yeah. And, like, that's fine. Like, I believe that everyone should be able to you know, options are good and people should do what they wanna do. I'm not trying to stop anyone from doing it, but the Bitcoin privacy conversation is one where 61 02 is in the comments. This is also the 61 02 show because he doesn't dox his voice.
So he joins us in the live comments. He's telling me he wants he wants the freaks to be aware that those people aren't using Bitcoin. Yes. Yeah. We do ideologically agree 6102, but I just it's the the Bitcoin privacy discussion is one where we we need we need more people to care. Right? Because these tools aren't effective unless we have proper scale to them. Right?
[00:29:14] Unknown:
But that's why that's why we I always come back to this concept of steganographic. You know, like, we we're always concerned about increasing the, anonymity set and trying to force people to use complicated privacy software or privacy software that's in any way inconvenient, as you correctly point out, is really problematic if you wanna increase your anonymity set like that. But then on the other hand, if we try to use steganographic tools, whether they be pay join or some variant of coin swap or even Lightning, because in the future, Lightning may well be steganographic on chain. Is everything okay? Oh, that's just the chat window. Yeah. So so He was a scammer, so I was I was blocking it. I got you. Yeah. So the thing about the steganographic is it flips that whole equation on its head. Right?
Because, you you suddenly what you're trying to do is is hide in the crowd of people who aren't using your technology rather than hide in the crowd of people who are using your technology.
[00:30:05] Unknown:
Yeah. So making pay joins and lightning channels that look the same as other transactions and coin swaps, they do all come under steganographic technology. Yeah.
[00:30:15] Unknown:
Right. So should we jump into that?
[00:30:17] Unknown:
Yeah. Yeah. It's interesting. Let's talk about something really interesting. I think this
[00:30:23] Unknown:
so I I let's start with PayJoin. PayJoin is the lowest hanging fruit. There's been a push to try and integrate it into wallets. High
[00:30:32] Unknown:
high high yeah. Go on. Hit us. Did you see Electrum wallets, seems quite interested in implementing it? I think that's quite a big deal. Yeah. That was a champagne.
[00:30:49] Unknown:
To do it, that would be so great.
[00:30:53] Unknown:
I I I think and it's and so on the on the mobile wallet front, what we have, BlueWallet has already integrated it, I believe.
[00:31:02] Unknown:
I think they've done it. Yeah. Maybe there's there's a list somewhere. I think on the Bitcoin Wiki, there's a more reliable list on on the bit. They join the option list. Yeah. Maybe we could pull up that link for some for guys to look at.
[00:31:13] Unknown:
Was it on the privacy Wiki?
[00:31:16] Unknown:
They I'll find it for you. Okay. Chris is gonna get it. Yeah. Yeah. So so there's a few there's a few wallets who have at least, implemented, sender side. But obviously, ideally yeah. Thanks, Chris. That's it. Ideally, we want sender and receiver side. So receiver, like, in join market, we've implemented it with a hidden service. So it basically will start off an ephemeral hidden service, and you can do this in the GUI or or on the command line. And it will give you a a bit 21 URI, and you can just copy it and send it to your center or QR code. Just scan it, and then you can, then you can send the page on over to. So it's cool, I think.
[00:31:58] Unknown:
There is one thing with page join that should we should say with, from, like, a big picture point of view of how actually it works a bit different to equal output coin joins, like with join markets or. And that with those coin joins, it's about you as a user transacting with someone who might spy on you. For example, you'd you'd send a CoinJoin to an exchange, and you know the exchange will spy on you. But with PayJoin, it's a bit different. The way PayJoin works is it's a customer and a merchant together protect their privacy against other people.
So it only works if you know the if you're a user and you know the merchant is not trying to spy on you. So probably what will happen, what I, you know, I predict, in the future, the people that adopt Pedro and you'll be merchants and, like, you know, businesses which are already somehow victims of of surveillance anyway. So that would be Bitcoin casinos or p to p exchanges or places like that or donation
[00:32:50] Unknown:
nonprofit donations. More likely to be like a smaller merchant rather than a
[00:32:55] Unknown:
Not for example, Coinbase or
[00:32:57] Unknown:
Tesla or something. It's just Coinbase. It's just Coinbase would do this. Yeah. I know. It's laughable. And you don't even you don't even really want to. Right? Because it's a trusted it's a trusted 2 party
[00:33:09] Unknown:
Yeah. Thing. Right? So, like, you're you're You might. It's it's only trusted in terms of privacy with the 2 parties. But for everyone else who just passively looks at the blockchain, it does really improve your privacy. But are are they are they sharing
[00:33:22] Unknown:
more than aren't they sharing more than one input in the coordination phase?
[00:33:27] Unknown:
Yeah. Yeah. They do. So they they the the customer and the merchant, they can mix the pay join easily, but nobody else can.
[00:33:34] Unknown:
But I'm saying when I use page join with the merchant, does that merchant only see the input I provide, or does does it see multiple inputs in my wallet?
[00:33:42] Unknown:
Well, that depends on what your wallet select. It's just it depends on what your wallet selects just like any other payment. Right? Yeah. Depends
[00:33:48] Unknown:
Right. So you're actually giving the merchant any you're not giving the other party any extra information. No more than you. Not more not more than a regular payment. Yeah. Right. And then on chain, someone looking at it on chain, it breaks the common input
[00:34:02] Unknown:
ownership heuristics. So so on chain, you can't tell whose input is what. Right? There'll there'll be 2 inputs in the usually, there'd be 2 inputs in the input side of the transaction, and one is coming from 1 per one's coming from the receiver, and one's coming from the sender, and you don't know which is which. Usually. Yeah. That's right. And that and then, of course, the crucial point there is is not just that that you wouldn't be able to untangle it, but that you wouldn't necessarily, as a blockchain analyst, even know it was a page. And that's that's the goal of the second graphic concept, you know, that we that we hope that it won't be obvious that it's a page. Now in fact, there's some little technical details there, but, I mean, just generally speaking, like, there's a there's a particular heuristic that tends to get violated in pay joins. It doesn't have to be violated.
And but the thing is that that heuristic can easily and quite often is violated by normal spending transactions anyway. So without delving too much into the details, just essentially, it's hard to know that it's a pay join. It may be almost impossible for an outsider to know that, and it's also easy for the outside observer to be totally misled and think that the payment amount is x x whereas actually it's x minus y. And so that so that observer to think that 2 inputs are, co owned when they're not actually co owned. I'm sure, Chris will will will remember as well as I do the funny examples of, what's it called, walletexplorer.com that used to, like, regularly mark all of our, joint market inputs as being coming from mount or connect connected to Mt. Cox because, even though they were absolutely unrelated, I'd never, like, connected with Mt. Gox whatsoever, because the joint market coin joints had been joined with, people who had interacted with Mt. Gox or, therefore, Wall Explorer thought thought I was, you know, a Mt. Gox user or something.
[00:35:41] Unknown:
So before we move on, I I have up on the screen for the people watching on video and for the AudioFreaks, it it appears the software wallets that have integrated so far along this new standard is BTC pay server, join market, Wasabi Wallet. Wasabi is only for sending. Blue Wallet's only for sending. Sparrow's only for sending. Samurai has a has a separate pay join implementation that's not according to the standard that they call stowaway. Mhmm. And then you have Electrum listed as planned. Then hardware wallets, cold card's the only one who supports it because they're the only one that's Bitcoin only and actually gives a shit. Payment processors, BTC pay, because really that's the the main used payment processor. Now that's a huge huge bonus for us.
So with all that said, let's Steelman PayJoins. What is the what are the negatives? What are the negatives of PayJoins? Why can't we just rely on PayJoins as a Bitcoin privacy all encompassing solution?
[00:36:40] Unknown:
It's interactive, and it requires a hot wallet. Okay. You you go, Chris. Yeah. And
[00:36:45] Unknown:
adding adding to that, there's also, people have to actually adopt it. So with with equal output coin joins, like with join market, for example, you don't have to bother the merchant to get them to adopt something new. You just pay to a regular coin address. But with PayJoin, you have to, like, nudge them, you know, if, which actually listeners should consider doing. If they transact with a Bitcoin casino or with something like that who they think could benefit, they should nudge them and say, look. I'm your customer. Can you adopt Pedro? And I think it'll be great. But the fact that you have to do this and the fact that a merchant can choose to not adopt it, like Coinbase is probably never gonna adopt it, means you could they can stop it in that way.
Mhmm. So that would be a downside.
[00:37:23] Unknown:
What like like, explain to the freaks what interactive means, what you know, the hot wall at risk.
[00:37:28] Unknown:
Yeah. So the So that would mean yeah. You go with them. Okay. Yeah. So so that one, I I was thinking on the more technical level. Chris' answer is very good, but my my answer was more the reason why this style of coin join wasn't sort of treated too seriously as an option back in the day, like, starting from 2013 when people started discussing it on Bitcoin talk. I think, because this is how I thought anyway, was the oh, that's kind of messy because you have to, like, actually, in real time, negotiate the, the payment transaction with the receiver, which is kinda related to what Chris actually just said because the receiver has to be involved. The receiver of the payment has to be involved.
That's it's interactive specifically in the sense that you don't just send the payment like like the normal let's think about the normal payment workflow. You you you have some, merchant. They, you you negotiate an invoice. They send you an address, as in a Bitcoin address, and then it's entirely up to you to take your time and use your own wallet on your own machine and calculate the transaction, sign the transaction, and send the transaction. And the the merchant has to do absolutely nothing. They just wait until it arrives. Whereas here, we've got to have a process whereby the sender actually sends a network message to the to the merchant and do stuff and then send back another mess to the sender before the sender can finally send out this specific style of pay join payment.
So there's it's it's not a big interaction, but any interaction at all is obviously like an order of magnitude worse than no interaction. So because of that, that's why, for example, in join market, I had to go through a whole load of, like, testing and and figuring out how to set up an ephemeral Tor onion service specifically for this payment, and it, you know, fires up. Thankfully, the way Tor works nowadays I mean, that's a tangent as well, I guess, Tor v 3. But thankful thankfully, the way Tor works nowadays, it's reasonably reliable and reasonably quick to just stop a hidden service, and then the sender can send a message and the receiver can send a message back. So that interactivity is clearly a big negative.
The other big negative is the hot wallet aspect specifically for a merchant. So, again, thinking of the standard model of a merchant receiving payments, and this is how it's implemented by default in BDC pay server, is that you are gonna use something like an x pub, and it could be like an external x pub or it could be something that BC pay server has within its own software. Either way, it means that when a customer comes along and tries to make a payment, you simply farm out an address to them to pay to that address, and that's all you have to do. And you don't have to worry about whether the server or the infrastructure on which you put this BTC pay server instance is as secure because you you're not holding private keys. You're just holding xPubs, which can go to format addresses.
[00:40:05] Unknown:
So that would be average person who knows nothing can just easily just have it just automatically go to their hardware wallet. They don't have to worry about securing the server. Most of these BTC pay servers are held on on major cloud providers to have uptime. Right? And they don't control the hardware. Early days of Bitcoin. Remember early days of Bitcoin? It's like everyone's servers were getting hacked.
[00:40:26] Unknown:
Yeah. Yeah. Yeah. So, The thing is in in kind of replying to those sort of a steel man of a steel man, the interactivity that's being talked about. But it's also the same thing happens for lightning. So the lightning need coins on a on a hot wallet, and it requires information being sent back and forth. Mhmm. And
[00:40:45] Unknown:
so what was the second thing you said about, if anything lightning probably has a has worse hot wall at risk in that respect.
[00:40:52] Unknown:
Mhmm. Yeah. Yeah. Yeah. And in in practice, people aren't gonna like to I mean, it's it's the same thing of lightning. They don't do all this stuff themselves. They have software to do it, which they have to install and click. So I have a couple other steelmans.
[00:41:06] Unknown:
First of all, higher fees. Pay join increases your fees. Right? Because you have more you're automatically adding an an from a fee perspective, an unnecessary input. Is that would we agree Well, it's it's a complex.
[00:41:19] Unknown:
True. But it is true on us in itself, but it's a kinda complicated equation because you've got to consider the the on the merchant side, it could change the nature of the distribution of their UTXOs over time because I I when when I first wrote the page, I joined, like, blog post about this. I I I explained this concept of the snowball UTXO. Like, essentially, if a merchant just used page join as if as in every payment came in with a page join and they started off with 1 UTXO, then they'd be consuming 1 UTXO every time they receive a payment as well as receiving 1. So they'd have 1 UTXO that was just getting bigger and bigger and bigger, which is in dramatic contrast to the merchant who, let's say, sells a 1,000 widgets every day to a 1,000 distinct customers. But doesn't that add a heuristic?
Yes. Exactly. Whatever was discussed at the blog post, like that's actually a heuristic. And, plus, also consider the practicality of whether whether this would ever be at the point where everyone was using it. And and I could have kind of finished off the blog post by saying, well, that's actually great because we don't need or even really want everyone using it. If even if just 10% of people used it and it was plausible that 10% of people were using it, the effect on blockchain analysis would be so detrimental. But anyway, absolutely, it could be a heuristic and so could some other things.
[00:42:31] Unknown:
It it would allow it would it would allow chain analysis chain analysts to identify that a page join was happening.
[00:42:39] Unknown:
Well, not not not unambiguous not unambiguously.
[00:42:43] Unknown:
Yeah. Go on. Yeah. Because it's this heuristic, just just to get it right. So the heuristic is the things that coins get joined together until they're bigger and bigger. But that can happen with in general usage as well. Like, people combine dust together or, I don't know. I haven't thought about it too much, but it's possible this heuristic happens in normalization.
[00:43:03] Unknown:
Know if if you're an active attacker, right, a very common threat model for, like, a BTC pay server. Let's say I'm accepting donations. Right? I'm a I'm an activist. I'm I'm accepting donations. Obviously, I'm a I have a privacy focus. Of course, I'm gonna enable pay join. A common thread model there is for who's ever trying to, track you would send in an it would send in an input. Right? They would pay they would pay with PayJoint. They would see what's going on. Yep. Right? So it it'd be vulnerable to that.
[00:43:37] Unknown:
How how would like, what does the attacker learn in that situation?
[00:43:40] Unknown:
Well, the the attacker would know that every transaction that Snowball is involved with is most likely that that user
[00:43:49] Unknown:
that's receiving the donations' pay joins. Right? The thing is so so the attacker would see pay joins on the Blockchain, but the inputs to those pay joins, they'd be owned by different people. So, for example, one of the One input would be the snowball. Right? And the other input would be the donation. Right. But the attacker can't tell which is which. So the other one, which is the donation, like, the change of it would end up going somewhere else. And do you see that the two things would get merged, the the transaction drop? So okay. We like, if we back up a bit. So there's the activist who accepts pay joins, and he's getting many people giving him donations.
And the attacker has also given him one small donation, and they can't tell whether these inputs that he sees belong to the activist or if they belong to other people giving donations to the activist.
[00:44:34] Unknown:
But wouldn't the Snowball UTXO keep getting larger? But they might also get larger for the other people who donated as well. Right. So so you would actually be you're hoping that the donators are also snowballing. It couldn't be just BTC pay server as long as other the other wallets would need to be snowballing as well. I think what you're really where I'm lost. Combining. It just means combining inputs. Right. But the first time I heard about the Snowball was, specifically on the BTC pay server side as a way to incentivize merchants to use it. So I I in my head, I was just assuming that only the merchant side was using that model.
Right? Okay. Anyway it's a complicated issue, but I think, okay. Go ahead. Yeah. But okay. So to continue this deal, man,
[00:45:20] Unknown:
there's also the fact that you have 2 party coin join, which is small.
[00:45:23] Unknown:
That's Right. 2 party coin joint is small. We have a chicken in the we already kind of addressed it. We have, like, a chicken and egg kind of thing in the room that that there's less incentive for people to maybe use it in the beginning, but we we need it to hit a certain threshold to be effective. Right? So it's kinda like you need a you need, like, early ideological adopters, basically, which is not necessarily the end of the world. I mean, Bitcoin has kind of relied on early ideological adopters throughout its full history. The other thing is I feel like a high KYC environment kind of throws a wrench into our plans, you know. I I don't, if if let's use our let's use our BTC pay server as an example.
We accept pay joins. We we have pay joins enabled on on Okay. On, BTC pay.
[00:46:16] Unknown:
You should send me the address. I'll try it out. Send me the address. I'll try it out. First of all, this show
[00:46:22] Unknown:
is this show is is has no sponsor content. So if if anyone enjoy we have no ads, no sponsors. It's free and open, in the spirit of free and open source software. So if you wanna support the show, feel free to send me some stats. But all that said, we have BTC pay server enabled with pay join, and we don't know when people pay with KYC or not. And and so so, like, KYC is, like, fucking insidious, and and I I I think there's, like, a big disconnect, in, like, the Bitcoin privacy community because we're hardliners about KYC versus the realities of the situation, which is, like, the overwhelming majority of participants are coming in via KYC, and though all those inputs are obviously bagged and tagged and put in databases and shared around and collated, and kinda break through that that veil. Right? Yeah. But that's a little bit unfair. And then the last thing is, like, is anyone really gonna be making on chain payments, Or, like, are we are we wasting our time a little bit with PayJoint when when most people are gonna pay with lightning at least, I think, in the near term?
[00:47:30] Unknown:
They would make payments if they're for very big amounts.
[00:47:34] Unknown:
Yeah. But even with when number go up, like lightning capacity has gone up. Now you can, like, we make a lightning pay especially if you're a privacy focus. If you're someone like Open Arms, who's, like, Open Arms is, like, our perfect demo, right, of a of a pay join paying person.
[00:47:50] Unknown:
Like, he can comfortably make 200, $300 payments now. Yeah. But lightning That's all but whatever the number is, it's always gonna be larger larger transfers as well.
[00:48:00] Unknown:
But that's an adoption issue. Right? Because we're trying to get 10%, like you said, 10% paid join adoption. Mhmm. And if we have we're splitting up the privacy focused users because the privacy focused users, a lot of them are gonna go to Lightning. I know me personally, like, if I spend, I prefer to spend the Lightning. It's a better UX.
[00:48:18] Unknown:
Yeah. For sure. So just Whenever this this SteelMan is a downside of PayJoint, is that something else might be better?
[00:48:29] Unknown:
It's it's it's it's I'm I'm coming from the educator perspective, where where I'm I'm But that's more I'm on the front lines with new users and stuff. Right? And I'm trying to increase adoption on these different tools, and so I'm just that that's the perspective I'm coming out, I guess, from this steel man of k join.
[00:48:50] Unknown:
But that's the really just a subset of that whole argument about, you know, do we need any kind of privacy tech on chain if we're just the only thing we're gonna use check the on chain for is to move on and off of lightning or second layer. And I've I've always felt like there's always gonna be a need for on chain transfers. So there's there is a value even if, it's maybe not as pure and as simple as people would like. There's gonna be a value in all kinds of coin joins because of that. Pay joins as as retail payments, well, then I you you your argument is more that Bitcoin itself is not ideal for retail payments, so, like, base low Bitcoin, and I kind of agree with that generally. But but But these are already getting pretty high. Yeah. As of today, it's still usable, but it tends to be only really valuable
[00:49:38] Unknown:
for higher higher sizes. And, like, try explaining, like, confirmation to, like, a new corner that has never fucking understood it at all in a high fee environment. Fucking create like, we take that for granted that we just assume that makes sense to people.
[00:50:05] Unknown:
Mhmm.
[00:50:07] Unknown:
Yeah. I completely agree with that. I'm not trying to say like, I I I hate the idea that I I think on chain and privacy is extremely important. I'm I'm not saying that's not the case. I'm saying to me, PayJoint seems more like and I I know Chris disagrees with me here, so I wanna dive into this. I think I think pay join seems like more of a post mix tool to me after, like, a coin join, and then and then Lightning also seems like a post mix tool to me. So I think I feel like pay join kind of competes with Lightning more than a coin join competes with Lightning.
[00:50:54] Unknown:
But yeah. No. That that's a fair analysis, I reckon, that they the the only time it would maybe make sense if it is if you're doing an on chain, very large payment, which therefore can't be on lightning. So I don't know. You want to gamble, 10,000 Bitcoins or something ridiculous, then you send it via k page you into a Bitcoin Casino. Okay. It's not very realistic, but that would be You're Arthur Hayes or something. Yeah. But I think Exactly. You know? I I think that's to me to me, you would the issue
[00:51:21] Unknown:
issue with it was always practicality. It was never to me the issue like, oh, there isn't any point to this. Because I I my perspective is a bit different from most people in these discussions is that I tend to look at CoinJoin as very much this kind of opportunistic thing rather than some kind of rigid frame work. Like, one of the ways I've used join market open I I still do to some extent, but I tend to use Lightning more now is it it I've I've used it as like, oh, let me just make a retail payment. In the old days, it was via BitPay, but I don't use them anymore. But there's other, like, coin payments and what have you. And it was like, let's just do a coin join. And now I I'm not I have no pretense that in doing this specific coin join, I am somehow magically bit making this perfectly blockchain analysis resistant to, you know, constructed transaction. It's just not the case.
But every single person that does this is is it's half a political and also half of just a kind of commonsensical thing to do is just to it's like fighting for fungibility. Every payment I make if I'm going to make a payment online, the first thing I'm gonna check is can I use PayJoint instead of just an ordinary payment or or join market, because I just feel like it's something that every every user and participant of the system could con could consider doing as as a way of just sort of not I don't fight the right way, but but just sort of asserting the right to fungibility? You know?
[00:52:47] Unknown:
Yeah. That's okay. It's it's the ideological. You know, Matt was talking about the ideological users from there. Yeah. But as it as it as it but but but that's almost pejorative to call it ideological because it is ideological. Yeah. Yeah. It's not a bad thing. Yeah. Ideology
[00:53:00] Unknown:
have to But but it what I'm trying to say is it's not just purely ideological, is it? Right? Because when I when I make a coin joint payment instead of an ordinary payment, I'm creating something like a part of the permanent record of Bitcoin's transaction graph, which is either less, disentanglable or totally not not disentanglable, if that's I have too many in there. You know, so so so so my point is is is that we we're not just being altruistic if we sit in, like, slave all way and construct these incredibly complex collections instead of just making a payment. It's not just it's not just ideological altruistic. It's it's actually creating a it's like a you you live in a in a housing estate, and you all share a garden and, you know, you you look after the garden a little bit because, you know, both you and everyone else involved will will have a happier life because of it. Yeah. I mean, not just I agree. Yeah. It's something can be ideological and self interested.
Yes. Exactly. Yeah.
[00:53:57] Unknown:
Yeah.
[00:53:59] Unknown:
Right. So paid join to me is like one of tool you could use in your flow of everyday work. You know, I'm paying for a t shirt on this the t pay server. Oh, look. It's a page on URI. I just click that and bang. I I make that payment instead of the other one. And, yeah, I pay for 1 more. You could say the same about lightning. Right? Like, that you'll you'll if you see if you see a service offering Lightning, you go out of your way to pay with Lightning because Definitely. Yeah. Definitely.
[00:54:23] Unknown:
But so so so kind of tangential, let's unpack this a little bit, about talking about making a you're making a point, you mentioned. Making a making a standing your ground standing your ground and and making a visible protest, to the surveillance economy. Yeah. It's kind of weird to me that, you know, I've I've been a very, very active promoter of using CoinJoin and and using Bitcoin best practices, and I come up right against this whole, like, compliance culture in Bitcoin land, especially among, you know, for better or worse, you know, I'm a public figure. People know my face, you know, they they see me at these conferences and stuff. So I'm I'm literally butting heads, with with with these other public people that are are very compliance focused, regulation focused.
And I got a lot of pushback about this idea of of trying to encourage increased CoinJoin adoption. And a lot of my arguments were even if certain CoinJoin implementations aren't perfect, because, honestly, like, if you're a privacy advocate and you're saying something's perfect, you're probably full of shit to begin with. But even if a user screws something up, the signaling mechanism of these coins going through coin joint and being visible on chain, I think, is super important. And we're we're seeing the ramifications of this with all these regulated services, flagging them and denying service and use of them and and, you know, we even have block file. I'll pull the graphic up again just because I have it saved in here.
Going out of their way to specifically say that, and I think they use the word mixing instead of coin joint to insinuate more criminal intent, but that they don't accept, mixed funds. They don't accept anything that goes through, like, Bisk, peer to peer exchanges. They have this whole block list or whatever. So there's been, like, this weird element, and and and I I I love the idea of of these these demographic techniques as you said, like, things like PayJo and Coinswap that that are really it isn't visible on chain that they're being used and they break the heuristics. But this idea that, like, we should hide that we're using Bitcoin privately seems weird to me in a world where we've we've gone through the same exact argument and fight with with speech, and and encryption is obviously is very visible. Like, people know you're using encryption. The idea is that they can't see the message anyway.
Right. Right? Like, what's the difference? Like, why should we be ashamed of using CoinJoin? The the fact that it's visible on chain isn't as big of a negative to me. I think it, like, falls right in line with with encryption. Does it not?
[00:57:16] Unknown:
I guess, but they, it's a method of resistance, like hiding that you're mixing helps you helps you get away with it in a way. So I don't know. BlockFi, they they try and block, they try and censor payments which are which are coin joints. And if you can if you can stop that from happening, then that's good. Right? But I agree with you that with the thing, I really don't understand Bitcoin as you have that thing of we shouldn't use CoinJoin. We shouldn't use because even if they're only interested in it for number go up, do they really think that, say, central banks who want to print loads of money, are they just gonna allow people to just move into Bitcoin? Like, of course, they won't. They'll they'll want to spy on them. They'll want to do surveillance on them. So their whole the whole plan of number go up depends on having some kind of privacy because otherwise, people will take, you know, they'll take your money. They'll the number go up that you won't that you earned, they'll confiscate it, like, in the 6102.
Yeah. It makes no sense to me. Order. Yeah. Like, the the number go up and sensitive resistance have to go together. You can't have one without the other.
[00:58:19] Unknown:
Exactly. And and and and, like, let let's just go deeper into this BlockFi example, because BlockFi now is right is a darling of this fucking industry. Everyone has their hands in it. You know, there's investors all the all the big accounts on Twitter, they're all investors and shit in BlockFi. The thing is valued at, like, 2,000,000,000, $3,000,000,000 right now. They wanna go public. They're offering Bitcoiners the ability to get 6% interest if they go custodial. They give them full KYC, and then on the withdrawal, they're not allowed to actively use Bitcoin privacy best practices. If they use active if they if they visibly use Bitcoin privacy best practices after they withdraw from BlockFi, not even the deposit, after they withdraw from BlockFi, then their account gets closed.
That'd be like that'd be like me if I if I if when I withdrew money from the bank, I didn't, like, post my fucking receipt on social media,
[00:59:17] Unknown:
my account gets blocked. Like, we're not far. Oh, we're not far away from that today. We are not far away from that today with banks under each. But, yeah, how many hops? I'm curious. Well, that's the thing. No one can tell us. Right? Of course, they can't tell you. Right? Yeah. It's it's just like the legacy system. Right? It's like, you're not allowed to do money laundering or or or any of these other activities. So is this okay? And then they'll say, well, we can't tell you whether it's okay. So just deposit them deposit the money and then we'll figure out if it's okay afterwards. And we won't they they will block your account, and we won't tell you why it's blocked. It's the same bullshit, and it's gonna be the same bullshit every time. You just have to have some dignity and just say fuck fuck these people. Honestly, you're not really 6% isn't even that much. Right? I don't I don't know if if you can,
[01:00:05] Unknown:
you know,
[01:00:08] Unknown:
would you, would you invest if it was 50%, Chris? What about that? Well, at 50%, it sounds like a Ponzi scheme. Economic activity in the world that gives you 50% per year. So there's a golden number that you so there's a golden number that you're not gonna reveal at which you would invest in Blockfire. But if it's anywhere below or anywhere above that, you're not gonna invest in them.
[01:00:29] Unknown:
Well, when you put it that well, no. I mean, no. You've got you've got me there, I guess. The thing is is someone's privacy is quite valuable, and I wouldn't I'm just confused. The 6% isn't even that much. I don't know. It's a hell of hell of a lot better than bank accounts or or most investments nowadays. But the thing is, even if you just hold Bitcoin in a in a hardware wallet or in cold storage, it moves 6 percent all the time. Every month, it goes up or down 6%. So why are people running so quickly to the 6% thing? Well, the people who accuse me of FUD when I say the same thing want it to be clear
[01:01:00] Unknown:
that this is 6% compounded interest on top of the Bitcoin gains, and you get paid out in Bitcoin, Chris. So we can't just say 6%.
[01:01:08] Unknown:
We can't Oh, yeah. Okay. But you're already getting, like, 20% of the profit. So
[01:01:14] Unknown:
No. I'm aware that that we've we've discovered an asset that's designed to pump forever, and people are willing to throw out complete control of it, and all of their privacy for 6 percent is absolutely ridiculous. But I just wanted I wanted to be clear that I also know what compound interest is, and that does not change the equation for me. I think it's important that
[01:01:32] Unknown:
way. Yeah. Go ahead. Sell yourself if you're gonna sell yourself in that way, at least charge more than 6%.
[01:01:38] Unknown:
I literally had someone tell me in my comments today that I'm a rich Bitcoiner that's out of touch and that people need these interest payments to feed their family. And if I don't if if by me telling people that it's a risky investment, it's a risky move, that I'm I'm just completely heartless, and Dan Held liked that fucking comment.
[01:02:00] Unknown:
So Okay. That's what we're up against in this world. You probably already told them why that's bullshit. But, so, you know, poor people say you only had a $100 or $10. 6% is $6. Right? Not that much. If you have $6,000,000 and you get 6% on that, then that's immediately $60,000, a huge amount. So 6% benefits rich people way more than it benefits poor people.
[01:02:23] Unknown:
Yeah. I mean, also, like, yeah, you shouldn't, like, be relying on a high risk interest account on top of a volatile asset to feed your children if you're gonna try and lecture me on risk risk management. Like, that's fucking ridiculous, but that's all I digress. This is my my point was, do we do we all agree that this idea that regulated institutions might not accept your Bitcoin in the future is a bullshit that that's a bullshit reason to not care about Bitcoin privacy best practices, like, just opt out of those systems. That's what Bitcoin's about. Yeah. Yeah. I get it. I I I I'm I'm gonna just disagree just for the
[01:02:58] Unknown:
like, I I I don't think the I I I I don't think it's bullshit in a sense that, you know, people come people are in this space and come into this space with very, very different perspectives for all kinds of reasons. And, they might be a bit goosed, you know, like, what exactly they're doing. They they might be think that that they're dealing with Bitcoin or actually that they're dealing with, like, regulated instruments on top of Bitcoin effectively because they're really just playing around with money on exchanges, you know, and then they're just playing around with, you know, their their taxes and their accountants and just and their their their their brokerage accounts. But, you know, it's not completely stupid for people to think, you know what? I'm a stand up citizen and I abhor, and I am not gonna get involved in anything that even smells slightly of you know, they're very, like, risk averse people. You know? Okay. Fine. But but they should at least understand our point of view, that that that we actually believe in this as a as a as a different system, and we anyway
[01:03:53] Unknown:
But, Waxwing, this is what I'm saying. Right? It's like is is this is when we're talking about increasing the pool of of privacy focused Bitcoin users, right, to try and increase our own privacy. You're you're we're up against this this thought process, and I I'm telling you that and I'm curious what your guys' guys' opinion here is. I know exactly what's gonna come next. What's gonna come next, and I already see it happening amongst my peer group, is, we're gonna be sold this idea, and people are gonna, I'm gonna have them. They're all gonna attack me on Twitter about it. We're gonna be sold this idea that Bitcoin privacy best practice is to spend directly from a custodial wallet because BlockFi will protect my privacy, and the other person the transaction graph is completely broken, and I've done nothing wrong. And my government I can completely trust my government, and they'll protect those records. And if you look it up on on chain, you won't you won't be able to tell. And and why do I make this expectation? Why do I have this expectation? Why do I have this conclusion? Because I when people pay me in Bitcoin, I chain analysis them. Right? I look back, and I've called people multiple times sending me money directly from Cash App, directly from strike, and I say to them, I'm like, you sent me money directly from Cash App, for a poker game.
You send me KYC funds directly, and you know who I am. And they're like, yeah, Matt. I didn't want you to fucking know how much Bitcoin I have, so I sent it from Cash App instead of doing it. Oh, I see. Right. Yeah. That's what's gonna happen. That's gonna be the next narrative. The next narrative is if you have nothing to hide, if you're not a criminal, you can just send from a custodial wallet, and you'll have perfect privacy. They're gonna say perfect privacy because they don't care about disclosing trade offs.
[01:05:48] Unknown:
Well, they can, you can in that situation, they could send via lightning, then you would also not be able to tell how much money they have.
[01:05:55] Unknown:
Right. But if you if Yeah. If they sent if if they pay me as lightning stands right now, and, obviously, it's not at a standstill. Development's actually been moving pretty quickly. I have tons of respect for the developers. But as lightning stands right now, if they pay you from something like a strike or a bottle pay or something, that PubKey is is in a KYC database somewhere with the invoice, whatever you put in the invoice. So I actually had I'd I, I I did I did a poker game, and I was the bank, and I put in an invoice. I put in the invoice to keep track for my own Sovereign lightning note. I put in the invoice the guy's NIM, and poker. So it was his NIM plus poker. Right?
And he paid me from strike. So strike now knows his NIM, knows we played poker, and knows my pubkey, and it's in their fucking database forever, presumably. No one knows, you know, what how what the retention is for these k y c services, but,
[01:06:56] Unknown:
like No. That's a good good point. What I what I meant was that your friend was using a custodial service for privacy reasons so that you couldn't tell how much money he had. But he could use a non custodial lightning wallet. That would that would also not reveal how much money he had in his wallet.
[01:07:14] Unknown:
And, yeah, you're right. If he uses, like, a custodial wallet as well, then things won't work. But I didn't realize he paid me from strike until, like, an hour into the poker game. Right. Right? Like, neither of us real like, there was no there's no from a UX point of view, I saw the invoice was paid. Right? I didn't I didn't even consider it. It wasn't even, I don't know. That's gonna become more common. Am I wrong?
[01:07:40] Unknown:
No. You're right, unfortunately, but there's people who people who for if it matters to someone, then they'll make the extra effort.
[01:07:50] Unknown:
But I don't think we should spend all our time wringing hands about the fact that people are gonna make, practical trade offs, including, you know, how they deal with regulators and banks and governments. I mean, they they always have done and they always will do and until there's some dramatic changes
[01:08:06] Unknown:
But the reasoning the reason that I bring this up is the reason I bring this up is because I think we I I think I think it's important when you're building these tools and trying to set up the incentive structures that that you're targeting you you can't just we can't just target, like, OGs that care about we can't just target, like, the 1,000 OGs that care about privacy.
[01:08:27] Unknown:
No. I don't think we're just targeting that, though. I mean I mean, look at look at the kind of thing that Open Arms is doing. I don't I don't know what what he's I know you've talked with him extensively, but but, you know, know, look at the he's doing it. He he's not just addressing the needs of a 1,000 OGs who are like cryptography experts. He's addressing he he is addressing people who are kind of couriers, people who like technology. They're playing around with things like Raspi, blitz, which I do as well, actually. I really like that device. It's really cool. But these are people who just like Bitcoin. I'm sure some of them are are relatively new.
And, yeah, they are technically savvy much more than the average user, but they still like the fact that what he provides them is, like, this packaged version of join in box. They can just slap on their Like join in box. Plug in. Yeah. Join in box. They can just slap it into their already existing, you know, core node, lightning node, what what have you. Where am I going with this? Oh, yeah. The the point is, well, there's some truth, obviously, to your point, the how do we get all the masses involved? I have I've always been I've always had this attitude even from the early days that I always used to tell people Bitcoin is is swift, not Starbucks points, and you stop constantly, like, worrying about how you can get retail on board or whatever. Retailer always gonna do what retail do. Right? They're they're gonna use trusted third parties because that's just how people operate.
They're all on the other hand, there are always gonna be those special people and not just people, but organizations as well. I mean, an example I like to give people even though it's totally fictitious is, like, the canonical Bitcoin user is probably a Nigerian trader who's sourcing products from Guangzhou. You know? In other words, it's not just it's not just like Joe Blogs on the street in London or or New York or whatever who's just playing around with his phone. I mean, talk to those people. There's nothing wrong with being that person. I'm just saying that isn't really what Bitcoin address is. I don't care what Satoshi wanted to use it for, vending payments or whatever, vending machines. The the truth is it's just not that kind of thing. It's much more like SWIFT. It's some very, very hard money.
Right. It's almost financial plutonium. Like, remember people coming up to me when I was in Prague saying, no. Don't buy us in Bitcoin. I said, I I just say no. Don't buy Bitcoin. Fuck away from it. Because Right. Because, honestly, it's it's just not consumer product. Now lightning is a different story. If it gets polished enough, then maybe that's a different story. Right? I mean, in hindsight, they probably should have bought it. Right? Like, what was the price in price? It was near the 2017. It was it was like 5th 10, 15 k. Maybe they did. Yeah. Alright. I'll give it that. Literally any time in history, they should have brought me. And that's the point. They didn't deserve it unless they ignored my advice because they knew what the fuck they would do. They had their confidence in themselves to actually operate and own things like keys. That is not something ordinary people ever wanna deal with. I'm sorry. I know it sounds elitist,
[01:11:18] Unknown:
and maybe I'm just an asshole. It doesn't sound elitist. I'm not I'm not I I was trying to be provocative, obviously. I didn't mean there's, like, a 1,000 OGs. I I I'm I'm not I'm not saying, like, I need grandma to use the privacy tools. I'm saying, like, this show this show why do I do this show? I do this show to increase the adoption of these kind of tools and these practices and spread this knowledge. Right? And I I I want people to pay it forward. Right? Like, I I I think it's it's interesting, where, like, a lot of people, like, I'm not competing with other podcasters.
I would love if there's a 1,000,000 shows that cover the same exact topic. That's when we're winning. But, like, we have we have, you know, over over 20,000 people are gonna listen to this to this discussion. Out of those people, maybe 5,000 of them have used the tools, and actively use the tools. Right? I'm talking about getting that number up by a magnitude of 10:10 x. Right? Let's get that number up to 50,000 people worldwide that are that care about these tools and are using these tools. And when we talk about that, when we talk about Yeah. You're right. Crossing that chasm, this is what we're up against. Right? We're up against the UX of the custodial regulated products. We're up against the the the incentives that those products are offering their users. Right?
[01:12:45] Unknown:
Yeah. But do you envision a world where Do you envision Just if I could jump in, Wack said, because the thing you're saying, it's about, elitism. I'd actually argue it's the opposite because there's the point that Alex Gladstein made that most people in the world are actually not in the first world with, they're not somewhere in London, New York, and they had so someone like, in Nigeria, you mentioned the example of Nigeria. That country has a 100,000,000 population. Right? It's a third of America. So they actually, the I think Alex Gladstein put it in another way. Bitcoin is for the other 5,000,000,000 people in the world, the people who don't have good and in fact, I can point out they actually can't use BlockFi because BlockFi only accepts customers from certain places in the world. So I question. It it could be argued. It's actually not elitism. It's the opposite. It's for more Mhmm.
There's the old cliche of Bitcoin helping people in third world countries, but you could argue it's that. People have to hold their own coins because there's nothing else.
[01:13:36] Unknown:
But this is where those other those other aspects come into play. Right? Sure. Cost, accessibility.
[01:13:41] Unknown:
Yeah.
[01:13:43] Unknown:
You know, if if if you're if you're in an adversarial environment in Nigeria and Bitcoin is is is borderline illegal, if not completely illegal, it's hard to have a 247 interactive, client available. It's it's hard to run a a VPS in general nowadays on a major cloud provider without KYC.
[01:14:02] Unknown:
Yeah. So so I think I think a good example of this might be, like, you you you see the in little experiments like they did in I don't know which South American country it was where they tried to set up a little, like, learning community thing. So what they actually end up doing, of course, is they use essentially yeah. Or maybe it's that. I don't remember. They they use essentially completely custodial versions of the tools. So it's like you you talk about the traders in Nigeria, that they they're constrained bandwidth wise. They're constrained cost wise. They're constrained regulatory wise, and they don't have a a solid basis of a lot of Bitcoin developers in the local area. I mean, good old Tim McMo's there, but most sadly, anybody else there who knows anything about Bitcoin. Right? So so the the the essentially, what's gonna end up happening is they go into these custodial, systems.
So, unfortunately, while I agree with your point, Chris, I suspect in practice, while 3rd world is where Bitcoin is kind of the most useful in some ways, it isn't actually,
[01:14:59] Unknown:
the kind of Bitcoin that we'd like it to be. But but but just wax me, quick quickly, I mean, I don't know if you're talking about, Bitcoin Beach in El Salvador, but Bitcoin Beach in El Salvador, is is fostering this this grassroots lightning community, and they do have their own wallet. Mhmm. You were correct, that that is custodial, but it's kinda cool because it's it's locally custodial. Right? So, like, it's, like, the local El Salvador Bitcorders are running this custodial wallet that doesn't comply with US regulations and is completely interoperable with the wider Lightning Network. Maybe that is gonna be something that we see scale out. You know? That kinda makes sense to me.
[01:15:38] Unknown:
Yeah. I think so. Yeah.
[01:15:40] Unknown:
And then you don't have to worry about the pub keys. Like, if if if if a user and strike just so strike, just opened up in El Salvador, they just have bit now now they have business in El Salvador because Jack Mahler's fucking boss, man. Like, he flew down to El Salvador, one of the highest crime crime rates in the world. Him and Myles Suter of Cash Apps down there, both my boys are are in at Bitcoin Beach right now. And Wow. And strike launched in El Salvador with no banking relationship. And and the reason why they were able to do that is because the overwhelming amount of transactions coming from are coming from the United States as as, goddamn it.
What what's the the word when you're sending money abroad,
[01:16:30] Unknown:
remittances?
[01:16:31] Unknown:
Remittance. Remittance from the United States. Right? So the United States users have they're fully regulated. They have bank accounts, and they're connected to strike, and they're sending to the custodial wallets in El Salvador. And and you and you know you know they're part of Bitcoin Beach's pilot program or whatever, but you don't know who the individual user is. They have their own in on an onset, basically. Right?
[01:16:57] Unknown:
So what how does the American side so the the Syrian American who wants to send a remittance or you're in American who send a remittance. You send, like, a a a card payment or a or a fee let's say a fee payment to strike, and then it gets sent over lightning to the El Salvador. Your debit card you hook up your debit card or
[01:17:16] Unknown:
you hook up your debit card or bank account to strike, and you you it's k it's considered KYC lite because what he did was he had a he has a partnership that basically allows you to put in your phone number, and if the KYC infos already exists, you don't have to reenter it. So so you still have full KYC, but at least friction wise, it's reduced. And then you actually never see Bitcoin. So you can just scan any lightning invoice, and he'll automatically do the conversion in the behind the scenes, and the receiver receives Bitcoin. And the reason it's set up that way is it provides him regulatory cover because he never has to custody Bitcoin, And Yeah. It provides the user Right. A a a a pro tax way of spending Bitcoin because the users never actually buying Bitcoin and then spending the Bitcoin and incurring capital gains. They're just Right. They're they're just processing this transaction in the background and using Bitcoin as the rails. The receiver receives Bitcoin. So it's it's become very, very popular among mainstream Bitcoin Twitter, but it's, That's why I haven't heard of it. But it leaves yeah. So waxwing to the freaks to the freaks that are aware, waxwing's the first guest on the show who really truly cares about privacy and and and boycotts and boycotts Twitter.
We have a bunch of freaks that are listening to this through Twitter. I'm sorry. So, props to you for doing that, waxwing. You can find them on Mastodon. But, yeah, is that it's an interesting dynamic that is that is has exist that exists now,
[01:19:04] Unknown:
and and a lot of people are using that. Yeah. Jack gave a talk about it on, Jack Miles gave a talk about it on, in our in our little army. I think you you came a few sent you to our v army top. Yes. And it was kind of interesting to me. My eyes started to hurt.
[01:19:19] Unknown:
Okay. Yeah. My eyes hurt sometimes after a while. Yeah. It's funny that. And also Facebook. Fuck Facebook. Right? Like, I was using Oculus or whatever, and they started requiring the account, so I just had to make a difference. That's really shitty. It's even worse when you look under the hood of what they're doing there. It's really horrible, I think. But, anyway Yeah. Facebook's the one I got rid of my account a long time. Do you see that Zuck the the Facebook accidentally got hacked for 533,000,000 users' accounts information, and they they use that to realize that Zuck is using signal, which is hilarious. Oh, that's cool. On WhatsApp.
[01:19:54] Unknown:
That's cool.
[01:19:56] Unknown:
Yeah. I I it's it's the the strike phenomenon is is very interesting, and it that's that's it's a it's an awesome product. It's really pushing it's pushing the tears, but this that's kind of where I come from when I say that that's what we're up against. Because you're you're trying to convince the user to to spend Bitcoin privately rather than using a service like that a lot of times.
[01:20:21] Unknown:
Yeah. I think it realistically is gonna be second, and it is gonna be semi custodial. I think both of those things that's that's the good outcome. I mean, the worst outcome is everyone just decides that they just wanna use Bitcoin as, like, an investment stuck in a regulated financial institution and nobody has Did you see ever. Did you see what Taylor posted the other day that got, like, 7,000 likes and fucking
[01:20:43] Unknown:
amazing amount of retweets?
[01:20:46] Unknown:
I mean, I know waxwing did see it, but did you see it? He he tweeted out the name?
[01:20:53] Unknown:
Michael Taylor. Do you not know who Michael Taylor is, waxwing?
[01:20:56] Unknown:
Oh, yeah. I do. Yeah. Oh, no. I do. I just I didn't hear that the connection was bad. Oh, I did follow him, but, yeah, did he say he bought what did he buy? Like, he bought more Bitcoin from something. Oh, no. No. Not that. He tweets that out every 2 weeks or whatever.
[01:21:09] Unknown:
He tweeted out that the ideal the ideal Bitcoin wallet is a wallet that's a custodial wallet where you send Bitcoin in, and it automatically provides you a fiat based loan on it, and then you pay with fiat. And then that way you never incur capital gains, and you never have to sell your Bitcoin.
[01:21:29] Unknown:
Well, he's wrong because the central banks will just steal your Bitcoin in that case.
[01:21:34] Unknown:
Look, I'm I'm not saying that that I know you're not We disagree. Right? But that's what we're up like like, you're competing when you're talking about increasing from 5 1,000 to 50,000 users. Right? You're you're competing against that, like, that those concepts. Do we agree on that? Well I agree. Yeah.
[01:22:01] Unknown:
I don't know what to think about. Be in trouble,
[01:22:03] Unknown:
when there's a bear market.
[01:22:05] Unknown:
I'm gonna pull it up for you. When the price goes up. I'm gonna pull it up for you guys. Yeah. I I think you're interested. You don't believe me?
[01:22:12] Unknown:
No. Of course. Believe that it is a No. Of course, I believe that because I heard him say something's I heard about him say something similar before. Like, some months before he said something about it. It's all, you know, you it should all be regulated and forget about privacy. Yeah. He's He has crazy.
[01:22:26] Unknown:
It has a 1,000 retweets. I have you ever come close to getting a 1,000 retweets on something? That's crazy. That's that that's this is consensus opinion. Look at this.
[01:22:40] Unknown:
Right. Well, maybe it's bots. You never know. This is not smart. Oh, wait.
[01:22:46] Unknown:
Wait. Wait. Wait. Wait. He says the ideal mullet. I wanna qualify. Is this the ideal mobile wallet? Well, I don't know. Maybe he's right because the ideal wallet certainly isn't on a mobile phone.
[01:22:57] Unknown:
Well, oh, do you wanna unpack that?
[01:23:00] Unknown:
Well, of course, it's not the most secure way. I mean, if you're dealing with large amounts, you you would you would be crazy to to hold it on a phone, surely.
[01:23:08] Unknown:
But if we're talking if we're talking about the other 5,000,000,000,
[01:23:12] Unknown:
the other 5,000,000,000, most of them don't have computers. They have cell they have cell phones and they have Well, that's just comes back yeah. That just comes back to the discussion we were just having. Right? Which is, like, how is it actually gonna play out in 3rd world type environment. And it will I'm sure it will be at least I'm sure it will you know, I the the the positive outcome is that there's a lot of usage of semi custodial Bitcoin like the example you give from which I think is a really interesting and cool example. And it's gonna be on phones because phones are the devices that those people have, and it's gonna be something which respects stream bandwidth limitations because bandwidth is very expensive in those places and unreliable.
So we just gotta face up to the reality there. You know? It's all very nice to think of satellites and stuff, and it's all cool, but and there will be some nodes. But god, I remember back in the early days when you used to look on the, the maps of, like, where all the nodes were in the world. You'd look at Africa, and there'd be, like, 2 nodes on the entire continent. It's just it's just terrible, really, but I don't think it's gonna get much better, at least not quickly. Sorry. I'm I'm woofing.
[01:24:15] Unknown:
No. I think this is this has been a great conversation so far. We haven't even talked about coin swaps yet. I I just before before we move on, I just want to, on on on a on a bigger sense, what do you guys think? Like, do you feel a sense of urgency in terms of Bitcoin privacy? Do we have all the time in the world or should we is it is it important that people care right now?
[01:24:44] Unknown:
Yeah. I think it's quite urgent because every every month you get more, for example, more services which block coin joins. Yeah. I think it's so every yeah. The more the more this goes on, the more information the the surveillance people get. And the KYC is just going farther and farther. Right? It's just like
[01:25:04] Unknown:
I don't know. Okay. So so we kind of talked about current Bitcoin privacy. Let's move on let's move on to the future. Let's let's oh, oh, no. No. No. We're not moving to the future. Sorry, freaks. Last last discussion we had on civil dispatch last week, there was some confusion about civil attacks. Arguably, civil attacks are the number one threat model for users that are trying to use Bitcoin more privately. Do you guys want to explain I guess, we'll start with Chris. You wanna explain, like, what what a Sybil attack is? Maybe we'll talk about Fidelity Bonds really quick. Are you talking about
[01:25:54] Unknown:
yeah. I I suppose you're talking about civil attacks for joint markets. So that would mean where, now with with joint markets, anyone can be a maker. They just put Bitcoins in a in a bot in the wallet and then start it up and it'll become a maker. And a civil attack would be when there's an adversary who create the 10 or 20 or 50 bots, and has all of them on into the order book, and they all create coin joints. And if a you if a user is unlucky, they'll coin join, but only with these Sybil users, only with these Sybil makers. And then they would get a coin join, but because all the all the other all the other people in the coin join would actually be the same person, their coin join could be easily unmixed.
Now the way, so that's called a Sybil attack because it comes from it comes from that there was someone who had, like, a mental disorder where she had multiple personalities, and she was called Sybil. Her name was Sybil.
[01:26:45] Unknown:
That was actually her name. Something like that. Yeah.
[01:26:47] Unknown:
Like Sybil Johnson. I don't know. Right. Now the way the thing I'm I'm working on right now is a thing the idea is called Fidelity Bonds, which is where in joint markets and in in Coins Swap later, you'd have makers would also have the option of putting coins into a time locked address. For example, they could lock up their coins for 1 year or 6 months or something, and that's kind of like a sacrifice. You can you can precisely work it out mathematically how much they've sacrificed in value to lock up coins for a year or 2 years. And then takers, joint market takers, would be programmed to preferentially choose makers which have a more valuable fidelity bond. So the effect of that would mean if someone then wants to do a Sybil attack, they have to sacrifice much more value.
I've done the I've I've got some calculations on this that if if kind of the honest order book sacrifices 1 Bitcoin worth of value, then a similar attack would have to sacrifice about 60 Bitcoins worth of value to to
[01:27:46] Unknown:
be successful at attacking. Because the idea is the idea is is that the with with with the Sybil attack is is is where the the goal when in privacy focused Bitcoin is is to be amongst a crowd. A Sybil attack in its most extreme form is that the whole crowd is a single attacker. So if if we're talking about fighting Sybil attacks, the plan should be to make it so that an attacker has to spend more than an a so called honest actor, someone acting in good faith. And with Fidelity Bonds
[01:28:18] Unknown:
with fidelity bonds I just like to interrupt that 606102 made the same joke that I was gonna make that they they sacrificed 6% a year. Right? Right. Of course. It's it's important to remember that the civil attacker is sacrificing 6%
[01:28:30] Unknown:
per year. But also, the honest actors also sacrificing 6% per year. Compounded annually in Bitcoin. It's important that we remember that we're not funding it, and that it is compounded annually and paid in Bitcoin. But the the the the idea with Fidelity bonds is if you spread out your Bitcoin among multiple maker positions, that's gonna cost you significantly more money than if you just do one large maker position. Right?
[01:29:00] Unknown:
Yeah. Exactly. And coming back to the the 6% per year idea, you could think of this as a way to earn income from your Bitcoins without I mean, join market already has this. You can earn an income from your Bitcoins without having without having to give up your Bitcoins. So they stay in your wallet, and you don't have to give up any KYC information, and you earn money from them. But you're on Hot Wallet. Because, like, from the yeah. And from the point of view of someone who's doing this, like an investor, you could call it, in a way, it competes with the BlockFi thing. So the thing that the effect that Fidelity Bonds would have is they'll make the joint market system more capital intensive. Like, it would require more Bitcoins to be involved. And from, like, from financial principles, you could expect that then the yields that the interest people could earn would go upwards.
[01:29:46] Unknown:
So once for and to put short, once Fidelity bonds added to join market, market makers, if they have loads of money, could earn more money. But let's still manage a little bit. First of all, the fees are are basically nothing right now. Right? Like, you're not really making any money being a maker.
[01:30:03] Unknown:
That that that's that's definitely I mean, that's definitely true, but never forget that there is, like, a a kind of edge case because the at the very larger sizes, that isn't really as
[01:30:13] Unknown:
true. Like, the the Right. If you're special, there's not that much competition in the major Exactly. Right. For the larger. But but Generally, it's true. If if if we got taker usage up, those fees should go up, and and the maker should be able to make more money. Do you agree on that? Yeah. Generally, you know. Like, would we would we agree that, like, the the the biggest the biggest example that adoption of join market is unfortunately lower than what we were hoping for is that the fees are still pretty low.
[01:30:42] Unknown:
Right? Well, I mean, you can just scan the chain and look for quantitative measures. The reason the fees are low is that everyone who can everyone who wants liquidity can easily find it. That's why there's Right. Because we don't have enough we don't have enough takers. But if we had more takers if we had more takers, the fees should go up. Right? Yeah. That's so that would be the the demand side. But also, that's the supply side in that. Right. I think there's loads of Bitcoins out there just sitting in cold storage, not doing anything. And if fees went up even a little bit, then many of those Bitcoins would move out from cold storage into this, and that would make sense. The weird thing about join market
[01:31:18] Unknown:
the weird thing about join market is the UX is is, in my opinion, good enough. It's easy enough to use for someone who is is savvy enough to try and be a maker, but but could use work on the taker side to get, like, more, you know, mainstream users in. But on the maker's side, like, they have an incentive to just figure it out and and Yes. And then just to go back to my previous provocative example, like, you only really need, like, the a1000 dedicated ideological OGs on the maker side, and and they can figure out the US. On the taker side, we we kinda need taker adoption to go up and then the and the fees should go up at that point. But but wait. I think there's a danger here
[01:32:01] Unknown:
that that people have attended to look at the market and say, oh, the market's wrong. You know? The way I try to explain this in the past is that that there's many, many costs and benefits to add in to the to the system. So on the on the, maker side, there are benefits such as the the passivity means you don't have to make decisions. The fact that you, you you get, privacy while you don't spend Bitcoin network transaction fees, which are which are usually the larger by far of the 2 components of fee is the is the Bitcoin network transaction fee. So the unusual thing you know, like, if you came at the joy market from the point of view of something like Wasabi, you you understand that or at least the first anyway. Yeah. The the taker's, like, bearing that entire cost and distributed among all the participants.
So there's several, I mean, advantages the taker gets such as being able to choose an exact size. Go go ahead.
[01:32:56] Unknown:
But the takers, it's it's considerably a taker and joy market is a taker and joy market is considerably cheaper than Wasabi. Everything out everything equal. Wasabi's Wasabi's coin joint fee is dramatically high. It's like like, it it you you save a ton of money if you're a taker in your market. Yeah. But even the network fee, the network fee is a 100 inputs or whatever. Sorry. Continue.
[01:33:24] Unknown:
No. But but that has to be distributed. I I okay. Let me just go through because I wanted to make a quick list of all of, like Go through it. To work out what the the price of of of joint market usage is. Because because if you're the if you're the taker, you get several, like, distinct advantages. You're able to choose the exact time at which you do it, and it goes through quickly. You're able to, choose the exact size of the payment, which means you can make a payment in a coin join if you want. You're able to and the second advantage of choosing the exact size of the payment is the crucial one, which is it allows you to do something called a sweep, which means you get no change. Another advantage you get, which if you compare it to, like, other CoinJoin implementations is you could do any size, including very large sum principle.
So there's a lot and the and, of course, the biggest, maybe the most crucial advantage that the taker gets is that you're supposed at least, assuming there's no bug, it's supposed to be the case that you don't reveal any information about your inputs and outputs to the other participants in the whereas the maker doesn't get that advantage. So there's all these advantages. On the other side, it has the advantage of, well, I'm not paying any network transaction fee, and I can just leave it runnatively and, a couple of other things I can't remember. But but the point is that there's many different, like, components of cost and benefit to play in. And the fact that it works out the most of the time, we're talking about, like, tens to hundreds of sats for coin joint fee. Only if you'd go to larger sizes does that price get significantly larger.
It's just it's just the result of all these, like, difficult to measure factors. And I I totally agree, by the way. None none of this is to disagree with what Chris just, expounded on fidelity bonds as it would add a much stronger anti civil effect, which means that, most likely or almost certainly, the prices will go up because the quality of what's being offered is gonna be is gonna be higher. But I would also mention because I I wanted to mention this because I think it earlier podcast is that when we had this bug recently, well, we could talk about the bug if you like. But but the thing is We could talk about that. But Okay. We'll we'll talk about it in a minute. But I just wanna say that, people do have 1 and you specifically, I think, perhaps have forgotten a rather, important, change that was made to join market as a system about, I don't know, 2 years ago. I can't remember exactly when, which is that the, it's slightly less it's significantly, I would say, less syllable than it used to be in as much as, you don't have the situation where somebody can simply of the lowest possible fee and just almost automatically get chosen. Because it was kind of sort of like that in the early days where there was another exponential.
Well, it was it was kind of an exponential distribution giving too much weight to the very lowest fees. And all that we changed was we made it so that without going to huge amount of detail, we made it so that, when a taker comes along, he doesn't just aim for the very lowest fees possible, but he aims for
[01:36:11] Unknown:
any random fees within some reasonable range, which gives him a much broader set of potential participants to choose from. I'll just put that down. Let's just talk so so yeah. I mean, that's massive. That's very important when we're talking about the threat model with Joy Mark. Right? So so the reason I bring this up, first of all, is that, I mean, people should do their own research. Fucking people say that too much in this space. People should listen to the the the last conversation we had with No Power and Open Arms. But No Power just, like, is extremely frustrating when you start talking about sibling. Right? Because because it when we're talking about actively seeking privacy when using Bitcoin, we're talking about very well funded actors, that are very secretive in what they do.
And I'm talking about the chain analysis of the world. I'm talking about the Elliptics of the world, and I know their founders listen to this show. Elliptic, especially, like, Tom, I know you're listening. I appreciate that you're you're very upfront with what you do, to a degree, but everything is very secretive. And if we're talking about them and we're talking about threat modeling them in an active an attempt to actively seek privacy in Bitcoin, the threat model is is that they're gonna try and flood our usage. Right? And in in joint market in joint market, we're talking about them being multiple makers. Right? They're gonna be multiple makers, and they're gonna offer very low prices.
Mhmm. Right? And they're gonna try and be as in as many of of your make arounds as possible. Do we agree on that? I don't know if we agree that it actually is happening, but it certainly No. I'm not saying it's happening. We don't know what's happening. That's the crazy part. Right? Yeah. Is that we're talking publicly, but they're not talking publicly about this shit. So we don't know if it's happening or not. But the if they were to attack joint market from a Sybil scenario, that's how they would do it. Right? Yeah. They would do it on the maker side. Yeah. Right. And that's what Fidelity Bonds is trying to solve is, like, is is is so that it becomes way more expensive for them to be multiple makers Yeah. Yes. Than than be a single maker. Right?
But Yep. But if they're a regulated entity like chain analysis, can't they just can't they just reduce that that fidelity bond risk? The idea is that that you have such a large Fidelity Bond that you have this massive price risk. Right? You have to lock up Bitcoin, which is nice because first of all That's not right.
[01:38:49] Unknown:
Well, so what what Right. The exchange rate risk doesn't come into this. What comes into this is that, in the maths of it is that, the the value of your fidelity bond is the amount of Bitcoins you have squared. So for 5 Bitcoins, it would be 5 times 5 is is 25. If you have 6, it's 6 and 636. And that means people are trying to to lump up their Bitcoins into 1 bot. Right. But Right. There probably is a risk where it doesn't come into the analysis of it. Like, you know, you can analyze proof of work to see how it works. Right. But you're I mean The way this thing there's a there's a strong incentive for someone to lump up their Bitcoins into 1 bot rather than if they spread it out over many different bots, then they have a disadvantage, a strong disadvantage. But if I recall correctly if they if Chainalysis is doing this, they would they would have to it ends up working out. They'd have to own, like, a $100,000,000 worth of Bitcoins or something. Right. Right. So
[01:39:41] Unknown:
which is significantly less than Michael Sailor owns. They can just borrow they can just borrow on BlockFi. Right? That that's what I'm saying. Right? But that's exactly what I'm saying. Can they just can't they just if they're a regulated entity, they don't care about privacy. They can borrow this shit. They can hedge it with shorts. They can do all these different things. Right? And and and and the cool part about Fidelity Bonds is that it's not a hot wallet, which is awesome. Yeah. Right? I'm I'm correct on that. I recall correctly. Yeah. Which is awesome. So you don't have hot wallet risk. So, really, what you have is capital risk. Right? You have you have to you have to own this much Bitcoin and Bitcoin's a volatile asset, which is kinda nice in terms of a trade off if you're a Bitcoiner, which is the same trade but it's the same trade off it's it's on a high level, it's the same trade off as trying to actively surveil lightning.
In that, they have to force number go up if they try and they have to, like, literally buy Bitcoin and own Bitcoin.
[01:40:41] Unknown:
Right? Yeah. So that's so just to add in, you're right. Exchange rate risk is one thing, but a bigger like, the the kind of way I analyze it, that it's a big cost there is opportunity cost. So if they put all this money into Bitcoin, it means they haven't put it into some other investment. That's the that's how you work out things in financing. It's called the cost of capital.
[01:41:03] Unknown:
Right. But they can just if they're a regulated entity, if they're chain analysis and they're valued at $2,000,000,000 and their former chief counsel is now the head of FinCEN, Like, they can just hedge that risk on CME and just take out a short in Bitcoin equivalent amount, and then they have no they have no opportunity cost whatsoever, really.
[01:41:24] Unknown:
Yeah. Fine. That Right? So they'd pay interest on the the thing they're borrowing. You're right. So, yeah, those short positions have a cost of carry. Right. Right. They have they have a carry cost. But they're making up for it in their, like, 200,000, 400,000
[01:41:40] Unknown:
fees that they're charging, all these exchange that that's their business.
[01:41:46] Unknown:
Right? Right. So you're right. The kinda stepping back a second. This all this works if, if people all this works in the sense that it costs a lot of money to attack it. So if the attacker does already have money, then it won't work. So you're right about that. It's the same with Bitcoin mining. If someone spends less of money on miners, then they can do a 51% attack.
[01:42:06] Unknown:
Right. But with mining, it's a little bit different. Because mining, you have, like, with mining, you have, like, physical you have to get physical chips, which right now, by the way, there's a massive shortage, which is why we haven't seen difficulty go up with price. Like, you can't get ASICs right now. And then you actually have to, like, plug them into to power. You know, you have to actually have power wherever you're located. If buying a $100,000,000 worth of Bitcoin on the open market and then staking it is not that I mean, it's difficult for us, but it's it's not that difficult for a a a company that's valued at $2,000,000,000 that just raised a $100,000,000,000, like, 2 weeks ago.
[01:42:49] Unknown:
My intuition about this is is is like I have 2 comments on it. I mean, it's first of all, it's, first of all, it's good analysis both from both of you. But but the very glibly nowadays are talking about a $100,000,000 figure because Right. The maybe when when when Chris first started writing a few Python to create joint marketing, we weren't thinking about a $100,000,000 attackers on our system. And the second comment is, like, I have got this strong intuition, which may turn out to be totally wrong, but the people who do this kind of an analytical work are gonna be very leery about committing engines to these kind of sibling. It's I I it just says a little anecdote, and I don't think it's real, but it gives you a kind of flavor of it. That in late 2016, when we were experiencing this kind of a different kind of sibling attack, we might call it a snooping at some joint market where, a bunch of people were coming along as as takers, not makers, coming along as takers, starting the negotiation of coin points and then stopping in order to try to collect UTXO information from makers. Right.
When when we implemented a defense against that, which basically consisted of a kind of a souped up commitment that forced takers to, at some point in the negotiation, reveal their own and reveal that they'd never been used before for this kind of commitment. It basically meant that if somebody wanted to continue doing that attack, they would have had to keep revealing new UTXOs to us, like in the 1,000. And I I I I'm guessing that the the reason they stopped is not because it costs much, but because they just that's just not a thing you wanna do as an attack. Now maybe if you're chain analysts, you, a, are prepared to spend 100 of 1,000,000 of dollars on this, and, b, are prepared, to reveal, like, on chain UTXOs to that you're doing this attack. But I suspect probably they're not prepared to do that. Just a suspicion.
[01:44:38] Unknown:
Yeah. I I It might be right, but they they could turn around and they might do it. Like, my kind of point of view is you know, that old saying, if you want peace, prepare for war. But I'd imagine what to do in a in, like, the worst possible situation.
[01:44:52] Unknown:
Right. We should assume worst case scenarios. Right?
[01:44:56] Unknown:
Yeah. But I I think there's a strong there's still a strong analogy between Bitcoin mining and how if you have a lot of money, you can attack Bitcoin and these Fidelity bonds where if you have a lot of money, you could attack joint markets. And if if your attacker just has loads of money, there's nothing really you can do.
[01:45:11] Unknown:
I mean, I think at scale, we can defend against it just because, you know, Bitcoin will increase in value so much, so they get cost prohibitive. But in the short term, I mean, there's there's a massive advantage. If if if there is a a chain in a a chain surveillance firm, it's important we call them what they are. If there's a surveillance firm, a very competitive industry, arguably, the 2 industries the 3 industries in Bitcoin sub industries in Bitcoin that make the most money are the regulated exchanges, completely captured, the chain surveillance companies, completely captured by design. They capture people. And then, and then these fucking lending services, that are offering you 6% for custody of your coins, and and you're never gonna get those coins back out, presumably.
Those are the 3 most valuable tranches in in Bitcoin land. If if you're talking about, I'm I'm a regulated institution or I'm the IRS or I'm the DEA or I'm the CIA, and I'm trying to decide who I give the $15,000,000 contract to. The firm the the surveillance firm that is unwinding joint market compared to the firm that isn't unwinding joint market is way more valuable from a subscription point of view.
[01:46:34] Unknown:
One interesting thing of that point is that if 2 firms at once try to attack joint market, then they stop each other from working. Right. So if you had an American firm and a Chinese firm both doing the civil attack, they they'll be half the the coin joint makers at every point. Right. Yeah. We wanna encourage as many of them to attack as possible. Yeah. So America and China and Russia and North Korea or whatever, they all need to agree to, like, together do a similar attack, which might be possible, but it's also maybe that geographical arbitrage could also help us.
[01:47:07] Unknown:
Notice how the kind of openness of this kind of system works in its favor here. The fact that we by design, we don't have any, like, identification of users, and we don't have any centrally controlling entities. So it's very amorphous. I often try to tell, like to tell people, which I have no idea if it's true or not, is, like, there could be another joint market trading trading pit out there that nobody knows about or that some people know about and I don't. The the nature of open source software is kind of really helpful in this, and and and just just generally using Tor and just not using it. But, of course, the flip point is exactly why why we have so much difficulty in having to come up with very complicated or sophisticated, defenses against things like Sybil is for the same reason that we we explicitly reject the concept entity in the system.
[01:48:00] Unknown:
Yeah. Yeah. So that that was very awesome. That was a great discussion, guys. I don't know if that discussion has happened publicly before. I don't think so.
[01:48:12] Unknown:
Happened on IRC, I think.
[01:48:14] Unknown:
So so yeah. IRC. All the good ones happened on IRC. So I Everything see. I, I mean, the the reason I I I keep harping on it is because, specifically, chain analysis has gotten they've they the the company chain analysis, the surveillance company chain analysis has gotten, is is by far the largest in the space. They're the elephant in the room, followed second, maybe I we we got 61 or 2 in the comments by Coinbase who has their own, chain technology now, the chain surveillance firm within Coinbase, like their own tool within Coinbase.
And and and, presumably, Coinbase itself is holding over 15 1,500,000 Bitcoin, because because we know they have about 900 bit 900,000 Bitcoin of customer funds, in proper Coinbase, and then Coinbase Custody at least has GBTC, which is, like, another 800, uh,000 coins. So so we know that they're at least holding, about 1a half and, like, the sailors of the world and stuff are all going to Coinbase Custody. So they they are holding a a ton of coins. They have a ton of users. They're going public. They have their own chain surveillance. So it is kind of, aggregating to single actors. Right? And and and as that happens, that centralization in the chain surveillance space, that hurts us, as you said. Like, I agree on that. Like, we we actually want it'd be better if we had multiple active attackers, when you when you started to throw them all this up. But but all this said, strictly, it's I think it's it's super important. We're we're an hour and 50 minutes in. I appreciate you guys' time. I think it's super important for us to to to pull this back that if you're actively trying to use CoinJoin, trying to use Bitcoin best practices, you're you're strictly in a better sibling these things.
You're you're strictly better off, and you should you should use it. That's part of the solution, and it's very important that people use these things, but it's it's also very important that we openly discuss these concerns. These are the threat models. These are the the threats that we're trying to work against. So with all that said, where where are we going in the future? What what do we have to look forward to as Bitcoiners?
[01:50:50] Unknown:
I think Chris We already talked about PayJoint. Coin swap at this point at this point at this point.
[01:50:57] Unknown:
Let's talk about coin swap.
[01:50:59] Unknown:
Okay. Yeah. So, as as you may have seen, I've, I've released a version of it that works on test net and chest. And it doesn't have all the features, but it can do multi hop and multi transaction coin swaps. So they are you could think of that as like coin join, like an on chain privacy technology, but it's it looks like a regular transaction kind of. Although right now has a multi sig. It has a 2 of 2 multi sig. And, you could someone could use that to mix their coins. Now the reason I'm doing the reason I'm right now working on Fidelity bonds on joint market is partly to improve joint market, but also partly to kind of get used to the idea to have it sort of out there in the wild as an experiment of people actually using it to see if the Fidelity Bonds idea works and if there's anything that can be improved on it. And after that's done, then I'll go back to working on coin swap, to make it to carry on work and get it towards so that it works on main net.
Okay. So I think, yeah, that that's, that's where I am at right now.
[01:51:59] Unknown:
We have we have public final void, talking about getting blacklisted off of exchanges again, on the chat, and and disagreeing that you're better off using CoinJoin. Look, if if you wanna, we said this earlier, but just to recap, like, if if if you want to be a part of the surveillance economy, by all means, you know, keep it in the same address, maybe use custodial custodian option. I don't fucking know. Like, if if you wanna practice all the best practices in terms of regulatory compliance, by all means, proceed with that. But when we're talking strictly from a privacy point of view, using these tools are are net benefit. I mean, you shouldn't use them thinking that they're perfect.
I don't want you guys, like, making mistakes and assuming that you're completely anonymous. Like, that'd be horrible. I don't want that. But but strictly from a privacy point of view, attempting to use these tools, using these tools is gonna is is you're in a better privacy situation than if you don't do it otherwise. I mean, they're they're cataloging everything you do when you use these regulated institutions. They have they have your personal information. They have every financial transaction you're making. It's all getting recorded on a ledger that's gonna exist forever. This ledger is gonna exist forever. It's all gonna be there. Even if you don't fuck things up now, even if you don't realize you fucked things up now, that can come back to haunt you in 10 years.
Back to Coinswap. Chris, Coinswap is is same concept as PayJoint in terms of being a steganographic, strategy, right, to break heuristics.
[01:53:44] Unknown:
Yeah. Yeah. That's the end of it. The the end of it, it would look just like a regular transaction or more than one regular Bitcoin transactions.
[01:53:52] Unknown:
So so both both the pro and con of using Coinswap is that on chain, the user the the anyone looking at the chain should not be able to know it's a Coinswap. Right?
[01:54:06] Unknown:
Yeah. That's the that's the aim.
[01:54:09] Unknown:
And then then the the if we steel man it, right, the negative is is you might be accused of something that's not you you're doing.
[01:54:19] Unknown:
That's right. But that's the same for pay join. Like, you could, you could have a pay you could accept pay joins and then someone pay joins you who got their coins from like, they stole them, you know, their their theft coins. And then people come to you and say, oh, why do you have theft coins coming to have the the the the theft coins were cospent with your money in this transaction. So why are you does does that mean you stole the money? It's true that any kind of privacy technology could bring heat on you, and I don't know. People just
[01:54:50] Unknown:
they'll have to deal with it. Like, in some countries, just using Bitcoin is against the law. Right. I mean, let let's talk like proper compliance pros. Right? Like, it doesn't have to be a theft transaction. Like, you could use Coinswap, and you can swap with someone who use CoinJoin, Or or you can use PayJoint and they use CoinJoin, and it looks like you use CoinJoin. Right? Yeah. Exactly. Which is once again, like, if we go back, is a bullshit negative. Right?
[01:55:17] Unknown:
Could could could we, I think long term oh, go on.
[01:55:22] Unknown:
I'm curious. I think long term, the one possible outcome is that the KYC Bitcoin world and the kind of privacy, self custody Bitcoin world split off and that it'll be that it won't be very common that coins go between them.
[01:55:35] Unknown:
Do we think that's, like, happening right now?
[01:55:38] Unknown:
I don't think it's gonna go like that. I mean but, can I can I ask a question about CoinSoft? Because we've, like, started talking about it, and I I think they do. Yeah. Let yeah. Your listeners might might might want to hear more. Yeah. I was like you guys did an episode between you guys, and I just sat here at 5. No. I just wanna say, like, so first of all, maybe you could I'm gonna I'm gonna ask you a question in 2 parts, Chris, because I know you can answer them. The first question is, what is the basic idea of a coin swap? No no need to go into great detail, but what is the basic idea of coin swap? And the second question is, how do you address in this concept that we've just talked about of it being secondographic, like, you couldn't tell it was a coin swap on chain, how do we address, like, the amounts of the two sides being equal?
[01:56:24] Unknown:
Oh, right. Okay. So the the first thing of what a coin swap is, it's a way of, it's a noncustodial privacy protocol. So how it actually works is that if they say Alice and Bob or Alice, Bob, and Charlie, they send so Alice sends a coin to Bob, and then Bob will send but a different actual Bitcoin, a different UTXO to Charlie, and Charlie will send, again, a different Bitcoin back to Alice. So what's happening? The reason it's called the coin swap is they're actually paying Bitcoins. So Alice's bought Alice's coin ends up in Bob. Bob's coins ends up in Charlie. Charlie's coin ends up on Alice. And, the the crucial point there is that it's noncustodial.
So it's a bit like CoinJoin in that. None of these users could actually lose money doing this because it uses Bitcoin smart contracts, language. And the reason that it improves privacy is because someone who's spying on Alice will think that Alice has sent, will think that, like, they won't realize that Bob now has the coin.
[01:57:24] Unknown:
You're you're completely breaking the transaction graph.
[01:57:29] Unknown:
Yeah. And then the second question was how does it deal with the CoinJoin
[01:57:34] Unknown:
amounts. It's almost a almost a combination between CoinJoin and, like, the custodial mixers of the past. Right?
[01:57:41] Unknown:
Or, like Yeah. So you could I I maybe that's a bad Like, the custodial mixers. You could say it's a bit like the custodial mixers, except there's there'll be more than one of them, and the custodial mixers can't steal your money.
[01:57:54] Unknown:
Right.
[01:57:56] Unknown:
Let's go here. Now the second question was how to deal with the equal amounts. Because, of course, if sends 1.2 bitcoins, Hans has to send exactly 1.2 bitcoins or around that amount to Charlie and so on. And the way it deals with it is the multiple, the multiple transactions. So Alice won't just send 1.2 bitcoins. She'll send maybe 2 or 3 transactions, and they will add up to 1.2. So for example, she may send 0.5 plus 0.3 plus, what's that leftover? 0.5 again. So it's 0.4. You you get that there. And then and then Bob will send a different he'll also send 1.2, but a different combination. So he'll send 0.1 plus 0.3 plus 1 point, you know, you get you get the idea. And then for anyone who's looking on the blockchain, they'll never see the exact amount, 1.2 bitcoins. They'll only see these 0.5, 0.4, and so on.
[01:58:51] Unknown:
Right. And so you do you end up with a did you end up analyzing the kind of subset sum issue in the same way that I did with CoinJoin XT? I'm sure you remember that whole
[01:59:01] Unknown:
spiel. Yes. Yeah. Yeah. There is there is a I found a way you can this was, like, two and a half years ago at this point. If you remember, I actually messaged you on IRC and direct message way back then. And what it was is that there is a way essentially that if you assume that each block has about 3,000 outputs, then there is a way you can make the number of possible subset sums. Or the way I've worked it out is it doesn't work on subset sum, but on false positives. So subset subsets which add up just by chance to be roughly close to your your total amount. And then you can make that up. It ends up the math ends up being that you can make that false positive rate be huge, like a 1,000,000 or 10,000,000 or something. Yeah. Well, this is very analogous to the discussion about nonequal sized
[01:59:46] Unknown:
coin join inputs and outputs. Right? It's the same basic mathematical problem. What I found was interesting recently in the analysis of the grid chain case, You remember the grid chain case, you know, the whole thing where they they, this of early sea was, like, finding where the coins went. And some of the traces in his analysis was very interesting. I I found one particular transaction, and I thought, well, this is kind of interesting. I have these 4 inputs we know came from the same people. The rest of it, we can't quite, like, extricate, and I analyzed it. And I found that the subset problem was almost it was there were multiple, like, 5, 6, or more different solutions to the subset some problem on that particular coin joint specifically because joint in those days, but to to a lesser extent now, has a quite unknown and quite large delta on each value because of the fees. And if the fees are unknown, you actually have quite a smearing out effect whereby there are multiple reasonable solutions to who could have been the makers and who could have been the takers in the transaction. So here's an interesting thought. Yeah. If if we use and we get the the fees higher in join market, it will actually make the the privacy better because actually the fees will be larger and more smeared out.
That's a sorry. That was a nerdy joke. I'm not too sure. And that also
[02:01:00] Unknown:
that also applied the coin swap as well. The the adding up the the fees are included as well. There'll be a liquidity market. Right. So some Right. One on someone on the chat has said, what's if you're with a FBI handler? And the reply to that so the general question is, what if Alice coin swaps with Bob and Bob is spying on her? The way that's solved is there'll be a rooted coin swap. So Alice will coin swap with Bob, and then she also organized a coin swap between Bob and Charlie. And if she wants, she can do between Charlie and Dennis, like, 3 you know, however many makers she wants. And the coin swap goes as a route through all those. And and then in order to unmix her coin swap, all of those 3 or 4, however many makers would have to collude.
And then you it's it's essentially the same thing as in joint market. All the makers have to actually be the same person and colluding. Right.
[02:01:46] Unknown:
Which is where the fidelity bonds come in. Yeah. And then fidelity bonds would be helpful there as well. So that it's way more expensive for you to be multiple makers than a single maker. Yep. Exactly. Yeah. I mean, so that that that's I mean, that sounds fantastic. And and from your point of view, Chris, you think this completely deprecates CoinJoin?
[02:02:16] Unknown:
Well, so, it may deprecate definitely only equal output coin joins. So pay join would still be used, I think. But what about join market? You think join market is completely Well, the thing of join market join market say the thing with joint market, it's a decentralized protocol, so nobody can shut it down, not even me. That's not what I'm saying. I'm not It will live as long as people use it. And I So that's Yeah. I guess one day people decide that coin swap is more useful and they might swap over, but I think you're wrong with the market. I'm not asking you if you think that coin swaps
[02:02:50] Unknown:
that that I I'm not asking you if you personally are gonna shut down joint market. That's the most ridiculous your most ridiculous Okay. Idea ever. I know you can't. What I'm what I'm saying is you believe personally that me as a user or the freaks that are listening to the pod, and I'm, and and and you're talking about best practices, that they will have no use for for join market, because coin swaps are are are better and obviate the need for for CoinJoin. Right?
[02:03:27] Unknown:
Okay. I see. Yeah. So the word sorry. The word deprecate has a meaning in I know. I get what you mean now. Yes. I think, in other words, do I think coin swap is better than joint market? Yes. And the reason is that it's cheaper in minor fees and that it they're indistinguishable so that it's you're hiding the fact that Coinswap is happening.
[02:03:50] Unknown:
So you don't think you don't think that that Coinswap is a post mix tool? You don't think Coinswap competes with PayJoin? You think Coinswap competes with CoinJoin?
[02:04:01] Unknown:
Yes. Equal output coin join. I think so. What do you mean by post mix?
[02:04:06] Unknown:
I mean I mean, you do coin join, and then after coin join, you do coin swap to break the transaction graph.
[02:04:14] Unknown:
I suppose you could do that if you wanted, but then if you do it that way, then it's obvious that you use the coin join, and also you'll spend more in minor fees. But but here's the thing.
[02:04:24] Unknown:
So this is where the frustration comes in. Right? It's because so this show the whole point of this show is is is that I wanted a a place where we can have actionable Bitcoin a place where we could discuss things with Bitcoiners, amongst Bitcoiners with a live audience, where we could actually talk about things that that a Bitcoiner could go and and and and and do tomorrow. Right? And and, like, actually make their situation better. Rather than, like, pie in the sky cheerleader kind of ideas I'm not accusing you of this, by the way, but this is very common in the podcast space. Where, like, Bitcoin fixes everything, and there's, like, no trade offs. And and in 5 years, it's all gonna be perfect, but, like, you don't have to worry about it now. You just have to listen to the podcast and hear it's it's brought to you by these sponsors, and in 5 years, like, it's all gonna work out. Yeah.
I wanted to show where, like, we could talk about real things and, like, people could do those things. So so so my my my concern is is is that this idea is is when we talk about in practice of people actually using Bitcoin, the number one thing when you talk about privacy is coin control. Right? Where did your UTXO's come from? Labeling them, knowing in 5 years when it comes time to actually spend them where they came from, and and and choosing accordingly based on that and and and and the user has to fucking deal with this, and there's, like, a major disconnect because, first of all, the majority of Bitcoiners just are never spending Bitcoin. So they're just putting it in cold storage. They're not even thinking about it. And then the privacy focused users are in their own world where they're just boycotting KYC, and they're just they they just know how to use coin control and all these things.
So what's cool about CoinJoin for me, specifically, equal output CoinJoin, is that it kind of resets the coin control. It kinda resets the history of the UTXO in a in a very objective way. Right? It's, like, almost it doesn't matter if I I you you paid me 5 years ago. I don't remember it was you who paid me. I take that UTXO. I put it through CoinJoin, and, like, I'm resetting that history. Like, I forgot I forgot what the label is. I'm resetting that history. It almost reduces the need, and I'm not I'm trying to cover my bases with all the fucking words, but, like, I'm not saying that coin control is is unnecessary in that situation. I'm saying it reduces the reliance on prudent coin control and labeling if you have this ability to almost reset the history of the transaction.
And in a situation where you're using Coinswap, it'd be really nice if I could reset the history of the transaction before I do my swap. Does that make sense?
[02:07:28] Unknown:
Yeah. So if I understand right, you see the the fact that it's obvious that a coin join happened. You see it as a possible feature.
[02:07:35] Unknown:
Right. Like, I'm resetting the history.
[02:07:38] Unknown:
And then if so, you could say Coinswap does not have this feature. Correct. Right. Probably okay. You know? Okay. I understand that point of view. Probably what will happen then is people use both if people are interested in that, they'll use Coin CoinJoin and Coinswap, like, depending on the situation.
[02:07:57] Unknown:
Right. But I wanna automate that. Right? Like, I want the wallet to just automatically push it through CoinJoin and then do a coin swap, and then maybe go into a a combined lightning opening, and then you pay. Right? And you, like, put all that together, and I and and this goes back to my previous topic that, like, why the fuck are we hiding the fact that we care about privacy? Like, we don't do this with speech. Like, everyone knows I'm using signal. The point is is that the encryption is supposed to stop people from being able to read the messages, not that they're supposed to not know that I'm using signal.
[02:08:32] Unknown:
I think I think they're both they're both valid valid and correct, perspectives to have at the same time. Even though they seem contradictory, they're they're not really contradictory because, like, when we use a steganographic technique, the advantage is that we we gain this huge anonymity set without needing to, like, coerce other people to do the same thing as us. And with the the sort of public non steganographic techniques, it has this advantage, as you say, that we are sort of publicly asserting the right as well. I think at some level, the steganographic approach is always fundamentally better because there's always this option of selective revelation. So you talk about something like confidential transactions where you're, you know, blinding amounts. You always have this auditability possibility where you could just have some key that allows you to actually assert that this really was, x amount of Bitcoins. And the same with any other thing like coin swap. You could always selectively reveal that you, you know, you engaged in a Coinswap.
So that's like, one of them is, to me, more powerful than the other, but it's it sometimes comes at a bit of a cost. Like, for example, with coin swaps, there's this kind of, cross block what I like to call cross block interactivity property, which is a bit undesirable because you in order to enforce the smart contract, you have to consider the state before and after, you know, blocks get confirmed, which introduces even if minor, it introduces an extra element of risk, which a coin joint doesn't have, as well as the interactivity being more practically difficult, of course.
[02:10:00] Unknown:
Like, can we go into that cross block?
[02:10:03] Unknown:
Yeah. So that essentially means, you send coins into a multisig when you're doing a coin swap, and then you have to wait a block or 2 to make sure there's no reorganization, and then you complete the coin swap protocol. And, the the fear there is that, for example, if there's a 51% attack or if or something like that, if if you if your Internet cuts out, then you could lose money. It's it's quite similar to having lightning. You always need a watchtower, if you're familiar with that. It's it's actually the same concept there. So does that added risk, which doesn't exist in a coin joint. And then No one's running watch hours, by the way,
[02:10:38] Unknown:
for whatever that's worth. Okay. Very few. Very few. Few. Few.
[02:10:44] Unknown:
Who watches the watches? The second thing about, waxing said about interactivity, from my point of view, that doesn't make much of difference to the user. So that makes it a bit more difficult to implement. But the user will still come along and just press send on their on their application, and it will send. So it's a thing. It's a problem for developers, but for users, I think they won't notice. But it will it will create delay in the user experience. It won't create additional complexity for the user. As you say, it's more for the developer. Yeah. Right. But the user already has a delay because it takes 10 minutes for a block to appear or even longer if you pay a low fee. So the delay is big already. It doesn't matter. If you if you do it right if you do it right, a coin swap,
[02:11:19] Unknown:
especially if you're paying someone else with a coin swap, if I'm paying Chris with a coin swap, If if you do that if you do that in a a UX friendly way, that could actually be better that could be better UX than a regular Bitcoin payment. I'm not too concerned about that aspect of it.
[02:11:40] Unknown:
Or what about what's the Yeah. Go on. Go ahead. What what about the comparison with with just just lightning? I mean, do you see, Chris, the main the the advantage of coin swap, architecture over just a lightning architecture is that you can deal with larger amounts, or or is there other elements I'm not thinking about?
[02:11:59] Unknown:
Yeah. There's that. There's larger amounts so that with lightning, it's inherently limited by the channel capacity. And with Coinswap, you could do any amount that's in the in the liquidity order book. There's also the effect that with Coinswap, you I call this unilateral adoption that you can pay anyone who has a Bitcoin address. Well, with Lightning, to pay someone with Lightning, they have to accept Lightning. You have to beg them a bit like with PayJoint to accept Lightning. And then the 3rd kind of difference, there's actually a whole section where somewhere I wrote, what's the difference between coin swap and lightning? The 3rd difference is that coin swap has these fidelity bonds, and they can't really be added in lightning. So then the civil resistance of coin swap is is a lot higher.
[02:12:37] Unknown:
Wait. Why can't But, yeah, you're you're a young Why can't they be added in lightning? Why can't you have a fidelity?
[02:12:43] Unknown:
How how would it, like, think practically. If you want to open a open a channel with someone, you you check the well, maybe there is a way. But Yeah. I don't know. If you want to imagine you open a channel, and then it says you'd rather I'd rather open it with this one because it has a high fidelity But but but that breaks up that you can sign a message and broadcast it with your public key of your node or something.
[02:13:05] Unknown:
Right?
[02:13:06] Unknown:
Yeah. This is the thing I'm asking is, would they make your route longer? Like, the person you're opening a channel to isn't necessarily the person you want to pay. Yeah. You know, most people Yeah. Open channels with Bitrefill or someone they pay very often. Yeah. Yeah. Yeah. The fact that I mean, Bitrefill, they're not regulated. Right? Like, they don't have to deal with KYC information.
[02:13:25] Unknown:
They're not a centralizing factor at all.
[02:13:28] Unknown:
I think I think they might be a little bit.
[02:13:33] Unknown:
I'm I'm really a big fan there. I don't wanna say anything next to you. I love that refill. I'm just I'm just being a little bit of a dick about about lightning.
[02:13:42] Unknown:
Yeah. Yeah.
[02:13:45] Unknown:
No. I mean, I think this is a very insightful conversation. Okay. I wanna I wanna I know I know we're gonna run out of time eventually. I wanna mention 2 other ideas. Although, probably, we should talk more about Coin Swap, but I just wanna mention 2 more ideas because I don't think these these get mentioned very often, and and they're both my idea. So I wanna mention them. So one of them is called coin join XT, and what I I like about coin join XT is imagine the idea of a coin join, but still trying to make it kind of steganographic or maybe completely steganographic by spreading the coin join over multiple transactions instead of having 1 huge transaction.
And the great thing is that with Segwit, you can do that all in one single negotiation without some massive, you know, without some, massive interactive protocol. Everyone can just get together just like they do now to arrange a coin join on join market or whatever. And instead of just arranging one big transaction, they can arrange a graph of transactions that are all connected together, and each one of them could look like an ordinary payment. Or if you like, it could look like a 3 party or 5 party coin joint. And you could build these whole this whole network of transactions all at once, and you can negotiate all the signatures up front because of SegWit's, you know, malleability fix.
So, consequently, we we we could negotiate that and then just have it so with careful, like, arrangement of timeouts and stuff, time locks rather, We can have it so that any one party as long as any one party wants the whole thing to go through, the whole network of transactions to go through, then it will go through. And what I like about that is that it it it comes back to that beautiful steganographic property, meaning that coin joins could be, like, embedded in the blockchain in a way that they don't look like. And I know you you like everyone to be able to see it. And just for you, we could throw in a couple of, like, actually public public coin joins into the graph, but, like, there'll be several other transactions around it that would actually be coin joins and nobody would know.
I like that idea, but I still haven't actually written any code. So so Chris
[02:15:38] Unknown:
But this now that while while talking to you guys, I realized that some people actually want their their privacy transactions to be visible. From that point of view, then this point during XT, which I I remember reading I mean, you told me about it. I read it, analyzed it, like, a few years ago. It it maybe makes a bit more sense because I originally didn't like it because I thought coin swap was better because it can be invisible. And there's actually a thing with coin swap that we're adding is it's if you have a a coin swap coin, like, you own a coin and it came from a coin swap, it's not possible for you to prove even if you wanted to that it came from coin swap.
[02:16:12] Unknown:
So its history is completely like Ah, so you're saying it has has the deniability. I'm wondering if you could have a version that is to do with the way the lock is created that is actually oh, no. But even adapter signature coin swaps are actually, yeah, fundamentally deniable by design. That's very interesting point. I didn't didn't think about it. Yeah.
[02:16:32] Unknown:
Yeah. Yeah. Fun and not even deniable that even if you want to do, you cannot prove it. So it's even more than deniable. Sorry. Yeah. The deniable is just gone. Yeah. Yeah. The deniable. I know. Well, you'd call it like a the knowledge is unprovable, maybe unprovable.
[02:16:48] Unknown:
It's like OTR where, you know, given the transcript, anyone could have made the transcript. Yeah. So you just have no way of, yeah, proving it. There is another term for it. I don't know what the term is. I can't remember. Yeah. Interesting. Did points. Yeah. You're right.
[02:17:04] Unknown:
We can look it up for later. Oh, yeah. Coin CoinJoin XT is a good,
[02:17:08] Unknown:
it's a nice like, a kind of a fundamental privacy that's worth looking at. But but do you see in that in that way of doing things, it's optional. Like, you could go the the the route that you like, Chris, where it's absolutely I know it wouldn't be perfect, and it wouldn't be as good as a coin swap, but it would you would have some contiguous subset of the entire chain of transactions, which were actually all arranged by, let's say, 5 parties together. But each one of them just looks like an ordinary payment, has nothing. There is a very important fly in fly in the ointment, which is multisig, which we should have talked about before with Coinswap. You see, the thing is when you make multisig today, it's very distinguishable as multisig.
And so in these CoinJoin XT graphs, you would have to have 1, multisig, co owned, output at every at every step. And so we really do need these multisigs to be indistinguishable from
[02:17:59] Unknown:
well, ECDSA. Yeah. No. You don't necessarily. Yeah. E c d s a 2 p or 3 p or whatever. You could have used that for because the plan is the plan for coin swap is to use that anyway, so you may as well use it for coin store and next eve too. Your your idea was that it might be better to use that even if Taproot's activated. Right? I seem to remember you saying that because it would inherit the because Taproot anonymity set of everything. Yeah? Yes. The tap the anonymity set is bigger. Yeah. Yeah. Yeah. But I still wanna if if I don't mind, can we just come back to the point of why would people want their privacy transactions to be visible? It just seems a bit like
[02:18:36] Unknown:
I I don't understand that. I don't I don't know how how that Chris Chris, my argument my argument isn't that Yeah. That it it should be visible. I'm just saying, like, we shouldn't be ashamed if it is visible because Right. That is privacy is like, seeking privacy historically has always been a visible task that that you are actively seeking privacy. Like, you no no one hides that they're seeking privacy in every other situation. It's I don't know. I disagree.
[02:19:04] Unknown:
I disagree.
[02:19:05] Unknown:
Oh, no. Specifically specifically speech. Specifically speech. When it comes to encryption, encryption is extremely obvious. It is obvious that we're using when when I speak to Chris on DM using PGP,
[02:19:18] Unknown:
Jack Jack and everyone at Twitter knows that we're using encryption in our DMs. Yeah. But it's not always like that. Think about the activist in a despotic country. You know, this is this is where the steganography really comes in is that you do not want your local government official to know that you're using GPG because he will come around your house with, you know, with the boys.
[02:19:40] Unknown:
So that's the go on. In a free society in a so called free society Yes. It is not it shouldn't we shouldn't just immediately assume like, we shouldn't immediately assume the shame card. Like, it's it's ridiculous that we should feel like we need to hide. And and I'm saying this specifically as I mean, and and props to both of you guys. You guys have been very vocal, very public, even though you have way better OPSEC than I do, about Bitcoin privacy. And why is that the case?
[02:20:13] Unknown:
Because you think it's important, and you think that you shouldn't be ashamed to care about it. Right? Yep. I think so. I do agree with you. I'm just saying that there's that other aspect, you know, like, in the more
[02:20:25] Unknown:
the freedom fighter model, so to speak. That's the thing. If you're in a free society, why do you need Bitcoin? Right? Bitcoin works best as a way of resisting places where there's not much freedom.
[02:20:35] Unknown:
Right. I mean, what I'm saying is it's a so called free society, and it it it it shows their hypocrisy. It every time every time, like, a a democratic government wants to ban encryption, it shows their hypocrisy. Yeah. Yeah. And and same with CoinJoint in my opinion. And and and I I would go back to this idea that coin control is a very difficult process, and this idea that we can provably reset the history of a coin Mhmm. Is is a very valuable concept. If we can get if if we can if we can get Western democracies at least to agree that CoinJoin is a fundamental human right, that it's it is just it's it's just law abiding citizens trying to seek privacy best practices, send Bitcoin with privacy best practices.
[02:21:23] Unknown:
That's a massive win. Right? Yeah. Do do do you see, Chris, our our our perspective is something like by doing this thing publicly, we at the very least, we force our opponents to show their cards as being, quite frankly, evil in their behavior. At the very least, we show that. And I would say that's more than that. It's also it's, yeah, it's also like showing that fungibility is possible and and, like, making putting fungibility in in people's face. Like, suppose somebody builds walletexplorer.com today. I know that history has moved on. And the only kind of technology people had ever used was, like, you know, coin swaps and things. And nobody knew who was using coin swaps. They'd like you couldn't go up to someone and say, look. Look. Look at this wallet explorer. It's complete bullshit, and I can show you why it's bullshit. Because look on the graph, it's actually just a massive coin join, and they think they're all the same person, the while the explorer are stupid. But you couldn't really do that if we only ever used secondographic techniques
[02:22:19] Unknown:
because, nobody would nobody would know anything, and everyone would sort of think they I don't know. Maybe that's not true, actually, but interesting to think. Yeah. You'd have to do it in a way that, I don't know, you take someone's coins from their own wallet, which they know belong to them. And then then you put it into Wallet Explorer, and they says, look. You actually this coin actually belongs to some guy over there. Can I just bring in something from the chat? So 6102 says, for coin swap to invalidate the heuristics, you need many users using it. For CoinJoin to validate the heuristics, you need just that one CoinJoin. But I think that's, I think that's not right because you can have, this common input ownership heuristic. You could any any analyst could exclude coin joints because coin joints are detectable. They could say, I'm not gonna do the common input ownership heuristic on this particular transaction because I can see it's a coin joint. Well, that's not possible with coin swaps because you can't see them.
[02:23:09] Unknown:
I thought that was a good point. That was worth saying. But so so, Chris, like, you care about protecting the privacy of users who don't care about their own privacy,
[02:23:18] Unknown:
And that's what Coinswap attempts to do. That that's one of the motivations. But they also, doing building a system that way also helps massively people who do care about privacy. They have a much bigger anonymity set. Yeah. It's just making the bigger anonymity. But we do agree that, a stronger
[02:23:34] Unknown:
heuristic than the common, the common input ownership heuristic is just, like, sending to a KYC exchange and, like, then they just have your KYC info.
[02:23:44] Unknown:
Yeah. They have all your docs.
[02:23:46] Unknown:
Like, you just send it to BlockFi to get your 6%. Like, it doesn't like, no one's gonna be, like, oh, that might be a coin swap.
[02:23:55] Unknown:
Yeah. They wouldn't be able to detect. Well, this is why we the the discussion we've been, yeah, the that's why the discussion we've been having recently, I remember, on IRC is about blacklisting and whitelisting. Right? Because it seems like the blacklisting techniques that we're seeing being sort of thrown out there by exchanges like like a BlockFi example you showed earlier on are obviously kind of broken ideas fundamentally because there's always gonna be hops, and there's always, like, deniability and hops. So they're just gonna move more and more towards a world where they just say, well, I want to see you know, you I wanna see you prove the origins of these coins before you even use them or something like that. It's a horrible thought, but I I I I that's how I see it going.
[02:24:35] Unknown:
Yep. That could be an outcome.
[02:24:38] Unknown:
You see this, question from Peter l Grant asking if there could be a maker taker model with Coinswap where the makers have to provably have performed a coin join beforehand?
[02:24:51] Unknown:
In principle, that's possible. You could get the makers to send the transaction they're paying from, like, via the via the communication. There could be, but I think, yeah, there could be. Alright.
[02:25:04] Unknown:
And and then so, like things like this all, though. So you're you're you're the the the dream of of Coinswap is that we get this fucking thing integrated into, like, every mobile wall every wallet, as many wallets as all the good wallets should have Coinswap implemented, And then make every transaction a Coinswap. As many transactions as possible. At least at least,
[02:25:27] Unknown:
everyone who wants it can have it. There's no nuance here, Chris. Every transaction, every every transaction single one. Yes. No. But there's a really no. But there's a really important nuance, isn't there? Because, again, it's steganographic, which means it only has to be a smallish percentage to completely fuck up the blockchain analysis. I mean, that's a really important point that should be hammered home. Right. So what percentage? We're talking 10% you said earlier?
[02:25:48] Unknown:
Yeah. We're all. Fantasy I've had is that it will be a checkbox that users do they want, like, a really private coin join, or do they want a regular transaction? They have a checkbox to prove which one they want, and then they press send and it happens.
[02:26:01] Unknown:
Right. I mean, preferably I mean, it'd be nice if it was just the default, but Yeah. It's hard for it to be the default. I if if you keep it in, like, a semi walled garden and you're fine with semi trusted third parties, like I said, like, I think you could create a UX where where Coinswap could be an easier UX. I mean, I'm thinking, like, let's pretend BlueWallet became super successful and they added usernames, and I put in the username, and I just pay that username, and that person just has it on their phone, and just automatically, like, gets the push notification, and then connects and does the swap. That could be an easier UX than scanning a QR code.
[02:26:44] Unknown:
But they also means that you can only pay people with that method who are also using blue wallets. So you lose the whole worldwide permissionless part of Bitcoin. Right. But it's a it's we're talking trade offs. You know, it's convenience versus
[02:26:58] Unknown:
Okay. So for that, you'd have to bother all your friends. You'd say, hey. Can you switch to blue one? Pay you using your name. And, Waxwing, where does where does where does Snicker fall into this? Yeah. So Snicker was a like, a it's kind of out of left field of all these other ideas, and I'm all that came out of was me thinking about how could you possibly do CoinJoin in a way that didn't even involve, like, connecting to other users on a network? And it sounds kind of impossible because everyone has to sign a transaction. Right? So all I could come up with is is this idea that what you could do is basically kind of scan the blockchain, to put it crudely, and look for outputs obeying a certain pattern and infer that the outputs that the inputs corresponding to those outputs might be owned by the same party. They may or may not, of course.
And then you could kind of basically use the key in the input, the public the pub key in the input as an encryption key and send an encrypted proposed transaction that included the output that I just mentioned and one of your own outputs both being spent together to make a a coin join. So I wrote like a like a gist with a kind of proposed protocol for it. And, you know, a few people were somewhat interested and and sort of we looked into it a bit. And, at the end of the day, I don't think anyone's really taken up apart from me. And I do I I kind of literally mean me, not just not just join market, whatever. But I have actually, like, written all the code, and you can actually do it in join market today, but I put heavy kind of warnings on it that you would only wanna be using this on Signet or some kind of, you know, test setup. You don't really wanna try and use this on Mainnet.
But it's all there. I mean, there's even like a part well, it's funny that the well, the kind of internal technicals of it are kind of interesting, but the really tricky point ends up being the kind of broadcasting of the proposal. So you imagine you're sitting there looking at the the whole blockchain. You say, oh, this this output looks like it could be a good candidate for me to do a coin join with it. And so you make up the transaction, but then you have to put it somewhere for this other person who you've never met, don't know who they are, don't know what part of the planet they live on. How how are they gonna find that proposal? Right? Even if it's encrypted to them, so it's like secret. So that's good. But they've gotta find that encrypted proposal. So I've what I've done is I've set up, like, a tool hidden service, and you can just post it to a simp it's got a simple SQLite DB on the back end, and you just you can just add your proposal there. And, and then wallets can just scan that list. And I've even added, like, a little proof of work. It's quite funny. I used, like, Adam Back's HashCash idea in in there so that people can't just send millions of proposals,
[02:29:30] Unknown:
because they have to actually add some proof of work to them. And I guess the idea would be like a wallet would scan that automatically. Yeah. Exactly. Yeah. That's what Joy Joy Market can do that. Yeah. The biggest trade off being and I mean, this is how Joy Market used IRC for kind of a message board type of situation. But but the biggest trade off being that your public key needs to be exposed, which in non Taproot times is you've you've already spent from that address. But but post Taproot, that could be extra useful.
[02:30:06] Unknown:
Say you look at a joint market transaction and you see the change output and you can figure out what the corresponding input is. There are ways what you can either guess or even completely know what the input corresponding to an output is. And since inputs publish pub keys in their script sigs or or witnesses now, nowadays, it didn't actually turn out to be a big limitation. Joining with the reused address. Right? No. No. No. No. No. That's what I'm trying to say is that imagine you just did an order and repaying them. Right? Suppose you use 1 in suppose you use 1 input and you got one output and one change. Then I, as the scanner, come along, look at either the output or the change, doesn't matter. And I know that and I don't know. Now that's the point is that you I've got a 5050 chance that the output or the change, are the same owner as the input. So in that scenario, I could even just make 2 proposals.
1 in which I use the the the spending output and the pub key of the input, and the other one in which I use the change output of the pub key of the input. And in in one of those two cases, I will be correct in my assumption that the UTXO is the same o has the same owner as the input had, and therefore, that public key will be owned by the same person who owns that UTXO, and therefore, they will be able to decrypt the proposal and sign and and broadcast transaction. So you use you you don't use the reused address, but you use the reused pub key. Yeah. The the first proposal was based on the idea of reused address because therefore, you definitely know what the public key is. And as you say in Taproot, as you say in Taproot, that removes that whole problem is entirely removed because you have the public key anyway. But yeah.
[02:31:34] Unknown:
It's it's a detail, really. Yeah. That's a thing I think that, that's worth mentioning here, waxing mixed over. There's a cryptographic scheme where you can given a pop key, you can create another key pair from it that Oh, yeah. Yeah. Yeah. Yeah. This pop key will know, but you can calculate. So you can use this to not reuse addresses.
[02:31:52] Unknown:
Yeah. So so the idea is is the the the the term is often used as tweak, t w e a k. I'm not quite sure why. It's just addition of cryptic. It looks like curve points. Yeah. You just basically you take the original, script pub key of the address and you just or the the the key corresponding. And, oh, sorry. The the key of the input, which you're using, that's the the key that you've, like, connected to and said, right. I'm gonna use this for encryption. But you can also take that key and add a random number to it times, you know, the base point, and you get a new entirely new public key that only the recipient will know the private key of. Even though you were able to construct the public key of it, as the sender, the recipient will be the only one who can, like, access it as a private key. Yeah.
It's kinda I I didn't wanna give
[02:32:38] Unknown:
details, but, you know Yeah. Yeah. But it's a big, like like, at least for me, it was a big light bulb moment that it's a big thing that makes this whole team actually work. Yeah. As you yeah. It doesn't work without that for sure. Yeah.
[02:32:49] Unknown:
Mhmm. Anyway, so how do how do we think that, like, snake rule will actually be used, or is this just a Well, what I like about something like this is that it almost it's it's one of those things you could just put put out there into the world and, like, people can find use in it or not. Right? Right. Because if, like, 10 people use it, it's, like, kind of a net benefit for everyone. Right? Well, there's that, but I just mean the fact that there's so little, like, interlocking or or dependency between the participants. Are the you don't really need to do anything, to be honest, to, like, get people to use it. It's not like you don't have to coordinate a bunch of people together.
The only thing that people have to agree on is where there's where there's an an onion out there, an onion service that can that's got a list that they can just query or or they can either add items to a query, and you can have multiple of those, and you can have make up your own one. I don't care. I mean, I've written a a server. People can use that server if they want or just use their own server. Do you see what I mean? It's like it's the whole point, it was try to disentangle the the coordination of users. That was the whole thing to me. In a world where there were thousands or hundreds of thousands of people using it, which is ridiculous, but if in such a world, it will be really cool because you could actually use it to make payments because there'd be, like, a bunch of people out there. You could, like you what you can do is sweeten the pot by making just like in join market, an incentive where instead of just making an equal output coin join where both people get back exactly their coins, you could make it so the receiver end actually gets a little bit more. And then there'll be tons of people out there scanning to, like, make a to to just for any snicker that, like, proposal that turns up, and it might be that you could send I would actively do that. Like, if I could actively Yeah. Easily scan to see if if if someone was trying to snicker with me, I would do it. Yeah. So there's there's a tool in there called snicker finder that actually, I should mention it because it also lets join market users using the minus j flag to the to the script. It allows them to just scan the chain for join market coin joins, but they can also use it to scan for snicker coin joins at the same time. And I assume you're not I assume you're not concerned about trademark infringement here.
I mean, what? You mean that yeah. That bee is candy. No. It needs an s on the end, right, for that.
[02:34:58] Unknown:
It's not Snickers, freaks. It's important that that we we make it clear. It's just Snicker.
[02:35:03] Unknown:
I just have a thought. So, Waxwing, do you think it makes sense to combine the snicker noninteractivity with CoinJoin XT? So using snicker would actually produce these multi transaction coin joints. The thing about yeah. Possibly, yes. The benefit there would be Mhmm. Go on. The the advantages then in distinguishability. It'll be a snicker that no one knows is a snicker.
[02:35:26] Unknown:
Yeah. But I think, I was gonna say is that the only limitation on snicker, it's a big limitation, is it's currently only 2 party. It can't really be more because you just want this one way flow. I I don't think you can make this one way flow with 3 or 4 or 5 parties.
[02:35:40] Unknown:
But, given that limitation, you can see do a coin to an XT with just 2 people. 2 party. Yeah.
[02:35:49] Unknown:
I don't see an obvious limit to a problem with, I'd have to go back at the coin joint XT, like, workflow because you have to multisign. No. I think you have no because you have to multisign every step of the graph. So I don't think you can do it noninteractively. Oh, I see. Yeah. Yeah. I'm not I'd have to go and check. You can
[02:36:08] Unknown:
Multisign both and then oh, I don't know. It's tricky. I'm not going yeah.
[02:36:14] Unknown:
Yeah. Because because Contrin XT is like one of those protocols very similar to lightning where the it's entirely based on that idea that everyone signs upfront by having, like, specific, like, anchor multisig outputs. So nothing will happen unless everyone agrees. You know? So that involves some interactivity.
[02:36:36] Unknown:
Yeah. That's fine.
[02:36:40] Unknown:
The this is fantastic so far. I I I love the back and forth between you guys. 61 and 2 is getting blocked. I'm reading what he's saying. Whereas with yes. Yes. 61 to 2. I think I think we understand what you're saying. Chris, correct me if I'm wrong. 61 to 2 is saying that, with coin join, like, obviously, the heuristic is visibly broken with coin swap. They don't know if it happens, so they have no way to factor it in. Mhmm. The the I I I I think we've made that clear. Right? I think so. Yeah. But my my point there was that because it's visibly broken. Someone who's using the the heuristic,
[02:37:29] Unknown:
an analyst can exclude those transact
[02:37:31] Unknown:
so it Right. Will be visibly broken, and then that makes it not broken, If you see what I mean when they exclude it, Chris. I love when they I love when they say I love when they say just, like, Altcoin join Altcoin joins illicit behavior because our fucking tools cannot unwind it, and that's fantastic to me. Yeah. Okay. Fine. So I have I have, I mean, look look, I I think it's important that we flex on these people. We can't let, like, the compliance bros just think, like, they can run this shit. The whole point of Bitcoin is is is civil disobedience.
Right? And, you know, I might co host on rabbit hole recap, who he's, like, fucking livid at fat for every week and shit, and they listen to the podcast. That's great. But let's put that liveness on chain, you know, like, let's let's make it clear to them on chain forever, that we disagree. I wanna see the percentage of of equal output coin joints go up. I don't wanna I don't wanna see it sit at 2% or 3% of the chain. I wanna see it go to fucking 45% of the chain. I want I want these guys to be, like I want them to go into a meeting and be, like, we have no idea what the fuck is going on. And and and it's visible. It's obvious. Like, let's fucking do it.
So I have 2 more questions, that are I think are really important. First of all, I'm curious on your guys' opinions of bisque. The people that are watching the video right now, bisque is pumping. We're almost at 63 k. That's the bottom that's the bottom price. The top price is the evil empire. The most liquid spot exchange in the world for Bitcoin is Coinbase Pro, and they're about to go public. They have a surveillance company, and they're fucking evil. They're trading at 58 k. Bisc is trading almost at 63 k. What is what is your opinion on Bisc? Do you think Bisc can scale? Do you think Bisc is an important project? Do you have any critical views here?
[02:39:30] Unknown:
Do you wanna go Well, I I sure. Yeah. I I was I was around. I don't think Chris was as well when when Manfred first came up with this whole Bittsquare thing, and, he was very enthusiastic. And I think it's really good that we have those kind of, like, in principle that that those things that exist that are peer to peer, of course, it's always gonna struggle at at the fear, like, edge because it's at the fiat edge. And I'm I'm presumably, it's people often say, oh, there isn't enough liquidity. Well, I mean, people have trouble, doing any more than, I guess, small amounts of trade on such platforms because, you know, you're moving money into and out of bank accounts. And it's all about the bank accounts, ultimately. Everything else is fine. I mean, I've used the software myself. I think it's, I mean, it's obviously evolved over the years, and I think it's got a lot better.
I think it's I think it's good, but I'm I'm not surprised the the volume's alone. Let's just say that It's because of the oh, the fear volume specifically are low. Yeah.
[02:40:33] Unknown:
I mean, if we look at the volume, I mean, the volume is, like, there there's been point there's been 30,000,000 sats traded on on BISK today in the USD market, and there's been over 5,000 Bitcoin traded on, on Coinbase today. Yeah. So we're not even close. The the the fee outside is the concern, obviously.
[02:40:58] Unknown:
To be fair to them, it's not really a comparable figure. Right? Because one of them is an internal database transfers going on, you know, between, users, or the other one is transfers into and out of bank accounts. Right? I mean, I mean, it's still obviously ridiculously huge difference, but I'm just saying it's not actually directly Right. I mean I mean, on on on that note on that note, let's just quickly
[02:41:18] Unknown:
let's just quickly remind everyone why, like, why we're in this space in the first place. Let's go. Yeah. To you, Bisc. There are many places to buy Bitcoin. They collect your personal information and jeopardize your privacy. K y c is the illicit activity. This is open source. It does not collect user data. You keep your private keys, create or take offers to trade peer to peer, and keep your Bitcoin private and secure. Cool. This is civil dispatch. We only do mid rolls for open source projects.
[02:42:07] Unknown:
Wait. So just someone understand why is why is this Bitcoin's more expensive? Are people paying for privacy, for example?
[02:42:17] Unknown:
Question. Does someone know? I mean, I I I think it's just a liquid. It's just very there's very little liquidity. It goes up and down dramatically in both directions.
[02:42:29] Unknown:
So it's so sometimes It does sometimes trade at a discount.
[02:42:32] Unknown:
It would we've I mean, for the last 3 hours of this show, we've been trading at both the discount and the premium. If we go back and forth, it's just Oh, I see. So it's just a very wide market. Yeah. Oh, okay. Yeah. Just to all the bisque freaks out there, like, if you want to create bisque video content, like, I will fucking put it on the show. So if yeah. That was great. That was from Pedro who That was good. Yeah. Free. It's good. I mean, we we put it in, like, every every two episodes, the freaks get hit with that mid roll. So, and obviously, they pay us nothing.
I think people should use Bisq, but I I do agree that like, look, bank accounts are at the end of the day always gonna be an issue. You you're never gonna be able to decentralize bank accounts, and it it it is what it is. Like, always cash will be best, but I expect that cash is going to, cash is already getting phased out. Yeah. Whether that's peers who who who care about convenience or whether that's governments that care about surveillance, Cash is getting phased out, but obviously, cash is king, when it comes to buying Bitcoin. I think Yeah. This and and I'm saying this from a point of view, I'm a massive supporter of this, and I fucking love Wiz, who's one of the the lead maintainers of Bisc.
But it it's it's, you know, it it it is what it is. The the it is our last gap, but, the the the fiat side is always gonna be more difficult. So I have I mean, Chris, you have an opinion on Bisc? We heard Waxwing's opinion on Bisc. You have an opinion on Bisc? Yeah. It's just
[02:44:27] Unknown:
basically the same as Waxwing's. Like, great projects, and I wish it the best. And, hopefully, its volume will go up. And, there is actually a point. The thing of Coinbase and these centralized exchanges, you probably have people on them who are actually day trading. Like, they buy and sell many times in the same day. And I don't know if that happens with Bisk, so that might make the the volume Oh, 100%. A 100%
[02:44:47] Unknown:
centralized exchanges. But, dude, it's it's a difference between 5,000 Bitcoin. Okay? So so even even if it's You're right. You're right. We're not even close. But, 61 and 2 mentioned postal money order in the United States is the most private way of doing it. I wonder 61 to 2 if you dox yourself a little bit there. But, that is the best way in America. Bisque is, yeah, Bisque is fantastic. My biggest issue with Bisque, is is that it is very obvious on change. So I want people to realize, like, if you transact with Bisk, like, if you look at that on chain, that's there forever that you bought Bitcoin through Bisk. So, obviously, after after you receive Bitcoin from Bisq, you should put it into join market and and CoinJoin it.
And then everyone will know you coin joined it,
[02:45:40] Unknown:
as well.
[02:45:42] Unknown:
But at least we flex on we flex on the haters. To keep in mind here, that doesn't change anything for BlockFi. BlockFi is going to block you whether or not you use Bisq or whether or not you use CoinJoin. So no one gives a shit there, so at least your trust you're, like, protecting yourself against your counterparty. And people who are against Bitcoin privacy probably have never received Bitcoin in exchange for goods and services. I mean, I got paid in Bitcoin the other day. Like, I don't want I don't I don't want, the company that paid me in Bitcoin, to know my future transactions. Of course, I'm gonna fucking put it through CoinJoin.
Like, this is a very Yeah. The the the these questions that we receive are from people who are not actually using Bitcoin on a day to day basis. So I have 2 more questions for you guys before we wrap this up, and before I give you your final thoughts. Do you have do you guys have opinions on Liquid?
[02:46:46] Unknown:
Chris?
[02:46:49] Unknown:
So liquid is, I'd I'd suppose it's good. I've never used it myself, and I suppose it's okay. There's a I suppose the reason I've never used it, there's the custodial aspects, which isn't the point that it's useful for traders. And then if you're exchanging between many exchanges, you can do that right No. That's bullshit. With small privacy.
[02:47:07] Unknown:
That's bullshit. I don't know. I I I told them I told them I I it that that's just poor marketing. I mean, lightning lightning is gonna dominate between exchanges. Like, large private channels between exchanges are gonna dominate. They can market however they fucking they want to market, but, but but but private lightning private lightning channels are gonna dominate there. It makes more sense. Like, why are you gonna trust the federation when you could do a private lightning channel, and get all the benefits without any kind of you don't you don't have that custodial risk. You don't have to deal with the federation. You don't have to deal with the regular regulatory risk. You just have to deal with the other exchange that you have the private lightning channel with, and and and public lightning could fail, but but private lightning still makes a 100% sense.
[02:48:00] Unknown:
Mhmm. I mean, there is there is there is a counterargument, but there is a counterargument. I remember Adam Back sort of saying this a few times. It's like, well, you did the sort of capacity issues with channels. I I tend to bring you Blackpink. But tends to be rude. Sense for p2p. That makes more sense for p2p. Like, I don't need capacity. I shouldn't have to to have inbound capacity to receive a payment from you p2p,
[02:48:22] Unknown:
but an exchange can fucking have Bitfinex give them fucking inbound if they need to receive a payment. But, you know, I mean, if there's, like, 10 exchanges and they all wanna have, you know, a 100 millions worth of the ability to move a 100,000,000 between them at any one moment, then then it tends to, like, magnify the amount of capacity you need to have. No. But they could root. Right? You don't have to have a 100,000,000 of each one. They could have a, like, 2 or 3 channels then route by them. Yeah. But Yeah. And you still need and and and liquid doesn't solve that. You still need to have the equivalent amount of liquid Bitcoin ready to go. Yeah. And then you're storing it in a fucking custodial federation instead instead of just you and like, if I'm bidstamped and I need to send $2,000,000 quickly to Bitfinex, like, I'm gonna have a trusted relationship with them. We're gonna have a private lightning channel.
[02:49:11] Unknown:
I mean, I'm I'm I'm big believer in this general concept of Yeah. It makes sense.
[02:49:16] Unknown:
Not yeah. But then liquid liquid makes more sense to me as, like, we have confidential transactions on it, and and p to p, I don't need to have inbound. It's like socialized inbound. It's like as long as you're in the system, you have inbound. Right?
[02:49:33] Unknown:
Well, it does I don't I don't think ordinary users are gonna find much of a use case for it. I mean, in theory, yeah, it could be like a good privacy tool, but they already have, like, Altcoins that do something similar. I don't know. Maybe. I I I never really thought about it too hard. It never really struck me as something I personally wanna investigate. I do like the elements project, and I do I do like all the tech that they've pushed forward in that in that realm. But the the the the product itself, yeah, maybe it's just mainly aimed at businesses, and and it's not so interesting to us. But it shouldn't be. That's my point, Waxwing. Like, I use You're using the opposite. Right? Yeah. You're using the opposite. No. No. So so so if if I'm withdrawing from an exchange, right,
[02:50:13] Unknown:
and I withdraw through lightning, they know my pub key, and they can white list me. Like, they could be, like, send me a and and and companies are doing this. Send me a, you know, a 100 sat transaction to prove that you own the lightning node. And now I have your public key registered, and then I'll withdraw it to lightning. And then I have I have inbound capacity restraints. Like, I don't know, Like, what? I gotta loop out, do all this bullshit that, like, Bosworth tells me I have to do. I'm gonna, like, fucking go to, like, because I gotta go to liquidity market and, like, go pay 10% or whatever to our boy, Anthony, who's in the comments, and, like, get my inbound liquidity. With liquid, I could withdraw everything to multiple, you know, liquid addresses. With confidential transactions, it doesn't show up on the liquid chain, and then I could swap out to proper Bitcoin or proper Lightning after the fact. Like, there's there's major privacy improvements if I could withdraw via Liquid. If I withdraw via Lightning, I don't really get any privacy improvements.
There there's a there's a use case for p2p. There's a use case for the average user on liquid that is not being addressed, really.
[02:51:31] Unknown:
I see what you mean. Yeah. And, also, it would cost possibly cost less than minor fees because it's a side chain. So it's Sure. Basically free transfers. Yeah. That might make sense.
[02:51:42] Unknown:
Right? Like, I I would love. I I would do my dollar cost average. If I if I have my auto stacking or like, this is what I'm talking about. Like, you guys are, like, you're on a whole different level. If I'm doing my auto stacking through through fucking liquid, that'd be fucking fantastic. I do my auto stacking through liquid and I swap out when I wanna swap out in a private way, and then that's from a different provider. Maybe that provider is from Singapore or something. It disconnects it disconnects me from that KYC record. I'm not sure where that makes sense. The problem is no one uses it.
I'm not pretending that liquid isn't garbage. It is fucking a mess right now, but if if people used it, it could be useful.
[02:52:29] Unknown:
It's true of a lot of things, isn't it? Yeah. It's like with with many things, you have to bother the other person to also use it, like, pay join and everything and stuff. Well, anyway, Freaks, you should go try Liquid. Go go try it out. SideSwap go download the SideSwap app and just, like, not sponsored.
[02:52:45] Unknown:
It's on, it's on Green Wallet, isn't it? I've got that one. Maybe I could have a quick look at it. Yeah. Green Wallet Green Wallet has liquid
[02:52:52] Unknown:
built into it. Come on. And,
[02:52:54] Unknown:
they have aqua on iPhone. There's also the actual full mode. And there's also the full mode, and you can Yeah. Chris. Chris, no one's gonna use that.
[02:53:04] Unknown:
No one's running a full liquid. Okay? I'm not I'm not I'm not trying to I'm not trying to broadcast, It's probably really easy. Fairy tales. You just 61 and 2 fine. Yeah. 61 and 2 is in the comments. 61 to 2 actually runs an elements node. He he says that people should peg in.
[02:53:22] Unknown:
That just that just reminded me. The very first time I I I literally, in my entire life, have never used Bitcoin QT, but I did run Elements QT once.
[02:53:30] Unknown:
It's nice. It's very clean. Probably is now. When I did it, it was it was just pretty basic. But yeah. 60102. We know it's trivial. He's ask he's mentioning that it's trivial to run your own Yeah. I can That's the cool part. That's the cool part. I just don't think the majority of people are gonna use it. I don't think that matters. But, yes, I do agree that it is trivial. The last thing I wanted to bring up was so we do have, we have so far, we have 2 coinjoin implementations that involve a centralized coordinator. I know there's a lot of controversy about those 2 implementations.
I'm not really trying to dive into the controversy, but if you guys wanna dive into it, I'm happy to dive into it. Really, what I wanted to bring up was the cool part about join market is it doesn't need a centralized coordinator. But if regulators don't care about centralized coordinators and they just allow that to happen, Do you would do you guys revise your thesis there? Like, do you think if we can get the advantages of a blinded centralized coordinator that uses Tor, so doesn't really know that much information, but might be regulatory, liable for things.
Is there use there? Like, is there an advantage there to use the tools that we have available to us if regulators aren't going to attack them?
[02:55:02] Unknown:
I suppose the advantage is because it's centralized, they can have an income from the CoinJoints and that could Right. That means they can pay programmers to make the product really nice.
[02:55:11] Unknown:
And they're making a lot of money. Like, that's always the thing of close source and This is not hypothetical, Chris. Yeah. Yeah. Exactly. Like, they're making a lot of money.
[02:55:18] Unknown:
Yeah. Yeah. Yeah. Well, they I don't think I think regulators will eventually, like, focus on them because it's such a it's such a centralized choke point. Why wouldn't you? And so the stroke of a pen, you can force them to do stuff. And, also, you know, they, these these coordinators, as we said before, they can do a civil attack. So they can, for example, the regulator could say, watch for this UTXO. And if it gets,
[02:55:43] Unknown:
if it gets proposed for a coin join, then you have to add your own inputs Oh, 100%. Attack and find out or Well, I've been I've been very clear to the freaks. I've been very clear to the freaks, and I think that it should be we should repeat it right now since especially since you mentioned it, is that these centralized coordinated coin joins, whether that's with Sabi or Samurais, do not provide protection from the coordinator itself, because the civil protection is the coin joint fee, and that is paid to the coordinator. So the coordinator is paying it to themselves. Yeah. And with Sabi, it's even worse because they actually make more money if they Sybil.
Right. But but I that that is not mentioned enough. We we mention all the time on this show. I think it's a very important concept to mention. But when you combine that with this idea, like, the custodial mixers, right, that were very popular and arguably very effective if they weren't honeypots. It's it's not the worst scenario. Am I wrong in that regard?
[02:56:50] Unknown:
Yeah. I mean, if it works and if you if your enemy isn't these regulators, then it's fine.
[02:56:57] Unknown:
I mean, Gladstein argues, and I disagree with him, and he's my boy. But I disagree with him because we can disagree with our boys publicly, that if you're not, like as as he's fine with Bitcoin privacy that is in the threat model that trust the US government. Right? And I I'm not cool with that, but he's fine with that.
[02:57:21] Unknown:
And I kinda feel like coordinated coin joints kinda fall somewhere in that that regard. Right? Yeah. Like, you're kinda I guess everyone chooses their own threat model in a sense. So if you're cool with the gov the US government, I suppose you could use those.
[02:57:36] Unknown:
But you're like, the status quo is that everyone is just destroying themselves on chain. Yeah. Right? So it's like any improvement is an improvement. Like, even if even if it requires a honeypot, like, fine. Like, okay, they got you. But they already got everyone else. Like, what what it Yeah.
[02:57:57] Unknown:
Yeah. For sure. I I'd never tell people to not use wasabi or samurai. Like, if it's better it's better than nothing. Right.
[02:58:06] Unknown:
Laxwing, you got opinion here?
[02:58:11] Unknown:
Not not hugely. I mean, yeah. I think, they're definitely viable models, and I do like the fact I'm very I'm very, happy with the fact that you've honed in on the, the weakness of the model with the was with regard to the incentive in civil, but it is a fairly minor I'm not saying it's theoretical. It's an actual weakness, but it's It's a massive weakness. Yeah. It is real, but I in practice, these systems I mean, a a nice thing to remember, of course, is something like Wasabi and I think also Samurais are open source, and it's not like we're totally tied to 1 provider like we are with these centralized exchanges. Right? They are actual software Right. That we run. So if people if so if something goes wrong, people can swap to another one.
[02:58:58] Unknown:
Presumably, we can have, like, an anonymous coordinator that just, like, builds reputation based on, like, a web of trust. And and we could. Yep. And you kinda end up you you end up in a similar trust model as custodial mixers, to be quite honest. Mhmm. But you end up in a situation where maybe regulators won't push where where where custodial mixers is obvious
[02:59:24] Unknown:
that a regulator is gonna fucking attack that. Right? But let's not forget, there is such a thing as coin shuffle plus plus. Right? I mean, there is no coin shuffle generally. Just the idea of, it is possible to build it in perfectly peer to peer, without coordinator and without anyone knowing anyone else's linkages, implementation. It's So this is what Decred is using. Right? Yeah. I believe they did implement. I don't know whether with the plus plus or without, but I think they did implement one of that, Tim Ruffing's, paper. It's a very excellent paper. I recommend people to read it. It's a very good idea. But Decred, like, they cheat a little bit because they have they have
[03:00:02] Unknown:
the they have the proof of stake, ticket system. So they have this, like, delayed time proof of stake system that they're using to incentivize CoinJoin. And and and the delayed time is very important in terms of civil resistance. But using it as a locking up funds. Yeah. They're using it as civil resistance. Yeah. But you actually get paid you actually get paid you you make money if you coin join in in Decred. And and and I do I do remember when To be clear to be clear to the freaks that are listening, I believe every single asset is trending to 0 in terms of Bit Bitcoin, including the Chrysler building and including Decred. I'm talking about every single asset, Apple stock, everything.
But with Decred, it's very interesting because they implemented this. They have a financial incentive. You make money if you coin join, and we're actually watching we're watching that chain go dark. Like, we're watching the whole chain go into coin join, which is very cool.
[03:01:00] Unknown:
Interesting. I didn't I didn't even know. I I remember the thing about them doing the project, but I was like like that Altcoin Dash, if you remember, where But Dash is garbage. Dash is like different story.
[03:01:10] Unknown:
Yeah. Dash is like very shitcoin. Right? Like, that's like super scam. Decred is also shitcoin, but it's it's less scammy in in in in that the actual there's actually an incentive. There's actually an incentive that they've designed, with their proof of stake, whatever, that is that is providing an incentive to CoinJoin. Right? Like, you make money Coin Joining, and the whole chain is is is basically going dark right now. Right? There there the whole chain is going CoinJoin. Right? Like, so, like, you're watching you're watching a higher and higher percentage of transactions go coinjoin because they make money.
[03:01:53] Unknown:
I'm gonna I'm gonna read a little bit about their, I've just found their link
[03:01:57] Unknown:
about their How is that different to join market where you can make money being a maker?
[03:02:04] Unknown:
They make significantly more money. Right.
[03:02:08] Unknown:
Right.
[03:02:09] Unknown:
But but the I think the more important well, okay. Maybe that is the more important thing. But the the other important thing is that they're using that coin shuffle plus plus protocol, that really does kind of finally square off the rough edges of the the other implementations, I think, at least in theory, because it it doesn't it is it can be implemented purely peer to peer without, without a coordinator, and it's still perfectly private, at least, you know, theoretically.
[03:02:38] Unknown:
Yeah. I mean, I mean, it's the same concept as Joy Market. That was the cool part about Joy Market to me, right, Was that you can make money providing privacy. Mhmm. You we just can't make enough money yet. Like, how do we how do we make more money, Chris? Like, like, you don't make it you don't make enough money off of it. And
[03:02:58] Unknown:
Good. Bitcoin is just so greedy. Right? It's like,
[03:03:00] Unknown:
of stuff like Yeah. 10,000%. I mean, I see it as I go. Can I make more? Everyone loves money from nothing. Yeah. Well, maybe commodity bonds will improve the yield.
[03:03:14] Unknown:
I appreciate both of you. Yeah. Continue.
[03:03:18] Unknown:
Go ahead. Yeah. Yeah. No. I've got a team on time for the yield. That's all.
[03:03:23] Unknown:
I I, I appreciate both of you joining. We went we've gone 3 hours. So, you know, I know time is money.
[03:03:33] Unknown:
Apparently not.
[03:03:35] Unknown:
No. It is. It is. And I appreciate you guys. We're we're this is a charitable deduction. You can just you can report this on your taxes as a charitable deduction for 3 hours worth of your time. They're demanding 6% in the chat now. So They want they want their 6%. Yeah. You're never gonna get your 6%, guys. That it doesn't matter if you shit coin. You will never get it. Yeah. It's not a huge risk. You can get 6% by gambling.
[03:04:04] Unknown:
Gambling on BlockFi.
[03:04:07] Unknown:
I I do do you guys agree with me that we we get all this shit from the ridiculous this this idea like, we're privacy advocates in a world where we expect Bitcoin to succeed. Right? So the goal should be that Bitcoin is going to fucking absorb everything around us. And if Bitcoin absorbs everything around us, then we should focus on trying to improve the privacy of Bitcoin. Yeah. Right?
[03:04:39] Unknown:
Yeah. Sure.
[03:04:40] Unknown:
No. I'm I'm saying from, like, from the perspective of shit corners. Right? Like, where the shit coins kinda came up just now. So, like, from the perspective of shit coins is, like, we're not gonna focus on a fucking privacy focused shit coin because because no one's gonna fucking use that shit. So there's no value to to us focusing on it. No. But it's still interesting to look at the the, like, the technologies they've chosen. Oh, 100%. 100%. We should look at everything they fucking do, and we should adopt the best of everything they do. And then, like, that that should not be debatable. But, like, why don't I tell people go use privacy coin?
Right? It's because that's counterintuitive. They're already in Bitcoin. They're already going to be in Bitcoin. Do we agree?
[03:05:26] Unknown:
I think they're wrong. Mainly, it's about, like, network usage, anonymity set, and and and also some security issues as well because a lot of the time, they trade things off to get these security, like, achievements. So these privacy achievements, they trade off security, I mean. Sorry. Right. Yeah. It's always it's usually
[03:05:42] Unknown:
a security trade off. Okay. Well, with all that said, appreciate you both. All the work you've done. You guys are fucking legends. Thank you for joining, this discussion. I hope you come on again in the future. The whole point of dispatch is that we're gonna it's like it's supposed to be like a global classroom, this idea that we all learn together and that I'm gonna bring you guys back. Like, I wanna bring you guys back year after year after year. So I hope you guys come back. I appreciate all the work you've done. Yeah. You guys have any last statements here, before we conclude this discussion?
[03:06:25] Unknown:
No. I think that's everything. Thanks for the kind words and for having us on. Yeah. Happy to know. Chris.
[03:06:32] Unknown:
Yeah. Thanks. Final words. No. I'm just really tired. We've been talking for 3 and a half hours nearly. That's my final words. Thanks a lot for having us on. It was, you know, a very difficult conversation. This is a really professional setup you've got here. I really like it. Yeah. Well, I appreciate that.
[03:06:49] Unknown:
Most of it is thanks to a centralized company that is probably going to go into surveillance capitalism. So I will have to switch. But thank you both for all the work you've done. Thank you for joining us. Thank you to the right guys. Mumble. What?
[03:07:05] Unknown:
Have you ever used Mumble? You know, the voice chat. Yeah. Mumble's good. Mumble's good.
[03:07:10] Unknown:
It can't compete with this. Like, the live chat is so cool that we have the ride or die guys just in here participating. Okay. I I think it keeps us honest. You know, it, like, creates the don't trust, verify kind of situation Yeah. Where where, you know, you can't accuse me of of spending the last 40 hours on SIPL dispatch selling FUD when you can just respond in here and just I'll let you just fucking broadcast it out to everyone who's watching. Like, they'll see what you say. You can call me you can say that I'm a fucking liar, and you can just put it in the fucking live chat, and it'll it'll it'll post it. And I don't think it's a coincidence that none of the other shows have the fucking live chat broadcast.
Right? Because they're not comfortable enough with it. So mobile's dope. It's open source, but but but the the closed source shit is always good, dude. It's, like, fantastic. So I appreciate you guys time helps. It's great. It's great. And we got the price, and we got our names, and we got all this fucking shit. It's good. But I appreciate you both coming on. Everyone should go, try join market. They should try joining box, OpenOMS. You guys remember OpenOMS from last week with Joininbox? Go try that shit. Care about your privacy, please. It's important. Follow Chris on Twitter.
It's under dash, Chris Belcher, under dash. Waxwing is not on Twitter. You're gonna have to go find him on Mastodon. And if you find him, you deserve it. Go to IRC. Let go of these things, and and just care about your privacy. I love you both. Thank you for joining us. I appreciate all your work. Shout out to all the freaks. Thank you, guys. Appreciate you all.
[03:09:00] Unknown:
Thanks. Okay. Bye. Bye. I'm waiting.
[03:09:05] Unknown:
Oh.
[03:12:31] Unknown:
Love you, freaks. Thank you for joining us. Bitcoin privacy is fucking important. Don't let the compliance bros tell you otherwise. We'll see you Thursday for rabbit hole recap. We'll see you next Tuesday, for the for the next little dispatch. Appreciate you all. Stay humble. Stack stats.
Coming from cmbc.com. Banking reporter, Houston. Goldman Sachs is getting close to offering Bitcoin investment products to its wealthy clients. Kewsan joins us now. Does Goldman know Bitcoin was, like, $4,000, like, 18 months ago, and now it's, like, 57,000?
[00:00:20] Unknown:
They're this is part of their, their expertise view?
[00:00:24] Unknown:
Well, Joe, I think the, those dizzying charts that everybody has, is looking at and salivating over, that's one of the reasons why, Goldman and others are are getting into this. You know, they are in a client business. So when clients of Goldman Sachs or clients of Morgan Stanley, you know, call up their financial adviser and say, should I have an allocation to Bitcoin? Look look at what it's done. You know? Should I have a 1%, 2%, 3% allocation to this emerging asset class? You know, they've had to say, well, as as a firm, we can't really recommend that. Well, that changes, and that changes very, very soon. So as we report exclusively on, cbc.com, Goldman Sachs is is very close and in the second quarter will begin offering Bitcoin and other digital asset related investments to its private wealth management clients. This is the, this is sort of the Tony private bank of Goldman Sachs. You know, they really target people and endowments with at least 25,000,000 in assets under management.
[00:02:02] Unknown:
Happy Bitcoin Tuesday, freaks. It's your boy, Matt O'Dell, here for another episode of Citadel Dispatch, the interactive live show about Bitcoin distributed systems privacy and open source software. To those freaks joining us from our various audio streams, whether that's our 2 podcast feeds, our Sphinx tribe, or through the recent Breeze integration with podcasting 2 point o. That clip out in the beginning was our boy Joe Kernan from CNBC Squawk Box, who's currently running the largest, most popular Bitcoin entertainment show in the world.
And he had a lot of fun trolling Goldman Sachs there with that with that massive announcement coming from them. Shout out to all the rider dive freaks that are joining us live in the comments. This is another earlier episode to to help our guests with time zones. So I hope you don't find it too early. I know some people preferred it. I know some people didn't. It is what it is. We will probably be switching between the 2, time slots, whether that's 1700 UTC, which is right now, or 21 100 UTC, which we've have done historically. I am fortunate enough to be joined here by Chris Belcher and Waxwing, the 2 lead maintainers of JoinMarket, the oldest and most reputable CoinJoin implementation in existence.
And we are gonna have a great conversation focused on Bitcoin privacy, past, present, future, and and just the current state of all these tools. I think it's gonna be a very great follow-up discussion to last week's discussion we had with Open Arms and NoPara, and, obviously, plenty of previous discussions we've had on here. With with all that said, I'd like to welcome both of them. It seems like Chris is having some audio issues, so we will start with, Waxwing. How's it going, Waxwing?
[00:04:08] Unknown:
It's good. Thanks for having me on. This is all, scarily professional.
[00:04:12] Unknown:
I wanna say that. I I appreciate that. Me and the freaks have only been doing this for a couple months now. So
[00:04:22] Unknown:
Actually, the bottle pop was the most impressive, but yeah.
[00:04:25] Unknown:
It's the only audio effect I have in the show. So I think Chris can't hear us. Chris, can you hear us? Exactly. So we're gonna have him try and reset. And while we're doing that, I I guess, Waxwing, let's just start off with, you know, like, why why should the freaks care about using Bitcoin privately? Why should they care about Bitcoin privacy best practices? You know, why should they care about privacy in general? Why why are you so focused on this this aspect of Bitcoin?
[00:05:01] Unknown:
Why care about it? I always prefer to answer that question more around security. Just thinking about average users are not, like, either or massive, you know, massively important people or whatever. Just you're just an ordinary user. It's to me, it's mostly about security. And you could there's there's different flavors of security. Right? There's the defense against someone literally coming at you violently with a with a hammer or whatever. And there's there's also just like, I don't really wanna when I pay someone for them to know where my my money came from, it could even be like business business intelligence. You know, you don't want your competitors to know what you're doing with your money. And, of course, the other thing about privacy is don't forget, it's it's kind of intertwined with with fungibility. People often use these two terms when they're advocating Bitcoin privacy, whether it be CoinJoin or other tech. They often say, oh, we we need Bitcoin to be fungible, and that's very true. And it's it's kind of it's not the same concept, but it's a very closely interrelated concept. So, you know, essentially, at the end of the day, money shouldn't have a memory. I think that's the simplest way to to express it. But the fact that the the way Bitcoin's designed is intrinsically kind of not like that, at least not at a surface level, it creates a need for us to really work on this stuff. Yeah.
[00:06:21] Unknown:
I really like that money shouldn't have a memory. I feel like that should be like a a plaque on a, like, a housewife's wall. Mhmm. Yeah. One of the inspirational quotes.
[00:06:32] Unknown:
Yeah. It's a shame that we don't live in that world, but we we don't I can hear you. Oh, excellent.
[00:06:39] Unknown:
Chris, so we were talking about why privacy is important. I I think it's a very I like, it seems, like, so basic, especially in in, a show like this, discussions like this that we have on Citadel Dispatch that are that tend to to lean more technical. But today, I mean, I was the last 2 days, I've been called a FUDster, that I'm spreading FUD, for saying that people should be skeptical of their governments, and then not your keys, not your coins is a thing. Now now I'm being told that saying not your keys, not your coins is is FUD. So I think it's important that we keep coming back to the basics as we have new people join. So just in in your own words, why should people care about Bitcoin privacy best practices?
We definitely lost him again. You might be muted. That's unfortunate.
[00:07:39] Unknown:
He's so he's so private that he we can't even hear him.
[00:07:44] Unknown:
So while we wait for him to come back again, where should we start? I wanna start with with your work on Join Market. You know, JoinMarket, when did the project start? 2015, I think?
[00:08:03] Unknown:
So Chris originally came up with the idea late 2014 and started writing, like, a a first version of the code, I think, in December of 2014. And so it's, like, December, January that time. Yeah. It was interestingly, it it coincides almost exactly with the the the bottom on the looking at the price chart here. I'm just thinking about the prices That that January 2015 was the the sub 200 plunge, if you remember. It was kind of a special time. Yeah. How can you forget? Indeed. Okay. Looks like Chris is gonna try and rejoin. That that would be a good idea, I think. We're doing it live, freaks. We're doing it live. That's what it's about.
[00:08:41] Unknown:
So 2015, it was a ridiculously brutal bear market as you so thoughtfully recounted.
[00:08:49] Unknown:
Yes. That was a group. Yeah. Go on. It was quite a special time. Like, psychologically, I remember, like, hanging out with friends on IRC, and we were all just, like, sitting there. It was like, this is where the, this is where the rubber meets the road. That there there were, I'm sure there were several people who just gave up because it's just like, because don't forget, that was the end of a very long period of sort of comedown, you know, that we had so much may and people that forget this now because they all think about 2017, but we had a a ton of mainstream attention at the end of 2013 and especially the beginning of 2014 because, you know, after that spike, that's when everyone sort of caught on. And, indeed, often how it works is you get tons and tons of new users just flooding in post the spike, you know, because they they think, oh, this is this new thing. And they all came in, and they all just said, yeah. This is great. And then they just watched the price collapse for an entire year.
It was absolutely brutal. Yeah. And I was I was sitting there thinking I I remember having more than one moment where I was thinking to myself, well, this is it. You know? I've just I'm am I gonna go down with this ship? You know, and I I I mean that in a kinda literal way because I'd given up my my job as a teacher a couple years earlier. And, I thought, you know, fuck it. Yeah. I am gonna go to coffee shop.
[00:09:58] Unknown:
Yeah. I'm not ashamed to say that I I I was not stacking I was not stacking at the bottom of that bear market. Like, I I had I I had decided that I was gonna go down with the ship. I would go to 0 if I had to, but I I was did not have that much faith. I was losing the faith.
[00:10:15] Unknown:
I did actually buy a little bit sub 200. I'm very proud of that. But Okay. Because I'm trying to 2 of the most
[00:10:23] Unknown:
I got 2 of the most respected privacy, developers on the show, and we've started it off with price talk in potential dispatch fashion. Chris, can you hear us now? Yeah.
[00:10:35] Unknown:
Chris, Help Chris. Come back. He says he's back. Well,
[00:10:45] Unknown:
he could be muted now too. Maybe try a different browser if you can hear us, Chris. So, Matt, losing faith. I, yeah. I'm telling you, the bit the Bitcoin price hit, like, 180 or something. And I was just I was a young kid, and I was, like, fuck. My dad was right. It's, it it was a bubble. It's all the tulips, and, and I I just I just had found solace in the fact that, you know, I wasn't gonna sell, so we're really gonna go to 0 or I was gonna be right. Yeah. But, it was definitely a very different bear market than than today's than than the one we had recently. But maybe maybe that's just because of experience. Maybe it's just because we I think so. Yeah. That last one.
[00:11:30] Unknown:
Yeah. I think so. I mean, time scale seem to expand out, but also the fact that if you've been through it before, it's a totally different perspective. Yeah.
[00:11:37] Unknown:
But do like, that's the meme everyone's been saying over and over that timescales span out, but they don't like, do they really? Like, I felt like 2015 was longer and most more painful than than this one. Like, this one, like, March was kind of brutal, but it was a quick brutal. Right? Like, it
[00:11:55] Unknown:
I mean, I don't know. I mean, I I done quantitative analysis of it or something, but, like, in 2017 to I don't know to know when when you decide when it started going up again. I don't know. But anyway, maybe not. It's just that my how it feels to me. Honestly, I think somebody hear me.
[00:12:10] Unknown:
Oh, yes. He's here. Can he hear you? Okay. That's good. Great. And just to check, is does this sound better?
[00:12:17] Unknown:
I think we've lost the buzz. It's a bit distorted, but we've lost the buzz.
[00:12:21] Unknown:
Honestly, we're just happy to hear you, Chris. Yeah. It's true. Yeah. So, Chris, Waxwing was telling everyone about how you believe that Bitcoin is designed pump forever. Do you want to elaborate on that at all? I think we lose them again. Oh. Do we lose you again? We could price talk.
[00:12:44] Unknown:
It's the price talk. He he can't stand it.
[00:12:47] Unknown:
That's the that's the best thing too that I'm I've I've been accused of of spreading FUD, and I constantly remind everyone that Bitcoin's designed to pump forever, the most effective FUD ever. So, we've had joined market since 2015. Mhmm. Lot of time lot of time you guys have been working on it. Lot of time you guys have been using it. What lessons what lessons have you guys learned? What what, you know, what lessons have you learned? Thoughts on on the whole process of of maintaining this this implementation?
[00:13:21] Unknown:
Well, it's it's it's difficult, but it's also fun to to work in open source software. I think it's there's something very sort of beautiful about the process. And, in terms of learning, like I mean, the thing about CoinJoin is this weird case where on the one hand, it seems like this super technical thing, and it is. On the other hand hear me? Oh, he's back again. Okay. Right. Sorry about that. No worries.
[00:13:50] Unknown:
Oh, Matt, are you there? Was that Matt? No. No. I'm here. I'm here. I'm I'm just I don't wanna jinx it. Continue.
[00:13:57] Unknown:
Yeah.
[00:13:58] Unknown:
Okay, Chris. Go. Go.
[00:14:00] Unknown:
I think I think I've learned is because joint market's based on, like, a market mechanism with the makers and takers. I've learned that you can never there's often things that you'll try to predict with the market, and then that you'll just be completely wrong because markets and users, they they they have their own mind. So for example, right to the beginning of joint market, we had this this kind of operation. Those are scripts called the patient send payment. And the idea was that you could be a market maker, and then you could send the coin train it, but it it would be much cheaper because you wouldn't be paying fees. And I thought a lot of people use this, and it'll be a way to, have more payments merged into one transaction. And then it turned out that was basically never used. So the script was broken for about a year, and nobody even noticed.
[00:14:43] Unknown:
That's interesting one that. Yeah.
[00:14:45] Unknown:
So actually, now that I've now that we have you, and let let's pull it back for a second. Can we just explain to the freaks what makes, join market special? How does join market work? Let's explain the maker taker function, etcetera.
[00:14:58] Unknown:
High level. The biggest part of it is, there is, obviously, Coin Joins require many people to come together in one transaction. And the way join markets works is that one of the one of the entities in a coin join can control things about it. They'll control the amount, and they'll control the time of when it actually happens. And for this privilege, they have to pay a small fee, and everyone else in the coin join is just waiting there. They wait. They have their computers always turned on, and they'll do coin joins. They basically have an advert that says, I'll do any amount of coin join at any time you want, and all I want is a fee, like a 100 associate or whatever it might be. Then the effects of that means if you're this taker, I. E. You take liquidity from the marketplace, then you can make a coin join for what whatever amount you want, whatever time you want.
And the other people in the coin join, they'll just they'll go along with you. Like, they'll they'll earn their fee, and they don't know what the amount is. And that's the that's the unique thing that joint market does.
[00:15:53] Unknown:
And there's there's something about there's something to be said or highlighted about the idea of when trying to set up these systems to create a financial incentive to participants Yeah. To to act to act not necessarily in their best interest, but greedy. Right?
[00:16:10] Unknown:
Yeah. That's right. So historically, there was actually an earlier CoinJoin implementation called Dark Wallet. Right. And that was a little bit like JoinMarket, but it didn't have any fees. So people were there was also you could call them makers and takers, but the makers didn't make any money. They just they were just expected to sit there and do coin joints without, you know, leave their computer on all the time for no reason. And, of course, the problem was that there were no makers.
[00:16:33] Unknown:
Yeah. But they didn't actually make that distinction of role, did they? Because they they they were just a little there was a lot they called it a lobby server. And essentially, the idea was you wanna do a coin join, you make the intention, and you would be sitting on the lobby server waiting for actually, they were only doing 2 parties, so they would just wait for one other party to do a coin join. Yeah. Yeah. Did it ever actually fully launch? I think. Okay. Oh, yeah. Yeah. It was used quite a bit. Yeah.
[00:16:56] Unknown:
I remember being, like, really hyped for it and then just, like, it just the hype died.
[00:17:02] Unknown:
I remember about 3 years after it stopped they stopped updating it. Like, I had user come to me, and I had to, like, extract his coins. It it took forever. It was really but that's the thing. They just abandoned it after, like, I don't know, 6 months of development. They worked really hard on it, and they just said, no. We don't care anymore. And everyone was just left eye and right. Kind of funny.
[00:17:20] Unknown:
Yeah. That's the problem. That's one of the things we see a lot with open source software. I I guess if we're going down in history, right, we also had before that, we had, what, shared send, right, from blockchain dot info. No disclosure, no one should use a blockchain dot info anything, nowadays.
[00:17:38] Unknown:
Do you guys remember shared send at all? Do we wanna talk about that? Or I don't even know. Yeah. I remember, but they didn't they didn't have equal output coin joins. That's right. If you saw this coin join on the blockchain, it was impossible. In fact, really plausible, really easy to actually unmix them and say these inputs goes to these outputs.
[00:17:54] Unknown:
Except except they did actually use a pretty large anon set. So it comes back to that whole discussion about, subset some, you know, feasibility of subset some extraction. It was kinda interesting. But, of course, it's not a cryptographically strong concept because, you know, individual payments might be trivially easy to find even if the
[00:18:11] Unknown:
entire graph might be difficult to to to displace. It was like custodial privacy. Right? Because they you didn't they didn't force Tor or anything, so you just connected through their web wallet, and just a lot of people probably weren't even using VPNs.
[00:18:24] Unknown:
Yeah. That's true. Yeah. You had to use their web wallet to use it.
[00:18:28] Unknown:
So that's why they stopped it presumably because it became a massive liability for them,
[00:18:33] Unknown:
and it didn't work. Right? Yeah. It was speculation. Yeah. It was speculation, certainly. I speculated it. I think a lot of other people did that they were probably somebody sort of quietly knocked on their door and said, turn it off, and they said, okay. Because, you know, I I think it was used quite heavily in those early days. The UX was fantastic.
[00:18:51] Unknown:
Mhmm. And then the other and then before that and still today, right, probably one of the most common and it's so funny because, like, in technical communities, we almost never talk about it. One of the most common Bitcoin privacy tools is this idea of a custodial of custodial mixer, where you send your coins in, and they send you someone else's coins. Yeah. You know, Silk Road had their own. Right? And then since then, there was a bunch of independent services that popped up, like, was it, like, Bitcoin Fog and, like, BitMxer and stuff. Yeah.
And the concern there was always that they could be honeypots. Right?
[00:19:30] Unknown:
Yeah. And they could steal your money as well. Like, you you'd maybe use them for small you know, if you want to buy an anonymous VPN, but you wouldn't use them in your life savings if they could just walk away with them. But then the positive side of it was it completely breaks the transaction graph
[00:19:44] Unknown:
Yeah. If you if you trust them.
[00:19:47] Unknown:
Right? Yeah. Although
[00:19:48] Unknown:
yeah. Even that's not a complete panacea, but it but it certainly in principle is is better from Blockchain analysis point of view. Yeah. Okay. So we just went down history road, enter join market in 2015.
[00:20:00] Unknown:
Right? Yeah. Creating creating this this market with makers and takers, this idea that you don't have to have a centralized entity involved at all, and that the whole thing is is p to p, with this financial incentive for people to provide 247 liquidity. Revolutionary. Right? What what what is it fair to say? I I think well, you tell me if it's unfair to say, but is it fair to say that that CoinJoin adoption JoinMarket adoption has not meet met your expectations of of what you had hoped, the amount of people, services, users would be using join market.
[00:20:50] Unknown:
Yeah. I guess in one way, you could, I way back at the start in 2016 or wherever, I sometimes thought exchanges would do this. And the idea being that an exchange doesn't want its traders to be spied on. Like, if a trader sends those of coins in exchange, someone could front run them, like, you know, open a short position before they before the coins confirm. So I thought exchanges would use some kind of coin join or join market, and that never happens. Obviously, now we know, because the regulator stopped them. Right? So they went, they went through it for that reason.
So, yeah, I guess it hasn't really met my expectation. Also, back then, I've just remembered now, back then, this was before the the block size debates, before people really like, the whole community really accepted the idea that minor fees were were like a big deal that you always had to plan for them. In fact, in the very first versions of joint market, the minor fee was a constant number. It was 10,000 satoshis, like, for every coin ring, just because fees were so cheap that every transaction would confirm. And then and because these because coin joints are bigger than regular transactions, then they they're a bit more expensive.
So in that sense, that's maybe another reason why they haven't been as adopted as you might hope. It's not that every single transaction is a coin joint.
[00:22:05] Unknown:
I mean, it's
[00:22:07] Unknown:
been traders that joins and they're expensive.
[00:22:10] Unknown:
Right. The cheapest way to use Bitcoin, I've just I've I've come to I've come to the the realization or the understanding with myself that I think using Bitcoin privately will always be the more expensive option.
[00:22:25] Unknown:
Am I right? I don't agree. Because Lightning is quite private, and and it's also cheaper. Like, the way we Wouldn't wouldn't custodial lightning be cheaper and less private? Oh, purely custodial PayPal would be even even cheaper as well. Just a completely centralized thing where Yeah. Yeah. Okay. You're right. But if you if you away all other trade offs, then the cheapest way of using it would be to have something that can censor you, that can steal your money, and that can spy on you. Well, I was thinking more from, like, on chain because because, yeah, layer
[00:22:57] Unknown:
the 2nd layer side chain, stuff like that does change the equation a little bit. But on chain, right, even if we get if we we get we get Snore, Taproot, signature aggregation later, right, which is it's not even coming with Taproot, but let's say we get it later Cross input aggregation is not coming. Right. Signature aggregation and multi sig is coming, but that's Right. Right. Cross input signature aggregation. Yeah. If if even even when we get all that, on chain, the cheapest option in a high fee can sustained high fee environment is to combine all your UTXOs into a single UTXO and spend from that.
[00:23:34] Unknown:
Yeah. You could put it that way, but then you could think that's exactly what another way. Never had You could look at another way that suppose you've been censored. Suppose you want to use Bitcoins and you get censored, then your funds get stolen. Basically, they get frozen. You've lost a 100% of your money, if you put it in the custodial system. But if you then pay your own minor fees and use your own wallet that you control, you only lose 10% for minor fees. Right? So if you take into account censorship and having your funds frozen, then it might end up being more expensive to use a custodial solution.
[00:24:05] Unknown:
Right. But I'm saying not custodial. I'm saying on chain. We saw this in 2017. A lot of the large education accounts and stuff on on Twitter and Reddit, we're we're and we're suggesting that people, you know, combine all their UTXOs into a single into a single output so that their fees going forward, their fee burden going forward would be the lowest possible.
[00:24:27] Unknown:
Yeah. But can I can I just can I just say that that it's not I don't think it's technically correct to say that, the cheapest option would always be, non coin join because in the case of cross input aggregation, CoinJoin, you you at least save some of the the, so to speak, header bytes, the the the the constant overhead? It's a very small difference, but sort of philosophically, it's kind of critical. And I think one of the reasons that a lot of the, what you might call, Bitcoin gray beards have have been sort of not particularly enthusiastic about CoinJoin, but they're more enthusiastic about some future version of CoinJoin of the type that you just described involving Schnorr and cross and push signature aggregation because well, even if it's only 1¢ cheaper, if there's an economic incentive rather than just purely a privacy incentive, it encourages the crowd to come in.
[00:25:15] Unknown:
Right. Like, in a good example of that is is the often like,
[00:25:18] Unknown:
often floated something is is this idea that make every Lightning open a coin joint. Right? Yeah. And then Lightning opens cheaper and more private, and then you go into Lightning for forward privacy. Yeah. And also the nice thing about Lightning with CoinJoin is it it tends somewhat ameliorate or completely solve the, denomination problem, which is one of the main reasons join market was created as Chris explained earlier. The fact that, you know, it's a problem with coin joiners that you want to have equal sized outputs, but then you gotta you gotta have a negotiation agreement on what size of the output is. In the case of Lightning, you don't really care so much about what the size of the channel is.
[00:25:53] Unknown:
Yeah.
[00:25:54] Unknown:
Yeah. I I mean, I still think you're you're in a situation where to use Bitcoin privately, you have to make more on chain transactions than not. Today, that's definitely true. Yeah. Do we think that's gonna change going forward?
[00:26:09] Unknown:
I don't know. Probably not.
[00:26:11] Unknown:
It's difficult to be sure. And then I But but hang on. Hang on. I I would argue that we could say that that's true today, but only on a certain perspective. I mean, clearly, if you see Lightning as a privacy technology, as as not just a scalability technology, then it's clearly the case that it you you you're reducing on chain usage from using it rather than increasing.
[00:26:31] Unknown:
Right.
[00:26:34] Unknown:
And that would be true for other second layer technology in theory, although we don't really have anything well built out.
[00:26:40] Unknown:
Okay. But we all agree that so so, hopefully, we can get it cheaper than not using Bitcoin privately. But we all agree that for adoption, you know, the one of the main things is keeping costs down. Right? Yeah. Yeah. To get more people to use privacy. Another thing I was thinking, and I don't know if I'm just gonna throw us into a tangent, but fuck it. You know, today, I was arguing with people about all the the the newest hottest craze in Bitcoin land is these interest bearing accounts. Oh, yeah. Oh. And, you know, private Bitcoin users, Bitcoin users who care about their privacy, like, they can't get 6% interest, in a regulated custodian.
So in a in a way, that kinda changes the mathematics,
[00:27:25] Unknown:
I guess, a little bit. Right? Uh-uh. It comes back to Chris's point about risk, though, doesn't it? I mean, he's pointing out that you can't think of privacy without the the concomitant, you know, risk of the the the cost that we are the reason I personally am not using those kind of services today is mainly because I think it's very dangerous. So if somebody says they're gonna give me 6% per annum on Bitcoin that they take from me and holding their wallet, I'm gonna think very differently than than than the case of, you know, the fiat current fiat system where I just maybe hold some stock when I never really owned it in the first place.
[00:27:56] Unknown:
I mean, but we we agree there. Obviously, we all agree on that. Like, I would never use that service. I tell I tell my audience not to use to consider the risks, like, to actually appropriately assess the risk. People don't they're not able to they're I but but then I'm on Twitter, you know, and I I tell people not your keys, not your coins, and they're like, it's not Mt. Gox anymore. The industry has moved up. There's it's not like it's riskless to hold your own keys. More people will lose their money if they go self custody. Yes. This time is different. Yeah. And, like, that's fine. Like, I believe that everyone should be able to you know, options are good and people should do what they wanna do. I'm not trying to stop anyone from doing it, but the Bitcoin privacy conversation is one where 61 02 is in the comments. This is also the 61 02 show because he doesn't dox his voice.
So he joins us in the live comments. He's telling me he wants he wants the freaks to be aware that those people aren't using Bitcoin. Yes. Yeah. We do ideologically agree 6102, but I just it's the the Bitcoin privacy discussion is one where we we need we need more people to care. Right? Because these tools aren't effective unless we have proper scale to them. Right?
[00:29:14] Unknown:
But that's why that's why we I always come back to this concept of steganographic. You know, like, we we're always concerned about increasing the, anonymity set and trying to force people to use complicated privacy software or privacy software that's in any way inconvenient, as you correctly point out, is really problematic if you wanna increase your anonymity set like that. But then on the other hand, if we try to use steganographic tools, whether they be pay join or some variant of coin swap or even Lightning, because in the future, Lightning may well be steganographic on chain. Is everything okay? Oh, that's just the chat window. Yeah. So so He was a scammer, so I was I was blocking it. I got you. Yeah. So the thing about the steganographic is it flips that whole equation on its head. Right?
Because, you you suddenly what you're trying to do is is hide in the crowd of people who aren't using your technology rather than hide in the crowd of people who are using your technology.
[00:30:05] Unknown:
Yeah. So making pay joins and lightning channels that look the same as other transactions and coin swaps, they do all come under steganographic technology. Yeah.
[00:30:15] Unknown:
Right. So should we jump into that?
[00:30:17] Unknown:
Yeah. Yeah. It's interesting. Let's talk about something really interesting. I think this
[00:30:23] Unknown:
so I I let's start with PayJoin. PayJoin is the lowest hanging fruit. There's been a push to try and integrate it into wallets. High
[00:30:32] Unknown:
high high yeah. Go on. Hit us. Did you see Electrum wallets, seems quite interested in implementing it? I think that's quite a big deal. Yeah. That was a champagne.
[00:30:49] Unknown:
To do it, that would be so great.
[00:30:53] Unknown:
I I I think and it's and so on the on the mobile wallet front, what we have, BlueWallet has already integrated it, I believe.
[00:31:02] Unknown:
I think they've done it. Yeah. Maybe there's there's a list somewhere. I think on the Bitcoin Wiki, there's a more reliable list on on the bit. They join the option list. Yeah. Maybe we could pull up that link for some for guys to look at.
[00:31:13] Unknown:
Was it on the privacy Wiki?
[00:31:16] Unknown:
They I'll find it for you. Okay. Chris is gonna get it. Yeah. Yeah. So so there's a few there's a few wallets who have at least, implemented, sender side. But obviously, ideally yeah. Thanks, Chris. That's it. Ideally, we want sender and receiver side. So receiver, like, in join market, we've implemented it with a hidden service. So it basically will start off an ephemeral hidden service, and you can do this in the GUI or or on the command line. And it will give you a a bit 21 URI, and you can just copy it and send it to your center or QR code. Just scan it, and then you can, then you can send the page on over to. So it's cool, I think.
[00:31:58] Unknown:
There is one thing with page join that should we should say with, from, like, a big picture point of view of how actually it works a bit different to equal output coin joins, like with join markets or. And that with those coin joins, it's about you as a user transacting with someone who might spy on you. For example, you'd you'd send a CoinJoin to an exchange, and you know the exchange will spy on you. But with PayJoin, it's a bit different. The way PayJoin works is it's a customer and a merchant together protect their privacy against other people.
So it only works if you know the if you're a user and you know the merchant is not trying to spy on you. So probably what will happen, what I, you know, I predict, in the future, the people that adopt Pedro and you'll be merchants and, like, you know, businesses which are already somehow victims of of surveillance anyway. So that would be Bitcoin casinos or p to p exchanges or places like that or donation
[00:32:50] Unknown:
nonprofit donations. More likely to be like a smaller merchant rather than a
[00:32:55] Unknown:
Not for example, Coinbase or
[00:32:57] Unknown:
Tesla or something. It's just Coinbase. It's just Coinbase would do this. Yeah. I know. It's laughable. And you don't even you don't even really want to. Right? Because it's a trusted it's a trusted 2 party
[00:33:09] Unknown:
Yeah. Thing. Right? So, like, you're you're You might. It's it's only trusted in terms of privacy with the 2 parties. But for everyone else who just passively looks at the blockchain, it does really improve your privacy. But are are they are they sharing
[00:33:22] Unknown:
more than aren't they sharing more than one input in the coordination phase?
[00:33:27] Unknown:
Yeah. Yeah. They do. So they they the the customer and the merchant, they can mix the pay join easily, but nobody else can.
[00:33:34] Unknown:
But I'm saying when I use page join with the merchant, does that merchant only see the input I provide, or does does it see multiple inputs in my wallet?
[00:33:42] Unknown:
Well, that depends on what your wallet select. It's just it depends on what your wallet selects just like any other payment. Right? Yeah. Depends
[00:33:48] Unknown:
Right. So you're actually giving the merchant any you're not giving the other party any extra information. No more than you. Not more not more than a regular payment. Yeah. Right. And then on chain, someone looking at it on chain, it breaks the common input
[00:34:02] Unknown:
ownership heuristics. So so on chain, you can't tell whose input is what. Right? There'll there'll be 2 inputs in the usually, there'd be 2 inputs in the input side of the transaction, and one is coming from 1 per one's coming from the receiver, and one's coming from the sender, and you don't know which is which. Usually. Yeah. That's right. And that and then, of course, the crucial point there is is not just that that you wouldn't be able to untangle it, but that you wouldn't necessarily, as a blockchain analyst, even know it was a page. And that's that's the goal of the second graphic concept, you know, that we that we hope that it won't be obvious that it's a page. Now in fact, there's some little technical details there, but, I mean, just generally speaking, like, there's a there's a particular heuristic that tends to get violated in pay joins. It doesn't have to be violated.
And but the thing is that that heuristic can easily and quite often is violated by normal spending transactions anyway. So without delving too much into the details, just essentially, it's hard to know that it's a pay join. It may be almost impossible for an outsider to know that, and it's also easy for the outside observer to be totally misled and think that the payment amount is x x whereas actually it's x minus y. And so that so that observer to think that 2 inputs are, co owned when they're not actually co owned. I'm sure, Chris will will will remember as well as I do the funny examples of, what's it called, walletexplorer.com that used to, like, regularly mark all of our, joint market inputs as being coming from mount or connect connected to Mt. Cox because, even though they were absolutely unrelated, I'd never, like, connected with Mt. Gox whatsoever, because the joint market coin joints had been joined with, people who had interacted with Mt. Gox or, therefore, Wall Explorer thought thought I was, you know, a Mt. Gox user or something.
[00:35:41] Unknown:
So before we move on, I I have up on the screen for the people watching on video and for the AudioFreaks, it it appears the software wallets that have integrated so far along this new standard is BTC pay server, join market, Wasabi Wallet. Wasabi is only for sending. Blue Wallet's only for sending. Sparrow's only for sending. Samurai has a has a separate pay join implementation that's not according to the standard that they call stowaway. Mhmm. And then you have Electrum listed as planned. Then hardware wallets, cold card's the only one who supports it because they're the only one that's Bitcoin only and actually gives a shit. Payment processors, BTC pay, because really that's the the main used payment processor. Now that's a huge huge bonus for us.
So with all that said, let's Steelman PayJoins. What is the what are the negatives? What are the negatives of PayJoins? Why can't we just rely on PayJoins as a Bitcoin privacy all encompassing solution?
[00:36:40] Unknown:
It's interactive, and it requires a hot wallet. Okay. You you go, Chris. Yeah. And
[00:36:45] Unknown:
adding adding to that, there's also, people have to actually adopt it. So with with equal output coin joins, like with join market, for example, you don't have to bother the merchant to get them to adopt something new. You just pay to a regular coin address. But with PayJoin, you have to, like, nudge them, you know, if, which actually listeners should consider doing. If they transact with a Bitcoin casino or with something like that who they think could benefit, they should nudge them and say, look. I'm your customer. Can you adopt Pedro? And I think it'll be great. But the fact that you have to do this and the fact that a merchant can choose to not adopt it, like Coinbase is probably never gonna adopt it, means you could they can stop it in that way.
Mhmm. So that would be a downside.
[00:37:23] Unknown:
What like like, explain to the freaks what interactive means, what you know, the hot wall at risk.
[00:37:28] Unknown:
Yeah. So the So that would mean yeah. You go with them. Okay. Yeah. So so that one, I I was thinking on the more technical level. Chris' answer is very good, but my my answer was more the reason why this style of coin join wasn't sort of treated too seriously as an option back in the day, like, starting from 2013 when people started discussing it on Bitcoin talk. I think, because this is how I thought anyway, was the oh, that's kind of messy because you have to, like, actually, in real time, negotiate the, the payment transaction with the receiver, which is kinda related to what Chris actually just said because the receiver has to be involved. The receiver of the payment has to be involved.
That's it's interactive specifically in the sense that you don't just send the payment like like the normal let's think about the normal payment workflow. You you you have some, merchant. They, you you negotiate an invoice. They send you an address, as in a Bitcoin address, and then it's entirely up to you to take your time and use your own wallet on your own machine and calculate the transaction, sign the transaction, and send the transaction. And the the merchant has to do absolutely nothing. They just wait until it arrives. Whereas here, we've got to have a process whereby the sender actually sends a network message to the to the merchant and do stuff and then send back another mess to the sender before the sender can finally send out this specific style of pay join payment.
So there's it's it's not a big interaction, but any interaction at all is obviously like an order of magnitude worse than no interaction. So because of that, that's why, for example, in join market, I had to go through a whole load of, like, testing and and figuring out how to set up an ephemeral Tor onion service specifically for this payment, and it, you know, fires up. Thankfully, the way Tor works nowadays I mean, that's a tangent as well, I guess, Tor v 3. But thankful thankfully, the way Tor works nowadays, it's reasonably reliable and reasonably quick to just stop a hidden service, and then the sender can send a message and the receiver can send a message back. So that interactivity is clearly a big negative.
The other big negative is the hot wallet aspect specifically for a merchant. So, again, thinking of the standard model of a merchant receiving payments, and this is how it's implemented by default in BDC pay server, is that you are gonna use something like an x pub, and it could be like an external x pub or it could be something that BC pay server has within its own software. Either way, it means that when a customer comes along and tries to make a payment, you simply farm out an address to them to pay to that address, and that's all you have to do. And you don't have to worry about whether the server or the infrastructure on which you put this BTC pay server instance is as secure because you you're not holding private keys. You're just holding xPubs, which can go to format addresses.
[00:40:05] Unknown:
So that would be average person who knows nothing can just easily just have it just automatically go to their hardware wallet. They don't have to worry about securing the server. Most of these BTC pay servers are held on on major cloud providers to have uptime. Right? And they don't control the hardware. Early days of Bitcoin. Remember early days of Bitcoin? It's like everyone's servers were getting hacked.
[00:40:26] Unknown:
Yeah. Yeah. Yeah. So, The thing is in in kind of replying to those sort of a steel man of a steel man, the interactivity that's being talked about. But it's also the same thing happens for lightning. So the lightning need coins on a on a hot wallet, and it requires information being sent back and forth. Mhmm. And
[00:40:45] Unknown:
so what was the second thing you said about, if anything lightning probably has a has worse hot wall at risk in that respect.
[00:40:52] Unknown:
Mhmm. Yeah. Yeah. Yeah. And in in practice, people aren't gonna like to I mean, it's it's the same thing of lightning. They don't do all this stuff themselves. They have software to do it, which they have to install and click. So I have a couple other steelmans.
[00:41:06] Unknown:
First of all, higher fees. Pay join increases your fees. Right? Because you have more you're automatically adding an an from a fee perspective, an unnecessary input. Is that would we agree Well, it's it's a complex.
[00:41:19] Unknown:
True. But it is true on us in itself, but it's a kinda complicated equation because you've got to consider the the on the merchant side, it could change the nature of the distribution of their UTXOs over time because I I when when I first wrote the page, I joined, like, blog post about this. I I I explained this concept of the snowball UTXO. Like, essentially, if a merchant just used page join as if as in every payment came in with a page join and they started off with 1 UTXO, then they'd be consuming 1 UTXO every time they receive a payment as well as receiving 1. So they'd have 1 UTXO that was just getting bigger and bigger and bigger, which is in dramatic contrast to the merchant who, let's say, sells a 1,000 widgets every day to a 1,000 distinct customers. But doesn't that add a heuristic?
Yes. Exactly. Whatever was discussed at the blog post, like that's actually a heuristic. And, plus, also consider the practicality of whether whether this would ever be at the point where everyone was using it. And and I could have kind of finished off the blog post by saying, well, that's actually great because we don't need or even really want everyone using it. If even if just 10% of people used it and it was plausible that 10% of people were using it, the effect on blockchain analysis would be so detrimental. But anyway, absolutely, it could be a heuristic and so could some other things.
[00:42:31] Unknown:
It it would allow it would it would allow chain analysis chain analysts to identify that a page join was happening.
[00:42:39] Unknown:
Well, not not not unambiguous not unambiguously.
[00:42:43] Unknown:
Yeah. Go on. Yeah. Because it's this heuristic, just just to get it right. So the heuristic is the things that coins get joined together until they're bigger and bigger. But that can happen with in general usage as well. Like, people combine dust together or, I don't know. I haven't thought about it too much, but it's possible this heuristic happens in normalization.
[00:43:03] Unknown:
Know if if you're an active attacker, right, a very common threat model for, like, a BTC pay server. Let's say I'm accepting donations. Right? I'm a I'm an activist. I'm I'm accepting donations. Obviously, I'm a I have a privacy focus. Of course, I'm gonna enable pay join. A common thread model there is for who's ever trying to, track you would send in an it would send in an input. Right? They would pay they would pay with PayJoint. They would see what's going on. Yep. Right? So it it'd be vulnerable to that.
[00:43:37] Unknown:
How how would like, what does the attacker learn in that situation?
[00:43:40] Unknown:
Well, the the attacker would know that every transaction that Snowball is involved with is most likely that that user
[00:43:49] Unknown:
that's receiving the donations' pay joins. Right? The thing is so so the attacker would see pay joins on the Blockchain, but the inputs to those pay joins, they'd be owned by different people. So, for example, one of the One input would be the snowball. Right? And the other input would be the donation. Right. But the attacker can't tell which is which. So the other one, which is the donation, like, the change of it would end up going somewhere else. And do you see that the two things would get merged, the the transaction drop? So okay. We like, if we back up a bit. So there's the activist who accepts pay joins, and he's getting many people giving him donations.
And the attacker has also given him one small donation, and they can't tell whether these inputs that he sees belong to the activist or if they belong to other people giving donations to the activist.
[00:44:34] Unknown:
But wouldn't the Snowball UTXO keep getting larger? But they might also get larger for the other people who donated as well. Right. So so you would actually be you're hoping that the donators are also snowballing. It couldn't be just BTC pay server as long as other the other wallets would need to be snowballing as well. I think what you're really where I'm lost. Combining. It just means combining inputs. Right. But the first time I heard about the Snowball was, specifically on the BTC pay server side as a way to incentivize merchants to use it. So I I in my head, I was just assuming that only the merchant side was using that model.
Right? Okay. Anyway it's a complicated issue, but I think, okay. Go ahead. Yeah. But okay. So to continue this deal, man,
[00:45:20] Unknown:
there's also the fact that you have 2 party coin join, which is small.
[00:45:23] Unknown:
That's Right. 2 party coin joint is small. We have a chicken in the we already kind of addressed it. We have, like, a chicken and egg kind of thing in the room that that there's less incentive for people to maybe use it in the beginning, but we we need it to hit a certain threshold to be effective. Right? So it's kinda like you need a you need, like, early ideological adopters, basically, which is not necessarily the end of the world. I mean, Bitcoin has kind of relied on early ideological adopters throughout its full history. The other thing is I feel like a high KYC environment kind of throws a wrench into our plans, you know. I I don't, if if let's use our let's use our BTC pay server as an example.
We accept pay joins. We we have pay joins enabled on on Okay. On, BTC pay.
[00:46:16] Unknown:
You should send me the address. I'll try it out. Send me the address. I'll try it out. First of all, this show
[00:46:22] Unknown:
is this show is is has no sponsor content. So if if anyone enjoy we have no ads, no sponsors. It's free and open, in the spirit of free and open source software. So if you wanna support the show, feel free to send me some stats. But all that said, we have BTC pay server enabled with pay join, and we don't know when people pay with KYC or not. And and so so, like, KYC is, like, fucking insidious, and and I I I think there's, like, a big disconnect, in, like, the Bitcoin privacy community because we're hardliners about KYC versus the realities of the situation, which is, like, the overwhelming majority of participants are coming in via KYC, and though all those inputs are obviously bagged and tagged and put in databases and shared around and collated, and kinda break through that that veil. Right? Yeah. But that's a little bit unfair. And then the last thing is, like, is anyone really gonna be making on chain payments, Or, like, are we are we wasting our time a little bit with PayJoint when when most people are gonna pay with lightning at least, I think, in the near term?
[00:47:30] Unknown:
They would make payments if they're for very big amounts.
[00:47:34] Unknown:
Yeah. But even with when number go up, like lightning capacity has gone up. Now you can, like, we make a lightning pay especially if you're a privacy focus. If you're someone like Open Arms, who's, like, Open Arms is, like, our perfect demo, right, of a of a pay join paying person.
[00:47:50] Unknown:
Like, he can comfortably make 200, $300 payments now. Yeah. But lightning That's all but whatever the number is, it's always gonna be larger larger transfers as well.
[00:48:00] Unknown:
But that's an adoption issue. Right? Because we're trying to get 10%, like you said, 10% paid join adoption. Mhmm. And if we have we're splitting up the privacy focused users because the privacy focused users, a lot of them are gonna go to Lightning. I know me personally, like, if I spend, I prefer to spend the Lightning. It's a better UX.
[00:48:18] Unknown:
Yeah. For sure. So just Whenever this this SteelMan is a downside of PayJoint, is that something else might be better?
[00:48:29] Unknown:
It's it's it's it's I'm I'm coming from the educator perspective, where where I'm I'm But that's more I'm on the front lines with new users and stuff. Right? And I'm trying to increase adoption on these different tools, and so I'm just that that's the perspective I'm coming out, I guess, from this steel man of k join.
[00:48:50] Unknown:
But that's the really just a subset of that whole argument about, you know, do we need any kind of privacy tech on chain if we're just the only thing we're gonna use check the on chain for is to move on and off of lightning or second layer. And I've I've always felt like there's always gonna be a need for on chain transfers. So there's there is a value even if, it's maybe not as pure and as simple as people would like. There's gonna be a value in all kinds of coin joins because of that. Pay joins as as retail payments, well, then I you you your argument is more that Bitcoin itself is not ideal for retail payments, so, like, base low Bitcoin, and I kind of agree with that generally. But but But these are already getting pretty high. Yeah. As of today, it's still usable, but it tends to be only really valuable
[00:49:38] Unknown:
for higher higher sizes. And, like, try explaining, like, confirmation to, like, a new corner that has never fucking understood it at all in a high fee environment. Fucking create like, we take that for granted that we just assume that makes sense to people.
[00:50:05] Unknown:
Mhmm.
[00:50:07] Unknown:
Yeah. I completely agree with that. I'm not trying to say like, I I I hate the idea that I I think on chain and privacy is extremely important. I'm I'm not saying that's not the case. I'm saying to me, PayJoint seems more like and I I know Chris disagrees with me here, so I wanna dive into this. I think I think pay join seems like more of a post mix tool to me after, like, a coin join, and then and then Lightning also seems like a post mix tool to me. So I think I feel like pay join kind of competes with Lightning more than a coin join competes with Lightning.
[00:50:54] Unknown:
But yeah. No. That that's a fair analysis, I reckon, that they the the only time it would maybe make sense if it is if you're doing an on chain, very large payment, which therefore can't be on lightning. So I don't know. You want to gamble, 10,000 Bitcoins or something ridiculous, then you send it via k page you into a Bitcoin Casino. Okay. It's not very realistic, but that would be You're Arthur Hayes or something. Yeah. But I think Exactly. You know? I I think that's to me to me, you would the issue
[00:51:21] Unknown:
issue with it was always practicality. It was never to me the issue like, oh, there isn't any point to this. Because I I my perspective is a bit different from most people in these discussions is that I tend to look at CoinJoin as very much this kind of opportunistic thing rather than some kind of rigid frame work. Like, one of the ways I've used join market open I I still do to some extent, but I tend to use Lightning more now is it it I've I've used it as like, oh, let me just make a retail payment. In the old days, it was via BitPay, but I don't use them anymore. But there's other, like, coin payments and what have you. And it was like, let's just do a coin join. And now I I'm not I have no pretense that in doing this specific coin join, I am somehow magically bit making this perfectly blockchain analysis resistant to, you know, constructed transaction. It's just not the case.
But every single person that does this is is it's half a political and also half of just a kind of commonsensical thing to do is just to it's like fighting for fungibility. Every payment I make if I'm going to make a payment online, the first thing I'm gonna check is can I use PayJoint instead of just an ordinary payment or or join market, because I just feel like it's something that every every user and participant of the system could con could consider doing as as a way of just sort of not I don't fight the right way, but but just sort of asserting the right to fungibility? You know?
[00:52:47] Unknown:
Yeah. That's okay. It's it's the ideological. You know, Matt was talking about the ideological users from there. Yeah. But as it as it as it but but but that's almost pejorative to call it ideological because it is ideological. Yeah. Yeah. It's not a bad thing. Yeah. Ideology
[00:53:00] Unknown:
have to But but it what I'm trying to say is it's not just purely ideological, is it? Right? Because when I when I make a coin joint payment instead of an ordinary payment, I'm creating something like a part of the permanent record of Bitcoin's transaction graph, which is either less, disentanglable or totally not not disentanglable, if that's I have too many in there. You know, so so so so my point is is is that we we're not just being altruistic if we sit in, like, slave all way and construct these incredibly complex collections instead of just making a payment. It's not just it's not just ideological altruistic. It's it's actually creating a it's like a you you live in a in a housing estate, and you all share a garden and, you know, you you look after the garden a little bit because, you know, both you and everyone else involved will will have a happier life because of it. Yeah. I mean, not just I agree. Yeah. It's something can be ideological and self interested.
Yes. Exactly. Yeah.
[00:53:57] Unknown:
Yeah.
[00:53:59] Unknown:
Right. So paid join to me is like one of tool you could use in your flow of everyday work. You know, I'm paying for a t shirt on this the t pay server. Oh, look. It's a page on URI. I just click that and bang. I I make that payment instead of the other one. And, yeah, I pay for 1 more. You could say the same about lightning. Right? Like, that you'll you'll if you see if you see a service offering Lightning, you go out of your way to pay with Lightning because Definitely. Yeah. Definitely.
[00:54:23] Unknown:
But so so so kind of tangential, let's unpack this a little bit, about talking about making a you're making a point, you mentioned. Making a making a standing your ground standing your ground and and making a visible protest, to the surveillance economy. Yeah. It's kind of weird to me that, you know, I've I've been a very, very active promoter of using CoinJoin and and using Bitcoin best practices, and I come up right against this whole, like, compliance culture in Bitcoin land, especially among, you know, for better or worse, you know, I'm a public figure. People know my face, you know, they they see me at these conferences and stuff. So I'm I'm literally butting heads, with with with these other public people that are are very compliance focused, regulation focused.
And I got a lot of pushback about this idea of of trying to encourage increased CoinJoin adoption. And a lot of my arguments were even if certain CoinJoin implementations aren't perfect, because, honestly, like, if you're a privacy advocate and you're saying something's perfect, you're probably full of shit to begin with. But even if a user screws something up, the signaling mechanism of these coins going through coin joint and being visible on chain, I think, is super important. And we're we're seeing the ramifications of this with all these regulated services, flagging them and denying service and use of them and and, you know, we even have block file. I'll pull the graphic up again just because I have it saved in here.
Going out of their way to specifically say that, and I think they use the word mixing instead of coin joint to insinuate more criminal intent, but that they don't accept, mixed funds. They don't accept anything that goes through, like, Bisk, peer to peer exchanges. They have this whole block list or whatever. So there's been, like, this weird element, and and and I I I love the idea of of these these demographic techniques as you said, like, things like PayJo and Coinswap that that are really it isn't visible on chain that they're being used and they break the heuristics. But this idea that, like, we should hide that we're using Bitcoin privately seems weird to me in a world where we've we've gone through the same exact argument and fight with with speech, and and encryption is obviously is very visible. Like, people know you're using encryption. The idea is that they can't see the message anyway.
Right. Right? Like, what's the difference? Like, why should we be ashamed of using CoinJoin? The the fact that it's visible on chain isn't as big of a negative to me. I think it, like, falls right in line with with encryption. Does it not?
[00:57:16] Unknown:
I guess, but they, it's a method of resistance, like hiding that you're mixing helps you helps you get away with it in a way. So I don't know. BlockFi, they they try and block, they try and censor payments which are which are coin joints. And if you can if you can stop that from happening, then that's good. Right? But I agree with you that with the thing, I really don't understand Bitcoin as you have that thing of we shouldn't use CoinJoin. We shouldn't use because even if they're only interested in it for number go up, do they really think that, say, central banks who want to print loads of money, are they just gonna allow people to just move into Bitcoin? Like, of course, they won't. They'll they'll want to spy on them. They'll want to do surveillance on them. So their whole the whole plan of number go up depends on having some kind of privacy because otherwise, people will take, you know, they'll take your money. They'll the number go up that you won't that you earned, they'll confiscate it, like, in the 6102.
Yeah. It makes no sense to me. Order. Yeah. Like, the the number go up and sensitive resistance have to go together. You can't have one without the other.
[00:58:19] Unknown:
Exactly. And and and and, like, let let's just go deeper into this BlockFi example, because BlockFi now is right is a darling of this fucking industry. Everyone has their hands in it. You know, there's investors all the all the big accounts on Twitter, they're all investors and shit in BlockFi. The thing is valued at, like, 2,000,000,000, $3,000,000,000 right now. They wanna go public. They're offering Bitcoiners the ability to get 6% interest if they go custodial. They give them full KYC, and then on the withdrawal, they're not allowed to actively use Bitcoin privacy best practices. If they use active if they if they visibly use Bitcoin privacy best practices after they withdraw from BlockFi, not even the deposit, after they withdraw from BlockFi, then their account gets closed.
That'd be like that'd be like me if I if I if when I withdrew money from the bank, I didn't, like, post my fucking receipt on social media,
[00:59:17] Unknown:
my account gets blocked. Like, we're not far. Oh, we're not far away from that today. We are not far away from that today with banks under each. But, yeah, how many hops? I'm curious. Well, that's the thing. No one can tell us. Right? Of course, they can't tell you. Right? Yeah. It's it's just like the legacy system. Right? It's like, you're not allowed to do money laundering or or or any of these other activities. So is this okay? And then they'll say, well, we can't tell you whether it's okay. So just deposit them deposit the money and then we'll figure out if it's okay afterwards. And we won't they they will block your account, and we won't tell you why it's blocked. It's the same bullshit, and it's gonna be the same bullshit every time. You just have to have some dignity and just say fuck fuck these people. Honestly, you're not really 6% isn't even that much. Right? I don't I don't know if if you can,
[01:00:05] Unknown:
you know,
[01:00:08] Unknown:
would you, would you invest if it was 50%, Chris? What about that? Well, at 50%, it sounds like a Ponzi scheme. Economic activity in the world that gives you 50% per year. So there's a golden number that you so there's a golden number that you're not gonna reveal at which you would invest in Blockfire. But if it's anywhere below or anywhere above that, you're not gonna invest in them.
[01:00:29] Unknown:
Well, when you put it that well, no. I mean, no. You've got you've got me there, I guess. The thing is is someone's privacy is quite valuable, and I wouldn't I'm just confused. The 6% isn't even that much. I don't know. It's a hell of hell of a lot better than bank accounts or or most investments nowadays. But the thing is, even if you just hold Bitcoin in a in a hardware wallet or in cold storage, it moves 6 percent all the time. Every month, it goes up or down 6%. So why are people running so quickly to the 6% thing? Well, the people who accuse me of FUD when I say the same thing want it to be clear
[01:01:00] Unknown:
that this is 6% compounded interest on top of the Bitcoin gains, and you get paid out in Bitcoin, Chris. So we can't just say 6%.
[01:01:08] Unknown:
We can't Oh, yeah. Okay. But you're already getting, like, 20% of the profit. So
[01:01:14] Unknown:
No. I'm aware that that we've we've discovered an asset that's designed to pump forever, and people are willing to throw out complete control of it, and all of their privacy for 6 percent is absolutely ridiculous. But I just wanted I wanted to be clear that I also know what compound interest is, and that does not change the equation for me. I think it's important that
[01:01:32] Unknown:
way. Yeah. Go ahead. Sell yourself if you're gonna sell yourself in that way, at least charge more than 6%.
[01:01:38] Unknown:
I literally had someone tell me in my comments today that I'm a rich Bitcoiner that's out of touch and that people need these interest payments to feed their family. And if I don't if if by me telling people that it's a risky investment, it's a risky move, that I'm I'm just completely heartless, and Dan Held liked that fucking comment.
[01:02:00] Unknown:
So Okay. That's what we're up against in this world. You probably already told them why that's bullshit. But, so, you know, poor people say you only had a $100 or $10. 6% is $6. Right? Not that much. If you have $6,000,000 and you get 6% on that, then that's immediately $60,000, a huge amount. So 6% benefits rich people way more than it benefits poor people.
[01:02:23] Unknown:
Yeah. I mean, also, like, yeah, you shouldn't, like, be relying on a high risk interest account on top of a volatile asset to feed your children if you're gonna try and lecture me on risk risk management. Like, that's fucking ridiculous, but that's all I digress. This is my my point was, do we do we all agree that this idea that regulated institutions might not accept your Bitcoin in the future is a bullshit that that's a bullshit reason to not care about Bitcoin privacy best practices, like, just opt out of those systems. That's what Bitcoin's about. Yeah. Yeah. I get it. I I I I'm I'm gonna just disagree just for the
[01:02:58] Unknown:
like, I I I don't think the I I I I don't think it's bullshit in a sense that, you know, people come people are in this space and come into this space with very, very different perspectives for all kinds of reasons. And, they might be a bit goosed, you know, like, what exactly they're doing. They they might be think that that they're dealing with Bitcoin or actually that they're dealing with, like, regulated instruments on top of Bitcoin effectively because they're really just playing around with money on exchanges, you know, and then they're just playing around with, you know, their their taxes and their accountants and just and their their their their brokerage accounts. But, you know, it's not completely stupid for people to think, you know what? I'm a stand up citizen and I abhor, and I am not gonna get involved in anything that even smells slightly of you know, they're very, like, risk averse people. You know? Okay. Fine. But but they should at least understand our point of view, that that that we actually believe in this as a as a as a different system, and we anyway
[01:03:53] Unknown:
But, Waxwing, this is what I'm saying. Right? It's like is is this is when we're talking about increasing the pool of of privacy focused Bitcoin users, right, to try and increase our own privacy. You're you're we're up against this this thought process, and I I'm telling you that and I'm curious what your guys' guys' opinion here is. I know exactly what's gonna come next. What's gonna come next, and I already see it happening amongst my peer group, is, we're gonna be sold this idea, and people are gonna, I'm gonna have them. They're all gonna attack me on Twitter about it. We're gonna be sold this idea that Bitcoin privacy best practice is to spend directly from a custodial wallet because BlockFi will protect my privacy, and the other person the transaction graph is completely broken, and I've done nothing wrong. And my government I can completely trust my government, and they'll protect those records. And if you look it up on on chain, you won't you won't be able to tell. And and why do I make this expectation? Why do I have this expectation? Why do I have this conclusion? Because I when people pay me in Bitcoin, I chain analysis them. Right? I look back, and I've called people multiple times sending me money directly from Cash App, directly from strike, and I say to them, I'm like, you sent me money directly from Cash App, for a poker game.
You send me KYC funds directly, and you know who I am. And they're like, yeah, Matt. I didn't want you to fucking know how much Bitcoin I have, so I sent it from Cash App instead of doing it. Oh, I see. Right. Yeah. That's what's gonna happen. That's gonna be the next narrative. The next narrative is if you have nothing to hide, if you're not a criminal, you can just send from a custodial wallet, and you'll have perfect privacy. They're gonna say perfect privacy because they don't care about disclosing trade offs.
[01:05:48] Unknown:
Well, they can, you can in that situation, they could send via lightning, then you would also not be able to tell how much money they have.
[01:05:55] Unknown:
Right. But if you if Yeah. If they sent if if they pay me as lightning stands right now, and, obviously, it's not at a standstill. Development's actually been moving pretty quickly. I have tons of respect for the developers. But as lightning stands right now, if they pay you from something like a strike or a bottle pay or something, that PubKey is is in a KYC database somewhere with the invoice, whatever you put in the invoice. So I actually had I'd I, I I did I did a poker game, and I was the bank, and I put in an invoice. I put in the invoice to keep track for my own Sovereign lightning note. I put in the invoice the guy's NIM, and poker. So it was his NIM plus poker. Right?
And he paid me from strike. So strike now knows his NIM, knows we played poker, and knows my pubkey, and it's in their fucking database forever, presumably. No one knows, you know, what how what the retention is for these k y c services, but,
[01:06:56] Unknown:
like No. That's a good good point. What I what I meant was that your friend was using a custodial service for privacy reasons so that you couldn't tell how much money he had. But he could use a non custodial lightning wallet. That would that would also not reveal how much money he had in his wallet.
[01:07:14] Unknown:
And, yeah, you're right. If he uses, like, a custodial wallet as well, then things won't work. But I didn't realize he paid me from strike until, like, an hour into the poker game. Right. Right? Like, neither of us real like, there was no there's no from a UX point of view, I saw the invoice was paid. Right? I didn't I didn't even consider it. It wasn't even, I don't know. That's gonna become more common. Am I wrong?
[01:07:40] Unknown:
No. You're right, unfortunately, but there's people who people who for if it matters to someone, then they'll make the extra effort.
[01:07:50] Unknown:
But I don't think we should spend all our time wringing hands about the fact that people are gonna make, practical trade offs, including, you know, how they deal with regulators and banks and governments. I mean, they they always have done and they always will do and until there's some dramatic changes
[01:08:06] Unknown:
But the reasoning the reason that I bring this up is the reason I bring this up is because I think we I I think I think it's important when you're building these tools and trying to set up the incentive structures that that you're targeting you you can't just we can't just target, like, OGs that care about we can't just target, like, the 1,000 OGs that care about privacy.
[01:08:27] Unknown:
No. I don't think we're just targeting that, though. I mean I mean, look at look at the kind of thing that Open Arms is doing. I don't I don't know what what he's I know you've talked with him extensively, but but, you know, know, look at the he's doing it. He he's not just addressing the needs of a 1,000 OGs who are like cryptography experts. He's addressing he he is addressing people who are kind of couriers, people who like technology. They're playing around with things like Raspi, blitz, which I do as well, actually. I really like that device. It's really cool. But these are people who just like Bitcoin. I'm sure some of them are are relatively new.
And, yeah, they are technically savvy much more than the average user, but they still like the fact that what he provides them is, like, this packaged version of join in box. They can just slap on their Like join in box. Plug in. Yeah. Join in box. They can just slap it into their already existing, you know, core node, lightning node, what what have you. Where am I going with this? Oh, yeah. The the point is, well, there's some truth, obviously, to your point, the how do we get all the masses involved? I have I've always been I've always had this attitude even from the early days that I always used to tell people Bitcoin is is swift, not Starbucks points, and you stop constantly, like, worrying about how you can get retail on board or whatever. Retailer always gonna do what retail do. Right? They're they're gonna use trusted third parties because that's just how people operate.
They're all on the other hand, there are always gonna be those special people and not just people, but organizations as well. I mean, an example I like to give people even though it's totally fictitious is, like, the canonical Bitcoin user is probably a Nigerian trader who's sourcing products from Guangzhou. You know? In other words, it's not just it's not just like Joe Blogs on the street in London or or New York or whatever who's just playing around with his phone. I mean, talk to those people. There's nothing wrong with being that person. I'm just saying that isn't really what Bitcoin address is. I don't care what Satoshi wanted to use it for, vending payments or whatever, vending machines. The the truth is it's just not that kind of thing. It's much more like SWIFT. It's some very, very hard money.
Right. It's almost financial plutonium. Like, remember people coming up to me when I was in Prague saying, no. Don't buy us in Bitcoin. I said, I I just say no. Don't buy Bitcoin. Fuck away from it. Because Right. Because, honestly, it's it's just not consumer product. Now lightning is a different story. If it gets polished enough, then maybe that's a different story. Right? I mean, in hindsight, they probably should have bought it. Right? Like, what was the price in price? It was near the 2017. It was it was like 5th 10, 15 k. Maybe they did. Yeah. Alright. I'll give it that. Literally any time in history, they should have brought me. And that's the point. They didn't deserve it unless they ignored my advice because they knew what the fuck they would do. They had their confidence in themselves to actually operate and own things like keys. That is not something ordinary people ever wanna deal with. I'm sorry. I know it sounds elitist,
[01:11:18] Unknown:
and maybe I'm just an asshole. It doesn't sound elitist. I'm not I'm not I I was trying to be provocative, obviously. I didn't mean there's, like, a 1,000 OGs. I I I'm I'm not I'm not saying, like, I need grandma to use the privacy tools. I'm saying, like, this show this show why do I do this show? I do this show to increase the adoption of these kind of tools and these practices and spread this knowledge. Right? And I I I want people to pay it forward. Right? Like, I I I think it's it's interesting, where, like, a lot of people, like, I'm not competing with other podcasters.
I would love if there's a 1,000,000 shows that cover the same exact topic. That's when we're winning. But, like, we have we have, you know, over over 20,000 people are gonna listen to this to this discussion. Out of those people, maybe 5,000 of them have used the tools, and actively use the tools. Right? I'm talking about getting that number up by a magnitude of 10:10 x. Right? Let's get that number up to 50,000 people worldwide that are that care about these tools and are using these tools. And when we talk about that, when we talk about Yeah. You're right. Crossing that chasm, this is what we're up against. Right? We're up against the UX of the custodial regulated products. We're up against the the the incentives that those products are offering their users. Right?
[01:12:45] Unknown:
Yeah. But do you envision a world where Do you envision Just if I could jump in, Wack said, because the thing you're saying, it's about, elitism. I'd actually argue it's the opposite because there's the point that Alex Gladstein made that most people in the world are actually not in the first world with, they're not somewhere in London, New York, and they had so someone like, in Nigeria, you mentioned the example of Nigeria. That country has a 100,000,000 population. Right? It's a third of America. So they actually, the I think Alex Gladstein put it in another way. Bitcoin is for the other 5,000,000,000 people in the world, the people who don't have good and in fact, I can point out they actually can't use BlockFi because BlockFi only accepts customers from certain places in the world. So I question. It it could be argued. It's actually not elitism. It's the opposite. It's for more Mhmm.
There's the old cliche of Bitcoin helping people in third world countries, but you could argue it's that. People have to hold their own coins because there's nothing else.
[01:13:36] Unknown:
But this is where those other those other aspects come into play. Right? Sure. Cost, accessibility.
[01:13:41] Unknown:
Yeah.
[01:13:43] Unknown:
You know, if if if you're if you're in an adversarial environment in Nigeria and Bitcoin is is is borderline illegal, if not completely illegal, it's hard to have a 247 interactive, client available. It's it's hard to run a a VPS in general nowadays on a major cloud provider without KYC.
[01:14:02] Unknown:
Yeah. So so I think I think a good example of this might be, like, you you you see the in little experiments like they did in I don't know which South American country it was where they tried to set up a little, like, learning community thing. So what they actually end up doing, of course, is they use essentially yeah. Or maybe it's that. I don't remember. They they use essentially completely custodial versions of the tools. So it's like you you talk about the traders in Nigeria, that they they're constrained bandwidth wise. They're constrained cost wise. They're constrained regulatory wise, and they don't have a a solid basis of a lot of Bitcoin developers in the local area. I mean, good old Tim McMo's there, but most sadly, anybody else there who knows anything about Bitcoin. Right? So so the the the essentially, what's gonna end up happening is they go into these custodial, systems.
So, unfortunately, while I agree with your point, Chris, I suspect in practice, while 3rd world is where Bitcoin is kind of the most useful in some ways, it isn't actually,
[01:14:59] Unknown:
the kind of Bitcoin that we'd like it to be. But but but just wax me, quick quickly, I mean, I don't know if you're talking about, Bitcoin Beach in El Salvador, but Bitcoin Beach in El Salvador, is is fostering this this grassroots lightning community, and they do have their own wallet. Mhmm. You were correct, that that is custodial, but it's kinda cool because it's it's locally custodial. Right? So, like, it's, like, the local El Salvador Bitcorders are running this custodial wallet that doesn't comply with US regulations and is completely interoperable with the wider Lightning Network. Maybe that is gonna be something that we see scale out. You know? That kinda makes sense to me.
[01:15:38] Unknown:
Yeah. I think so. Yeah.
[01:15:40] Unknown:
And then you don't have to worry about the pub keys. Like, if if if if a user and strike just so strike, just opened up in El Salvador, they just have bit now now they have business in El Salvador because Jack Mahler's fucking boss, man. Like, he flew down to El Salvador, one of the highest crime crime rates in the world. Him and Myles Suter of Cash Apps down there, both my boys are are in at Bitcoin Beach right now. And Wow. And strike launched in El Salvador with no banking relationship. And and the reason why they were able to do that is because the overwhelming amount of transactions coming from are coming from the United States as as, goddamn it.
What what's the the word when you're sending money abroad,
[01:16:30] Unknown:
remittances?
[01:16:31] Unknown:
Remittance. Remittance from the United States. Right? So the United States users have they're fully regulated. They have bank accounts, and they're connected to strike, and they're sending to the custodial wallets in El Salvador. And and you and you know you know they're part of Bitcoin Beach's pilot program or whatever, but you don't know who the individual user is. They have their own in on an onset, basically. Right?
[01:16:57] Unknown:
So what how does the American side so the the Syrian American who wants to send a remittance or you're in American who send a remittance. You send, like, a a a card payment or a or a fee let's say a fee payment to strike, and then it gets sent over lightning to the El Salvador. Your debit card you hook up your debit card or
[01:17:16] Unknown:
you hook up your debit card or bank account to strike, and you you it's k it's considered KYC lite because what he did was he had a he has a partnership that basically allows you to put in your phone number, and if the KYC infos already exists, you don't have to reenter it. So so you still have full KYC, but at least friction wise, it's reduced. And then you actually never see Bitcoin. So you can just scan any lightning invoice, and he'll automatically do the conversion in the behind the scenes, and the receiver receives Bitcoin. And the reason it's set up that way is it provides him regulatory cover because he never has to custody Bitcoin, And Yeah. It provides the user Right. A a a a pro tax way of spending Bitcoin because the users never actually buying Bitcoin and then spending the Bitcoin and incurring capital gains. They're just Right. They're they're just processing this transaction in the background and using Bitcoin as the rails. The receiver receives Bitcoin. So it's it's become very, very popular among mainstream Bitcoin Twitter, but it's, That's why I haven't heard of it. But it leaves yeah. So waxwing to the freaks to the freaks that are aware, waxwing's the first guest on the show who really truly cares about privacy and and and boycotts and boycotts Twitter.
We have a bunch of freaks that are listening to this through Twitter. I'm sorry. So, props to you for doing that, waxwing. You can find them on Mastodon. But, yeah, is that it's an interesting dynamic that is that is has exist that exists now,
[01:19:04] Unknown:
and and a lot of people are using that. Yeah. Jack gave a talk about it on, Jack Miles gave a talk about it on, in our in our little army. I think you you came a few sent you to our v army top. Yes. And it was kind of interesting to me. My eyes started to hurt.
[01:19:19] Unknown:
Okay. Yeah. My eyes hurt sometimes after a while. Yeah. It's funny that. And also Facebook. Fuck Facebook. Right? Like, I was using Oculus or whatever, and they started requiring the account, so I just had to make a difference. That's really shitty. It's even worse when you look under the hood of what they're doing there. It's really horrible, I think. But, anyway Yeah. Facebook's the one I got rid of my account a long time. Do you see that Zuck the the Facebook accidentally got hacked for 533,000,000 users' accounts information, and they they use that to realize that Zuck is using signal, which is hilarious. Oh, that's cool. On WhatsApp.
[01:19:54] Unknown:
That's cool.
[01:19:56] Unknown:
Yeah. I I it's it's the the strike phenomenon is is very interesting, and it that's that's it's a it's an awesome product. It's really pushing it's pushing the tears, but this that's kind of where I come from when I say that that's what we're up against. Because you're you're trying to convince the user to to spend Bitcoin privately rather than using a service like that a lot of times.
[01:20:21] Unknown:
Yeah. I think it realistically is gonna be second, and it is gonna be semi custodial. I think both of those things that's that's the good outcome. I mean, the worst outcome is everyone just decides that they just wanna use Bitcoin as, like, an investment stuck in a regulated financial institution and nobody has Did you see ever. Did you see what Taylor posted the other day that got, like, 7,000 likes and fucking
[01:20:43] Unknown:
amazing amount of retweets?
[01:20:46] Unknown:
I mean, I know waxwing did see it, but did you see it? He he tweeted out the name?
[01:20:53] Unknown:
Michael Taylor. Do you not know who Michael Taylor is, waxwing?
[01:20:56] Unknown:
Oh, yeah. I do. Yeah. Oh, no. I do. I just I didn't hear that the connection was bad. Oh, I did follow him, but, yeah, did he say he bought what did he buy? Like, he bought more Bitcoin from something. Oh, no. No. Not that. He tweets that out every 2 weeks or whatever.
[01:21:09] Unknown:
He tweeted out that the ideal the ideal Bitcoin wallet is a wallet that's a custodial wallet where you send Bitcoin in, and it automatically provides you a fiat based loan on it, and then you pay with fiat. And then that way you never incur capital gains, and you never have to sell your Bitcoin.
[01:21:29] Unknown:
Well, he's wrong because the central banks will just steal your Bitcoin in that case.
[01:21:34] Unknown:
Look, I'm I'm not saying that that I know you're not We disagree. Right? But that's what we're up like like, you're competing when you're talking about increasing from 5 1,000 to 50,000 users. Right? You're you're competing against that, like, that those concepts. Do we agree on that? Well I agree. Yeah.
[01:22:01] Unknown:
I don't know what to think about. Be in trouble,
[01:22:03] Unknown:
when there's a bear market.
[01:22:05] Unknown:
I'm gonna pull it up for you. When the price goes up. I'm gonna pull it up for you guys. Yeah. I I think you're interested. You don't believe me?
[01:22:12] Unknown:
No. Of course. Believe that it is a No. Of course, I believe that because I heard him say something's I heard about him say something similar before. Like, some months before he said something about it. It's all, you know, you it should all be regulated and forget about privacy. Yeah. He's He has crazy.
[01:22:26] Unknown:
It has a 1,000 retweets. I have you ever come close to getting a 1,000 retweets on something? That's crazy. That's that that's this is consensus opinion. Look at this.
[01:22:40] Unknown:
Right. Well, maybe it's bots. You never know. This is not smart. Oh, wait.
[01:22:46] Unknown:
Wait. Wait. Wait. Wait. He says the ideal mullet. I wanna qualify. Is this the ideal mobile wallet? Well, I don't know. Maybe he's right because the ideal wallet certainly isn't on a mobile phone.
[01:22:57] Unknown:
Well, oh, do you wanna unpack that?
[01:23:00] Unknown:
Well, of course, it's not the most secure way. I mean, if you're dealing with large amounts, you you would you would be crazy to to hold it on a phone, surely.
[01:23:08] Unknown:
But if we're talking if we're talking about the other 5,000,000,000,
[01:23:12] Unknown:
the other 5,000,000,000, most of them don't have computers. They have cell they have cell phones and they have Well, that's just comes back yeah. That just comes back to the discussion we were just having. Right? Which is, like, how is it actually gonna play out in 3rd world type environment. And it will I'm sure it will be at least I'm sure it will you know, I the the the positive outcome is that there's a lot of usage of semi custodial Bitcoin like the example you give from which I think is a really interesting and cool example. And it's gonna be on phones because phones are the devices that those people have, and it's gonna be something which respects stream bandwidth limitations because bandwidth is very expensive in those places and unreliable.
So we just gotta face up to the reality there. You know? It's all very nice to think of satellites and stuff, and it's all cool, but and there will be some nodes. But god, I remember back in the early days when you used to look on the, the maps of, like, where all the nodes were in the world. You'd look at Africa, and there'd be, like, 2 nodes on the entire continent. It's just it's just terrible, really, but I don't think it's gonna get much better, at least not quickly. Sorry. I'm I'm woofing.
[01:24:15] Unknown:
No. I think this is this has been a great conversation so far. We haven't even talked about coin swaps yet. I I just before before we move on, I just want to, on on on a on a bigger sense, what do you guys think? Like, do you feel a sense of urgency in terms of Bitcoin privacy? Do we have all the time in the world or should we is it is it important that people care right now?
[01:24:44] Unknown:
Yeah. I think it's quite urgent because every every month you get more, for example, more services which block coin joins. Yeah. I think it's so every yeah. The more the more this goes on, the more information the the surveillance people get. And the KYC is just going farther and farther. Right? It's just like
[01:25:04] Unknown:
I don't know. Okay. So so we kind of talked about current Bitcoin privacy. Let's move on let's move on to the future. Let's let's oh, oh, no. No. No. We're not moving to the future. Sorry, freaks. Last last discussion we had on civil dispatch last week, there was some confusion about civil attacks. Arguably, civil attacks are the number one threat model for users that are trying to use Bitcoin more privately. Do you guys want to explain I guess, we'll start with Chris. You wanna explain, like, what what a Sybil attack is? Maybe we'll talk about Fidelity Bonds really quick. Are you talking about
[01:25:54] Unknown:
yeah. I I suppose you're talking about civil attacks for joint markets. So that would mean where, now with with joint markets, anyone can be a maker. They just put Bitcoins in a in a bot in the wallet and then start it up and it'll become a maker. And a civil attack would be when there's an adversary who create the 10 or 20 or 50 bots, and has all of them on into the order book, and they all create coin joints. And if a you if a user is unlucky, they'll coin join, but only with these Sybil users, only with these Sybil makers. And then they would get a coin join, but because all the all the other all the other people in the coin join would actually be the same person, their coin join could be easily unmixed.
Now the way, so that's called a Sybil attack because it comes from it comes from that there was someone who had, like, a mental disorder where she had multiple personalities, and she was called Sybil. Her name was Sybil.
[01:26:45] Unknown:
That was actually her name. Something like that. Yeah.
[01:26:47] Unknown:
Like Sybil Johnson. I don't know. Right. Now the way the thing I'm I'm working on right now is a thing the idea is called Fidelity Bonds, which is where in joint markets and in in Coins Swap later, you'd have makers would also have the option of putting coins into a time locked address. For example, they could lock up their coins for 1 year or 6 months or something, and that's kind of like a sacrifice. You can you can precisely work it out mathematically how much they've sacrificed in value to lock up coins for a year or 2 years. And then takers, joint market takers, would be programmed to preferentially choose makers which have a more valuable fidelity bond. So the effect of that would mean if someone then wants to do a Sybil attack, they have to sacrifice much more value.
I've done the I've I've got some calculations on this that if if kind of the honest order book sacrifices 1 Bitcoin worth of value, then a similar attack would have to sacrifice about 60 Bitcoins worth of value to to
[01:27:46] Unknown:
be successful at attacking. Because the idea is the idea is is that the with with with the Sybil attack is is is where the the goal when in privacy focused Bitcoin is is to be amongst a crowd. A Sybil attack in its most extreme form is that the whole crowd is a single attacker. So if if we're talking about fighting Sybil attacks, the plan should be to make it so that an attacker has to spend more than an a so called honest actor, someone acting in good faith. And with Fidelity Bonds
[01:28:18] Unknown:
with fidelity bonds I just like to interrupt that 606102 made the same joke that I was gonna make that they they sacrificed 6% a year. Right? Right. Of course. It's it's important to remember that the civil attacker is sacrificing 6%
[01:28:30] Unknown:
per year. But also, the honest actors also sacrificing 6% per year. Compounded annually in Bitcoin. It's important that we remember that we're not funding it, and that it is compounded annually and paid in Bitcoin. But the the the the idea with Fidelity bonds is if you spread out your Bitcoin among multiple maker positions, that's gonna cost you significantly more money than if you just do one large maker position. Right?
[01:29:00] Unknown:
Yeah. Exactly. And coming back to the the 6% per year idea, you could think of this as a way to earn income from your Bitcoins without I mean, join market already has this. You can earn an income from your Bitcoins without having without having to give up your Bitcoins. So they stay in your wallet, and you don't have to give up any KYC information, and you earn money from them. But you're on Hot Wallet. Because, like, from the yeah. And from the point of view of someone who's doing this, like an investor, you could call it, in a way, it competes with the BlockFi thing. So the thing that the effect that Fidelity Bonds would have is they'll make the joint market system more capital intensive. Like, it would require more Bitcoins to be involved. And from, like, from financial principles, you could expect that then the yields that the interest people could earn would go upwards.
[01:29:46] Unknown:
So once for and to put short, once Fidelity bonds added to join market, market makers, if they have loads of money, could earn more money. But let's still manage a little bit. First of all, the fees are are basically nothing right now. Right? Like, you're not really making any money being a maker.
[01:30:03] Unknown:
That that that's that's definitely I mean, that's definitely true, but never forget that there is, like, a a kind of edge case because the at the very larger sizes, that isn't really as
[01:30:13] Unknown:
true. Like, the the Right. If you're special, there's not that much competition in the major Exactly. Right. For the larger. But but Generally, it's true. If if if we got taker usage up, those fees should go up, and and the maker should be able to make more money. Do you agree on that? Yeah. Generally, you know. Like, would we would we agree that, like, the the the biggest the biggest example that adoption of join market is unfortunately lower than what we were hoping for is that the fees are still pretty low.
[01:30:42] Unknown:
Right? Well, I mean, you can just scan the chain and look for quantitative measures. The reason the fees are low is that everyone who can everyone who wants liquidity can easily find it. That's why there's Right. Because we don't have enough we don't have enough takers. But if we had more takers if we had more takers, the fees should go up. Right? Yeah. That's so that would be the the demand side. But also, that's the supply side in that. Right. I think there's loads of Bitcoins out there just sitting in cold storage, not doing anything. And if fees went up even a little bit, then many of those Bitcoins would move out from cold storage into this, and that would make sense. The weird thing about join market
[01:31:18] Unknown:
the weird thing about join market is the UX is is, in my opinion, good enough. It's easy enough to use for someone who is is savvy enough to try and be a maker, but but could use work on the taker side to get, like, more, you know, mainstream users in. But on the maker's side, like, they have an incentive to just figure it out and and Yes. And then just to go back to my previous provocative example, like, you only really need, like, the a1000 dedicated ideological OGs on the maker side, and and they can figure out the US. On the taker side, we we kinda need taker adoption to go up and then the and the fees should go up at that point. But but wait. I think there's a danger here
[01:32:01] Unknown:
that that people have attended to look at the market and say, oh, the market's wrong. You know? The way I try to explain this in the past is that that there's many, many costs and benefits to add in to the to the system. So on the on the, maker side, there are benefits such as the the passivity means you don't have to make decisions. The fact that you, you you get, privacy while you don't spend Bitcoin network transaction fees, which are which are usually the larger by far of the 2 components of fee is the is the Bitcoin network transaction fee. So the unusual thing you know, like, if you came at the joy market from the point of view of something like Wasabi, you you understand that or at least the first anyway. Yeah. The the taker's, like, bearing that entire cost and distributed among all the participants.
So there's several, I mean, advantages the taker gets such as being able to choose an exact size. Go go ahead.
[01:32:56] Unknown:
But the takers, it's it's considerably a taker and joy market is a taker and joy market is considerably cheaper than Wasabi. Everything out everything equal. Wasabi's Wasabi's coin joint fee is dramatically high. It's like like, it it you you save a ton of money if you're a taker in your market. Yeah. But even the network fee, the network fee is a 100 inputs or whatever. Sorry. Continue.
[01:33:24] Unknown:
No. But but that has to be distributed. I I okay. Let me just go through because I wanted to make a quick list of all of, like Go through it. To work out what the the price of of of joint market usage is. Because because if you're the if you're the taker, you get several, like, distinct advantages. You're able to choose the exact time at which you do it, and it goes through quickly. You're able to, choose the exact size of the payment, which means you can make a payment in a coin join if you want. You're able to and the second advantage of choosing the exact size of the payment is the crucial one, which is it allows you to do something called a sweep, which means you get no change. Another advantage you get, which if you compare it to, like, other CoinJoin implementations is you could do any size, including very large sum principle.
So there's a lot and the and, of course, the biggest, maybe the most crucial advantage that the taker gets is that you're supposed at least, assuming there's no bug, it's supposed to be the case that you don't reveal any information about your inputs and outputs to the other participants in the whereas the maker doesn't get that advantage. So there's all these advantages. On the other side, it has the advantage of, well, I'm not paying any network transaction fee, and I can just leave it runnatively and, a couple of other things I can't remember. But but the point is that there's many different, like, components of cost and benefit to play in. And the fact that it works out the most of the time, we're talking about, like, tens to hundreds of sats for coin joint fee. Only if you'd go to larger sizes does that price get significantly larger.
It's just it's just the result of all these, like, difficult to measure factors. And I I totally agree, by the way. None none of this is to disagree with what Chris just, expounded on fidelity bonds as it would add a much stronger anti civil effect, which means that, most likely or almost certainly, the prices will go up because the quality of what's being offered is gonna be is gonna be higher. But I would also mention because I I wanted to mention this because I think it earlier podcast is that when we had this bug recently, well, we could talk about the bug if you like. But but the thing is We could talk about that. But Okay. We'll we'll talk about it in a minute. But I just wanna say that, people do have 1 and you specifically, I think, perhaps have forgotten a rather, important, change that was made to join market as a system about, I don't know, 2 years ago. I can't remember exactly when, which is that the, it's slightly less it's significantly, I would say, less syllable than it used to be in as much as, you don't have the situation where somebody can simply of the lowest possible fee and just almost automatically get chosen. Because it was kind of sort of like that in the early days where there was another exponential.
Well, it was it was kind of an exponential distribution giving too much weight to the very lowest fees. And all that we changed was we made it so that without going to huge amount of detail, we made it so that, when a taker comes along, he doesn't just aim for the very lowest fees possible, but he aims for
[01:36:11] Unknown:
any random fees within some reasonable range, which gives him a much broader set of potential participants to choose from. I'll just put that down. Let's just talk so so yeah. I mean, that's massive. That's very important when we're talking about the threat model with Joy Mark. Right? So so the reason I bring this up, first of all, is that, I mean, people should do their own research. Fucking people say that too much in this space. People should listen to the the the last conversation we had with No Power and Open Arms. But No Power just, like, is extremely frustrating when you start talking about sibling. Right? Because because it when we're talking about actively seeking privacy when using Bitcoin, we're talking about very well funded actors, that are very secretive in what they do.
And I'm talking about the chain analysis of the world. I'm talking about the Elliptics of the world, and I know their founders listen to this show. Elliptic, especially, like, Tom, I know you're listening. I appreciate that you're you're very upfront with what you do, to a degree, but everything is very secretive. And if we're talking about them and we're talking about threat modeling them in an active an attempt to actively seek privacy in Bitcoin, the threat model is is that they're gonna try and flood our usage. Right? And in in joint market in joint market, we're talking about them being multiple makers. Right? They're gonna be multiple makers, and they're gonna offer very low prices.
Mhmm. Right? And they're gonna try and be as in as many of of your make arounds as possible. Do we agree on that? I don't know if we agree that it actually is happening, but it certainly No. I'm not saying it's happening. We don't know what's happening. That's the crazy part. Right? Yeah. Is that we're talking publicly, but they're not talking publicly about this shit. So we don't know if it's happening or not. But the if they were to attack joint market from a Sybil scenario, that's how they would do it. Right? Yeah. They would do it on the maker side. Yeah. Right. And that's what Fidelity Bonds is trying to solve is, like, is is is so that it becomes way more expensive for them to be multiple makers Yeah. Yes. Than than be a single maker. Right?
But Yep. But if they're a regulated entity like chain analysis, can't they just can't they just reduce that that fidelity bond risk? The idea is that that you have such a large Fidelity Bond that you have this massive price risk. Right? You have to lock up Bitcoin, which is nice because first of all That's not right.
[01:38:49] Unknown:
Well, so what what Right. The exchange rate risk doesn't come into this. What comes into this is that, in the maths of it is that, the the value of your fidelity bond is the amount of Bitcoins you have squared. So for 5 Bitcoins, it would be 5 times 5 is is 25. If you have 6, it's 6 and 636. And that means people are trying to to lump up their Bitcoins into 1 bot. Right. But Right. There probably is a risk where it doesn't come into the analysis of it. Like, you know, you can analyze proof of work to see how it works. Right. But you're I mean The way this thing there's a there's a strong incentive for someone to lump up their Bitcoins into 1 bot rather than if they spread it out over many different bots, then they have a disadvantage, a strong disadvantage. But if I recall correctly if they if Chainalysis is doing this, they would they would have to it ends up working out. They'd have to own, like, a $100,000,000 worth of Bitcoins or something. Right. Right. So
[01:39:41] Unknown:
which is significantly less than Michael Sailor owns. They can just borrow they can just borrow on BlockFi. Right? That that's what I'm saying. Right? But that's exactly what I'm saying. Can they just can't they just if they're a regulated entity, they don't care about privacy. They can borrow this shit. They can hedge it with shorts. They can do all these different things. Right? And and and and the cool part about Fidelity Bonds is that it's not a hot wallet, which is awesome. Yeah. Right? I'm I'm correct on that. I recall correctly. Yeah. Which is awesome. So you don't have hot wallet risk. So, really, what you have is capital risk. Right? You have you have to you have to own this much Bitcoin and Bitcoin's a volatile asset, which is kinda nice in terms of a trade off if you're a Bitcoiner, which is the same trade but it's the same trade off it's it's on a high level, it's the same trade off as trying to actively surveil lightning.
In that, they have to force number go up if they try and they have to, like, literally buy Bitcoin and own Bitcoin.
[01:40:41] Unknown:
Right? Yeah. So that's so just to add in, you're right. Exchange rate risk is one thing, but a bigger like, the the kind of way I analyze it, that it's a big cost there is opportunity cost. So if they put all this money into Bitcoin, it means they haven't put it into some other investment. That's the that's how you work out things in financing. It's called the cost of capital.
[01:41:03] Unknown:
Right. But they can just if they're a regulated entity, if they're chain analysis and they're valued at $2,000,000,000 and their former chief counsel is now the head of FinCEN, Like, they can just hedge that risk on CME and just take out a short in Bitcoin equivalent amount, and then they have no they have no opportunity cost whatsoever, really.
[01:41:24] Unknown:
Yeah. Fine. That Right? So they'd pay interest on the the thing they're borrowing. You're right. So, yeah, those short positions have a cost of carry. Right. Right. They have they have a carry cost. But they're making up for it in their, like, 200,000, 400,000
[01:41:40] Unknown:
fees that they're charging, all these exchange that that's their business.
[01:41:46] Unknown:
Right? Right. So you're right. The kinda stepping back a second. This all this works if, if people all this works in the sense that it costs a lot of money to attack it. So if the attacker does already have money, then it won't work. So you're right about that. It's the same with Bitcoin mining. If someone spends less of money on miners, then they can do a 51% attack.
[01:42:06] Unknown:
Right. But with mining, it's a little bit different. Because mining, you have, like, with mining, you have, like, physical you have to get physical chips, which right now, by the way, there's a massive shortage, which is why we haven't seen difficulty go up with price. Like, you can't get ASICs right now. And then you actually have to, like, plug them into to power. You know, you have to actually have power wherever you're located. If buying a $100,000,000 worth of Bitcoin on the open market and then staking it is not that I mean, it's difficult for us, but it's it's not that difficult for a a a company that's valued at $2,000,000,000 that just raised a $100,000,000,000, like, 2 weeks ago.
[01:42:49] Unknown:
My intuition about this is is is like I have 2 comments on it. I mean, it's first of all, it's, first of all, it's good analysis both from both of you. But but the very glibly nowadays are talking about a $100,000,000 figure because Right. The maybe when when when Chris first started writing a few Python to create joint marketing, we weren't thinking about a $100,000,000 attackers on our system. And the second comment is, like, I have got this strong intuition, which may turn out to be totally wrong, but the people who do this kind of an analytical work are gonna be very leery about committing engines to these kind of sibling. It's I I it just says a little anecdote, and I don't think it's real, but it gives you a kind of flavor of it. That in late 2016, when we were experiencing this kind of a different kind of sibling attack, we might call it a snooping at some joint market where, a bunch of people were coming along as as takers, not makers, coming along as takers, starting the negotiation of coin points and then stopping in order to try to collect UTXO information from makers. Right.
When when we implemented a defense against that, which basically consisted of a kind of a souped up commitment that forced takers to, at some point in the negotiation, reveal their own and reveal that they'd never been used before for this kind of commitment. It basically meant that if somebody wanted to continue doing that attack, they would have had to keep revealing new UTXOs to us, like in the 1,000. And I I I I'm guessing that the the reason they stopped is not because it costs much, but because they just that's just not a thing you wanna do as an attack. Now maybe if you're chain analysts, you, a, are prepared to spend 100 of 1,000,000 of dollars on this, and, b, are prepared, to reveal, like, on chain UTXOs to that you're doing this attack. But I suspect probably they're not prepared to do that. Just a suspicion.
[01:44:38] Unknown:
Yeah. I I It might be right, but they they could turn around and they might do it. Like, my kind of point of view is you know, that old saying, if you want peace, prepare for war. But I'd imagine what to do in a in, like, the worst possible situation.
[01:44:52] Unknown:
Right. We should assume worst case scenarios. Right?
[01:44:56] Unknown:
Yeah. But I I think there's a strong there's still a strong analogy between Bitcoin mining and how if you have a lot of money, you can attack Bitcoin and these Fidelity bonds where if you have a lot of money, you could attack joint markets. And if if your attacker just has loads of money, there's nothing really you can do.
[01:45:11] Unknown:
I mean, I think at scale, we can defend against it just because, you know, Bitcoin will increase in value so much, so they get cost prohibitive. But in the short term, I mean, there's there's a massive advantage. If if if there is a a chain in a a chain surveillance firm, it's important we call them what they are. If there's a surveillance firm, a very competitive industry, arguably, the 2 industries the 3 industries in Bitcoin sub industries in Bitcoin that make the most money are the regulated exchanges, completely captured, the chain surveillance companies, completely captured by design. They capture people. And then, and then these fucking lending services, that are offering you 6% for custody of your coins, and and you're never gonna get those coins back out, presumably.
Those are the 3 most valuable tranches in in Bitcoin land. If if you're talking about, I'm I'm a regulated institution or I'm the IRS or I'm the DEA or I'm the CIA, and I'm trying to decide who I give the $15,000,000 contract to. The firm the the surveillance firm that is unwinding joint market compared to the firm that isn't unwinding joint market is way more valuable from a subscription point of view.
[01:46:34] Unknown:
One interesting thing of that point is that if 2 firms at once try to attack joint market, then they stop each other from working. Right. So if you had an American firm and a Chinese firm both doing the civil attack, they they'll be half the the coin joint makers at every point. Right. Yeah. We wanna encourage as many of them to attack as possible. Yeah. So America and China and Russia and North Korea or whatever, they all need to agree to, like, together do a similar attack, which might be possible, but it's also maybe that geographical arbitrage could also help us.
[01:47:07] Unknown:
Notice how the kind of openness of this kind of system works in its favor here. The fact that we by design, we don't have any, like, identification of users, and we don't have any centrally controlling entities. So it's very amorphous. I often try to tell, like to tell people, which I have no idea if it's true or not, is, like, there could be another joint market trading trading pit out there that nobody knows about or that some people know about and I don't. The the nature of open source software is kind of really helpful in this, and and and just just generally using Tor and just not using it. But, of course, the flip point is exactly why why we have so much difficulty in having to come up with very complicated or sophisticated, defenses against things like Sybil is for the same reason that we we explicitly reject the concept entity in the system.
[01:48:00] Unknown:
Yeah. Yeah. So that that was very awesome. That was a great discussion, guys. I don't know if that discussion has happened publicly before. I don't think so.
[01:48:12] Unknown:
Happened on IRC, I think.
[01:48:14] Unknown:
So so yeah. IRC. All the good ones happened on IRC. So I Everything see. I, I mean, the the reason I I I keep harping on it is because, specifically, chain analysis has gotten they've they the the company chain analysis, the surveillance company chain analysis has gotten, is is by far the largest in the space. They're the elephant in the room, followed second, maybe I we we got 61 or 2 in the comments by Coinbase who has their own, chain technology now, the chain surveillance firm within Coinbase, like their own tool within Coinbase.
And and and, presumably, Coinbase itself is holding over 15 1,500,000 Bitcoin, because because we know they have about 900 bit 900,000 Bitcoin of customer funds, in proper Coinbase, and then Coinbase Custody at least has GBTC, which is, like, another 800, uh,000 coins. So so we know that they're at least holding, about 1a half and, like, the sailors of the world and stuff are all going to Coinbase Custody. So they they are holding a a ton of coins. They have a ton of users. They're going public. They have their own chain surveillance. So it is kind of, aggregating to single actors. Right? And and and as that happens, that centralization in the chain surveillance space, that hurts us, as you said. Like, I agree on that. Like, we we actually want it'd be better if we had multiple active attackers, when you when you started to throw them all this up. But but all this said, strictly, it's I think it's it's super important. We're we're an hour and 50 minutes in. I appreciate you guys' time. I think it's super important for us to to to pull this back that if you're actively trying to use CoinJoin, trying to use Bitcoin best practices, you're you're strictly in a better sibling these things.
You're you're strictly better off, and you should you should use it. That's part of the solution, and it's very important that people use these things, but it's it's also very important that we openly discuss these concerns. These are the threat models. These are the the threats that we're trying to work against. So with all that said, where where are we going in the future? What what do we have to look forward to as Bitcoiners?
[01:50:50] Unknown:
I think Chris We already talked about PayJoint. Coin swap at this point at this point at this point.
[01:50:57] Unknown:
Let's talk about coin swap.
[01:50:59] Unknown:
Okay. Yeah. So, as as you may have seen, I've, I've released a version of it that works on test net and chest. And it doesn't have all the features, but it can do multi hop and multi transaction coin swaps. So they are you could think of that as like coin join, like an on chain privacy technology, but it's it looks like a regular transaction kind of. Although right now has a multi sig. It has a 2 of 2 multi sig. And, you could someone could use that to mix their coins. Now the reason I'm doing the reason I'm right now working on Fidelity bonds on joint market is partly to improve joint market, but also partly to kind of get used to the idea to have it sort of out there in the wild as an experiment of people actually using it to see if the Fidelity Bonds idea works and if there's anything that can be improved on it. And after that's done, then I'll go back to working on coin swap, to make it to carry on work and get it towards so that it works on main net.
Okay. So I think, yeah, that that's, that's where I am at right now.
[01:51:59] Unknown:
We have we have public final void, talking about getting blacklisted off of exchanges again, on the chat, and and disagreeing that you're better off using CoinJoin. Look, if if you wanna, we said this earlier, but just to recap, like, if if if you want to be a part of the surveillance economy, by all means, you know, keep it in the same address, maybe use custodial custodian option. I don't fucking know. Like, if if you wanna practice all the best practices in terms of regulatory compliance, by all means, proceed with that. But when we're talking strictly from a privacy point of view, using these tools are are net benefit. I mean, you shouldn't use them thinking that they're perfect.
I don't want you guys, like, making mistakes and assuming that you're completely anonymous. Like, that'd be horrible. I don't want that. But but strictly from a privacy point of view, attempting to use these tools, using these tools is gonna is is you're in a better privacy situation than if you don't do it otherwise. I mean, they're they're cataloging everything you do when you use these regulated institutions. They have they have your personal information. They have every financial transaction you're making. It's all getting recorded on a ledger that's gonna exist forever. This ledger is gonna exist forever. It's all gonna be there. Even if you don't fuck things up now, even if you don't realize you fucked things up now, that can come back to haunt you in 10 years.
Back to Coinswap. Chris, Coinswap is is same concept as PayJoint in terms of being a steganographic, strategy, right, to break heuristics.
[01:53:44] Unknown:
Yeah. Yeah. That's the end of it. The the end of it, it would look just like a regular transaction or more than one regular Bitcoin transactions.
[01:53:52] Unknown:
So so both both the pro and con of using Coinswap is that on chain, the user the the anyone looking at the chain should not be able to know it's a Coinswap. Right?
[01:54:06] Unknown:
Yeah. That's the that's the aim.
[01:54:09] Unknown:
And then then the the if we steel man it, right, the negative is is you might be accused of something that's not you you're doing.
[01:54:19] Unknown:
That's right. But that's the same for pay join. Like, you could, you could have a pay you could accept pay joins and then someone pay joins you who got their coins from like, they stole them, you know, their their theft coins. And then people come to you and say, oh, why do you have theft coins coming to have the the the the theft coins were cospent with your money in this transaction. So why are you does does that mean you stole the money? It's true that any kind of privacy technology could bring heat on you, and I don't know. People just
[01:54:50] Unknown:
they'll have to deal with it. Like, in some countries, just using Bitcoin is against the law. Right. I mean, let let's talk like proper compliance pros. Right? Like, it doesn't have to be a theft transaction. Like, you could use Coinswap, and you can swap with someone who use CoinJoin, Or or you can use PayJoint and they use CoinJoin, and it looks like you use CoinJoin. Right? Yeah. Exactly. Which is once again, like, if we go back, is a bullshit negative. Right?
[01:55:17] Unknown:
Could could could we, I think long term oh, go on.
[01:55:22] Unknown:
I'm curious. I think long term, the one possible outcome is that the KYC Bitcoin world and the kind of privacy, self custody Bitcoin world split off and that it'll be that it won't be very common that coins go between them.
[01:55:35] Unknown:
Do we think that's, like, happening right now?
[01:55:38] Unknown:
I don't think it's gonna go like that. I mean but, can I can I ask a question about CoinSoft? Because we've, like, started talking about it, and I I think they do. Yeah. Let yeah. Your listeners might might might want to hear more. Yeah. I was like you guys did an episode between you guys, and I just sat here at 5. No. I just wanna say, like, so first of all, maybe you could I'm gonna I'm gonna ask you a question in 2 parts, Chris, because I know you can answer them. The first question is, what is the basic idea of a coin swap? No no need to go into great detail, but what is the basic idea of coin swap? And the second question is, how do you address in this concept that we've just talked about of it being secondographic, like, you couldn't tell it was a coin swap on chain, how do we address, like, the amounts of the two sides being equal?
[01:56:24] Unknown:
Oh, right. Okay. So the the first thing of what a coin swap is, it's a way of, it's a noncustodial privacy protocol. So how it actually works is that if they say Alice and Bob or Alice, Bob, and Charlie, they send so Alice sends a coin to Bob, and then Bob will send but a different actual Bitcoin, a different UTXO to Charlie, and Charlie will send, again, a different Bitcoin back to Alice. So what's happening? The reason it's called the coin swap is they're actually paying Bitcoins. So Alice's bought Alice's coin ends up in Bob. Bob's coins ends up in Charlie. Charlie's coin ends up on Alice. And, the the crucial point there is that it's noncustodial.
So it's a bit like CoinJoin in that. None of these users could actually lose money doing this because it uses Bitcoin smart contracts, language. And the reason that it improves privacy is because someone who's spying on Alice will think that Alice has sent, will think that, like, they won't realize that Bob now has the coin.
[01:57:24] Unknown:
You're you're completely breaking the transaction graph.
[01:57:29] Unknown:
Yeah. And then the second question was how does it deal with the CoinJoin
[01:57:34] Unknown:
amounts. It's almost a almost a combination between CoinJoin and, like, the custodial mixers of the past. Right?
[01:57:41] Unknown:
Or, like Yeah. So you could I I maybe that's a bad Like, the custodial mixers. You could say it's a bit like the custodial mixers, except there's there'll be more than one of them, and the custodial mixers can't steal your money.
[01:57:54] Unknown:
Right.
[01:57:56] Unknown:
Let's go here. Now the second question was how to deal with the equal amounts. Because, of course, if sends 1.2 bitcoins, Hans has to send exactly 1.2 bitcoins or around that amount to Charlie and so on. And the way it deals with it is the multiple, the multiple transactions. So Alice won't just send 1.2 bitcoins. She'll send maybe 2 or 3 transactions, and they will add up to 1.2. So for example, she may send 0.5 plus 0.3 plus, what's that leftover? 0.5 again. So it's 0.4. You you get that there. And then and then Bob will send a different he'll also send 1.2, but a different combination. So he'll send 0.1 plus 0.3 plus 1 point, you know, you get you get the idea. And then for anyone who's looking on the blockchain, they'll never see the exact amount, 1.2 bitcoins. They'll only see these 0.5, 0.4, and so on.
[01:58:51] Unknown:
Right. And so you do you end up with a did you end up analyzing the kind of subset sum issue in the same way that I did with CoinJoin XT? I'm sure you remember that whole
[01:59:01] Unknown:
spiel. Yes. Yeah. Yeah. There is there is a I found a way you can this was, like, two and a half years ago at this point. If you remember, I actually messaged you on IRC and direct message way back then. And what it was is that there is a way essentially that if you assume that each block has about 3,000 outputs, then there is a way you can make the number of possible subset sums. Or the way I've worked it out is it doesn't work on subset sum, but on false positives. So subset subsets which add up just by chance to be roughly close to your your total amount. And then you can make that up. It ends up the math ends up being that you can make that false positive rate be huge, like a 1,000,000 or 10,000,000 or something. Yeah. Well, this is very analogous to the discussion about nonequal sized
[01:59:46] Unknown:
coin join inputs and outputs. Right? It's the same basic mathematical problem. What I found was interesting recently in the analysis of the grid chain case, You remember the grid chain case, you know, the whole thing where they they, this of early sea was, like, finding where the coins went. And some of the traces in his analysis was very interesting. I I found one particular transaction, and I thought, well, this is kind of interesting. I have these 4 inputs we know came from the same people. The rest of it, we can't quite, like, extricate, and I analyzed it. And I found that the subset problem was almost it was there were multiple, like, 5, 6, or more different solutions to the subset some problem on that particular coin joint specifically because joint in those days, but to to a lesser extent now, has a quite unknown and quite large delta on each value because of the fees. And if the fees are unknown, you actually have quite a smearing out effect whereby there are multiple reasonable solutions to who could have been the makers and who could have been the takers in the transaction. So here's an interesting thought. Yeah. If if we use and we get the the fees higher in join market, it will actually make the the privacy better because actually the fees will be larger and more smeared out.
That's a sorry. That was a nerdy joke. I'm not too sure. And that also
[02:01:00] Unknown:
that also applied the coin swap as well. The the adding up the the fees are included as well. There'll be a liquidity market. Right. So some Right. One on someone on the chat has said, what's if you're with a FBI handler? And the reply to that so the general question is, what if Alice coin swaps with Bob and Bob is spying on her? The way that's solved is there'll be a rooted coin swap. So Alice will coin swap with Bob, and then she also organized a coin swap between Bob and Charlie. And if she wants, she can do between Charlie and Dennis, like, 3 you know, however many makers she wants. And the coin swap goes as a route through all those. And and then in order to unmix her coin swap, all of those 3 or 4, however many makers would have to collude.
And then you it's it's essentially the same thing as in joint market. All the makers have to actually be the same person and colluding. Right.
[02:01:46] Unknown:
Which is where the fidelity bonds come in. Yeah. And then fidelity bonds would be helpful there as well. So that it's way more expensive for you to be multiple makers than a single maker. Yep. Exactly. Yeah. I mean, so that that that's I mean, that sounds fantastic. And and from your point of view, Chris, you think this completely deprecates CoinJoin?
[02:02:16] Unknown:
Well, so, it may deprecate definitely only equal output coin joins. So pay join would still be used, I think. But what about join market? You think join market is completely Well, the thing of join market join market say the thing with joint market, it's a decentralized protocol, so nobody can shut it down, not even me. That's not what I'm saying. I'm not It will live as long as people use it. And I So that's Yeah. I guess one day people decide that coin swap is more useful and they might swap over, but I think you're wrong with the market. I'm not asking you if you think that coin swaps
[02:02:50] Unknown:
that that I I'm not asking you if you personally are gonna shut down joint market. That's the most ridiculous your most ridiculous Okay. Idea ever. I know you can't. What I'm what I'm saying is you believe personally that me as a user or the freaks that are listening to the pod, and I'm, and and and you're talking about best practices, that they will have no use for for join market, because coin swaps are are are better and obviate the need for for CoinJoin. Right?
[02:03:27] Unknown:
Okay. I see. Yeah. So the word sorry. The word deprecate has a meaning in I know. I get what you mean now. Yes. I think, in other words, do I think coin swap is better than joint market? Yes. And the reason is that it's cheaper in minor fees and that it they're indistinguishable so that it's you're hiding the fact that Coinswap is happening.
[02:03:50] Unknown:
So you don't think you don't think that that Coinswap is a post mix tool? You don't think Coinswap competes with PayJoin? You think Coinswap competes with CoinJoin?
[02:04:01] Unknown:
Yes. Equal output coin join. I think so. What do you mean by post mix?
[02:04:06] Unknown:
I mean I mean, you do coin join, and then after coin join, you do coin swap to break the transaction graph.
[02:04:14] Unknown:
I suppose you could do that if you wanted, but then if you do it that way, then it's obvious that you use the coin join, and also you'll spend more in minor fees. But but here's the thing.
[02:04:24] Unknown:
So this is where the frustration comes in. Right? It's because so this show the whole point of this show is is is that I wanted a a place where we can have actionable Bitcoin a place where we could discuss things with Bitcoiners, amongst Bitcoiners with a live audience, where we could actually talk about things that that a Bitcoiner could go and and and and and do tomorrow. Right? And and, like, actually make their situation better. Rather than, like, pie in the sky cheerleader kind of ideas I'm not accusing you of this, by the way, but this is very common in the podcast space. Where, like, Bitcoin fixes everything, and there's, like, no trade offs. And and in 5 years, it's all gonna be perfect, but, like, you don't have to worry about it now. You just have to listen to the podcast and hear it's it's brought to you by these sponsors, and in 5 years, like, it's all gonna work out. Yeah.
I wanted to show where, like, we could talk about real things and, like, people could do those things. So so so my my my concern is is is that this idea is is when we talk about in practice of people actually using Bitcoin, the number one thing when you talk about privacy is coin control. Right? Where did your UTXO's come from? Labeling them, knowing in 5 years when it comes time to actually spend them where they came from, and and and choosing accordingly based on that and and and and the user has to fucking deal with this, and there's, like, a major disconnect because, first of all, the majority of Bitcoiners just are never spending Bitcoin. So they're just putting it in cold storage. They're not even thinking about it. And then the privacy focused users are in their own world where they're just boycotting KYC, and they're just they they just know how to use coin control and all these things.
So what's cool about CoinJoin for me, specifically, equal output CoinJoin, is that it kind of resets the coin control. It kinda resets the history of the UTXO in a in a very objective way. Right? It's, like, almost it doesn't matter if I I you you paid me 5 years ago. I don't remember it was you who paid me. I take that UTXO. I put it through CoinJoin, and, like, I'm resetting that history. Like, I forgot I forgot what the label is. I'm resetting that history. It almost reduces the need, and I'm not I'm trying to cover my bases with all the fucking words, but, like, I'm not saying that coin control is is unnecessary in that situation. I'm saying it reduces the reliance on prudent coin control and labeling if you have this ability to almost reset the history of the transaction.
And in a situation where you're using Coinswap, it'd be really nice if I could reset the history of the transaction before I do my swap. Does that make sense?
[02:07:28] Unknown:
Yeah. So if I understand right, you see the the fact that it's obvious that a coin join happened. You see it as a possible feature.
[02:07:35] Unknown:
Right. Like, I'm resetting the history.
[02:07:38] Unknown:
And then if so, you could say Coinswap does not have this feature. Correct. Right. Probably okay. You know? Okay. I understand that point of view. Probably what will happen then is people use both if people are interested in that, they'll use Coin CoinJoin and Coinswap, like, depending on the situation.
[02:07:57] Unknown:
Right. But I wanna automate that. Right? Like, I want the wallet to just automatically push it through CoinJoin and then do a coin swap, and then maybe go into a a combined lightning opening, and then you pay. Right? And you, like, put all that together, and I and and this goes back to my previous topic that, like, why the fuck are we hiding the fact that we care about privacy? Like, we don't do this with speech. Like, everyone knows I'm using signal. The point is is that the encryption is supposed to stop people from being able to read the messages, not that they're supposed to not know that I'm using signal.
[02:08:32] Unknown:
I think I think they're both they're both valid valid and correct, perspectives to have at the same time. Even though they seem contradictory, they're they're not really contradictory because, like, when we use a steganographic technique, the advantage is that we we gain this huge anonymity set without needing to, like, coerce other people to do the same thing as us. And with the the sort of public non steganographic techniques, it has this advantage, as you say, that we are sort of publicly asserting the right as well. I think at some level, the steganographic approach is always fundamentally better because there's always this option of selective revelation. So you talk about something like confidential transactions where you're, you know, blinding amounts. You always have this auditability possibility where you could just have some key that allows you to actually assert that this really was, x amount of Bitcoins. And the same with any other thing like coin swap. You could always selectively reveal that you, you know, you engaged in a Coinswap.
So that's like, one of them is, to me, more powerful than the other, but it's it sometimes comes at a bit of a cost. Like, for example, with coin swaps, there's this kind of, cross block what I like to call cross block interactivity property, which is a bit undesirable because you in order to enforce the smart contract, you have to consider the state before and after, you know, blocks get confirmed, which introduces even if minor, it introduces an extra element of risk, which a coin joint doesn't have, as well as the interactivity being more practically difficult, of course.
[02:10:00] Unknown:
Like, can we go into that cross block?
[02:10:03] Unknown:
Yeah. So that essentially means, you send coins into a multisig when you're doing a coin swap, and then you have to wait a block or 2 to make sure there's no reorganization, and then you complete the coin swap protocol. And, the the fear there is that, for example, if there's a 51% attack or if or something like that, if if you if your Internet cuts out, then you could lose money. It's it's quite similar to having lightning. You always need a watchtower, if you're familiar with that. It's it's actually the same concept there. So does that added risk, which doesn't exist in a coin joint. And then No one's running watch hours, by the way,
[02:10:38] Unknown:
for whatever that's worth. Okay. Very few. Very few. Few. Few.
[02:10:44] Unknown:
Who watches the watches? The second thing about, waxing said about interactivity, from my point of view, that doesn't make much of difference to the user. So that makes it a bit more difficult to implement. But the user will still come along and just press send on their on their application, and it will send. So it's a thing. It's a problem for developers, but for users, I think they won't notice. But it will it will create delay in the user experience. It won't create additional complexity for the user. As you say, it's more for the developer. Yeah. Right. But the user already has a delay because it takes 10 minutes for a block to appear or even longer if you pay a low fee. So the delay is big already. It doesn't matter. If you if you do it right if you do it right, a coin swap,
[02:11:19] Unknown:
especially if you're paying someone else with a coin swap, if I'm paying Chris with a coin swap, If if you do that if you do that in a a UX friendly way, that could actually be better that could be better UX than a regular Bitcoin payment. I'm not too concerned about that aspect of it.
[02:11:40] Unknown:
Or what about what's the Yeah. Go on. Go ahead. What what about the comparison with with just just lightning? I mean, do you see, Chris, the main the the advantage of coin swap, architecture over just a lightning architecture is that you can deal with larger amounts, or or is there other elements I'm not thinking about?
[02:11:59] Unknown:
Yeah. There's that. There's larger amounts so that with lightning, it's inherently limited by the channel capacity. And with Coinswap, you could do any amount that's in the in the liquidity order book. There's also the effect that with Coinswap, you I call this unilateral adoption that you can pay anyone who has a Bitcoin address. Well, with Lightning, to pay someone with Lightning, they have to accept Lightning. You have to beg them a bit like with PayJoint to accept Lightning. And then the 3rd kind of difference, there's actually a whole section where somewhere I wrote, what's the difference between coin swap and lightning? The 3rd difference is that coin swap has these fidelity bonds, and they can't really be added in lightning. So then the civil resistance of coin swap is is a lot higher.
[02:12:37] Unknown:
Wait. Why can't But, yeah, you're you're a young Why can't they be added in lightning? Why can't you have a fidelity?
[02:12:43] Unknown:
How how would it, like, think practically. If you want to open a open a channel with someone, you you check the well, maybe there is a way. But Yeah. I don't know. If you want to imagine you open a channel, and then it says you'd rather I'd rather open it with this one because it has a high fidelity But but but that breaks up that you can sign a message and broadcast it with your public key of your node or something.
[02:13:05] Unknown:
Right?
[02:13:06] Unknown:
Yeah. This is the thing I'm asking is, would they make your route longer? Like, the person you're opening a channel to isn't necessarily the person you want to pay. Yeah. You know, most people Yeah. Open channels with Bitrefill or someone they pay very often. Yeah. Yeah. Yeah. The fact that I mean, Bitrefill, they're not regulated. Right? Like, they don't have to deal with KYC information.
[02:13:25] Unknown:
They're not a centralizing factor at all.
[02:13:28] Unknown:
I think I think they might be a little bit.
[02:13:33] Unknown:
I'm I'm really a big fan there. I don't wanna say anything next to you. I love that refill. I'm just I'm just being a little bit of a dick about about lightning.
[02:13:42] Unknown:
Yeah. Yeah.
[02:13:45] Unknown:
No. I mean, I think this is a very insightful conversation. Okay. I wanna I wanna I know I know we're gonna run out of time eventually. I wanna mention 2 other ideas. Although, probably, we should talk more about Coin Swap, but I just wanna mention 2 more ideas because I don't think these these get mentioned very often, and and they're both my idea. So I wanna mention them. So one of them is called coin join XT, and what I I like about coin join XT is imagine the idea of a coin join, but still trying to make it kind of steganographic or maybe completely steganographic by spreading the coin join over multiple transactions instead of having 1 huge transaction.
And the great thing is that with Segwit, you can do that all in one single negotiation without some massive, you know, without some, massive interactive protocol. Everyone can just get together just like they do now to arrange a coin join on join market or whatever. And instead of just arranging one big transaction, they can arrange a graph of transactions that are all connected together, and each one of them could look like an ordinary payment. Or if you like, it could look like a 3 party or 5 party coin joint. And you could build these whole this whole network of transactions all at once, and you can negotiate all the signatures up front because of SegWit's, you know, malleability fix.
So, consequently, we we we could negotiate that and then just have it so with careful, like, arrangement of timeouts and stuff, time locks rather, We can have it so that any one party as long as any one party wants the whole thing to go through, the whole network of transactions to go through, then it will go through. And what I like about that is that it it it comes back to that beautiful steganographic property, meaning that coin joins could be, like, embedded in the blockchain in a way that they don't look like. And I know you you like everyone to be able to see it. And just for you, we could throw in a couple of, like, actually public public coin joins into the graph, but, like, there'll be several other transactions around it that would actually be coin joins and nobody would know.
I like that idea, but I still haven't actually written any code. So so Chris
[02:15:38] Unknown:
But this now that while while talking to you guys, I realized that some people actually want their their privacy transactions to be visible. From that point of view, then this point during XT, which I I remember reading I mean, you told me about it. I read it, analyzed it, like, a few years ago. It it maybe makes a bit more sense because I originally didn't like it because I thought coin swap was better because it can be invisible. And there's actually a thing with coin swap that we're adding is it's if you have a a coin swap coin, like, you own a coin and it came from a coin swap, it's not possible for you to prove even if you wanted to that it came from coin swap.
[02:16:12] Unknown:
So its history is completely like Ah, so you're saying it has has the deniability. I'm wondering if you could have a version that is to do with the way the lock is created that is actually oh, no. But even adapter signature coin swaps are actually, yeah, fundamentally deniable by design. That's very interesting point. I didn't didn't think about it. Yeah.
[02:16:32] Unknown:
Yeah. Yeah. Fun and not even deniable that even if you want to do, you cannot prove it. So it's even more than deniable. Sorry. Yeah. The deniable is just gone. Yeah. Yeah. The deniable. I know. Well, you'd call it like a the knowledge is unprovable, maybe unprovable.
[02:16:48] Unknown:
It's like OTR where, you know, given the transcript, anyone could have made the transcript. Yeah. So you just have no way of, yeah, proving it. There is another term for it. I don't know what the term is. I can't remember. Yeah. Interesting. Did points. Yeah. You're right.
[02:17:04] Unknown:
We can look it up for later. Oh, yeah. Coin CoinJoin XT is a good,
[02:17:08] Unknown:
it's a nice like, a kind of a fundamental privacy that's worth looking at. But but do you see in that in that way of doing things, it's optional. Like, you could go the the the route that you like, Chris, where it's absolutely I know it wouldn't be perfect, and it wouldn't be as good as a coin swap, but it would you would have some contiguous subset of the entire chain of transactions, which were actually all arranged by, let's say, 5 parties together. But each one of them just looks like an ordinary payment, has nothing. There is a very important fly in fly in the ointment, which is multisig, which we should have talked about before with Coinswap. You see, the thing is when you make multisig today, it's very distinguishable as multisig.
And so in these CoinJoin XT graphs, you would have to have 1, multisig, co owned, output at every at every step. And so we really do need these multisigs to be indistinguishable from
[02:17:59] Unknown:
well, ECDSA. Yeah. No. You don't necessarily. Yeah. E c d s a 2 p or 3 p or whatever. You could have used that for because the plan is the plan for coin swap is to use that anyway, so you may as well use it for coin store and next eve too. Your your idea was that it might be better to use that even if Taproot's activated. Right? I seem to remember you saying that because it would inherit the because Taproot anonymity set of everything. Yeah? Yes. The tap the anonymity set is bigger. Yeah. Yeah. Yeah. But I still wanna if if I don't mind, can we just come back to the point of why would people want their privacy transactions to be visible? It just seems a bit like
[02:18:36] Unknown:
I I don't understand that. I don't I don't know how how that Chris Chris, my argument my argument isn't that Yeah. That it it should be visible. I'm just saying, like, we shouldn't be ashamed if it is visible because Right. That is privacy is like, seeking privacy historically has always been a visible task that that you are actively seeking privacy. Like, you no no one hides that they're seeking privacy in every other situation. It's I don't know. I disagree.
[02:19:04] Unknown:
I disagree.
[02:19:05] Unknown:
Oh, no. Specifically specifically speech. Specifically speech. When it comes to encryption, encryption is extremely obvious. It is obvious that we're using when when I speak to Chris on DM using PGP,
[02:19:18] Unknown:
Jack Jack and everyone at Twitter knows that we're using encryption in our DMs. Yeah. But it's not always like that. Think about the activist in a despotic country. You know, this is this is where the steganography really comes in is that you do not want your local government official to know that you're using GPG because he will come around your house with, you know, with the boys.
[02:19:40] Unknown:
So that's the go on. In a free society in a so called free society Yes. It is not it shouldn't we shouldn't just immediately assume like, we shouldn't immediately assume the shame card. Like, it's it's ridiculous that we should feel like we need to hide. And and I'm saying this specifically as I mean, and and props to both of you guys. You guys have been very vocal, very public, even though you have way better OPSEC than I do, about Bitcoin privacy. And why is that the case?
[02:20:13] Unknown:
Because you think it's important, and you think that you shouldn't be ashamed to care about it. Right? Yep. I think so. I do agree with you. I'm just saying that there's that other aspect, you know, like, in the more
[02:20:25] Unknown:
the freedom fighter model, so to speak. That's the thing. If you're in a free society, why do you need Bitcoin? Right? Bitcoin works best as a way of resisting places where there's not much freedom.
[02:20:35] Unknown:
Right. I mean, what I'm saying is it's a so called free society, and it it it it shows their hypocrisy. It every time every time, like, a a democratic government wants to ban encryption, it shows their hypocrisy. Yeah. Yeah. And and same with CoinJoint in my opinion. And and and I I would go back to this idea that coin control is a very difficult process, and this idea that we can provably reset the history of a coin Mhmm. Is is a very valuable concept. If we can get if if we can if we can get Western democracies at least to agree that CoinJoin is a fundamental human right, that it's it is just it's it's just law abiding citizens trying to seek privacy best practices, send Bitcoin with privacy best practices.
[02:21:23] Unknown:
That's a massive win. Right? Yeah. Do do do you see, Chris, our our our perspective is something like by doing this thing publicly, we at the very least, we force our opponents to show their cards as being, quite frankly, evil in their behavior. At the very least, we show that. And I would say that's more than that. It's also it's, yeah, it's also like showing that fungibility is possible and and, like, making putting fungibility in in people's face. Like, suppose somebody builds walletexplorer.com today. I know that history has moved on. And the only kind of technology people had ever used was, like, you know, coin swaps and things. And nobody knew who was using coin swaps. They'd like you couldn't go up to someone and say, look. Look. Look at this wallet explorer. It's complete bullshit, and I can show you why it's bullshit. Because look on the graph, it's actually just a massive coin join, and they think they're all the same person, the while the explorer are stupid. But you couldn't really do that if we only ever used secondographic techniques
[02:22:19] Unknown:
because, nobody would nobody would know anything, and everyone would sort of think they I don't know. Maybe that's not true, actually, but interesting to think. Yeah. You'd have to do it in a way that, I don't know, you take someone's coins from their own wallet, which they know belong to them. And then then you put it into Wallet Explorer, and they says, look. You actually this coin actually belongs to some guy over there. Can I just bring in something from the chat? So 6102 says, for coin swap to invalidate the heuristics, you need many users using it. For CoinJoin to validate the heuristics, you need just that one CoinJoin. But I think that's, I think that's not right because you can have, this common input ownership heuristic. You could any any analyst could exclude coin joints because coin joints are detectable. They could say, I'm not gonna do the common input ownership heuristic on this particular transaction because I can see it's a coin joint. Well, that's not possible with coin swaps because you can't see them.
[02:23:09] Unknown:
I thought that was a good point. That was worth saying. But so so, Chris, like, you care about protecting the privacy of users who don't care about their own privacy,
[02:23:18] Unknown:
And that's what Coinswap attempts to do. That that's one of the motivations. But they also, doing building a system that way also helps massively people who do care about privacy. They have a much bigger anonymity set. Yeah. It's just making the bigger anonymity. But we do agree that, a stronger
[02:23:34] Unknown:
heuristic than the common, the common input ownership heuristic is just, like, sending to a KYC exchange and, like, then they just have your KYC info.
[02:23:44] Unknown:
Yeah. They have all your docs.
[02:23:46] Unknown:
Like, you just send it to BlockFi to get your 6%. Like, it doesn't like, no one's gonna be, like, oh, that might be a coin swap.
[02:23:55] Unknown:
Yeah. They wouldn't be able to detect. Well, this is why we the the discussion we've been, yeah, the that's why the discussion we've been having recently, I remember, on IRC is about blacklisting and whitelisting. Right? Because it seems like the blacklisting techniques that we're seeing being sort of thrown out there by exchanges like like a BlockFi example you showed earlier on are obviously kind of broken ideas fundamentally because there's always gonna be hops, and there's always, like, deniability and hops. So they're just gonna move more and more towards a world where they just say, well, I want to see you know, you I wanna see you prove the origins of these coins before you even use them or something like that. It's a horrible thought, but I I I I that's how I see it going.
[02:24:35] Unknown:
Yep. That could be an outcome.
[02:24:38] Unknown:
You see this, question from Peter l Grant asking if there could be a maker taker model with Coinswap where the makers have to provably have performed a coin join beforehand?
[02:24:51] Unknown:
In principle, that's possible. You could get the makers to send the transaction they're paying from, like, via the via the communication. There could be, but I think, yeah, there could be. Alright.
[02:25:04] Unknown:
And and then so, like things like this all, though. So you're you're you're the the the dream of of Coinswap is that we get this fucking thing integrated into, like, every mobile wall every wallet, as many wallets as all the good wallets should have Coinswap implemented, And then make every transaction a Coinswap. As many transactions as possible. At least at least,
[02:25:27] Unknown:
everyone who wants it can have it. There's no nuance here, Chris. Every transaction, every every transaction single one. Yes. No. But there's a really no. But there's a really important nuance, isn't there? Because, again, it's steganographic, which means it only has to be a smallish percentage to completely fuck up the blockchain analysis. I mean, that's a really important point that should be hammered home. Right. So what percentage? We're talking 10% you said earlier?
[02:25:48] Unknown:
Yeah. We're all. Fantasy I've had is that it will be a checkbox that users do they want, like, a really private coin join, or do they want a regular transaction? They have a checkbox to prove which one they want, and then they press send and it happens.
[02:26:01] Unknown:
Right. I mean, preferably I mean, it'd be nice if it was just the default, but Yeah. It's hard for it to be the default. I if if you keep it in, like, a semi walled garden and you're fine with semi trusted third parties, like I said, like, I think you could create a UX where where Coinswap could be an easier UX. I mean, I'm thinking, like, let's pretend BlueWallet became super successful and they added usernames, and I put in the username, and I just pay that username, and that person just has it on their phone, and just automatically, like, gets the push notification, and then connects and does the swap. That could be an easier UX than scanning a QR code.
[02:26:44] Unknown:
But they also means that you can only pay people with that method who are also using blue wallets. So you lose the whole worldwide permissionless part of Bitcoin. Right. But it's a it's we're talking trade offs. You know, it's convenience versus
[02:26:58] Unknown:
Okay. So for that, you'd have to bother all your friends. You'd say, hey. Can you switch to blue one? Pay you using your name. And, Waxwing, where does where does where does Snicker fall into this? Yeah. So Snicker was a like, a it's kind of out of left field of all these other ideas, and I'm all that came out of was me thinking about how could you possibly do CoinJoin in a way that didn't even involve, like, connecting to other users on a network? And it sounds kind of impossible because everyone has to sign a transaction. Right? So all I could come up with is is this idea that what you could do is basically kind of scan the blockchain, to put it crudely, and look for outputs obeying a certain pattern and infer that the outputs that the inputs corresponding to those outputs might be owned by the same party. They may or may not, of course.
And then you could kind of basically use the key in the input, the public the pub key in the input as an encryption key and send an encrypted proposed transaction that included the output that I just mentioned and one of your own outputs both being spent together to make a a coin join. So I wrote like a like a gist with a kind of proposed protocol for it. And, you know, a few people were somewhat interested and and sort of we looked into it a bit. And, at the end of the day, I don't think anyone's really taken up apart from me. And I do I I kind of literally mean me, not just not just join market, whatever. But I have actually, like, written all the code, and you can actually do it in join market today, but I put heavy kind of warnings on it that you would only wanna be using this on Signet or some kind of, you know, test setup. You don't really wanna try and use this on Mainnet.
But it's all there. I mean, there's even like a part well, it's funny that the well, the kind of internal technicals of it are kind of interesting, but the really tricky point ends up being the kind of broadcasting of the proposal. So you imagine you're sitting there looking at the the whole blockchain. You say, oh, this this output looks like it could be a good candidate for me to do a coin join with it. And so you make up the transaction, but then you have to put it somewhere for this other person who you've never met, don't know who they are, don't know what part of the planet they live on. How how are they gonna find that proposal? Right? Even if it's encrypted to them, so it's like secret. So that's good. But they've gotta find that encrypted proposal. So I've what I've done is I've set up, like, a tool hidden service, and you can just post it to a simp it's got a simple SQLite DB on the back end, and you just you can just add your proposal there. And, and then wallets can just scan that list. And I've even added, like, a little proof of work. It's quite funny. I used, like, Adam Back's HashCash idea in in there so that people can't just send millions of proposals,
[02:29:30] Unknown:
because they have to actually add some proof of work to them. And I guess the idea would be like a wallet would scan that automatically. Yeah. Exactly. Yeah. That's what Joy Joy Market can do that. Yeah. The biggest trade off being and I mean, this is how Joy Market used IRC for kind of a message board type of situation. But but the biggest trade off being that your public key needs to be exposed, which in non Taproot times is you've you've already spent from that address. But but post Taproot, that could be extra useful.
[02:30:06] Unknown:
Say you look at a joint market transaction and you see the change output and you can figure out what the corresponding input is. There are ways what you can either guess or even completely know what the input corresponding to an output is. And since inputs publish pub keys in their script sigs or or witnesses now, nowadays, it didn't actually turn out to be a big limitation. Joining with the reused address. Right? No. No. No. No. No. That's what I'm trying to say is that imagine you just did an order and repaying them. Right? Suppose you use 1 in suppose you use 1 input and you got one output and one change. Then I, as the scanner, come along, look at either the output or the change, doesn't matter. And I know that and I don't know. Now that's the point is that you I've got a 5050 chance that the output or the change, are the same owner as the input. So in that scenario, I could even just make 2 proposals.
1 in which I use the the the spending output and the pub key of the input, and the other one in which I use the change output of the pub key of the input. And in in one of those two cases, I will be correct in my assumption that the UTXO is the same o has the same owner as the input had, and therefore, that public key will be owned by the same person who owns that UTXO, and therefore, they will be able to decrypt the proposal and sign and and broadcast transaction. So you use you you don't use the reused address, but you use the reused pub key. Yeah. The the first proposal was based on the idea of reused address because therefore, you definitely know what the public key is. And as you say in Taproot, as you say in Taproot, that removes that whole problem is entirely removed because you have the public key anyway. But yeah.
[02:31:34] Unknown:
It's it's a detail, really. Yeah. That's a thing I think that, that's worth mentioning here, waxing mixed over. There's a cryptographic scheme where you can given a pop key, you can create another key pair from it that Oh, yeah. Yeah. Yeah. Yeah. This pop key will know, but you can calculate. So you can use this to not reuse addresses.
[02:31:52] Unknown:
Yeah. So so the idea is is the the the the term is often used as tweak, t w e a k. I'm not quite sure why. It's just addition of cryptic. It looks like curve points. Yeah. You just basically you take the original, script pub key of the address and you just or the the the key corresponding. And, oh, sorry. The the key of the input, which you're using, that's the the key that you've, like, connected to and said, right. I'm gonna use this for encryption. But you can also take that key and add a random number to it times, you know, the base point, and you get a new entirely new public key that only the recipient will know the private key of. Even though you were able to construct the public key of it, as the sender, the recipient will be the only one who can, like, access it as a private key. Yeah.
It's kinda I I didn't wanna give
[02:32:38] Unknown:
details, but, you know Yeah. Yeah. But it's a big, like like, at least for me, it was a big light bulb moment that it's a big thing that makes this whole team actually work. Yeah. As you yeah. It doesn't work without that for sure. Yeah.
[02:32:49] Unknown:
Mhmm. Anyway, so how do how do we think that, like, snake rule will actually be used, or is this just a Well, what I like about something like this is that it almost it's it's one of those things you could just put put out there into the world and, like, people can find use in it or not. Right? Right. Because if, like, 10 people use it, it's, like, kind of a net benefit for everyone. Right? Well, there's that, but I just mean the fact that there's so little, like, interlocking or or dependency between the participants. Are the you don't really need to do anything, to be honest, to, like, get people to use it. It's not like you don't have to coordinate a bunch of people together.
The only thing that people have to agree on is where there's where there's an an onion out there, an onion service that can that's got a list that they can just query or or they can either add items to a query, and you can have multiple of those, and you can have make up your own one. I don't care. I mean, I've written a a server. People can use that server if they want or just use their own server. Do you see what I mean? It's like it's the whole point, it was try to disentangle the the coordination of users. That was the whole thing to me. In a world where there were thousands or hundreds of thousands of people using it, which is ridiculous, but if in such a world, it will be really cool because you could actually use it to make payments because there'd be, like, a bunch of people out there. You could, like you what you can do is sweeten the pot by making just like in join market, an incentive where instead of just making an equal output coin join where both people get back exactly their coins, you could make it so the receiver end actually gets a little bit more. And then there'll be tons of people out there scanning to, like, make a to to just for any snicker that, like, proposal that turns up, and it might be that you could send I would actively do that. Like, if I could actively Yeah. Easily scan to see if if if someone was trying to snicker with me, I would do it. Yeah. So there's there's a tool in there called snicker finder that actually, I should mention it because it also lets join market users using the minus j flag to the to the script. It allows them to just scan the chain for join market coin joins, but they can also use it to scan for snicker coin joins at the same time. And I assume you're not I assume you're not concerned about trademark infringement here.
I mean, what? You mean that yeah. That bee is candy. No. It needs an s on the end, right, for that.
[02:34:58] Unknown:
It's not Snickers, freaks. It's important that that we we make it clear. It's just Snicker.
[02:35:03] Unknown:
I just have a thought. So, Waxwing, do you think it makes sense to combine the snicker noninteractivity with CoinJoin XT? So using snicker would actually produce these multi transaction coin joints. The thing about yeah. Possibly, yes. The benefit there would be Mhmm. Go on. The the advantages then in distinguishability. It'll be a snicker that no one knows is a snicker.
[02:35:26] Unknown:
Yeah. But I think, I was gonna say is that the only limitation on snicker, it's a big limitation, is it's currently only 2 party. It can't really be more because you just want this one way flow. I I don't think you can make this one way flow with 3 or 4 or 5 parties.
[02:35:40] Unknown:
But, given that limitation, you can see do a coin to an XT with just 2 people. 2 party. Yeah.
[02:35:49] Unknown:
I don't see an obvious limit to a problem with, I'd have to go back at the coin joint XT, like, workflow because you have to multisign. No. I think you have no because you have to multisign every step of the graph. So I don't think you can do it noninteractively. Oh, I see. Yeah. Yeah. I'm not I'd have to go and check. You can
[02:36:08] Unknown:
Multisign both and then oh, I don't know. It's tricky. I'm not going yeah.
[02:36:14] Unknown:
Yeah. Because because Contrin XT is like one of those protocols very similar to lightning where the it's entirely based on that idea that everyone signs upfront by having, like, specific, like, anchor multisig outputs. So nothing will happen unless everyone agrees. You know? So that involves some interactivity.
[02:36:36] Unknown:
Yeah. That's fine.
[02:36:40] Unknown:
The this is fantastic so far. I I I love the back and forth between you guys. 61 and 2 is getting blocked. I'm reading what he's saying. Whereas with yes. Yes. 61 to 2. I think I think we understand what you're saying. Chris, correct me if I'm wrong. 61 to 2 is saying that, with coin join, like, obviously, the heuristic is visibly broken with coin swap. They don't know if it happens, so they have no way to factor it in. Mhmm. The the I I I I think we've made that clear. Right? I think so. Yeah. But my my point there was that because it's visibly broken. Someone who's using the the heuristic,
[02:37:29] Unknown:
an analyst can exclude those transact
[02:37:31] Unknown:
so it Right. Will be visibly broken, and then that makes it not broken, If you see what I mean when they exclude it, Chris. I love when they I love when they say I love when they say just, like, Altcoin join Altcoin joins illicit behavior because our fucking tools cannot unwind it, and that's fantastic to me. Yeah. Okay. Fine. So I have I have, I mean, look look, I I think it's important that we flex on these people. We can't let, like, the compliance bros just think, like, they can run this shit. The whole point of Bitcoin is is is civil disobedience.
Right? And, you know, I might co host on rabbit hole recap, who he's, like, fucking livid at fat for every week and shit, and they listen to the podcast. That's great. But let's put that liveness on chain, you know, like, let's let's make it clear to them on chain forever, that we disagree. I wanna see the percentage of of equal output coin joints go up. I don't wanna I don't wanna see it sit at 2% or 3% of the chain. I wanna see it go to fucking 45% of the chain. I want I want these guys to be, like I want them to go into a meeting and be, like, we have no idea what the fuck is going on. And and and it's visible. It's obvious. Like, let's fucking do it.
So I have 2 more questions, that are I think are really important. First of all, I'm curious on your guys' opinions of bisque. The people that are watching the video right now, bisque is pumping. We're almost at 63 k. That's the bottom that's the bottom price. The top price is the evil empire. The most liquid spot exchange in the world for Bitcoin is Coinbase Pro, and they're about to go public. They have a surveillance company, and they're fucking evil. They're trading at 58 k. Bisc is trading almost at 63 k. What is what is your opinion on Bisc? Do you think Bisc can scale? Do you think Bisc is an important project? Do you have any critical views here?
[02:39:30] Unknown:
Do you wanna go Well, I I sure. Yeah. I I was I was around. I don't think Chris was as well when when Manfred first came up with this whole Bittsquare thing, and, he was very enthusiastic. And I think it's really good that we have those kind of, like, in principle that that those things that exist that are peer to peer, of course, it's always gonna struggle at at the fear, like, edge because it's at the fiat edge. And I'm I'm presumably, it's people often say, oh, there isn't enough liquidity. Well, I mean, people have trouble, doing any more than, I guess, small amounts of trade on such platforms because, you know, you're moving money into and out of bank accounts. And it's all about the bank accounts, ultimately. Everything else is fine. I mean, I've used the software myself. I think it's, I mean, it's obviously evolved over the years, and I think it's got a lot better.
I think it's I think it's good, but I'm I'm not surprised the the volume's alone. Let's just say that It's because of the oh, the fear volume specifically are low. Yeah.
[02:40:33] Unknown:
I mean, if we look at the volume, I mean, the volume is, like, there there's been point there's been 30,000,000 sats traded on on BISK today in the USD market, and there's been over 5,000 Bitcoin traded on, on Coinbase today. Yeah. So we're not even close. The the the fee outside is the concern, obviously.
[02:40:58] Unknown:
To be fair to them, it's not really a comparable figure. Right? Because one of them is an internal database transfers going on, you know, between, users, or the other one is transfers into and out of bank accounts. Right? I mean, I mean, it's still obviously ridiculously huge difference, but I'm just saying it's not actually directly Right. I mean I mean, on on on that note on that note, let's just quickly
[02:41:18] Unknown:
let's just quickly remind everyone why, like, why we're in this space in the first place. Let's go. Yeah. To you, Bisc. There are many places to buy Bitcoin. They collect your personal information and jeopardize your privacy. K y c is the illicit activity. This is open source. It does not collect user data. You keep your private keys, create or take offers to trade peer to peer, and keep your Bitcoin private and secure. Cool. This is civil dispatch. We only do mid rolls for open source projects.
[02:42:07] Unknown:
Wait. So just someone understand why is why is this Bitcoin's more expensive? Are people paying for privacy, for example?
[02:42:17] Unknown:
Question. Does someone know? I mean, I I I think it's just a liquid. It's just very there's very little liquidity. It goes up and down dramatically in both directions.
[02:42:29] Unknown:
So it's so sometimes It does sometimes trade at a discount.
[02:42:32] Unknown:
It would we've I mean, for the last 3 hours of this show, we've been trading at both the discount and the premium. If we go back and forth, it's just Oh, I see. So it's just a very wide market. Yeah. Oh, okay. Yeah. Just to all the bisque freaks out there, like, if you want to create bisque video content, like, I will fucking put it on the show. So if yeah. That was great. That was from Pedro who That was good. Yeah. Free. It's good. I mean, we we put it in, like, every every two episodes, the freaks get hit with that mid roll. So, and obviously, they pay us nothing.
I think people should use Bisq, but I I do agree that like, look, bank accounts are at the end of the day always gonna be an issue. You you're never gonna be able to decentralize bank accounts, and it it it is what it is. Like, always cash will be best, but I expect that cash is going to, cash is already getting phased out. Yeah. Whether that's peers who who who care about convenience or whether that's governments that care about surveillance, Cash is getting phased out, but obviously, cash is king, when it comes to buying Bitcoin. I think Yeah. This and and I'm saying this from a point of view, I'm a massive supporter of this, and I fucking love Wiz, who's one of the the lead maintainers of Bisc.
But it it's it's, you know, it it it is what it is. The the it is our last gap, but, the the the fiat side is always gonna be more difficult. So I have I mean, Chris, you have an opinion on Bisc? We heard Waxwing's opinion on Bisc. You have an opinion on Bisc? Yeah. It's just
[02:44:27] Unknown:
basically the same as Waxwing's. Like, great projects, and I wish it the best. And, hopefully, its volume will go up. And, there is actually a point. The thing of Coinbase and these centralized exchanges, you probably have people on them who are actually day trading. Like, they buy and sell many times in the same day. And I don't know if that happens with Bisk, so that might make the the volume Oh, 100%. A 100%
[02:44:47] Unknown:
centralized exchanges. But, dude, it's it's a difference between 5,000 Bitcoin. Okay? So so even even if it's You're right. You're right. We're not even close. But, 61 and 2 mentioned postal money order in the United States is the most private way of doing it. I wonder 61 to 2 if you dox yourself a little bit there. But, that is the best way in America. Bisque is, yeah, Bisque is fantastic. My biggest issue with Bisque, is is that it is very obvious on change. So I want people to realize, like, if you transact with Bisk, like, if you look at that on chain, that's there forever that you bought Bitcoin through Bisk. So, obviously, after after you receive Bitcoin from Bisq, you should put it into join market and and CoinJoin it.
And then everyone will know you coin joined it,
[02:45:40] Unknown:
as well.
[02:45:42] Unknown:
But at least we flex on we flex on the haters. To keep in mind here, that doesn't change anything for BlockFi. BlockFi is going to block you whether or not you use Bisq or whether or not you use CoinJoin. So no one gives a shit there, so at least your trust you're, like, protecting yourself against your counterparty. And people who are against Bitcoin privacy probably have never received Bitcoin in exchange for goods and services. I mean, I got paid in Bitcoin the other day. Like, I don't want I don't I don't want, the company that paid me in Bitcoin, to know my future transactions. Of course, I'm gonna fucking put it through CoinJoin.
Like, this is a very Yeah. The the the these questions that we receive are from people who are not actually using Bitcoin on a day to day basis. So I have 2 more questions for you guys before we wrap this up, and before I give you your final thoughts. Do you have do you guys have opinions on Liquid?
[02:46:46] Unknown:
Chris?
[02:46:49] Unknown:
So liquid is, I'd I'd suppose it's good. I've never used it myself, and I suppose it's okay. There's a I suppose the reason I've never used it, there's the custodial aspects, which isn't the point that it's useful for traders. And then if you're exchanging between many exchanges, you can do that right No. That's bullshit. With small privacy.
[02:47:07] Unknown:
That's bullshit. I don't know. I I I told them I told them I I it that that's just poor marketing. I mean, lightning lightning is gonna dominate between exchanges. Like, large private channels between exchanges are gonna dominate. They can market however they fucking they want to market, but, but but but private lightning private lightning channels are gonna dominate there. It makes more sense. Like, why are you gonna trust the federation when you could do a private lightning channel, and get all the benefits without any kind of you don't you don't have that custodial risk. You don't have to deal with the federation. You don't have to deal with the regular regulatory risk. You just have to deal with the other exchange that you have the private lightning channel with, and and and public lightning could fail, but but private lightning still makes a 100% sense.
[02:48:00] Unknown:
Mhmm. I mean, there is there is there is a counterargument, but there is a counterargument. I remember Adam Back sort of saying this a few times. It's like, well, you did the sort of capacity issues with channels. I I tend to bring you Blackpink. But tends to be rude. Sense for p2p. That makes more sense for p2p. Like, I don't need capacity. I shouldn't have to to have inbound capacity to receive a payment from you p2p,
[02:48:22] Unknown:
but an exchange can fucking have Bitfinex give them fucking inbound if they need to receive a payment. But, you know, I mean, if there's, like, 10 exchanges and they all wanna have, you know, a 100 millions worth of the ability to move a 100,000,000 between them at any one moment, then then it tends to, like, magnify the amount of capacity you need to have. No. But they could root. Right? You don't have to have a 100,000,000 of each one. They could have a, like, 2 or 3 channels then route by them. Yeah. But Yeah. And you still need and and and liquid doesn't solve that. You still need to have the equivalent amount of liquid Bitcoin ready to go. Yeah. And then you're storing it in a fucking custodial federation instead instead of just you and like, if I'm bidstamped and I need to send $2,000,000 quickly to Bitfinex, like, I'm gonna have a trusted relationship with them. We're gonna have a private lightning channel.
[02:49:11] Unknown:
I mean, I'm I'm I'm big believer in this general concept of Yeah. It makes sense.
[02:49:16] Unknown:
Not yeah. But then liquid liquid makes more sense to me as, like, we have confidential transactions on it, and and p to p, I don't need to have inbound. It's like socialized inbound. It's like as long as you're in the system, you have inbound. Right?
[02:49:33] Unknown:
Well, it does I don't I don't think ordinary users are gonna find much of a use case for it. I mean, in theory, yeah, it could be like a good privacy tool, but they already have, like, Altcoins that do something similar. I don't know. Maybe. I I I never really thought about it too hard. It never really struck me as something I personally wanna investigate. I do like the elements project, and I do I do like all the tech that they've pushed forward in that in that realm. But the the the the product itself, yeah, maybe it's just mainly aimed at businesses, and and it's not so interesting to us. But it shouldn't be. That's my point, Waxwing. Like, I use You're using the opposite. Right? Yeah. You're using the opposite. No. No. So so so if if I'm withdrawing from an exchange, right,
[02:50:13] Unknown:
and I withdraw through lightning, they know my pub key, and they can white list me. Like, they could be, like, send me a and and and companies are doing this. Send me a, you know, a 100 sat transaction to prove that you own the lightning node. And now I have your public key registered, and then I'll withdraw it to lightning. And then I have I have inbound capacity restraints. Like, I don't know, Like, what? I gotta loop out, do all this bullshit that, like, Bosworth tells me I have to do. I'm gonna, like, fucking go to, like, because I gotta go to liquidity market and, like, go pay 10% or whatever to our boy, Anthony, who's in the comments, and, like, get my inbound liquidity. With liquid, I could withdraw everything to multiple, you know, liquid addresses. With confidential transactions, it doesn't show up on the liquid chain, and then I could swap out to proper Bitcoin or proper Lightning after the fact. Like, there's there's major privacy improvements if I could withdraw via Liquid. If I withdraw via Lightning, I don't really get any privacy improvements.
There there's a there's a use case for p2p. There's a use case for the average user on liquid that is not being addressed, really.
[02:51:31] Unknown:
I see what you mean. Yeah. And, also, it would cost possibly cost less than minor fees because it's a side chain. So it's Sure. Basically free transfers. Yeah. That might make sense.
[02:51:42] Unknown:
Right? Like, I I would love. I I would do my dollar cost average. If I if I have my auto stacking or like, this is what I'm talking about. Like, you guys are, like, you're on a whole different level. If I'm doing my auto stacking through through fucking liquid, that'd be fucking fantastic. I do my auto stacking through liquid and I swap out when I wanna swap out in a private way, and then that's from a different provider. Maybe that provider is from Singapore or something. It disconnects it disconnects me from that KYC record. I'm not sure where that makes sense. The problem is no one uses it.
I'm not pretending that liquid isn't garbage. It is fucking a mess right now, but if if people used it, it could be useful.
[02:52:29] Unknown:
It's true of a lot of things, isn't it? Yeah. It's like with with many things, you have to bother the other person to also use it, like, pay join and everything and stuff. Well, anyway, Freaks, you should go try Liquid. Go go try it out. SideSwap go download the SideSwap app and just, like, not sponsored.
[02:52:45] Unknown:
It's on, it's on Green Wallet, isn't it? I've got that one. Maybe I could have a quick look at it. Yeah. Green Wallet Green Wallet has liquid
[02:52:52] Unknown:
built into it. Come on. And,
[02:52:54] Unknown:
they have aqua on iPhone. There's also the actual full mode. And there's also the full mode, and you can Yeah. Chris. Chris, no one's gonna use that.
[02:53:04] Unknown:
No one's running a full liquid. Okay? I'm not I'm not I'm not trying to I'm not trying to broadcast, It's probably really easy. Fairy tales. You just 61 and 2 fine. Yeah. 61 and 2 is in the comments. 61 to 2 actually runs an elements node. He he says that people should peg in.
[02:53:22] Unknown:
That just that just reminded me. The very first time I I I literally, in my entire life, have never used Bitcoin QT, but I did run Elements QT once.
[02:53:30] Unknown:
It's nice. It's very clean. Probably is now. When I did it, it was it was just pretty basic. But yeah. 60102. We know it's trivial. He's ask he's mentioning that it's trivial to run your own Yeah. I can That's the cool part. That's the cool part. I just don't think the majority of people are gonna use it. I don't think that matters. But, yes, I do agree that it is trivial. The last thing I wanted to bring up was so we do have, we have so far, we have 2 coinjoin implementations that involve a centralized coordinator. I know there's a lot of controversy about those 2 implementations.
I'm not really trying to dive into the controversy, but if you guys wanna dive into it, I'm happy to dive into it. Really, what I wanted to bring up was the cool part about join market is it doesn't need a centralized coordinator. But if regulators don't care about centralized coordinators and they just allow that to happen, Do you would do you guys revise your thesis there? Like, do you think if we can get the advantages of a blinded centralized coordinator that uses Tor, so doesn't really know that much information, but might be regulatory, liable for things.
Is there use there? Like, is there an advantage there to use the tools that we have available to us if regulators aren't going to attack them?
[02:55:02] Unknown:
I suppose the advantage is because it's centralized, they can have an income from the CoinJoints and that could Right. That means they can pay programmers to make the product really nice.
[02:55:11] Unknown:
And they're making a lot of money. Like, that's always the thing of close source and This is not hypothetical, Chris. Yeah. Yeah. Exactly. Like, they're making a lot of money.
[02:55:18] Unknown:
Yeah. Yeah. Yeah. Well, they I don't think I think regulators will eventually, like, focus on them because it's such a it's such a centralized choke point. Why wouldn't you? And so the stroke of a pen, you can force them to do stuff. And, also, you know, they, these these coordinators, as we said before, they can do a civil attack. So they can, for example, the regulator could say, watch for this UTXO. And if it gets,
[02:55:43] Unknown:
if it gets proposed for a coin join, then you have to add your own inputs Oh, 100%. Attack and find out or Well, I've been I've been very clear to the freaks. I've been very clear to the freaks, and I think that it should be we should repeat it right now since especially since you mentioned it, is that these centralized coordinated coin joins, whether that's with Sabi or Samurais, do not provide protection from the coordinator itself, because the civil protection is the coin joint fee, and that is paid to the coordinator. So the coordinator is paying it to themselves. Yeah. And with Sabi, it's even worse because they actually make more money if they Sybil.
Right. But but I that that is not mentioned enough. We we mention all the time on this show. I think it's a very important concept to mention. But when you combine that with this idea, like, the custodial mixers, right, that were very popular and arguably very effective if they weren't honeypots. It's it's not the worst scenario. Am I wrong in that regard?
[02:56:50] Unknown:
Yeah. I mean, if it works and if you if your enemy isn't these regulators, then it's fine.
[02:56:57] Unknown:
I mean, Gladstein argues, and I disagree with him, and he's my boy. But I disagree with him because we can disagree with our boys publicly, that if you're not, like as as he's fine with Bitcoin privacy that is in the threat model that trust the US government. Right? And I I'm not cool with that, but he's fine with that.
[02:57:21] Unknown:
And I kinda feel like coordinated coin joints kinda fall somewhere in that that regard. Right? Yeah. Like, you're kinda I guess everyone chooses their own threat model in a sense. So if you're cool with the gov the US government, I suppose you could use those.
[02:57:36] Unknown:
But you're like, the status quo is that everyone is just destroying themselves on chain. Yeah. Right? So it's like any improvement is an improvement. Like, even if even if it requires a honeypot, like, fine. Like, okay, they got you. But they already got everyone else. Like, what what it Yeah.
[02:57:57] Unknown:
Yeah. For sure. I I'd never tell people to not use wasabi or samurai. Like, if it's better it's better than nothing. Right.
[02:58:06] Unknown:
Laxwing, you got opinion here?
[02:58:11] Unknown:
Not not hugely. I mean, yeah. I think, they're definitely viable models, and I do like the fact I'm very I'm very, happy with the fact that you've honed in on the, the weakness of the model with the was with regard to the incentive in civil, but it is a fairly minor I'm not saying it's theoretical. It's an actual weakness, but it's It's a massive weakness. Yeah. It is real, but I in practice, these systems I mean, a a nice thing to remember, of course, is something like Wasabi and I think also Samurais are open source, and it's not like we're totally tied to 1 provider like we are with these centralized exchanges. Right? They are actual software Right. That we run. So if people if so if something goes wrong, people can swap to another one.
[02:58:58] Unknown:
Presumably, we can have, like, an anonymous coordinator that just, like, builds reputation based on, like, a web of trust. And and we could. Yep. And you kinda end up you you end up in a similar trust model as custodial mixers, to be quite honest. Mhmm. But you end up in a situation where maybe regulators won't push where where where custodial mixers is obvious
[02:59:24] Unknown:
that a regulator is gonna fucking attack that. Right? But let's not forget, there is such a thing as coin shuffle plus plus. Right? I mean, there is no coin shuffle generally. Just the idea of, it is possible to build it in perfectly peer to peer, without coordinator and without anyone knowing anyone else's linkages, implementation. It's So this is what Decred is using. Right? Yeah. I believe they did implement. I don't know whether with the plus plus or without, but I think they did implement one of that, Tim Ruffing's, paper. It's a very excellent paper. I recommend people to read it. It's a very good idea. But Decred, like, they cheat a little bit because they have they have
[03:00:02] Unknown:
the they have the proof of stake, ticket system. So they have this, like, delayed time proof of stake system that they're using to incentivize CoinJoin. And and and the delayed time is very important in terms of civil resistance. But using it as a locking up funds. Yeah. They're using it as civil resistance. Yeah. But you actually get paid you actually get paid you you make money if you coin join in in Decred. And and and I do I do remember when To be clear to be clear to the freaks that are listening, I believe every single asset is trending to 0 in terms of Bit Bitcoin, including the Chrysler building and including Decred. I'm talking about every single asset, Apple stock, everything.
But with Decred, it's very interesting because they implemented this. They have a financial incentive. You make money if you coin join, and we're actually watching we're watching that chain go dark. Like, we're watching the whole chain go into coin join, which is very cool.
[03:01:00] Unknown:
Interesting. I didn't I didn't even know. I I remember the thing about them doing the project, but I was like like that Altcoin Dash, if you remember, where But Dash is garbage. Dash is like different story.
[03:01:10] Unknown:
Yeah. Dash is like very shitcoin. Right? Like, that's like super scam. Decred is also shitcoin, but it's it's less scammy in in in in that the actual there's actually an incentive. There's actually an incentive that they've designed, with their proof of stake, whatever, that is that is providing an incentive to CoinJoin. Right? Like, you make money Coin Joining, and the whole chain is is is basically going dark right now. Right? There there the whole chain is going CoinJoin. Right? Like, so, like, you're watching you're watching a higher and higher percentage of transactions go coinjoin because they make money.
[03:01:53] Unknown:
I'm gonna I'm gonna read a little bit about their, I've just found their link
[03:01:57] Unknown:
about their How is that different to join market where you can make money being a maker?
[03:02:04] Unknown:
They make significantly more money. Right.
[03:02:08] Unknown:
Right.
[03:02:09] Unknown:
But but the I think the more important well, okay. Maybe that is the more important thing. But the the other important thing is that they're using that coin shuffle plus plus protocol, that really does kind of finally square off the rough edges of the the other implementations, I think, at least in theory, because it it doesn't it is it can be implemented purely peer to peer without, without a coordinator, and it's still perfectly private, at least, you know, theoretically.
[03:02:38] Unknown:
Yeah. I mean, I mean, it's the same concept as Joy Market. That was the cool part about Joy Market to me, right, Was that you can make money providing privacy. Mhmm. You we just can't make enough money yet. Like, how do we how do we make more money, Chris? Like, like, you don't make it you don't make enough money off of it. And
[03:02:58] Unknown:
Good. Bitcoin is just so greedy. Right? It's like,
[03:03:00] Unknown:
of stuff like Yeah. 10,000%. I mean, I see it as I go. Can I make more? Everyone loves money from nothing. Yeah. Well, maybe commodity bonds will improve the yield.
[03:03:14] Unknown:
I appreciate both of you. Yeah. Continue.
[03:03:18] Unknown:
Go ahead. Yeah. Yeah. No. I've got a team on time for the yield. That's all.
[03:03:23] Unknown:
I I, I appreciate both of you joining. We went we've gone 3 hours. So, you know, I know time is money.
[03:03:33] Unknown:
Apparently not.
[03:03:35] Unknown:
No. It is. It is. And I appreciate you guys. We're we're this is a charitable deduction. You can just you can report this on your taxes as a charitable deduction for 3 hours worth of your time. They're demanding 6% in the chat now. So They want they want their 6%. Yeah. You're never gonna get your 6%, guys. That it doesn't matter if you shit coin. You will never get it. Yeah. It's not a huge risk. You can get 6% by gambling.
[03:04:04] Unknown:
Gambling on BlockFi.
[03:04:07] Unknown:
I I do do you guys agree with me that we we get all this shit from the ridiculous this this idea like, we're privacy advocates in a world where we expect Bitcoin to succeed. Right? So the goal should be that Bitcoin is going to fucking absorb everything around us. And if Bitcoin absorbs everything around us, then we should focus on trying to improve the privacy of Bitcoin. Yeah. Right?
[03:04:39] Unknown:
Yeah. Sure.
[03:04:40] Unknown:
No. I'm I'm saying from, like, from the perspective of shit corners. Right? Like, where the shit coins kinda came up just now. So, like, from the perspective of shit coins is, like, we're not gonna focus on a fucking privacy focused shit coin because because no one's gonna fucking use that shit. So there's no value to to us focusing on it. No. But it's still interesting to look at the the, like, the technologies they've chosen. Oh, 100%. 100%. We should look at everything they fucking do, and we should adopt the best of everything they do. And then, like, that that should not be debatable. But, like, why don't I tell people go use privacy coin?
Right? It's because that's counterintuitive. They're already in Bitcoin. They're already going to be in Bitcoin. Do we agree?
[03:05:26] Unknown:
I think they're wrong. Mainly, it's about, like, network usage, anonymity set, and and and also some security issues as well because a lot of the time, they trade things off to get these security, like, achievements. So these privacy achievements, they trade off security, I mean. Sorry. Right. Yeah. It's always it's usually
[03:05:42] Unknown:
a security trade off. Okay. Well, with all that said, appreciate you both. All the work you've done. You guys are fucking legends. Thank you for joining, this discussion. I hope you come on again in the future. The whole point of dispatch is that we're gonna it's like it's supposed to be like a global classroom, this idea that we all learn together and that I'm gonna bring you guys back. Like, I wanna bring you guys back year after year after year. So I hope you guys come back. I appreciate all the work you've done. Yeah. You guys have any last statements here, before we conclude this discussion?
[03:06:25] Unknown:
No. I think that's everything. Thanks for the kind words and for having us on. Yeah. Happy to know. Chris.
[03:06:32] Unknown:
Yeah. Thanks. Final words. No. I'm just really tired. We've been talking for 3 and a half hours nearly. That's my final words. Thanks a lot for having us on. It was, you know, a very difficult conversation. This is a really professional setup you've got here. I really like it. Yeah. Well, I appreciate that.
[03:06:49] Unknown:
Most of it is thanks to a centralized company that is probably going to go into surveillance capitalism. So I will have to switch. But thank you both for all the work you've done. Thank you for joining us. Thank you to the right guys. Mumble. What?
[03:07:05] Unknown:
Have you ever used Mumble? You know, the voice chat. Yeah. Mumble's good. Mumble's good.
[03:07:10] Unknown:
It can't compete with this. Like, the live chat is so cool that we have the ride or die guys just in here participating. Okay. I I think it keeps us honest. You know, it, like, creates the don't trust, verify kind of situation Yeah. Where where, you know, you can't accuse me of of spending the last 40 hours on SIPL dispatch selling FUD when you can just respond in here and just I'll let you just fucking broadcast it out to everyone who's watching. Like, they'll see what you say. You can call me you can say that I'm a fucking liar, and you can just put it in the fucking live chat, and it'll it'll it'll post it. And I don't think it's a coincidence that none of the other shows have the fucking live chat broadcast.
Right? Because they're not comfortable enough with it. So mobile's dope. It's open source, but but but the the closed source shit is always good, dude. It's, like, fantastic. So I appreciate you guys time helps. It's great. It's great. And we got the price, and we got our names, and we got all this fucking shit. It's good. But I appreciate you both coming on. Everyone should go, try join market. They should try joining box, OpenOMS. You guys remember OpenOMS from last week with Joininbox? Go try that shit. Care about your privacy, please. It's important. Follow Chris on Twitter.
It's under dash, Chris Belcher, under dash. Waxwing is not on Twitter. You're gonna have to go find him on Mastodon. And if you find him, you deserve it. Go to IRC. Let go of these things, and and just care about your privacy. I love you both. Thank you for joining us. I appreciate all your work. Shout out to all the freaks. Thank you, guys. Appreciate you all.
[03:09:00] Unknown:
Thanks. Okay. Bye. Bye. I'm waiting.
[03:09:05] Unknown:
Oh.
[03:12:31] Unknown:
Love you, freaks. Thank you for joining us. Bitcoin privacy is fucking important. Don't let the compliance bros tell you otherwise. We'll see you Thursday for rabbit hole recap. We'll see you next Tuesday, for the for the next little dispatch. Appreciate you all. Stay humble. Stack stats.
Goldman Sachs offering Bitcoin investment products to wealthy clients
Bitcoin privacy and the importance of security
PayJoin as a Bitcoin privacy solution
The way Tor works nowadays and the hot wallet aspect
Early days of Bitcoin and the interactivity of Lightning
The impact of PayJoin on fees and the practicality of its usage
Jack Miles gave a talk about it
Facebook and Oculus
Zuck's Facebook account got hacked
CoinSwap and its advantages
Comparison between CoinSwap and Lightning
Visibility of privacy transactions
Discussion about the limitations of using heuristics in analyzing broken transactions
Opinions on Bisq and its importance as a project
Opinions on Liquid and its use cases
