Citadel Dispatch

Share on social media:

Seth is VP of Cake Wallet, a self custody bitcoin wallet available on ios, android, and desktop. We discuss their new offline companion app, Cupcake, and variety of other privacy related topics.

Seth on Nostr: https://primal.net/sethforprivacy
Seth on X: https://x.com/sethforprivacy
Cake Wallet: https://cakewallet.com/

EPISODE: 179
BLOCK: 916494
PRICE: 909 sats per dollar

(00:00:01) UK Digital ID Dystopia

(00:01:02) Happy Bitcoin Friday

(00:03:01) Samourai arrests fallout and Ashigaru vs Wasabi vs JoinMarket

(00:06:49) Coordinator trust, liquidity, and taint/frozen funds

(00:12:10) Cake Wallet updates and unveiling Cupcake signer

(00:15:36) How Cupcake works: air-gapped signer, BCUR/BBQR, threat models

(00:19:01) Travel, opsec, and device choices for Cupcake

(00:21:30) Cupcake’s scope vs hardware wallets

(00:25:21) Multisig discussions, open standards, and future features

(00:29:43) Single sig and practical custody advice

(00:30:29) Recent Monero Attack

(00:36:21) ASIC resistance debate and Monero reorg analysis

(00:41:02) Wild idea: switch Monero to Litecoin’s Scrypt ASICs

(00:43:19) Lightning in Cake Wallet: evaluating Ark vs Spark

(00:49:37) Spark’s pragmatism, privacy concerns, and operators

(00:56:40) Strike/Primal, Cashu, and custodial vs self-custodial tradeoffs

(00:58:56) Hands-on with Spark in Wallet of Satoshi beta

(01:05:02) Bitcoin privacy outlook: Silent Payments, PayJoin, Lightning

(01:06:14) Silent Payments UX: Frigate server model and performance

(01:09:17) Run your own node for privacy and practical setups

(01:09:51) Closing reflections: builders vs discourse, optimism

Video: https://primal.net/e/nevent1qqsqmytsgrtq3s8zeqt6cgfsw4vlemyfrz5z02ylhkp7tm08ztuc2ysryw55x

more info on the show: https://citadeldispatch.com
learn more about me: https://odell.xyz

[00:00:02] Unknown:

And that is why today I am announcing   this government will make a new free of charge digital ID   mandatory   for the right to work   by the end of this parliament.   Let me spell that out. You will not be able to work in The United Kingdom   if you do not have digital   ID.   It's as simple as that.  

[00:01:03] ODELL:

Happy Bitcoin   Friday, freaks. It's your host, Odell, here for another Citadel Dispatch,   the interactive live show focused on actual Bitcoin   and Freedom Tech discussion.   That intro clip was   the prime minister of The UK   with some   dystopian news for our friends across the pond,   forcing them into   the digital ID future,   and threatening their jobs if they do not comply, which is something that we've been tracking for a while.   The trend has been getting worse and worse, but to actually see it actually come into practice is is quite dark.   I have our friend, return guest to the show,   Seth here. Seth for privacy.  

He's currently running Cake Wallet. How's it going, sir?  

[00:01:58] Seth For Privacy:

Doing pretty well. Doing pretty well. I'm I'm sad I'm I'm on the road. I would have had my my mempool block pillow   in the background that I'm rocking now.   My my backdrop at home, it would have fit perfectly with the the mempool dot space up there. But,   sadly, no. When I got as close as I could, it's at least somewhat mempool related. So you know?  

[00:02:17] ODELL:

Well, I like these,   I like doing these quarterly so you can you we can make sure you you're on brand next  

[00:02:25] Seth For Privacy:

next trip. That's true. I'll travel  

[00:02:27] ODELL:

with you next time. That shirt you're wearing was actually from the event that we were both at, which was the Oslo Freedom Forum,   and it's a Whirlpool transaction.  

[00:02:37] Seth For Privacy:

Crazy timing of that too because this was right   after   they were arrested. Yeah. But it was created all before   we knew any of that. Like,   they also know that it's a hard work. And  

[00:02:52] ODELL:

Yeah. They commissioned it before the arrest, but,   shout out them   for leaning into it even harder after the arrest.   Mhmm.   That actually brings,   me to   my first question, which was   by an audience member.   Now   now that   the gentleman at samurai are   they're about to face charges. I guess the,   the ruling is coming up shortly, but, obviously,   samurai,   there's an there's a new   samurai fork in town that's being maintained, Ashigaru,   and their own Whirlpool implementation.   In terms of Bitcoin CoinJoin,   do you have a preference over that versus the current state of Wasabi or   or join market? Do you have a preference there? How do you think about that?  



[00:03:54] Seth For Privacy:

Yeah. I mean,   I feel like we're still in a bit of a tricky place. I I think   my preference, like, if I had to use one, would be Ashigaru.   But   just the amount of trust required in coordinators   in both approaches   makes it a little concerning for me. I mean, Ashigaru guys seem seem great, seem on brand so far, or seem like their heads down just doing the work,   which I like, but, obviously, they're also anonymous. Like, one of the benefits of the samurai guys   being somewhat known was you you had kind of someone to tie a reputation to, and they proved themselves over the course of six years.  

[00:04:34] ODELL:

Yeah. I mean, you can have an anon   as long as long as the anon has long term reputation in the space, which you actually got regards to not have. Yeah. Yeah. Yeah. For sure. For sure. Yeah. That's it's not a problem once they prove themselves, but  

[00:04:47] Seth For Privacy:

specifically, because you're so reliant on the coordinator   being legitimate for civil resistance.   Like   yeah. It it's just it's something where I'm a little bit hesitant to, like, recommend it to the average person. But if I had to choose one, it would definitely be   over Wasabi, even though I think in theory, Wasabi can be okay these days too if you use a good coordinator. But they've just had so many, like, teething pains   of this, like, choose your own coordinator model that it's been   been painful as well. Have you tested  

[00:05:18] ODELL:

have you tested the new Ashigawa Whirlpool?  

[00:05:21] Seth For Privacy:

I have not. No.   No. I I mean Yeah. Go ahead. Go ahead. No. No.  

[00:05:27] ODELL:

We'll get the group. I was gonna say that I mean, my personal recommendation when people ask me now is I'd say wasabi.   I think the Asha Gaur team I I think centralized coordinator model inherently, there's trust in the coordinator.   Yep.   I,   the proof of work is just not there yet with the Ashigar guys.   So we'll see, you know, as as as that develops and as that gets built out. The liquidity is also significantly less. Mhmm. Just because it's a it's a fresh liquidity pool.   The, you know, the keys the keys,   of the last liquidity pool died with the samurai rest.  

So it's a completely fresh liquidity pool. A lot of my complaints about Wasabi   have been solved throughout the years,   so that's good to see.   And then one of the biggest complaints   was the actual z k Snacks coordinator.  

[00:06:23] Seth For Privacy:

Yeah.  

[00:06:24] ODELL:

And now they switched to an open coordinator model where anyone can run a coordinator.   And the current main coordinator, like the one with all the liquidity, is run by this guy named Crew,   who   does have a pretty long track record in the space,   and seems legit.   So it's easy to use.   You know, your mileage may vary.   Don't take it as a hard and fast recommendation. But if you are looking for   a CoinJoin tool in Bitcoin land right now, my personal recommendation is Wasabi   with, with cruise coordinator specifically.  

[00:07:00] Seth For Privacy:

Have you   have you run-in   with tainted coins   after using it?  

[00:07:08] ODELL:

I mean, it depends on which service you use, and it depends which,   round a UTXO is in. Right? Like, I don't think either CoinJoin implementation solves that. Right? It's like Mhmm. You're doing a collaborative transaction,   with other parties. So who is in your   is in your CoinJoin with you?   But, yeah, I mean, I think that's just   that's just an issue or a trade off with CoinJoin in general. I think we both have talked about it a lot in the past, which is it's incredibly obvious on chain. Yeah. So if a service wants to block CoinJoin specifically,   it's relatively easy for them too.  

And if they wanna apply taints to who depending on who you're in around with,   then they can do that as well.  

[00:07:54] Seth For Privacy:

Yeah. The the odd thing that I've seen so far is I've I   I have used Wasabi since they shut down the z k snacks coordinator,   a good bit, and I have had multiple instances of frozen funds.   Obviously, I'm not using any KYC exchanges,  

[00:08:11] ODELL:

but, Yeah. But   the Monero swap services   are actually tend to be worse,  

[00:08:18] Seth For Privacy:

if that's what you're using it for. But that's From That's kinda the oddness. I mean, that is that is where I've had it. From what I hear. Yeah. Yeah. That's that is where I've had it. Instant exchanger's kinda problematic. These weren't instant exchangers through cake. Just for clarity, I did use them externally, but,   it was I was surprised because I had done the same   with samurai funds for years,   and I never had any instance of Interesting. Funds being frozen,   whereas in relatively little usage compared to how often I had done this in the past.   I   had issues multiple times.  

Obviously, I won't name specifics   for my one OPSEC   and others, but it was very surprising to me and and made me kind of wonder if there's just a much more aggressive   wasabi   specific   taint that is is filtering it out. I mean,   I know that there's been some interesting flows through cruise coordinators specifically   that are very, very high,  

[00:09:16] ODELL:

Yeah. My guess is it depends.   It it definitely there's definitely a part of it that depends what rounds you're in. Right?  

[00:09:23] Seth For Privacy:

Maybe I just got unlucky, and he was with, like, Bitfinex Hacker or something.   Something really bad. Like I  

[00:09:29] ODELL:

and I don't I don't really know what the mitigation is there. I mean,   the attempted mitigation with the z k snacks guys was to blacklist on the input side, which I think is not a reasonable trade off. Yeah. So it's just something that, you know, you have to kinda take with it. Anyway, I completely derailed the conversation.   I don't even know oh, it came up because of your shirt.   Yeah. But, Freaks,   as always, dispatch is funded by viewers like you with Bitcoin donations. We have no ads or sponsors.   Last week's show, our largest Zap,   was 10,000 sats from ride or die freak Mav 21.  

You can find out how to support the show at hilldispatch.com.   All of the relevant links are there.   And I see you guys are joining the live chat, whether that's through zapped.stream   or,   any Napster app that supports video streaming. I've been personally helping build out Primal. You can download in your favorite app store.   And I see Vik zapped 21,000   sats.   He's advertising his new service, bitcointutorials.org.   V   bitcointutorials.org   is the website. And as you can imagine, it's got Bitcoin tutorials on it. Anyway, Seth, since we last had you on   oh, I just checked the YouTube chat. Just so I can show O'Dell recommending Wasabi lost the plot.  

I will say,   that there's still no love lost, with   the old Wasabi team.   No Power himself,   was grandstanding   on Twitter after the recent Peter Todd,   article about CoinJoin implementations, about how Matodel was wrong, blah blah blah,   and completely ignored that they did a complete rewrite of Wasabi since I voiced my concerns   and never acknowledged that my concerns were valid and then proceeded to fix most of them.   And, also, No Power is no longer involved with the project, and they've made a lot of progress   specifically since, the samurai,   guys got arrested,   pushing out you know, just removing it from the company.  

And I think that should be,   acknowledged. That should be acknowledged.   Unfortunately, there's not much   good privacy work happening in the Bitcoin space, and I think, the open source team that is now focused on building Awasabi and Cruise specifically for actually running a coordinator,   stand out from the rest in a lot of ways. And,  

[00:11:59] Seth For Privacy:

you'll always speak my mind on that regard.  

[00:12:02] ODELL:

Yeah. Exactly. Like, I wouldn't have a coordinator.   So   should, you know, shout out him for that.   Okay. Back to the topic at hand. Cake wallet, you guys have made a lot of progress. You've been shipping stuff.   The big thing you shipped is, Cupcake. You wanna tell us about Cupcake?  

[00:12:20] Seth For Privacy:

For sure. For sure.   So, yeah, I mean, we have obviously long had this focus on trying to make things really accessible and useful for the average person and not just, like, the the westerner, the ton of money.   And a really cool idea that, Vic came up with was basically,   why don't we make a simpler way to turn in the old hardware wallet?   And I know, technically, you've been able to do this for a while. Like, you could use you could have used Sentinel like this, SamuraWallet Sentinel,   technically, to kind of create the transaction with the keys offline,   and then transmit it using SamuraWallet.  

So a similar thing has actually been possible for years, but   no one had really built it out in a way that was more user friendly or that was something that also was,   supportive of Monero, which is obviously another focus for us at Cake Wallet. So we we started with Monero, and we launched   a very alpha version, about a year ago now, with only Monero support. But Bitcoin was always the real target. I think that's the most useful fit right now more so than Monero.   Don't tell the Monero guys, but I'm sure they're not watching us.   But Bitcoin was definitely the target for that. The the idea really is   there are obviously lots of benefits to having   your keys on a separate device, specifically an offline device if you can, but really on something that is very secure.  

But, obviously, the downside to this has always been   not only are harder wallets expensive,   but how do you actually get one in a way that doesn't just announce to the world or at least announce to the manufacturer, hey. I have a lot of Bitcoin, and I want to keep it safe at this address.   And most people are just ordering these things straight to their homes, which I understand. Like, I have done that in the past. I've I have made that mistake, but   there are a lot of downsides to doing that. Even in the best case scenario, it's not ideal. But in the worst case scenario, I e, the ledger act that everyone knows about,   your ownership of large amounts of crypto, at least comparatively,   and where you live   being tied together is, like, nightmare fuel, from an OPSEC perspective.  

So we wanted to simplify this and also to allow people who are in jurisdictions and geographies that don't have access to hardware wallets because you can't get them shipped everywhere.   And even if you can, a lot of times, it's horribly cost prohibitive to get a hardware wallet actually through customs and everything in many countries.   Like I was there, I worked at foundation, like, you know, all too well how painful that is doing international delivery of these things. Plus, then you have even more privacy violations because then customs knows exactly who you are, where you live, and that you bought a Gold Guard or you bought a passport or you bought a ledger.   And so cupcake that is turning your old phone,   preferably something on, like, GrapheneOS,   something that's very secure or an old iPhone that still gets security updates. And I can talk a little bit more about, like, exactly what I recommend later, but using something like that to keep your keys separate and offline.  

You can go super hardcore mode. You can keep the device always offline, OS updates. But if you do truly keep it always offline, there are downsides to that.   Or you just rely on   good device security and the app itself being open source, audited, and not having the ability to access network at all,   and thus no ability to exfiltrate keys,   and be able to use an old   phone as a hardware wallet. So the the way it actually works is essentially the same as something like passport or a cold card where you use animated QRs to to transmit signed transactions   back and forth. So that's gonna be the same exact flows that you're used to there. Nothing too, like,   novel very intentionally. Like, we used industry standards. We used, BCUR is what we default to,   which is what Passport uses. Seed center uses a version of that, Jade, many other Ergap hardware wallets. And then we also have BBQR support   too in Cake Wallet and in Cupcake,   if you specifically need to use that. But we do default to BCUR because it is a little bit more of the industry standard.  

But really simple. You can just obviously keep your keys offline. You can create the transaction in Cake Wallet or actually in any other software wallet that supports air gapped hardware wallets. Something we touched on a little bit before the show is you can pretend that cupcake is a passport, for instance, and use it with Sparrow.   It will work just fine because it speaks the same language.   And you are able to keep your keys offline, still be able to spend easily.   You don't have to dox yourself to   a hardware wallet company. You don't have to spend any money,   which the, like, the other benefit to this and something that, like, I wanna talk a lot to the HRF about just generally, like, maybe also Freedom Forum next year is I think this is a really, really, really useful tool for   political dissidents, journalists, activists,   refugees, anyone fleeing a country because you can have   relatively easy access to secure storage without anything extra being out there about you and linking you back to crypto storage. Not to mention it's much easier to uncover after.  



[00:17:13] ODELL:

And, like, when you're traveling   Yeah. The difference between having, like, a   Pixel phone in your,   in your bag versus having a cold card in your bag is a completely different ballgame.  

[00:17:26] Seth For Privacy:

Very much so. Very much so. I think, thankfully, if you have something that's not a ledger   right now, they're niche enough that you Yeah. Aren't usually gonna have problems. You'll you'll more just get weird looks like, what the hell is this?   Like, I I traveled with my passport many times, and I've had twice   the, like, TSA agent be like, just just give me a weird look and let it pass. But they've never actually done anything because it doesn't mean no one knows what a passport is at TSA. Like, it's niche enough. Maybe they'd know a ledger.  

[00:17:53] ODELL:

I got, I went on McCormick's show,   like, three years ago,   and he was sponsored by Ledger at the time.   Honestly, I think it was the it was one of the shows where we're shitting on Ledger, and I got a free Ledger out of it.   And,   so I traveled with a ledger in the box,   like, sealed. It's a book move.   Well, I mean, what does it matter? I was just curious. I wanted to see if if, TSA would pick it up, and they never picked it up. I mean, I must've I traveled a little bit, like, six times security or seven times through security.  

[00:18:29] Seth For Privacy:

Wow.  

[00:18:30] ODELL:

Because I was just curious. Like, are they paying attention to it yet? Mhmm. It's still probably a little bit early.   I mean, there could be a point. I I wouldn't be surprised if there's a point. I mean, we started off with the digital IDs in The UK.   There's a there's a point where   well, I've always expected there to be a point where there'd be lists of known Bitcoiners,   where regardless of what you're traveling with, you're on an, you know,   additional security list.   But, fortunately, that hasn't happened yet, and,   you know, I don't know. We'll see we'll see where that goes. But, yeah, anyway, back to Cupcake. I mean, look. I think this is a really cool tool.  

You guys have made it very clean and very easy to use, very obvious interface.   Mhmm. It's almost exactly what you would expect if if   you've used any of these QR based signers in the past. Yep.   Almost everyone already has an old phone.   Mhmm.   You can also like, I think there's a decent argument for buying a new phone to use with something like this depending on how much money you're storing.   You know? What? You go out and buy, like, a $300 Pixel or something, install graphene on it.   Yeah.   I think there's probably significant benefits on the security side. There's like this is a problem with a tool like this is a nice thing about buying a cold card is you have a very   strong   security guarantee   that's uniform.  

Mhmm. But with a tool like this, it very much   depends   on   what devices you're using with. I mean, you talked about connecting it to the Internet to get security updates or get, I guess, app updates too. Right? Like, I imagine you guys are gonna update Cupcake. For sure.   So it's hard to give, like, a hard and fast, like, these are the security benefits you get, but I   it's it's it's clearly   it's clearly a useful tool that gives you pretty strong security across the board just from being   mostly offline and in mostly a clean environment. Like, if you're not using it with anything else   Yeah. You know you don't have, like, additional malware on the device. Can we talk a little bit about how you think about that?  



[00:20:31] Seth For Privacy:

Yeah. I mean, like,   I do wanna be really clear. Like, I don't view this as replacing hardware wallets entirely. Like, that's not that's not at all the goal, and that's not really the target demographic. Like, if you have a cold card,   just use your cold card. Like, the only reason in that case you would maybe use Cupcake would be if you wanted to use it with Monero or with Litecoin or with Bitcoin silent payments. Like, that's obviously a goal of ours is to have native silent payment support.   Or if you want to have, like, interesting advanced functionality,   like, we have bit three fifty three verification,   coming soon where it'll actually validate the DNSSEC   signatures   all the way through, let you see the username itself in cupcake. Like, we'll be able to do   basically, we'll be able to move a lot quicker on these tertiary features. Obviously, we won't mess with the the security, but the the thing that we can do is we can we can implement more, like, cutting edge   things in it that would be much harder on something where you have to ship a whole firmware update,   to be able to implement these new things.  

So, yeah, I I don't view it as replacing hardware wallets.   To me, it really is something that is it's there for people who   can't get a hardware wallet or shouldn't get a hardware wallet, which is basically activists or people in countries where spending $300   on it would be nonsense because they probably only have dollars of crypto. Maybe they're storing USDT or they're storing   the Sats that they've been able to collect. Like, it's not something where we're replacing something like that. So I really view it as more like, how can we give the 99% who will never buy   a harder wallet, if we're honest?  

How do we give them   80%,   85, 90% of the functionality and security of a hardware wallet, without them having to spend anything?   And that's specifically, like, why we're talking so much about old phones because if you if you if you look at any part of the global south,   any developing country,   everyone already has a phone. There are countries where people will not have electricity. They won't have running water, but they'll have a smartphone.   And they'll iterate through those smartphones. They'll have old ones. Like, it's something that's just a a ubiquitous   universal thing right now. So it makes sense to target from that perspective.  

But, yeah, very much not replacing a hardware wallet. Like, those are always going to be   more   hardcore security   with all the pros and cons that comes with that. But those would be more like if if you're talking generational wealth,   you should probably be using,   a hardware wallet. If you're talking, like, a treasury company, if you're talking,   a company   like Vault, that kind of thing, you should be doing multisig with hardware wallets. Like, I I absolutely think that those things still are   necessary and useful, but this is more for different people. But you're right that I think the hardest thing when you talk about something like cupcake   is so much of the security comes down to   what device is it on, what OS is it running, Is it getting security updates? Is it not?  

Is the user using a secure PIN to properly   secure the device itself? Now, obviously, Cupcake itself has a separate,   separate auth. You can do PIN or password.   We have protections in place where on a device that has secure enclave or secure element, we're obviously using that to the fullest extent,   sandboxing, etcetera.   But even on devices that don't have   hardware protections for PIN or password entry,   we're doing some really interesting proof of work to essentially ensure that you can't brute force the PIN,   infinitely quickly. Obviously, you're we're still gonna be limited. Like, the the best would be that you have something like a Pixel or an iPhone that has incredibly smart or cheap.  

For Ledger Don John. For sure. I would love for him to think to do this one and get that. I mean,  

[00:24:04] ODELL:

that's important because particularly if the tar if part of the target, which I makes sense to me, is the developing world. They're probably gonna be using it on, like, a shitty old Android phone that's Oh, yeah. Really cheap, does not have a secure element. They're not gonna be running graphene on it. Yeah.   So that makes sense to me. Just try and harden it as much as possible. I also just I think this just goes to show, like, the power of open standards.   Right? Like, I think it's super cool that that now means you can use a cold card or a passport   or   any of these other QR based signers with Cake Wallet. I think it's really cool that you can use Cupcake with any of the existing coordinators,   whether that's something like Cobalt or Sparrow,   or Nunchuck.  

Like, that's really cool.   And it just shows how open standards   may compound on top of each other. Oh, yeah. Oh, yeah. And and you guys can ship something, and then it makes everything up. Like, you've mentioned multisig.   Like, presumably,   like, once again, like, it depends on your, trade off model. But, like, you could be in an organization   that's using a spiral multisig because I think multisig specifically is really important, really useful in organizations.   Mhmm. And one of the people could be using a cupcake   signer.  

And the rest of the users, you know, maybe they're on hardware wallets. They have no idea. Whatever.  

[00:25:20] Seth For Privacy:

It's just open standard. Pretty cool. Even if you can expand that to, like, an organization   that isn't   I mean, like, I know this this is kind of the Federman thing of, like, the the village elders model of, like, this group of people who maybe spending a thousand dollars on hardware wallets to do a multiseg   would make it completely pointless to do a multiseg, and instead, they just are using one dude's hot wallet. Like, this this would allow them to, at no cost,   suddenly be using multisig,   which is pretty cool. We now to to clarify for now, we have not specifically built for multisig.   That's not really a focus for us, but it's something that I I do want to do in there. Theoretically, you could still do it, but we don't have some of the more advanced multisig stuff like, validating addresses, like storing the,   descriptor on the device so that you can actually validate addresses on device, that sort of thing. Because some of that does get a little bit more a little bit more advanced, and it's obviously not our the the key focus of Cupcake, but it does open up, like, multi sig, which would be prohibitively expensive in much of the world.  

Down the line, it will will open that up to them as well.  

[00:26:24] ODELL:

I mean, it'd be nice if you added that.   I assume, like, it's just a love a matter of priorities. I mean, the big thing is as a heavy user multisig is it's  

[00:26:34] Seth For Privacy:

it's important to me that the signer is verifying the change address. Oh, yeah. Oh, yeah. For sure. And that's why, like, I wouldn't recommend it for a multisite right now because we don't have that more advanced functionality that that Gold Guard, Passport, etcetera do.   So it'd be it'd be I mean, blind signing isn't quite accurate, but you wouldn't be able to properly validate everything   right now. Unless, like, for instance, you used cupcake as only one of three where you could validate it on the other devices where you're still getting some validation. Even if you can't validate it on all, if you can validate it on two or three or something, you could could still be interesting. But that is definitely something that we we are gonna add. But, like, I'll I'll be completely honest. I think, like, we are very retail focused, and I've been pretty vocal   over the years that I think multisig is not something that the vast majority of people need.  

So I really am pretty focused on, like, most of our resources going towards   the, again, the majority. Like, how do we target the 95%,   what they need? And most people don't need multisig,   even if it is free. But organizations, like you mentioned, is the that's the killer app, and that's where Bitcoin is, like   it makes things way better than the fiat paradigm, which is a fascinating, like, specific crossover for Bitcoin.  

[00:27:44] ODELL:

Look. The average user   the the the best option first of all, the beautiful thing about Bitcoin is there is no single best option. Right? It matters about your job model,   and your use case and your technical ability.   But for the   like you said, the overall majority users,   single sig offline   cold storage,   is is an amazing security set and very convenient to use and hard to fuck up.   Maybe add a pass raise on top of it if your threat model is a little bit more,   severe.   And then multisig is for me, like, it's usually public figures and organizations.   Like, that's where multisig really shines. They have a a very much higher   threshold in their in their threat model. It's a more significant threat model.  

And as a result, they can take advantage of the additional multisig. What I see a lot is people immediately say multisig or bust, and then they say, oh, multisig's too overwhelming,   so you should buy my my Bitcoin penny stock instead of doing self custody at all.   And I think for some people, that's probably coming from a malicious place, but for others, that's just a place of ignorance.   I think we should make single sig great again. I think   it's incredibly underrated how much power you have,   from even a single sig hot wallet,   in terms of,   like, digital sovereignty. But once you add the offline element,   you're just really upgrading yourself. I see Sawzall zapped. 5,555   stats. He said happy Bitcoin Friday, freaks. Thank you for your support, sir.  

Okay.   I had a couple topics I wanted to hit   with you. Mhmm. And a ride or die freak   loaded them all into a single question on Primal. So I'm gonna read his question, and then you can answer at will. And I will navigate us back if there's things that I wanted to talk about that we missed. It's from Charlie.   He said, ask him why he keeps pushing Monero instead of privacy on Bitcoin like Cashew.   Okay. I wanna hear about Monero's latest reorg   Mhmm. And overall why he thinks it's a valid shitcoin to use.  

[00:29:52] Seth For Privacy:

That's a good question.   Yeah. Let's let's first   quickly recap the Monero security situation, and then we can we can repatch the eCash thing.   Yes. So, generally,   why Monero? I'll I'll I'll let's we'll do why Monero. We'll talk about the security issues that Monero's had recently, and then we'll we'll tackle eCash quickly.   So why Monero?   Exactly for the reason that we were talking about at the top of the show.   Yes. You can do coin join on Bitcoin.   It's not in a great state even if it's usable. And when you do use it, you stand out and will face   can often face issues with tainted coins,   or getting on fund lists.  

It's also quite difficult to use. Person is not gonna coin join,   unfortunately.   And there's no real way to improve the user experience that much beyond what it is right now   without changes to Bitcoin's consensus.   Thankfully, in Bitcoin, we do have some other tools that help. We have silent payments. I mean, kQuad's been leading the way on that. Thankfully, others are jumping in. Sparrow has built out an awesome proof of concept server for silent payments, which I did not expect.   He's supposedly also building out silent payment support in Sparrow specifically. I just heard that this morning.   So that is growing, and that helps on the receive side, but that does the forward looking privacy side.  

We have pay join, which is fantastic on the sending side   and can provide some privacy benefits,   but also suffers from if the funds you're spending in the pay join are   linked to things that they shouldn't be, you can still have problems where you actually can make your privacy worse sometimes with pay join because you are revealing at least one additional UTXO that you wouldn't be otherwise to the person that you're paying. Now I think it's still a fantastic tool, but it would be best when it's fit with this holistic privacy approach. That's just really difficult on Bitcoin.   Monero makes all of that stupid simple. You just hit send. You get better privacy than Bitcoin can achieve at its best   without having to do anything extra.  

Obviously, you have downside. Like, we can talk price. Like, I've I've been honest on here. Like, Monero has not done well compared to Bitcoin over the years, and I would be much wealthier if I had never touched Monero   in terms of sats or dollars or whatever you wanna account in.   But   I don't think that changes the tool as a tool for freedom. And that's when I'm recommending Monero, you will very, very clearly note I have never ever, ever, ever made any comments about you should do it for price speculation or that I think the value will increase,   anything like that. I view it purely as a tool for freedom,   realistically   as a tool for spending,   and it's exceptionally good at that.  

Yeah. Any thoughts before I jump into the Banero security stuff?  

[00:32:43] ODELL:

Yeah. No. I mean, I would just I would I would push back   on Charlie's,   comments that,   you're focused on Monero   at the expense of Bitcoin privacy tools. I mean, Cake Wallet is especially on mobile is leading the way in terms of Bitcoin privacy tools. Way more time on Bitcoin privacy than we are on Monero.   Okay. But I I do wanna hear your thought. So so   I'll I'll throw my perspective out there before we hit the reorg stuff.   The   I've always thought Monero is an interesting project because I care about financial privacy.   The two biggest issues with and and I think the freaks can think of Monero kind of,   you just imagine if, like, silent payments and CoinJoin were the default for every transaction is how you can kind of think about the the privacy architecture more or less of Monero.  

And because it's the default, it's easier to use because you don't have to think about anything. You just send and receive, and you're getting privacy benefits.   Now the made the main negatives of it   is, first of all, because of the privacy benefits,   there have always been,   if not technical concerns, but at least mental concerns about,   whether or not there's silent inflation and whether or not you can audit the supply.   And then second of all, there actually is a tail emission, so there isn't a fixed supply in the first place.   And so the result   which the market has seemed to dictate   is that long term, Monero's price tends to go down against Bitcoin.  

So it's strictly worse for savings than Bitcoin.   So that's one issue. And then the second issue that I've talked about at length,   which this reorg seems to kinda prove,   is   I've   never I'm I'm I've never,   I've always thought that it's inferior to do,   try and do a CPU based   POW algo rather than an ASIC algo.   And and and Monero,   pro Monero people would say the opposite. They say it's a feature, not a bug, that it's not using specialized hardware, that you don't have it in massive hardware farms.   But my opinion has always been the opposite that because you have this specialized hardware,   it becomes harder and harder to attack Bitcoin   while that's not necessarily the case with Monero. So let's talk about the reorg thing because to me, that kind of proved out that thesis on my side. Yeah. Yeah. Yeah. It it honestly did. Yeah. I mean, for a quick summary for those who aren't super familiar with Monero. So Monero,  

[00:35:22] Seth For Privacy:

has from its very beginning, the idea of ASIC resistance has been at its core,   which I think is very, like, well meaning and very interesting.   And in many ways, I think the the right approach, especially early on in Monero's life cycle I think something when we compare, like, Monero with Bitcoin that's hard to grasp is Monero got to have this unique slow transition   from CPU mined to GPU mined to FPGA mined to ASIC mined,   and that meant that it had this   onetime only ability to   transition between those things is relatively   relatively safe.  

After ASICs existed for Bitcoin, that was no longer possible for any other chain. Like, if Monero had just said, we're gonna flip on ASIC support tomorrow,   you're very likely going to have, at best, one ASIC manufacturer   that then controls the network. Like, if we're completely honest, that it's very unlikely that you would have five different ASIC manufacturers for Monero overnight or even with a six month heads up or whatever.   So you would struggle to have manufacturing to central you would struggle to have decentralized access to ASICs.   And very likely, you would have worked more centralized and controlled   than doing CPU mining or generally ASIC resistant to mining.  

So the idea, I think, is very sound,   but that doesn't mean that it's perfect or even necessarily that it's the right approach. But this has been a debate that's been going on in Monero for a decade now of what the right approach is. We landed on random access, algo that basically turns your CPU into an so the the modern,   CPU that you have in your   etcetera   is essentially the most efficient way to be able to mine Monero. And to make a better miner for Monero would basically mean you're improving CPUs for everybody, which would be also be just kind of a net good thing. So the idea is sound. The main part where it falls apart and the main thing that I love about ASIC   usage for network security is that there's a a sunk cost into the ASICs themselves,   and there's an inability for people to repurpose hardware for other things.  

And when it comes to CPU mined, a sec, resistant algorithms,   what that means is AWS, Microsoft, Google,   anyone who has data centers has   a data center of Monero miners at their disposal at any moment. And they can turn them on. They can turn them off. They can use them during business hours to make a lot of money. And then when they're idle, they can use them to buy Monero.   There are many, many different things that can happen there.   And with this latest attack,   like, long story short, there's, another altcoin   that's price was tanking   for marketing purposes. They launched an attack on Monero by essentially launching their own Monero mining pool,   and then using all of their printed currency   to subsidize those miners to pay them extra to mine Monero on their pool.  

And then they did this weird tokenomics thing where, like, they bought back their own currency and burned it, like, stupid stuff.   But   what is interesting and useful about it is that, essentially, they were able to attack Monero. Now there there was never a 51% attack. There was never control over the network.   Rough estimates are probably if they had 30 to 35%   hash rate of the network at any, at a a moment in time, not for long periods of time. And that manifested at its worst worst in a 18 block yard in Monero,   three weeks ago maybe, something like that,   which   obviously is a problem,   specifically for two reasons.  

One, just to caveat, Monero has two minute block times.   So this would be equivalent to, like, a five block   reorg,   in Bitcoin. So it's it's different. It's not perfectly comparable, but,   an 18 block deep reorg,   has   more causes causes more problems in Monero than it does in Bitcoin because in Monero, the reason we have this thing called a 10 block lock where which basically means you can't spend funds until you they have 10 confirmations   is the way that Monero's privacy works references other,   unspent   transactions. We don't know if any transaction is spent in Minerals network.   And if the transaction gets reorged,   the fake spends also could get reorged, and it can essentially destroy the privacy for those transactions.  

So transactions get invalidated if they get reorged out past 10 blocks,   which causes more issues. So there was this big reorg. The attack itself, like I said, that they never got 51%, but it was good proof that an attacker who can print money, which essentially is attacker, was able to at a scale that is much smaller than a nation state, is able to cause problems with Monero's network.   And it proved out some concerns that we've had for years and has caused a lot of thought within the Monero community of how do we improve,   the security of Monero long term. But it it gets really hard because like I said, you can't just go, like, oh, we'll just be ASIC mined   tomorrow or   in six months because you would really have to guarantee that there's gonna be broad access to those ASICs to ensure that you don't just end up centralizing under a different name rather than the one that you you already are struck.  



[00:40:21] ODELL:

I mean,   in practice, I I think it was a,   relatively   painless,   wake up call for you guys. I don't think anyone actually lost any money. It was more of, like, a denial of service attack. I've seen some crazy proposals out of the Monero community about how to try and mitigate it going forward. I'm just gonna   throw out a,   a a a   suggestion,   unrequested   suggestion   Let's hear it. That I think could be interesting, but also, like, I have no skin in the game.   Just why don't you just steal Litecoin's   ASIC algo? Just steal script, and then you get the entire because,   I mean, the the Monero community seems to be way more dedicated than the Litecoin community,   and you already have a bootstrap to ASIC industry there. You could just   fork Monero.  

Monero already forks relatively often. Just fork it to script,   and you have a completely established ASIC industry ready to go to mine Monero.  

[00:41:26] Seth For Privacy:

Yeah. There I mean, there are   essentially, that would be merge mining,   which there   are downsides to that.   I I think it's an interesting idea, and it's one of those things that I think is like the   if all else fails and shit hits the fan, just merge mine with Bitcoin or Litecoin. Well, merge mining merge mining  

[00:41:49] ODELL:

has issues if you're the second   coin in line on the algo.  

[00:41:54] Seth For Privacy:

We wouldn't, though. Well, I mean, I guess it depends on how you it would depend on how much revenue miners would get from mining it versus like argument  

[00:42:02] ODELL:

I think there's a decent argument to be made   that quickly Monero would overtake Litecoin in that situation,   and become the dominant one. Because Litecoin's Alcos also merged mine with Dogecoin, I believe. Yeah. Yeah. It does.   And at one point, Dogecoin almost overtook Litecoin. Like, the Litecoin people were, like, freaking out.   But Monero actually would have an opportunity to. I don't know. I'm just throwing it out there. I would enjoy the chaos from the sidelines.   And I think it I always I always theorize that that could   be I my early theory theories were that people that chains were gonna try and attack other people's algos to try and take them over. But But what happened was the in almost the entire industry moved to proof of stake.  

And the only, like, all chains that are proof of work of, like, any reasonable size are Monero, Litecoin, and Dogecoin.  

[00:42:55] Seth For Privacy:

So that's where we are now. Anyway That's an interesting point, honestly. Putting it out there. I mean, it's it's really the only way you could do a six, I think, safely, is you would have to do something that already reasonable   a six saturation and distribution   to be able to do that. Yeah. And then you'd immediately have miners who have all the hardware and would be willing to mine because they'd And manufacturers that are already making the hardware too. Yeah.   It's true. Yeah.  

[00:43:22] ODELL:

Anyway,   that's enough Monero for today. I'm sure there's gonna be people that are triggered by it.   I will just say,   that I think,   the Bitcoin Maximus community has lost the moral high ground once all the Bitcoin influencers or mostly Bitcoin influencers went on the payroll of Bitcoin penny stocks.   So,   It's been interesting to watch. I think it's it's much more interesting to,   talk through a   one of the last remaining proof of work change that's not Bitcoin and how they're dealing with these types of situations.   Okay. So I wanna go back to you've been talking about bringing lightning,   lightning to Cake Wallet.  

How are you thinking about that? Lightning historically has been difficult to do in a self custody way. There's a lot of new options out there. Yeah.   Some of the projects I'm working on have been thinking about how best to execute on that front, just making self custody Lightning easier to use.   So how how are you guys thinking about it?  

[00:44:26] Seth For Privacy:

Yeah. I mean, it's been   a, honestly, it's been a year long   struggle to make that decision and find a good approach. Like, I think one of the first things I did when I first joined Cake was say, like, I just wasn't happy with beta the Lightning beta that we had at the time,   which was using the green light approach. And I think that   has proven itself out as just essentially a a nonstarter as a a way to solve this self custodial lightning thing. Pretty much everybody's pivoted away from that.   And finding another solution has been incredibly difficult for many reasons. One is that doing lightning just properly   is just never going to be   the user experience that people are going to be willing to handle.  

And it's   it has gotten better,   but it's still something that will will never become something that the the vast majority of people will be willing to jump in and use. And again, like I've like I mentioned before, like,   we're targeting the 95.   Like, obviously, we don't wanna compromise on self custody. So that's what especially makes this challenging is there are easy ways to just compromise on self custody and and solve lightning because you're not doing lightning. You're not doing Bitcoin.   But we didn't wanna sacrifice.   So hitting those two points of, like, how do we make lightning something that's usable by the normal user   and yet not give up on self custody   essentially just meant that we couldn't use anything that's out there today,   and we couldn't use   the liquid   thing that everyone switched to for a little while, but that seems like that's dying out now as well.  

And so the it really came down to   Spark and Arc.   And   Arc is, like, such a fascinating solution.   That certainly has been my my preference for a long time, and is a a very interesting, like, novel way to solve a lot of the problems with Lightning while actually allowing you to do a lot more with Bitcoin generally   without giving up custody.   Obviously, there are caveats, and we could be here all day if we actually got into all the like, how this stuff actually works and what's actually trustless and what's trust minimized and   where there's custody risk and stuff like that. But,   I I really like the idea of ARC, and I think the the concept of just   simple ARC with bolts   for swaps to lightning is just like it's it's going to be good.  

The problem that I've had with Arc and, like, no matter how I talk about this, someone's gonna be mad. So I'm just gonna preface this with, like, a a special Dude, a lot of people are gonna be mad about this episode.   Yeah. We'll we'll trigger everybody in one.   But the the main downside with ARC is just that the   the way that rounds work, the way that you have to do VTXO refreshes in order to not essentially give up custody of funds after something like thirty days to the ARC service provider   is not a big problem if you're talking about a desktop environment.   It's   really, really problematic   when you're talking mobile,   specifically iOS.  

If you're serving only Android users and you have a good engineering team or you're serving only desktop users, I think Arc's just absolutely a no brainer.   Like, fantastic tool. Arc Labs guys and second guys are solving a lot of the initial hurdles with Arc as we go.   But the main thing that you can't get away from, especially without covenants, is having to do interactive   coordinated   transactions   regularly,   which is something that is just really hard to do in an environment where most people are, which is on mobile, and is the main reason why, like, CoinJoin on mobile was never fun. Like, you could do it in samurai wallet, but you were never remixing or anything like that. It was not Yeah. It was not enjoyable. And that was the kind of the best case scenario, which is Android. There's a reason it never came to iOS because you would never ever be able to do that on iOS.   You have a lot of the same problems with Arc. There are some ways to work around this, like the delegate intent system that the Arc Labs guys have come up with is interesting, but that only handles the refresh. That doesn't handle   actually getting finality, like, claiming a VTXO for yourself and ensuring that no one can collude with dark service provider and steal those funds earlier.  

And it's just   it's really hard on mobile.   Now   Spark is interesting because the people behind it are   not great.   Like, LightSpark, David Marcus,   Libra, like, you name it. There's a lot of, like, there's a lot of baggage there.  

[00:48:48] ODELL:

A 16 z.  

[00:48:50] Seth For Privacy:

Yeah. It's like it's very much kind of like the antithesis of Arc in terms of where it's coming from.   But I think something that is a very valuable exercise for everyone to do is   put that aside and consider the tech. Now that you should not just dismiss that, like, obviously, it matters where these things come from, especially when you're talking about   what is the long term outlook of this system look like when one general company is building the protocol. Even if it's an open protocol,   they'll have a lot of sway in what happens. So it is important to to to know that. But if you put that aside, if you put the light spark weirdness aside and you actually look at the spark protocol,   I think it's a very pragmatic, a very interesting approach to solving   today's problems   in a way that actually works as well.  

Mainly that it is quite a bit simpler   than ARC even though you do lack true finality. The only way you get true finality in ARC is by doing these rounds, which are basically impossible on mobile or are not gonna be fun on mobile at the very least.   It also has   native support for tokens, which   say what you will, I hate stable coins and tokens as well.   Much of the world is needs and uses stable coins today,   and support for that is something that will be useful. And I know that, like, ARC, I'm sure, is going to have stable coin support down the line through Taproot assets.   But it also is just, it's a it's just a very interesting system that works quite well for today's problems,   and has a good set of trade offs.  

Yeah. It's still a hard decision, and I've had I mean, I can't even count the number of hours and conversations I've had on both the spark and arc side with everyone I can possibly speak to, trying to make sure that that we make a good decision on this.   But it's it's been interesting to figure out, like, what is the the pragmatic realistic solution, and what are the best sets of trade offs?   I mean, really, my main, like, remaining problem with Spark is they do some privacy things really weirdly, like, badly right now. It's not weirdly. They intentionally  

[00:50:50] ODELL:

they intentionally try and make it as   the least private possible.  

[00:50:57] Seth For Privacy:

I think we'll see. I I'm I'm curious if some of that holds. Most of the stuff that is problematic today   outside of the block explorer, which does not need to exist and does exist for Spark, But, like, the like, you can't use new addresses   is part of the technical complexity with Spark that supposedly is going to be solid very soon. Like, that that's not a   a feature. It's a bug right now. Supposedly, again, this is where who light spark are light spark are actually matters. Like, you you need to have someone you can actually trust that they're gonna iterate on this.   But it's also   you get into the scenario where, like, what's the main use case? The main use case is lightning. Lightning can provide reasonable privacy,   especially if you're not KYCing within the system. I know that there's a lot of, like,   FUD that somehow LightSpark is gonna enforce KYC on Spark down the line. I haven't seen any evidence of that, but  

[00:51:48] ODELL:

that would be obviously detrimental if they Well, I don't I don't think they could shotgun KYC   because you can you can move out with without permission.  

[00:51:59] Seth For Privacy:

They could So I mean, they could do it for hours that are too small for them. Forward.   Yeah.   Because   a lot of people. Yeah. Go on. Sorry. Sorry. Yeah. I was just gonna say that is one thing that I think is, like, not discussed enough is technically, yes. Both have unilateral exit, but it's quite costly in both. From what I understand, more expensive in spark to unilaterally exit. In many scenarios, it it varies widely.   But in both, it's going to be more expensive than just a regular on chain transaction to unilaterally exit. So if you're talking small amounts, like someone's gonna have a lightning wallet, oftentimes, it wouldn't be something where you can actually economically, feasibly,   unilateral exit. And that's where the idea of, like,   Spark saying, spend these funds until you prove who you are or something   would   actually be possible, which is terrifying. That now that goes away if any of the spark operators   are not on board with that KYC thing.  

So that will be the main kind of decider on if it can be a system that's relatively censorship resistant or not is it's it's a one of in trust model. So if any of the spark operators are good,   then it will as a whole be good. But   right now, the spark operators are all light spark or light spark affiliated.   So kinda wanna see if if others come on and join that aren't  

[00:53:15] ODELL:

directly related by blood or by business relationship. I mean, in their defense, my understanding is they would they're actively trying to bring on more independent operators.  

[00:53:25] Seth For Privacy:

They are. Yeah. They are. And supposedly, they'll have at least a couple more soon, but I've limited it intentionally at the beginning because it does add complexity in the, like, testing phase, and it's pretty early days for Spark. But yeah. The big the big privacy question mark is,  

[00:53:41] ODELL:

like,   they   you could they could run the whole thing   without publicly broadcasting every transaction,   but they're actively choosing to do that, which is what you mentioned,   with in terms of the Explorer.   You would still trust the operators,   and the operators could still partner with chain analysis.   But to me, that's strictly   better situation   than,   broadcasting it to the world every single transaction that's made. And it seems completely unnecessary   unless   I I mean, you're just over complying. It's like a pre compliance over compliance I mean type of situation.  

[00:54:20] Seth For Privacy:

In some ways,   if they just want it from a UX perspective of, like, people expect to be able to look up a wallet and see the tokens and stuff, like No.   Okay. It's not a great I got it. Excuse because it is so bad from a privacy perspective. But it is very important for people to note that you it's it's like a VPN model kind of privacy. You're trusting the entity not to share your transactions. Like, in ARC, you're trusting   one entity to not share those transactions. In Spark, you're trusting that none of the entities share your transactions. And that's because they do share your transactions.  

[00:54:51] ODELL:

The average user is probably not going to be,   at least for I mean, in unless I'm thinking about it wrong, I think the average user is gonna be using a Spark wallet to send and receive on lightning,   and they're just gonna have a single balance. They're not gonna be, like, looking up Spark addresses or, like, individual   whatever they call them. They're not UTXOs, but they act kinda like UTXOs.  

[00:55:15] Seth For Privacy:

Yeah. It really depends, man. I'm I'm curious to see because I think, like,   talking to both teams and a lot of other people, I think the view is that the Lightning payment side is just tiny   compared to all of the other potential usage, specifically stablecoins.   I think the way Spark is building is very clear around that. Like, their focus is And the stablecoins will be native Spark addresses for that. Mhmm. Yep.   Yep.  

[00:55:41] ODELL:

I mean   so first off, I saw two questions about how does Stripe do lightning. Stripe just does lightning in a very in a completely custodial way.   They have a great engineering team, so you have great liquidity and great payment reliability, and the UX is fantastic.   But because it's custodial,   you obviously have zero privacy from Stripe,   and Stripe is a financial regulated entity that does KYC on you. Now Stripe also has an API that makes it easy for other wallets to implement it, which is what Primal did. And in Primal's case, they do less KYC than Strike does because,   Primal limits the amount that you can transfer through it and has other yeah. That that's the basic premise is that they they limit the amount you can hold in the wallet at any given time. Obviously, this is not ideal. What we'd like to see is moving to a and and so, also, cashew has a similar trade off, which cashew is you have custodial mints that are interoperable with each other because it's an open protocol.  

But at the end of the day, you have to rely on the mint, not for your privacy, so it's a benefit on that front. But you do have to rely on it,   in terms of the ability to spend your funds. If the mint's offline it doesn't even have to be malicious. If the mint's offline, you're not able to spend your funds.   And then, obviously, the mint operator can rug you.   I think Cashew has a lot of benefits   because it's it's easy to implement. It's programmable. It's offline.   It can be used offline,   and it has very strong privacy and is very cheap to use.   So I think Cashew has its place, especially for smaller amounts.  

But Argan Spark specifically   are really, really interesting in term terms of trying   to implement self custody lightning.   They have interesting trade off models. You can lead both of them without permission.   As Seth mentioned, you know,   it needs to be over a certain amount, but   the   opposite side of that is it means,   you know, worst comes to worst, you're gonna you lose a small amount. Right?   So and that's because of on chain limitations. It's like, what is your fee to settle on chain on Bitcoin?   And then I will say for my own analysis,   basically, right on point with yours. Like, I think if I was gonna implement it in a wallet today, like, it'd just a 100% be Spark. I think it's way easier to implement. I wish that wasn't true. Like, I really wish that wasn't true. Yeah. Like, the cypherpunk in me is, like, just do ARC no matter what. But I  

[00:58:08] Seth For Privacy:

I'm just not I'm not sure that it's actually doable today in a way that's user friendly on mobile. But that's not to say it won't be solved, and that's one of the main reasons why I still wanna see covenants. I'm not sure if those are ever gonna happen,   but they would solve most of the problems with ARC and I think make it the clear clear winner.  

[00:58:25] ODELL:

Yeah. I I would just say,   to other people that might be in the chat,   Greg has a personal problem with me and likes to make up lies.   So you can just keep that in mind going forward.   And,   Greg, if you ever wanna have an honest conversation, I'm always happy to have an honest conversation with you as I've told you many times in the past.   So Spark right now is implemented in the Wallet of Satoshi beta, and I've been playing around with that. And so Wallet of Satoshi historically was a completely custodial wallet,   and they left The US following the samurai arrests,   because as the custodian that wasn't doing KYC, they were quite concerned.  

And they're reentering The US using Spark.   And what's really cool about it is you have a decent trust model,   and you have a decent trust model,   but The U the UX   feels very much like the custodial UX that people love.   You have, like, a single unified balance. You just pay and receive over lightning. It just fucking works.   So,   anyway, I was I was I'm me personally, like, I'm one of those people that   there's so much hype and bullshit in the space,   and there's only so much time that I tend to ignore stuff until I can play with it in person.   And the the the realization that there was something there with Spark was when I used the wallet of the Satoshi beta. And I was like, wow. It's, like, actually fucking working,   and it's very easy to use.  

And, you know, you probably shouldn't keep your life savings in it. I mean, at the very least, it's still a hot wallet.   But if you're using it for spending and then ideally, you move to self custody offline cold storage,   it seems like a pretty good trade off model to me. I'm pretty grateful it exists. And once again, it doesn't require self work, which I do not think   we're gonna get any significant protocol changes to Bitcoin whether you want them or not. So the only things that are interesting to me,   are things that do not require a soft fork.  



[01:00:31] Seth For Privacy:

Yeah. One last minor thing about Spark two that would be interesting. Like, there's some like we talked about, there's some odd design choices with Spark, but, like, one thing that would be quite possible would be to do to add blind signing to Spark. Like, if you look at state chains generally,   this has been done in the past. For some reason, I'm totally blanking on the   the previous approach here. Mercury.   Mercury. Yes. Mercury layer.   They did   they did state chains with blind signing. Now there were other downsides. Like, you couldn't break apart UTXOs, so you could only spend in, like, the denominations that you actually deposited in, which is very problematic. Spark solves that. But   the weird thing that Spark has done is they aren't using blind signing. Now from a technical complexity perspective, that makes sense. But, again, it's like, okay. But, like, do it. They basically  

[01:01:20] ODELL:

they took took Mercury. They stripped out the privacy, and they made it easier to implement   is what they did.  

[01:01:26] Seth For Privacy:

Which is understandable.   But it also begs the question, it is an open protocol.   Is there someone who would step in and say, hey. Let's take the spark protocol and let's do the privacy max version of this.   And then let's compete in an open market to see who wants to use that spark entity versus the light spark spark entity. Like, that an open protocol and an open standard,   anyone can jump in and start a spark entity tomorrow.   Now there are liquidity   the the spark service provider, like like, the lightning gateways side of things.   But from the spark entity,   perspective, it doesn't have the same liquidity constraints that Arc does either. So it's much   simple, probably isn't the right term, but it's easier to spin up an entity there   and have different spark operators. And you could do it in a way that focuses on user privacy with not publishing all the transactions, with   doing blind signing, with bringing other privacy improvements.  

It'll be interesting to see. Now I I will say the again, I I don't know if you wanna take them at their word, but LightSpark have put out a road map, and there are clear focuses on privacy on that road map.   Will it happen? Obviously, I I don't know.   I'd like to think it will, but we we will see. But they have committed already to fixing the ability to not use, multiple addresses. Like I said, right now, you have to reuse addresses, but they have already committed to fixing that. That that is gonna happen. And they've said they want to do better privacy   than blind signing.  

They still haven't said what that is, but it is something that's very possible,   improved privacy there as well.   So it'll it'll be interesting to see. And I I think, like you said, it's just it's one of those things that just it's built for today and it works. We don't need a soft fork. We don't have to make a ton of trade offs on the usability side, but there are other trade offs. And it's it's a difficult question, but it's it's been an interesting exploration for sure. And I'm glad that we finally have some interesting options on how to   do self custodial lightning in a way that's actually gonna be something most people can use.  



[01:03:22] ODELL:

Yeah. I mean, in their defense,   and anyone who's actually ever shipped anything   will completely understand this. It's very difficult to ship shit.   And I personally   they've done this relatively quickly, and they've gotten it to a point where it can be used in production, and it's impressive.   And I'm a huge I'm a huge believer in   ship in the open, iterate over time. So,   let you know. Let's see what happens over the next year, the next two years. I mean, I think they could make it significantly better.   I think it is I think both Arc and Spark   are two of the most,   promising projects in the space that I'm most excited about.  

And the development on both has happened quicker than I expected. Like, if you asked me a year ago,   I would have given a pretty disenfranchised answer and said it was mostly hyped.   And with Spark, we're seeing it actually being used live in wallets.   ARC was used as the back end for merchant providers in at the Riga conference.   So So both these things are actually being used in production right now,   which is absolutely brilliant to see.   Seth, this has been a great chat.   I've enjoyed it. We've hit quite the gamut, I think.   Always. We've successfully pissed off as many people as possible without touching core versus not,   which is really impressive in today's in today's,   conversation.  

Before we get to final thoughts, I just, I'm curious. Right now,   Bitcoin privacy side,   is there anything out there that you're excited about,   specifically?  

[01:05:02] Seth For Privacy:

I mean, honestly, there's just not that much   that can happen, I feel like, at this point. The really, the biggest things are growing silent payment adoption, growing paid joint adoption.   With paid joint v two and with,   new server spec for silent payments now being out and people like Craig, brilliant people building around silent payments.   I'm very hopeful of that adoption increasing, and both those things will solve a lot of the privacy problems with Bitcoin.   But I think really the, like, the combination of those things with   approachable self custodial lightning   is probably about the best we're gonna get.  

And so I think that's that's really the focus, and that's all other reasons our focus has been so heavily on figuring out a good solution to lightning recently because that's missing piece of the privacy stack.  

[01:05:51] ODELL:

That reminds me,   silent payments   on cake wallet, like,   it's a pain in the fucking ass.   Does does what Craig   frankly, I appreciate you guys shipping it.   Does what what Craig shipped recently, like, Frigate the, like, solid payment server thing, does that change the performance?   Does that give you significant performance gains? Are you guys moving to that? Or  

[01:06:16] Seth For Privacy:

So it's a it's a very different approach. It's the other approach that has always been possible, but no one had actually built yet. So his approach is sending the scan key to the server and letting it do the for you. So this is the ideal for the self hoster. This is the   potentially, the ideal for a wallet company not like cake.   That has the downside where now you're trusting a third party with the privacy of those transactions.   But then you're still paying off than any other normal Bitcoin transaction. Because then the only person who knows the the payments received to a silent payment address are   the node and you rather than the entire Bitcoin blockchain.  



[01:06:53] ODELL:

So, basically, the Electrum server is doing the scanning   versus locally.  

[01:06:58] Seth For Privacy:

Yep. So it it would be it would be this essentially the same UX as a regular Bitcoin wallet, simply improved privacy from third parties and outside observers,   but not from the node. So the ideal world is to just spin this up in a click on your   Nodo or Umbrel or StartNine, whatever.   And then you have the UX of a regular Bitcoin wallet with the privacy of setup payments.   So I think this will this will be the norm for, like, the node runner, and it it would be probably the norm for wallets that prioritize UX over privacy. And I would say   probably for us would be   something we may do as an option. I'm still always wary of collecting any,   like,   anything that gives us any visibility into our user's activity that we don't have to have. So I'm I'm But aren't you still,  

[01:07:45] ODELL:

like   like, based on the Electrum spec, like, the user's still leaking balances to his Electrum's wary. Server. Yeah. Yeah. This is better than this is better than Electrum would be as well. Because it's still on your server. Anyway? Isn't like the the server that's running your Electrum server would also be running for it. So   are they is the server actually getting that much more information?  

[01:08:07] Seth For Privacy:

No. It's just it it will be just the silent payments piece is now a similar privacy model   to the node   of a regular Right. Sync. But you still the the key is that you still get all of the privacy benefits of silent payments outside observers. On chain. Yeah. Yeah. So it's it's that is I think that's the sweet spot, really, from a It's a strict benefit. Perspective. Yeah. Yeah. And you get great performance.  

[01:08:28] ODELL:

Like, the performance has been the single biggest issue, particularly on mobile. It's just it's slow. Right? Yeah. And it's like again, on Android, it's quite easy to work around with background sync.  

[01:08:39] Seth For Privacy:

But on iOS, there's just not really a solution other than just syncing in the foreground. So that's where it's a little painful. I mean, like, we have some ideas of how we can upload this. Like, if you   run a a long term goal, maybe not too long term, hopefully, is if you run, like, cake on your desktop, you can offload sync to that. And that's something that we'll play play around with as well in the future. But I think this this will be like, this server model will be the sweet spot for the vast majority of people of if you already run a Bitcoin node, this will be trivial to run alongside it. And then you get the best of both worlds where you get the the UX of a regular Bitcoin wallet, but you get all the privacy assumptions of a silent payment address, which is really, really cool.  

[01:09:18] ODELL:

Yeah. I mean, you're already like, if you actually want privacy when using Bitcoin,   you should be using your own node. Mhmm.   So for those people, like, they're running a start nine, they just run frigate alongside of it. And then   they'll have a highly performant,   pretty strong privacy   situation going on. So that makes a lot of sense to me. By the way, Freaks, I forgot to check fountain as well.   Gary, rider dog freak average Gary zapped 10,000   last week on fountain. So thank you, Gary.   Seth, this was awesome.   Final thoughts before we wrap up?  



[01:09:59] Seth For Privacy:

I think for me,   just,   it's been hard recently to not get to, like, black build   and doom and bet the Bitcoin side. Like, just the way discourse has   shifted and all of the Bitcoin penny stocks. And, like,   it it feels very, like,   dark in many ways. Like like, we're getting even further and further from the cypherpunk roots. But   I think something that's just been helpful is I'm just spending less time on social media, not engaging in a lot of the useless discourse, and building. Like, that is   that gives me hope as there are really, really, really brilliant people doing that   across   space.  

And they're building really interesting novel things, and they're solving real problems.   And especially just being able to talk to a lot of these builders behind the scenes. Like, most of them just aren't they're not very public or talkative. They don't go on podcasts often, but they're building really cool stuff.   And so I think just just kinda leaving people with stay off social media,   try new stuff,   keep an eye on the the builders who aren't the big names, who aren't the the podcasters.   No offense, Matt.   No offense to me.  

But You have a podcast too. Yeah. I do. I do. I unfortunately, I'm I'm one of the podcasters.   But, yeah, just just keeping an eye on that, giving kudos where they deserve to the people who are actually building. And,   yeah, I'm I'm optimistic on FreedomTech. I am pessimistic on Bitcoin Twitter, but that's probably where I always should have been. So Well,  

[01:11:29] ODELL:

definitely aligned on that one.   I mean, look, I take great pride that I think,   bring on a lot of builders on dispatch that you do not hear on any other podcasts.   I look. I was kinda in a similar hole for a little bit. I think,   the best way the the productive way to look at it   is we have more people self custodying using the tools, building out the tools than ever before from an absolute number. Are we smaller percentage wise?   Yes.   Like, is,   you know, are is is the majority of, like, the Bitcoin influencer seen captured?   Yes.  

Is was that always gonna happen?   Yeah. Probably. I don't think there was any other path that that was gonna take.   But there's a lot to be optimistic about, and I I I   it's hard to   short of the tornado cache and samurai rulings,   which were devastating.   Mhmm. And we're about to find out, you know, how much you know, what they're gonna get   sentenced with in terms of, jail time.   I think they face a maximum of five years on both sides.   Short of that besides that, which is a big   if, a big besides, but still,   the timeline is quite strong.   It is it is if you asked me five years ago, six years ago, like, where we stand today,   it's hard to imagine us in a better place if what you care about is using Bitcoin,   as freedom money and using it in a self sovereign way. Like, the tools have gotten very good,   and they are getting better. And it's just and focus on the rider dies and touch grass and raise a strong family   and,  

[01:13:13] Seth For Privacy:

be content with that. I like it. That's a good perspective. It's a good pre   hard to keep, but a conservative.  

[01:13:21] ODELL:

We'll catch up again in three months.  

[01:13:24] Seth For Privacy:

For sure.   Onto the next quarterly update.  

[01:13:28] ODELL:

Freaks. I'm gonna have on next week. I don't know,   I don't know what day. I'll announce it on Nostr,   But it's it's gonna be in person, so I'll have them on next week. And, I would love if you guys join us live.   As always, all the links to dispatch or at dispatch.com.   Whether you support the show through SATS or support the show by sharing with your friends and family,   either help.   You guys are are the heart and soul of the show. So,   thanks for being along   with me on this journey.   Anyway, thanks, Seth.  

[01:14:07] Seth For Privacy:

Thanks, Freaks. Thanks for having me on, man. Always fun. Always fun.  

[01:14:11] ODELL:

Stay humble, StackSats. Peace.