Ungovernable Misfits

Share on social media:

Welcome to the The Confab, the term derives from "confidential talk", which was commonly used in the Prohibition Era for meetings and conversations that took place in the smoky, rule-breaking speakeasies of that time.

The informal, privacy focused and clandestine nature of Ungovernable Misfits lends itself to these discussions.  So, grab a seat and a stiff drink from the concealed bar, listen and revel in the conversation.

On this episode, Urban Hacker drops-in to speak with Max

Show Discussion

I. The Importance of Privacy in Bitcoin
   A. Explanation of Bitcoin's transparent nature and UTXO model
   B. Risks of public transaction history
      1. Physical security risks from revealing wealth
      2. Liability for others' misuse of your Bitcoin
   C. Comparison to privacy in traditional financial systems

II. The Loss of Privacy Tools
   A. The shutdown of Samourai Wallet, Whirlpool, and Wasabi
   B. Expressing concern over the lack of pushback and people cheering the loss of these tools
   C. Acknowledging the bravery of the developers who were arrested

III. Advice for Users Affected by the Loss of Privacy Tools
   A. Recommendations for users with funds in Samourai Wallet
      1. Do not panic, funds are safe
      2. Disable auto-update, consider restoring to a new device
      3. Prioritize using your own Dojo or setting up a new node
   B. Discussing the privacy implications of using Wasabi going forward
      1. Technical limitations and centralization concerns
      2. Potential for further shutdowns

IV. Exploring Alternative Privacy Solutions
   A. JoinMarket
      1. How it works, maker-taker model
      2. Challenges around liquidity and fixed denominations
      3. Potential for collaborative setups
   B. Using Monero
      1. Benefits of Monero's privacy-by-default approach
      2. Considerations around KYC, exchange interactions, and node operation
      3. Recommendations for using Monero as a spending tool

V. Call to Action and Closing
   A. Encouraging people to take privacy seriously and not give up
   B. Highlighting the importance of running your own node
   C. Offering help and consulting services from the guest, Urban Hacker
   D. Wrap-up and appreciation for the guest's time and insights


LOOKING FOR A CYBER SECURITY CONSULT?

Visit Urban's website https://urbanhacker.net/cybersecurity/ to book a free 30 minute call!


IMPORTANT LINKS 

• https://freesamourai.com
• https://p2prights.org/donate.html
• https://www.courtlistener.com/docket/68467223/united-states-v-rodriguez/
• https://x.com/frankcorva/status/1795509090946363682

SHOW SPONSORS

FOUNDATION (https://foundationdevices.com/ungovernable)

Foundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.

As a sovereign computing company, Foundation is the antithesis of today’s tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can’t be evil,”

Thank you Foundation Devices for sponsoring the show.

Use code: Ungovernable at check out for 3 months free VPN usage with IVPN.


Thanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.

You can support this episode using your time, talent or treasure.

TIME:

- create fountain clips for the show
- create a meetup
- help boost the signal on social media

TALENT:

- create ungovernable misfit inspired art, animation or music
- design or implement some software that can make the podcast better
- use whatever talents you have to make a contribution to the show!

TREASURE:

- BOOST IT on the Podcasting 2.0 apps (https://podcastapps.com)
- STREAM SATS
- DONATE via Paynym @ https://paynym.is/+maxbuybit
- BUY SOME CLOTHING @ https://ungovernablemisfits.com/store/

(00:00:00) INTRO 🔥

(00:01:56) DONATE TO THE SAMOURAI LEGAL FUND 💰

(00:02:44) ⚡ BOOSTS ⚡

(00:04:59) THANK YOU FOUNDATION DEVICES 🤝

(00:06:09) Shit Hits The Fan 💩

(00:11:37) Back to the Privacy Drawing Board

(00:14:44) UTXO's Can Stalk You

(00:20:50) The Servers Were Shut Down, DO NOT PANIC

(00:27:02) Plan to Run Your Own Node

(00:31:00) So, You're Ready to Spend Again...

(00:39:46) "Wasabi, which I don't like"

(00:44:55) What About Join Market?

(00:51:48) Whirlpool Was So Easy

(00:57:33) Monero Swaps

(01:08:14) If You're Selling Jerky Online, Then Monero Will Work For You

(01:14:33) Urban Hacker: Privacy Consultant 📞

(01:17:31) Provide Node Services for Those You Trust

(01:20:17) "Whenever I think of beef tallow, I think of you"

(01:22:41) Dark Times, But Press On 🫡

[00:00:04] Unknown:

Bitcoin   is close to becoming worthless.  

[00:00:16] Unknown:

Now what's the Bitcoin?  

[00:00:19] Unknown:

Bitcoin's like rat poison. Yeah.  

[00:00:22] Unknown:

Oh. The greatest scam in history.   Let's get it.   Bitcoin will go to fucking 0. 0. Yeah.  

[00:00:42] Unknown:

Alright, you ungovernable misfits.   I'm your host, Max.   Everybody knows that Bitcoin is useless, worthless, and doomed to fail. But what if everyone's wrong?   What if it's the system that is doomed to fail?   Join me, as I speak to some of the brightest people in the space and slither to the deepest, darkest depths of the Bitcoin rabbit hole.   Welcome back to Ungovernable Misfits.   Today's episode is another confab episode.   We might not actually be sat in a speakeasy,   and it isn't actually prohibition times, but it's starting to fucking feel like it. It.   In this episode, I sat down with my good friend, Urban Hacker.  

Urban came on to explain to people the changes in the Bitcoin privacy   world. We had some delays releasing this,   and this was recorded about a month ago. So there have been some changes.   So just to let anyone listening know,   there is no longer   a Wasabi   service. It is mentioned in this podcast   as an inferior product, but something that you could use at the time. That is no longer the case.   I think everything else stands, but it just goes to show how quickly things change. You have to keep your head on a swivel,   learn how to use the tools, and keep practicing   because things are changing fast.  

Since recording this, there has also been some changes with the samurai case.   Most importantly,   since recording this episode,   there is now a way to donate   to samurai and tdev.   It's important.   If there ever was a fight for privacy and freedom in the Bitcoin world,   it's today.   You can look in the show notes and there is a link.   If anyone can't see it or has any problems   or wants any help in donating to Samurai and T Dev, you can reach out to me, and I can point you in the right direction.   I wanna thank everyone who's been supporting the show with boosts in Fountain,   Breeze, and all the other podcasting 2 point o apps. It's amazing to see. It really does help the show. It helps us pay for the editing. It helps us keep the website up and everything looking clean. And it's just amazing to see the support from you guys. So I really appreciate it. Thank you so much.  

I'm gonna read some of the boosts.   HashLatet   boosted 61,020   sats. Trying again.   Lightning is so sassy.   Hashtag free samurai.   Oh, yeah. I can see she's tried again, but it didn't go   through. Also with   hashtag free samurai.   Lincoln Park rules boosted 50,000 stats.   Please help Adam Anderson of Pain In Boosting Fame   in Nominating   Samurai Wallet and Samurai   Dev for the EFF   awards.   Hopefully, this can bring extra attention to their case at EFF.   I'll put this link in the show notes as well, so anyone can, share and click through.   Rod Palmer boosted 41,250   sats.  

Expatriotic   boosted 21,000   sats.   Camper boosted 10,000   sats.   Oscar Merry   boosted a 1,000 sats with test.   Seems to have worked, mate. Brother Satoshi.   My brothers in Christ, Max Diverter and Zelco.   Blessings to you for spreading the good word about samurai.   In these times of evil and corruption where Satan has his grip on the world, Being men of principle and standing up for what's truly right is more important than ever.   Blessings to you and John as well. Free samurai.   Thank you, mate.   Thank you also to Cyborg   and Pies for your boosts.  

Daggers.   Fire. A 100.   Prey, fist,   high 5, salute, strong-arm, punch, beers.   Right. That's the boost. Thanks to everyone. I really appreciate it. As I said, it really helps us grow. If you like the show and you wanna share it with friends and family, we really would appreciate that too.   Before we jump in, I just wanna say a big thank you to Foundation Devices.   Foundation Devices keep this show going.   We refuse to sell out to shitty sponsors.   We only wanna work with the best. And Foundation Devices are fully open source. They make beautiful hardware that works.   Any fuckwit can use it and keep their Bitcoin secure.  

It really is so simple, and you can set this up with their companion app, Envoy,   with very, very easy to use labeling.   You can also pair this with my favorite desktop wallet, Sparrow.   And if you have any problems setting it up or you're not a 100% confident,   you can pay an additional   $99 and Bitcoin Q and A will walk you through it.   It couldn't be easier to keep your Bitcoin secure.   Check them out at Foundation   Devices   and use the code Ungovernable   for an additional 3 months free VPN with IVPN.   Enjoy the show, and help us, Free Samurai.  

[00:06:10] Unknown:

Do you hear me, Max?  

[00:06:11] Unknown:

I've got you. Just letting you know, mate, I'm recording from the  

[00:06:15] Unknown:

start. Yeah. No. No problem. That's how you work.   It's great that my Linux   Bluetooth audio   speaker microphone   is working,   like, for the first time without having need to disable the VPN,   the Wi Fi, and everything else.  

[00:06:33] Unknown:

So yeah. The joys of Linux.   Well, mate, you are,   guest number 2 of the new show format.   I don't know if you've seen, but it's been changed to the confab.   The reason for this is the confab is a term that comes from   confidential   talk. It was commonly used in the prohibition   era for meetings and conversations   that took place in   rule breaking speakeasies of the times.   It feels quite fitting   given what we're seeing, and I can think of nobody better to have a conversation with in this time. So welcome back, mate. And it's been   far too long.  



[00:07:14] Unknown:

Yeah. A lot have happened   since we last had a chance to have a chat. And, yeah, it was a was a crazy crazy 2 weeks, I would say now. It seems that every day we have more and more shit hitting the   the fan. And,   yeah, I'm glad to be here, and I'm sure it's gonna be a great one.  

[00:07:36] Unknown:

Shit hitting the fan is,   one way to put it. You know, we've been talking back and forth a little bit over the last couple of days about it, and   it's the first time   for me   that I felt   unsure about the success of Bitcoin.   And   that   is a strange feeling for 1, and it might feel hyperbolic   to   a lot of listeners.   But it does feel like that to me because   the set of tools that were available   were good enough   that   somebody who did care about privacy   could have it regardless of all of the wanky stupid bullshit you see on Bitcoin Twitter,   all of the stupid narratives that you see, and other people not caring about their privacy   or their freedoms,   you still have this stack,   and it was very, very good. And it was a bit of a learning curve, but once you'd got it, you were good.  

And now it's gone. And so   that's why we've been talking a little bit is   it's not a case of just giving up   and rolling over.   We have to find other ways   to be private,   other ways to continue this cypherpunk ethos,   and,   the game's changed now.  

[00:08:58] Unknown:

Yeah.   I think we we are living in dark ages.   What is very chilling is that, as you said, there there were certain,   tools that one could use to gain privacy.   And I would also say that those 2, I would push back a bit on you when you say they had a learning curve, but   I think they were easy enough that most   Bitcoiner with very minimal onboarding could could use them. They were also very cheap to use   both on money wise and also,   like, how to say, like, energy wise. Like, you didn't have to do a lot of thinking to use them. You could basically use, like, any other wallet, and it was in the background doing a lot of things to ensure your safety and and privacy.   And in the span of 2 weeks, all of this is gone.  

And it's not just gone that   Sumara is not there, but,   basically,   the 2 major   user friendly app that were existing, Whirlpool and Wasabi,   are both shut down or I think Wasabi is still for a few days.   And it is worrying. And what is also cheating is on a normal situation, I could see people even if I don't recommend Wasabi,   I could see people tempted to use it. And, actually, in preparation of this podcast,   I installed Wasabi just to see what what could be done. I I did some test with it. And   even if you would be okay with their, shit policy from a shit company,   well, they they are going to shut down in in a few weeks.  

So, yeah, it it is pretty dark.   And for me, what's   dark is is not that because I always expected it that at some point it would happen. For me, what's dark is I see no pushback.   That is way more depressing,   and I just see people cheering and   embracing what just happened.   Mhmm.   And for me, this has I have to say mentally, this was not easy. And to see every wallet, one after the other, removing the tools,   just like blindly, you know, no one is putting a fight. The only one that were willing to put a fight, they are now in jail. And you're thinking, okay. Why are you in this space?   What the hell are you doing? You know? And it is chilling. And, I mean yeah. So   it is a very dark moment and   the tools that I searched like a few days ago to   maybe talk about the trade offs,   they are not even available anymore.  

So I had to,   you know, install, join market, and and try out some stuff there.  

[00:11:38] Unknown:

Well, this is   you know, we are in prohibition time. We are in the prohibition era. The prohibition is not alcohol. It's freedom and privacy.   So these conversations   now more than ever are important.   I get it. I understand why people back down and they're scared.   We had a very loud person in the Mesche Del the other day   explaining why me and Diverter   shouldn't be scared of men with guns and the government because we highlighted the fact that this adversary   is extremely powerful,   and you'd be stupid to   not take them seriously.   Watch what your enemy is doing   and move smart.  

That's what people have to do now, in my opinion, is don't give up,   don't back down.   I'm sort of seeing   neither of those things by most people.   Is either loud mouths   talking as if they're double hard, and you know if they get a knock at the door, they would fold like wet cardboard.   Or you get the people who are just   literally giving up,   or the worst, like you explained, people who are cheering this on like it's some sort of good thing. And to me, that's absolutely disgusting because 2 of the bravest people I've met, 2 of the people who have stood for freedom and built something incredible   have been arrested   for literally bringing freedom. Like, I I tried to explain to a few   family members over the last couple of days. I don't know why I bothered, but   just, you know, tried and just said, you know, the basics of what's happened. And, unfortunately,   the answer you get is, yeah, well, they broke the law.  

The unfortunate   fact is that most people will just go along with that narrative,   not what's right, not what's wrong,   not, oh, well, what they were doing is actually right   and good, and that's brave. It's just oh, they break the law. And, unfortunately, this is just kind of   how the majority of people   are thinking. And that's very sad, but this show is ungovernable misfits.   This show is for people   who want to do things differently and want to try and bring freedom to themselves and their families and friends. And so,   you know, we could   probably have a conversation for hours about how shit the situation is, but at the same time,   we should probably give a little bit of information for people out there   who maybe were using the service   and are now a little bit confused, a little bit scared, don't know what to do so that we can give some advice.  

And then other people who maybe are listening and they're newer to the show, we've had quite a lot of new listeners recently,   explain, maybe go back to basics a little bit of why was this tool useful   and not for criminals as they're labeled, but normal people. I I like to consider myself as a pretty normal,   I hope, decent person.   I know you are. We use this tool. We used other tools as well. And,   yeah, if we can maybe break that down a little bit. Yeah.  

[00:14:44] Unknown:

Yeah. So the the reason why I am honored to be on your show is because I know that your show is very positive   in a good way.   And I like that we are not just, you know,   circling in the dark and and complaining because that at the end of the day, that,   that doesn't serve anyone. And it's it's exactly what our adversary wants us to do, to be defeated   and to think there is nothing, we can do. So,   very basic 101. Why is this important   and why everybody should care about privacy in Bitcoin?   I won't go too much into the technicalities,   but Bitcoin,   the way the protocol works,   it use what is called unspent transaction output, short,   UTXO.  

And this is how much money you have like a banknote.   And then when you send this money to someone, you basically send this UTXO to someone, and you can follow pretty accurately the flow of funds. All of this is transparent. So we note that it moved from wallet a to wallet b to wallet c, etcetera.   Usually, what happened is most people, the way they buy Bitcoin is through a regulated KYC   exchange.   So they basically, you know, put some,   I don't know, their driving license,   their address, their phone number, like, all the private information   into this exchange.  

And then it means that this UTXO, this banknote that you get, is as if your name is written on it. Right? And as you're transacting,   you could follow where you send the money even if it's your to yourself. And   there is nothing if you look at, the blockchain, there is nothing that tells you that it changed a hand. So when you send to your cold storage, it looks the same as if you spend it to someone else. Right? It's just another wallet. And from this, basic thing, 2 major issue can happen.   So the first one is, let's say you have a huge stash of, like, 10 Bitcoins. Right? And then you buy some coffee in El Salvador and you send the transaction.   Anyone, including the the one who is selling the coffee, can go in the blockchain and can see that you have 10 Bitcoin. And this can be a huge   risk to you, to your family.  

That can be a huge physical risk. And I would say in certain case, it might even   get you in a physical threat.   And we have seen this recently. And it has. Yeah. Yeah. Yeah. We have seen numerous case, and recently this this happened to someone.   So this is dangerous.   The other more insidious way that this can be dangerous is, let's say you buy anything.   Right? You again, coffee, and you don't have a lot of Bitcoins. You're not a target.   Now most likely the person who   sold you the coffee, they didn't ask any private information. Right?   So now they have Bitcoin   that are still in your name, quote, unquote, according to the power that be, but that effectively change hand. And the truth is once you send them, you have zero control about what the person does. Now   if this person does something   really, really bad, could be anything,   what happened is any investigation will will look on Shane, and then they will find your name. And I know personally people who got   question   very harshly at airport   just because they sold some Bitcoin in 2013,   so long time ago. And then in 2020, in Amsterdam, they were arrested   and put for, like, 10 hour questioning   because someone, yeah, because someone bought some drugs on the dark web with it. Right? So I would say you have zero control once you send the money. You have zero control over what people do.  

And this had happened. Now the most notorious case that this happened is obviously, you know, Roman Turingloff. He was a user of Bitcoin Fog. And basically, the the people,   at Chainalysis,   they just look at eWijo from Bitcoin Fog, the therefore, he must be the owner. So you can have a lot of misunderstanding   by doing this. I would say for for normies, those are the 2 major,   issue. Now if you buy your current on KYC   and you do smart UTXO management and all the la la la la,   you might avoid avoid both of those.   But, again, why taking the risk?  

Up until recently, it was just simpler to send everything to Whirlpool.   And and then from there, you you can you can spend with relative,   safety. And those are 2 things that happen.   And   it's 2 stuff where you have zero control over it. And I think it's important. And, again, if we look at the financial system,   when you buy coffee with your credit card, the merchant doesn't know what is your limit. He doesn't know how much you have. This is only between you and the bank. And we should have the same ex   expectation of privacy in the case of of Bitcoin.  



[00:19:43] Unknown:

Yeah. So   it's no different to   using,   in that sense, a credit card or cash.   And even if we take it to a less extreme than being stopped at an airport   or someone breaking into your home and attacking you or any of the other stuff that's happened,   Just like the basics of   if you wanna pay your plumber because your sink is leaking,   and you pay him, and he can suddenly say, oh, Jesus. This guy's got loads of money. Next time that you have a problem, guess what? Your bill's gonna go up. And that's just, like, a very simple,   important reason why   if you're smart, you don't go shouting about what you own because people treat you differently. And so I think if it's explained like that,   any   reasonable person would be like, oh, yeah. I want that. I don't wanna be attacked, and I don't want my bills going up. And I don't want my neighbor knowing what I own because,   you know, that's just not normal. It's it's never been normal. It was a simple tool   that worked really well   and allowed people to continue   as they normally would in life.  

Now, obviously,   this has been taken away.   We don't know what's gonna happen in the future.   The people who were using this service,   some of them are affected worse than others. So   the people who were   running their own Dojo   less affected,   We can assume or be pretty certain   that their information isn't leaked and that although these servers have been taken down, that their privacy is still good,   and, anything that's gone through Whirlpool is still good. But   for the others who were connected   to samurai servers,   they now have their x pubs leaked.  

We can assume   this means now that they're in a situation where they have to be careful going forward.   Wasabi's pulled out, which as we both agree is   much worse service, but it was a service nonetheless that's now gone. We need to find the next steps for these people. You know, you can go much more into the technical side than I can. So maybe you can break that down a little bit, mate. Yeah.  

[00:22:00] Unknown:

First thing is   do not panic and do not do anything stupid.   Even if the wallet shows 0, your funds are safe. Very likely they are safe. It's just that the wallet was expecting to connect to the server and because there is no server anymore, it won't know its balance. But I would say the most important thing is, paradoxically, to do nothing.   I saw so many people getting,   and not necessarily in that case, but   just into   all the, you know, DeFi and NFT hacks. Usually, what you see is you have a hack of a wallet, then people panic. They try to move the funds, and this is when they get hacked. This is when they lose them because they do it under the stress.   So in the case of samurai, don't do that. Right? Your funds are are safe. It's non custodial wallet.  

Nobody,   even samurai, had any access to those fund.   So the first thing is, paradoxically,   do nothing.   Right? Now   let's divide this in 2 things. First, there is a privacy aspect, what are you risking, and then there is how to recover your funds.   So I would say, how to recover your funds   as long as you don't need them now, like, right now. Just wait and see a few weeks. See what happen.   Don't panic. Because, again, imagine, you install Spyro. You're not familiar with Spyro. You install it on your old shitty Windows XP computer that is full of virus, and then boom, the crypto is gone. And   you will come in Telegram   crying because you downloaded a fake spiral or your old computer was infected.  

So it's much safer   in the phone. It's much safer   in summary.   I would say disable auto update.   Alright? We don't know who got access to the key to the PGP key to publish on the Google Play Store.   Now I don't believe anything malicious will be published through. But, again,   we have seen rogue agents sometime. You know, in the case of Silk Road, they were like rogue FBI   agent doing shady stuff. And and   so this could be a vector of attack. So just disable auto update   both on F droid and Play Store, if that's the case, and leave it as it is. Don't panic too much. If you want to be reassured, you could always look at the address in your wallet and then go to, like, mempool.space   and see that the funds are are still in there. If you want to recover because you need the funds, so if you use your own Dojo, obviously, you can just as is. If you want to recover   from   one that is not using,   your own Dojo. Actually, my recommendation would be to use samurai.  

I would first make sure that you know the passphrase. I would also make sure that you know the recovery seed   and check those before you do anything. And then what you could do is after installing your own Dojo,   you could just recover them on some right itself and you will get all the balance. Because problem is, if you try to restore it on another wallet, even Sparrow,   sometime it has trouble because samurai segregate all the funds in multiple accounts. And sometime you it's not trivial to to restore it. So I would try to restore it on another samurai   wallet app. But before so don't remove the app from your phone, obviously.  

And before you remove the seed, you erase the wallet.   Make sure that you have both the recovery seed and the passphrase.   Right? Don't lock yourself out in a stupid way. If it's huge amount of money,   buy another Pixel phone.   You know, it's only I mean, if you are storing, I don't know, several 1,000   of dollar in this, just buy a Pixel phone. You know, it's like $200, $300,   extract the API from your phone, install it in the new phone, and then boom, done. You are good. And again, use your own Dojo. I always recommend, actually,   most people, if they can do it, to install,   Dojo, like Rona Dojo specifically,   just because moving forward, even if you don't use samurai, but you use Spyro or anything else, you will get better privacy. Take this as a lesson. Right?  

And from now on,   try to improve and to to reduce this this attack.   And I think with this, we covered both the casual user   to like the the more advanced one, depends on how much you have in the wallet.   Be careful. And always,   like, do not remove the wallets from the phone. You could always, in worst case, you could go there and send all the funds. Now the reason why I don't recommend that is because   you would undo privacy. And when we speak about the privacy aspect of it, I would like to discuss more in details.   Oh, and finally, last option that you could do is   disconnect the phone from Internet, and then you can use Samurai in offline mode. Just like if it was a cold wallet, and you could generate the transaction in there, and then send it through Sparo. Right? Mhmm. I would do this if you have below 1,000, you know, don't don't bother too much. Just just do that. If more, go get a node. Like, seriously, you know, you pay more in credit card fees than buying a a a Rona Dojo over years. You know?  



[00:27:02] Unknown:

Reiterate   running your own node part. Because I've seen a lot of things shared where it's like, you know, just import into Sparrow, which isn't a bad option. It's a good option, but, you know, people are then connecting to one of the trusted nodes that Sparrow, like, preconfigures.   A lot of people are doing that, and they might well be fine. And Craig's absolutely awesome, and I'm sure he's done his homework and, you know, you probably would be fine. But when you're saying take this as a lesson,   the lesson is   do not trust somebody else if you can avoid it, and it can be avoided   by running your own node. So I would say that is   step 1 for somebody. Your funds are safe, as you've just said. You don't have to panic. So whether you build your own or whether you buy a Tanto,   whatever it is, I would suggest you do that.  

The second point I was gonna suggest for people,   especially for people who maybe are a bit scared or they're not that technical,   I had a pretty good friend of mine who reached out who I've got into Bitcoin over the last few years, and I said to them, look. Just use samurai.   Put everything through Whirlpool. And as they've been buying, they've just been sending into samurai. They never actually put anything through Whirlpool. They just had everything sat in premix.   And what I actually got them to do, because they really were panicking,   is   I just got them to use hardware. And I said, right. Because it's all in here, you haven't gotta worry   about having your post mix and your bad bank and this and that. You've just been sending into this. So just recover this into a hardware wallet. Once you've done that,   you can just run this with Sparrow.  

That's the other option for people, especially if it's just in premix.  

[00:28:47] Unknown:

Yeah. Yeah. Obviously, if it's in premix,   you're you're losing nothing by by doing that.   And, yeah, I think what you said about the the default node of of Sparo,   you know, for all we know with all the enthusiasm that is going on now in the authorities to crack down on Bitcoin, who knows? Maybe tomorrow, mimpool.com,   mimpool.space,   sorry, is taken down. And all the transaction that went through it,   which is not that different from what samurai was was doing. Right? Then they will be used in investigation. So you you never know how this goes.   I would even say if you don't want to buy a Ron and Dojo,   because this is a bit critical, you would be better off just using Umbrell. Now I hate Umbrell.  

I think they are shit. They will send your IP. They do all kind of stuff. But, again, you were already using summarized node.   In the case of Umbrel,   they will only send the IP, but it's very easy to install. You can install it in, like, a day or so, get it running, and it's, like, 10 minutes to, like, put it on a Raspberry Pi. And from there, you you can also recover stuff in a in a safe way.  

[00:29:54] Unknown:

What about start 9, if we're talking about other inferior nodes? Have you got any thoughts around that?  

[00:30:01] Unknown:

Last time I checked, but this was 6 months ago, they didn't had   Dojo in there.  

[00:30:09] Unknown:

Maybe they don't. Maybe they don't.  

[00:30:11] Unknown:

So I I actually tried them,   but   they couldn't. And, look, I would rather recommend something that has the Dojo so you can recover everything easily. Mhmm. Yeah. But, I mean, there are orders like Noodle,   I think I mean search. The the reason why I put Umbrella is because that's the one I know and Is it safe? That's like, yeah. That's my emergency one when whenever I need to help someone.   That's like the one I know I we can set up in, like, an hour and and be done with it. It's a learning experience. You know?   And then please make yourself a favor. Support financially the teams that care about your privacy.  

Buy one from,   from, Ronan Dojo. They they make excellent hardware.   I have one that I use as my media center, and it's like rocks. It's amazing. It's it's really good quality.   But anyway, so speaking of privacy.   Now again, I would not recommend to transfer anything as of now,   because   even if whoever   has access to the summarized server has access to it, you still have privacy from everybody else. Right?   So, yes, chain analysis might know,   but that's only part of the problem. The other problem is, as we said, you know, the $5 wrench attack   and things like this. So if now you send everything out of Whirlpool,   you would basically not only, like, change nothing   for chain analysis because they would theoretically still have your xBOP,   but then you just reveal to the world, like, you weaken the anonymity of everybody else in Whirlpool and also to the public. The only real big issue if your expub   is public is that people know the future   spend.  

So what I would do, assuming you don't need the funds, like, right away, is I would treat it as a spend only   wallet that then you progressively   send to whatever you need to do. So this way, you still because, again,   you you still have privacy   in the blockchain. You know? If you send me $10,   I don't have your XPOD. I will see it come from Whirlpool. That's it. Right? Don't underestimate that. Now if you panic and you merge everything in 1 big UTXO,   that's gonna be very obvious on chain, and that's gonna weaken the anonymity of everybody,   not only for chain analysis, but in the public. You know, every armchair   guy looking at meme pool will be okay. Yeah. This is obviously a consolidation.  



[00:32:39] Unknown:

Does does that make sense, the the what I said? It makes perfect sense. Yeah. I think what I take from that is don't panic.  

[00:32:47] Unknown:

Yeah. No. Really. I mean, I I know it's scary because you see it's it's z 0. But, really,   don't panic. Keep using the tool.   Be aware of the limitation. And if you were using   the samurai node,   slowly spend from there,   and obviously don't receive from it. Obviously don't receive, right? Because again, receiving would be really bad. So receiving, you would do you would do this on another wallet. But you could keep using samurai wallet,   you know. Especially if you install your own node, you could keep using it. If you create a new seed, it works offline,   it works great. You won't have all the   fancy add ons that they had, you won't have Whirlpool, you won't have all of this, but it still works. And, actually, this would still be my recommendation.  

Assuming   you have it on your phone, I wouldn't right now download the APK   because God knows from where they come. Like, basically, right now, every time I see an APK on Telegram, I'm like, no way I'm gonna install this on my phone. Like No. No. No. No. Don't don't do it. No. I concur. That makes sense.  

[00:33:55] Unknown:

Yeah. So you can keep spending.   Getting into the nitty gritty   where we're unsure   what is leaked and what is not. Do you have any idea,   for example, people who have   run their own Ronin Dojo,   They've been connecting to that. And then let's say,   I don't know, they have a power outage   or they have an issue with their node or   they're traveling and it goes down and they need to make a payment.   If they then were to connect to Samurais servers   for a short period of time,   do we have any way I assume we have no way of checking that there's no logs.   No matter how short a time that had been or how long ago that had been, I assume those people just have to make the assumption that their XPUBs are leaked and   anything that's gone through there is potentially now being tracked.  



[00:34:54] Unknown:

Yeah.   So first of all, I I'm not from the samurai team.   I I was not running the server. I I don't know the exact setup there. So, obviously,   that's,   I think it's an important disclaimer.   And I will also not speculate like, oh, where they secretly   everything   they said that they didn't log, I I would trust them. But, you know, you could have the ISP login. You could have, like, logging on many   in many different places.   For the scenario you spoke,   now this is not possible unless you restore the wallet.   So   by, again, safety by design. This is why I I love samurai.   If you go in samurai and you try to turn off your own dojo,   as far as I know, it prevents you   just because   it it doesn't want you to talk yourself to their server.  

So what you have to do is delete the seed, and then restart   as if you were starting a new wallet. Yes. So I don't think you can do this accidentally.   Right? This is the important point to know. Like, maybe you No. It's certainly not. Yeah. Yeah. Maybe you fucked around in the UI,   but but it as long as you didn't go delete the seed and then restore,   that should be good.   Now if   what you describe happened,   I would assume,   then they, yes, they they they know the XPUB.   I don't know what is the retention policy   as is I don't know how long they kept it.  

My assumption there is   to think forever.   Just because I we don't know. And, again, this is not to speculate,   but it's just the the reality. And and knowing that they were under,   quote, unquote investigations in 2020,   maybe the ISP was already logging stuff on their server since 2020.   You know? Like, this could this is also something. You know? Even if they delete after 20 minutes,   if the ISP keeps a copy of everything that goes through the server,   then you can delete on the server, but they they so, yeah, just assume   they have it.  

And   everything we said about the case where you were not running your node would apply.   I know people that had this, and then they just created a new said, work pulled everything.   Just saying.  

[00:37:20] Unknown:

Yeah. Yeah.   Which would obviously be the smart thing to do, but I assume there are people in that situation.   And I think that makes sense is to assume the worst because assuming best case,   it could get you in a lot of trouble. Assuming the worst,   it just means you take the extra steps now, and   it's better too much than too little. My assumption from   the little I know of the guys who are running samurai and the team,   my assumption is they were doing everything they possibly could   to keep you private and secure.   But as you rightly said,   you don't know what could have leaked without them wanting to, and so we have to make that assumption to be on the safe side. So given that there will be some people in that situation,   there will be some people who were just, not running their node at   all. For those people   going forward,   obviously,   there are far less tools available now, but that doesn't mean just give up and accept it.  

We have to find other ways around for these people to try and break these links   and   to move forward without being potentially attacked. So   have you got any advice on what these people can do   ranging from do nothing   to start using some new tools?  

[00:38:44] Unknown:

Yeah.   So just to to finish off about the summary, what they had on their server,   they were getting all the XPub independently.   So, like, they don't know that this XPub is your first wallet. The second XPub is your they just know they're they're are XPub, but they were not linked together.   So I think it's an important distinction. Right? So now it still require a lot of work to make, like, all those expats somehow matching together   because every wallet   in samurai, it's not one wallet, but it's, like, 6 or even 9 maybe. Because as we said, all the funds are segregated. So even though they were sending your XPUB, there is segregation in there, and it's not necessarily trivial sometime to say, did you send to a friend Whirlpool,   or was it actually your wallet and then your Whirlpool?  

I think it's it's important that you know this. And I'm pretty sure they were not logging the IP. And if you were using Tor or a VPN, then the IP, you you wouldn't care anymore. So now okay. Moving forward,   it's tough. So   let's talk   about the next,   I would say, solution that maybe people have in mind, which is Wasabi,   which I don't like.   But I still want to to speak about it. So   Wasabi,   first, is gonna be shut down   in a few days or a few weeks maximum.   Then it had many, many issue over the year that led to,   fund being seized and and user getting   arrested and and things like this.  

So   the quality of the coin join is   not as good as samurai.   And finally,   the company decided   out of the blue to start censoring users,   and   I feel   this is really not something you want to be associated because the way they censor the user is they actually pay a chain analytic company.   So they basically give money to the enemy, quote, unquote.   And me, personally, I do not want to actively send   money to a chain analysis company. I think most of the work they do is bullshit. I think they should go back to the drawing board. They are putting innocent people in jail, and I find what they are doing is really scary. They should really rethink the way they are doing. It's like a multibillion dollar   industry.  

And,   yeah, it's just really shitty, really shady.   Yeah. So   knowing that   they do have   custom coordinator.   So if you're brave, you could run a   coordinator.   You would still have the technical issues,   that the coin join are not   good.   And on top of that, you need the balls to run an actual coordinator   knowing what we just said for for the past,   40:40   minutes or so. But it is possible. And and actually in   in a sad way, it is easier,   I think, to change a coordinator   on some on, was that be done on samurai? So we could have people who start running a coordinator   and then you just you could connect to it.  

And   then every coordinator   can have their own policy. But be aware that   Wasabi   and the case of the   every coordinator, has his own liquidity.   So Whirlpool, everybody used the same. Right? Spyro was using the same liquidity.   Samurai was using the same liquidity. Any plugin that goes into Whirlpool   will use the same liquidity.   So you hide into a bigger crowd. In the case of Wasabi, if you're only 5 people using the coordinator,   then it's really a shit anonymity set. Right? So you have to take this into account. Plus all the the issue,   that are like the technical issue that makes the coin join weaker, to me, it's not a good recommendation.  

And I would try to stay away from it. Now,   again, it let's say maybe I will get a lot of of, harsh criticism, but depending on your scenario, you know, if you live in an authoritarian   country,   maybe you just use Wasabi. Right? Like, you have to to take your own   situation into account.   I think it's important, you know. I'm here in a comfortable country, you know,   without worrying too much about this. But depending on your situation,   you might as well use Wasabi and say fuck it. You could also say, look, there is only a few weeks before it shut down. I quickly mixed everything that was left.   So at least all of this is done.  

But yeah, I mean, they are missing so many feature. Like you cannot mix to cold storage.   You don't have,   I mean, yeah. I don't want to go to the list, but   it's not perfect. But it it could potentially help you, especially if you need a quick solution that is, like, good enough.  

[00:43:39] Unknown:

It's better than nothing potentially.  

[00:43:42] Unknown:

I hate to to to say it. And, I mean, to be fair, the Wasabi community is also shocked   by what happened,   you know.   There were people who actually in in their community were looking at how they could help samurai   devs.   And now I don't suspect the company behind Wasabi because I think they are shit. But then, you know, the user is different. Mhmm.   And   maybe someone will spin up a coordinator.   I think I saw someone on Twitter writing that. But again,   don't act   in a panic. You don't know who is running the coordinator. You don't like, there are so many unknown. So   but yeah. Agree to all of that. Yeah. So but, I mean, for me, it's like a really bitter   it's really a bitter taste in my mouth, I have to say. Because samurai was so good at what they were doing.  

So easy to use and so good. And   the default were also like   really, really good. And Wasabi just don't have it. I mean, if Wasabi was using Whirlpool, then yeah. Of course, company is shit, but at least you have this.   But,   yeah, no. That's not the case.  

[00:44:51] Unknown:

So that's an option. Not the best option, but maybe better than nothing.   The other 2 that spring to mind are either   join market,   which we'll get into a little bit. It has its issues, but it's it's something. It is a tool   or swapping   into Monero   for spends or into Monero and then out. But, again, there's   some things you have to bear in mind when you're doing  

[00:45:18] Unknown:

that. I think let's start first with join market. Right? We we stay in Bitcoin and then we explore   other blockchain.   Yeah.   So join market. I actually tried it in preparation for this tutorial.   For not this, this podcast. Sorry. I mean, it does work. It does coinjoin.   It is expensive to use.   Like,   really expensive compared to Samurai.  

[00:45:42] Unknown:

And, I mean, I can check how much I paid. It costs fuck all. And I let me just start by saying,   I'm talking about   4 or 5 years ago,   so it's not really relevant now. But when I used it, I sat with open arms, and we were using I think it was join inbox.   And it was clunky, and it was awkward, and that was, like, the less clunky option at the time. But   from what I remember, you had, like, a maker and a taker.   And if you're a maker,   you   were setting the fees, so you would actually earn a little bit while you're doing it.   And if you're a taker, you would pay a little bit while you're doing it. And I know that the way that it's set up with the bonds and all this kind of stuff has now maybe changed the game a bit. But   from my understanding and how it was explained to me, it's like, no. The privacy is not as good. If you really wanted good privacy,   the best thing to do was use Whirlpool,   but   that you could do this relatively cheaply.  

Now   that was a long time ago. So what was your experience?  

[00:46:49] Unknown:

So for a simple,   coin join, I paid $20.  

[00:46:54] Unknown:

Okay. And that's what just you're doing a   coin join with 1 other participant.  

[00:47:00] Unknown:

Not with the recommended amount, which is 9. And, actually, I hate that the recommended amount is 9 because   everybody will take a lower recommendation. And now if you're the only one using 3, you're gonna stand out on chain. I wish they they would just   keep, like, 5 or so. And then it's like   yeah.   So to do a transfer of around $1,000   worth of Bitcoin,   I paid $20   because then you have to pay all the fees, plus the fees to the maker and taker.   And then it is not fixed amount.   Mhmm. So in Whirlpool, you know, everybody has, like, 1 Bitcoin, 1 Bitcoin, 1 Bitcoin.   So   here, it's unclear for me how much anonymity you gain   because there are things, like, for instance, if you're the first one to spend it, it's most likely yours. Right?  

And you have like yeah. So it is a bit more expensive. I mean, imagine if you want to do, like, 3 mixes.   Now you it costs you, like, $60.   That's   quite something.  

[00:48:03] Unknown:

You could have don't have the recurring   mix is like you would in Whirlpool. You'd pay once, and then you can leave it in there, which was amazing.   What about if you were a maker?   I understand that there's now   some type of bond that you have to put up. I forget the actual name of it, but you have to lock up funds, which I believe you have to lock up a a fair amount to be able to do this. But   if you were in that scenario and you thought, well, actually,   I can sit here for a year or 2 or however long and this is savings,   could someone consider then becoming a maker? And then the other thing is if you are becoming a maker, presumably, you have to be online, which means, presumably, your funds have to be hot, so then that comes with its own risks.  



[00:48:47] Unknown:

Yeah.   So I tried this as well. Mhmm. Right? Now in my case, I locked   0.07 Bitcoin,   which is, you know, is decent.   You know, it's already   quite some 1,000 of of dollar.   And in the 3 days that I'm running this, I I got no transaction at all. Of course, your funds are frozen for I don't know. I choose, like, a month.   I've heard that you need at least 1 Bitcoin   to lock in.  

[00:49:21] Unknown:

Okay. Pretty hefty.  

[00:49:23] Unknown:

Yeah. To be able to have something like 1 mix per day. I think this was something like this. So I have roughly 1 tenth of that, a bit less.   So I assume in a week or so, I should have something.   I will keep it look I will keep it running because it's an experience,   but it's   a lot of money.   And so a few things. 1st, to do this, you need a node.   Join market   requires you to have a node. It's completely decentralized. There are no you cannot shut it down. This is one you cannot shut it down,   because everybody has its own node. And then just look at makers and takers and and all of that.   Mhmm. Which is why if you installed   a node before, right? An umbrella or something to recover your your coin from from,   samurai,   you,   could also install an Umbrell,   Jam,   which is the name of the UI. Because I wouldn't recommend people to use the default join market because it's command line and it's pretty complex.  

And you have to manage, like, 5 wallets.   It's a mess.   So just use the UI. It's quite simple.   They also do fund segregation   in, like, JAR. So every jar is a wallet, and then you can transfer from 1 jar to the other, and this is like a mix. And basically you can do this, and then it goes back to the 1st jar. And the one that is the further,   is called   elderberry.   This is the last jar. And in theory, this is where you you take your fonts. Because you know that any funds that went into Elderberry,   at least went through 5 hopes inside mixing round before reaching that.   I get you. Yeah. That makes sense. So that would effectively be your post mix spend. Yes. But with the caveat with the caveat that when it goes to back Elderberry, it's circle   circle back into apricot, which is the first one. So if the funds reach Elderberry,   and then you have another mix going on because you are   earning,   then they go back the the change stay in the Elderberry.  

Yeah. Yeah. Yeah. And the funds would go to apricot and then go to another realm. Which is why you always want to take elderberry because you know that it went at least to all of those. Does that make sense?  

[00:51:47] Unknown:

It does make sense. Yeah. I have a potentially   stupid question.  

[00:51:51] Unknown:

Go ahead.  

[00:51:53] Unknown:

Humor me with this because you'll tell me if this is technically possible. When you were saying to me, oh, okay. You know, you have, like,   point one that you can put in there, and and, ideally, you wanna have 1 Bitcoin.   You know, this is above the reach of most people.   Would there be a way   for people to collaborate   who say,   let's take the Meschendel, for example.   Maybe you have   10 people that are relatively close.   We each wanna gain some privacy. We're happy to have some funds sat for a while.   We   don't want to   docks ourselves to each other.  

Would there be some sort of workaround way   where there could be, like,   multi sig between all of you where you share those funds,   but it's blinded   so that you don't share with each other   where they go at the end of the mixes. So you'd be a maker,   and one person couldn't run off with the funds, but you'd actually   have more in there, so you'd get more mixes quicker.  

[00:52:57] Unknown:

Does that make any sense or is that tech? Yeah. Yeah.   When we go into those discussion, this is when I miss   the fact that Whirlpool is not running now. This is exact when when I'm thinking about this, I'm like, Jesus Christ. Whirlpool was so simple compared to it. I know. 5 input, 5 output, done.   No no no, like, fixed fee.   No funds is yeah. So  

[00:53:22] Unknown:

It's almost like a multi party channel open,   but not on lightning.  

[00:53:27] Unknown:

I think you could do it.   Like,   as you said, it sounds   possible,   but the software doesn't use it.   Maybe you could massage it if you do like some command line fanciness.   And then have what you would need is that   join market recognize this as being a a Fidelity bond, and then to use this to recognize all the UTXO.   And, yeah. And this I I don't know if it would work across multiple   XPUB   because, technically, everybody would still have the font separated. Right? So I suppose it's possible,   but it's probably like, this would require like, I would worry more about losing the funds, because then you I don't know. You do a crazy multisig that you don't figure out how to undo   than than anything. But,   Yeah.  

Another thing that they are working on is that you could lock Bitcoin in your cold storage.   And to me, this is a much more interesting thing is so right now, not only you need a hot wallet with,   let's say, I I don't know, a few   million sats that you want to mix. And then you need to lock in the Fidelity   bond to be a maker, so that other people use your fund to do mixes.   Now you need like to lock in 1 Bitcoin. Now for you and me, I mean, I don't know about you, but for me, 1 Bitcoin is too much. I don't even have that. But if I had, I would be really, really worried   to just have this sitting on my server always on connected to Internet 247.  

Yeah. Me too. So the k. You can see the the the problem. Right? So   I think that what they want to do   is that you can lock this in   your cold storage   so it stays safe. And you said, yep. I'm a serious person.   I have here my 1 Bitcoin locked in. I cannot touch them, but they are in my,   in my,   offline Pixel phone, in my foundation device, in my call card, whatever.   And then you could still have free remixes, quote unquote,   even earn a bit of money   without the risk to have   1 Bitcoin out in the wild.   But you still need to come with that fucking Bitcoin. I I think it's like, to me, the solution is just   it's very expensive   for what it is. You know? I mean, you pay $20 for, like, one mix, and that's it. No free remix. No nothing. And and because   it doesn't use same denomination,   you stand out, you know. If you send   69, Bitcoin,   yes, you have an output with, I don't know, 10 times 69,   but no one else is using 69 Bitcoin.  

So you stand out. I think coin,   joint market would be much more effective   if there would be a fixed than like, everybody is, like, 0.01   Bitcoin or so. And and then Yeah. Yeah. Even if you do just one,   because I do the same with the same amount,   it could be you and me. Like, no one knows anymore. And then it becomes like Whirlpool.   But, that's not how it works. So yeah. It's it's sad, but that's not how it works.  

[00:56:43] Unknown:

It's not currently, but I would be interested to see   now that there is this pressure and this need,   how things change.   We might see things evolve.   We certainly need to.  

[00:56:55] Unknown:

I would add for better or for worst,   journal market is decentralized.   Doesn't take fee directly,   which means the developer   You cannot say the developer are earning money through it.   So it might be safer on the regulation side, quote unquote,   but it's also slow down development.   Because if you do this on your free time when you're tired of work,   it's not the same as you're actually   working for that and you earn money out of it.   And I think this is why the development is just much lower on on, joint market.  

[00:57:32] Unknown:

Yeah. Yeah. That makes sense.  

[00:57:34] Unknown:

So now I think you wanted to discuss also about swapping in and out of Monero.  

[00:57:39] Unknown:

Yeah. I mean,   to me,   looking at this as just tools,   it seems to me like this might be the   most simple way for somebody to   use as a spending tool. A lot of people won't like it. I don't give a fuck. I'm here to help people be free and private, so you do what you want. But   it's one that stands out to me as, like,   a more simple   option.   There are risks. I I know some of the ones that you're gonna go into here, but   a simple swap   and then spend for you know, if you wanna pay for a VPN   or whatever by gift card, it seems to me that at least it adds an extra layer   of distance between   you   and the Bitcoin that was in your samurai wallet or even if you weren't using it and you just wanna have some privacy going forward.  



[00:58:35] Unknown:

Okay.   So   I wouldn't swap into Bitcoin with KYC coin,   into Monero with KYC coin. Mhmm. I wouldn't.   This is a bad, bad, bad idea. Because remember what I said about what were the risk and why you as a person should care?   If you buy swapping is like you buy something.   Now I used the example where you buy coffee,   and then the guy, I don't know, do something bad with the Bitcoin. And now   chain analysis go back in time, look at where this was bought, and they see a Binance,   Herman Hernandez. Boom. This is your name. And and now they show up. Really, really bad idea.   So   just swapping in   with the intention of spending privately   is asking for trouble,   if you have KYC.  

And I feel crazy to say that because, you know, to me what's insane   is, if I send you cash,   and then you use this cash to buy something, and then the guy you gave the cash does something bad,   No one cares about both of us.   Like in the normie, in the fiat world,   this is clearly, yeah, you bought you bought a service and   someone else did something bad with it. But in Bitcoin, it's not the case. So imagine   when you do a swap, the guy on the other side has Monero.   He wants to change with Bitcoin,   probably non KYC because you're swapping.   So now he gets non KYC Bitcoin   that he could use to potentially do something nefarious.  

And this is not, I don't like it.   This is not the world I want to live in. But this is the reality that you might end up a suspect,   even if you did nothing wrong.   So   I would,   at the bare minimum, use join market   before going and swapping.   That is like the bare minimum. So yeah, let's say you have, I don't know, 0 on Bitcoin and you want to swap it, Put go on join market.   Done. And then at least there is like a slight  

[01:00:39] Unknown:

A wall of some kind.  

[01:00:41] Unknown:

Yeah. Like,   like, it's obfuscated   a bit. Mhmm. You know, it's it's slightly obfuscated.   But yeah. Because I mean, otherwise,   you might be in trouble. And Max, you you might, you know, ban me on Twitter and and and kick me out, but Oh, I would never do that.  

[01:00:58] Unknown:

I'd miss you too much.  

[01:01:00] Unknown:

Wait. Wait. What I'm saying,   if you want to go in Monero   and you don't know how to do atomic swap and coin join, and you have KYC Bitcoin, I think the safest way is go on Kraken and buy Monero.   I'm serious about it. Like, think about it. I see what you mean. No. No. I get I get your point. Can I just add to that? That Yeah. Of course. Now now you can burn me to the to the cross.   But, I mean, from a from a pure security point of view,   for privacy, yes, this is shit. They know you have Monero. But for a for a security, this might be better.  

[01:01:34] Unknown:

I actually don't disagree with you because you're talking about somebody who has KYC   Bitcoin anyway. So you can assume that's tracked because all of these exchanges are gonna be sharing that information. So it is known. Like, if you just have that Bitcoin, you sent it to your wallet, and now you're like, oh, I want some privacy. Well, you know, they know what you're doing next.   I would just add   the other option that you would have would be   to send the Bitcoin back to the exchange,   sell the Bitcoin   so that you're then not tracked and you can say to any authorities if they were ever to come for you, oh, sold it. Then go and buy no KYC   or mine, either one of those options, or sell products or services for Bitcoin or Monero,   and acquire it that way. And then if you want to do a swap, you can do, but you already have   pseudonymity   on Bitcoin anyway if you acquire it, in OKYC, especially for cash where you're mining. So that would be the other option there. Yep. Yep. Yep. Yep. And and for this,  

[01:02:36] Unknown:

if you want to break the KYC link,   you would want to sell them on a KYC   exchange   that is regulated and everything that you say. Look. I was into Bitcoin, then I sold.   And yeah.   Yep. That's a totally valid option.   I know some people who said KYC is too much burden,   and they they went down this route, which another thing that you need to consider, there are different level of KYC. I think we spoke once about this. But, you know, like, for me, there is the worst, which is the regulated   exchange that has, like, literally a database with your name and address.   But then you have also services that   they are still technically k y c because you pay with your bank account,   but they don't have the centralized database.  

So there is also there different trade off. Now   my recommendation   would be to   never ever ever buy Bitcoin KYC.   It is dangerous.   I would say, you know what? Another option is   buy Monero,   KYC Monero,   and then swap it to Bitcoin.   That would be okay. Because then the exchange doesn't know where the Monero goes, and then you could buy non KYC.   I mean  

[01:03:48] Unknown:

We're getting so into the weeds here. But Yeah. Yeah. Yeah. Yeah. One thing I would just say on that is the beauty of doing it where you were to sell your Bitcoin straight back to the exchange, and you can wash your hands of it and walk away and say, I don't own this anymore. There is a paper trail   when not if, when   they come back in   5 years, 10 years, whatever it is, and Bitcoin reaches the numbers that all the, MGU specialists are banding around. And, you know, I don't disagree with them on some of these numbers, but I just don't think it's as important as what we're talking about. When that happens and suddenly your investment is worth   10, 20, 30, 50 times more, and the government comes and knocks at your door and says,   oh, hello. We know that you bought this.  

We can see with our black box on chain that we believe you still have it.   And even though you haven't necessarily   sold it, we are going to tax you. And if you don't pay us, we are going to put you in a cage.   Breaking that link and selling it and having a paper trail and proving that you have sold it   stops you from having all of those problems, And it doesn't mean that you can't go and buy no k y c and they don't know about it, but it is getting out in front of the facts that they are almost certainly   going to be fucking everyone   who wants some freedom.  



[01:05:15] Unknown:

Yes.   Yes. No. No. I   yeah. I think you you put it in in perspective. And   I would say what you need to guess from this is KYC can be really, really dangerous.   It doesn't stop crime. Right?   Criminals, they will just use stolen identity,   and they they wouldn't care about all all those shenanigans.   And it can put you in a huge risk if you happen to be on on the wrong side of the fence.   So, yeah.   This is tricky. Now   just to get back to how to gain privacy on Bitcoin now.   Monero, in a way, is a bit like Whirlpool.   That is, if you go in Monero in Monero biggest weakness is the   EVE attack,   which is the you are Alice,   you send to an exchange,   and then you send back to Alice in in some combination of of this scenario.  

Eve, the exchange   could be also 2 different exchange that collude. You know?   So you could have yes. You buy Bitcoin on Coinbase. You send them in. You swap them to Monero, then you go on Kraken. Kraken and Coinbase could collude against you. So again, this is mostly for KYC stuff. But I think it's important that we speak about the KYC because I would assume even the plebs of the pleb,   probably all of us have some KYC   to some extent, to some percentage.   If you just swap in Monero and immediately spend it, you gain no privacy.   The best would be to wait   and then to use Monero as your lightning wallet.  

So every month, you top it up a bit,   you know, send   a few 100 SAT, maybe more. You don't have to do all the management. Use it like you were using Phoenix. You know? And then you can use it   simply,   and you would gain this privacy because, again, with all those those techniques,   if you put a huge amount of funds and then you just withdraw them, it is really obvious on chain. And, again, we are not speaking about, you know, chain analysis.   They are people who publicly did that   just to trace their stolen funds. You know, that they learn how to do chain analysis with mempool.space,   and then they went through the burden of doing this.  

So if you do it,   you could also be subject to attack of, like, you know, the $5 wrench of someone who is just looking how much you have. Because then it's obvious to see, okay. You swept in there and then out. So be aware. And,   Monero,   use it as as a spending tool.   And when you use it, you're also improving the privacy of others because, you know, with the decoy   algorithm and all the fake input that are constantly used, you also improve the privacy of everybody.  

[01:08:00] Unknown:

Yeah. And   my understanding is that there is no such thing as UTXO   management   or anything like that. You just send in. You spend out. There's none of that sort of,   extra legwork.   Is there anything that people should consider   when thinking about using one of these wallets?   Maybe some that you could potentially recommend. And is there any   foot gun things, like, you know, do they all connect over to all? Would any of them potentially leak your IP?   Do you then have to run your own Monero node, or can you rely on   another service? Like, these sort of simple   things that I wouldn't want someone first of all, I'm not suggesting anyone go and do this. I'm just saying we're laying out the different options of tools, and I'm gonna suggest anything that could be useful because I don't wanna be a purist about it. I wanna just make sure that people are safe. And secondly, then you do your own research and find out what's best for you given what we've discussed. Everyone's in a slightly different boat, then you decide.  

Given that,   what would be your suggestions?  

[01:09:09] Unknown:

I am   Monero   is used by people on the darknet   on darknet marketplace,   who are   under extreme,   like, the their environment that they they   they are in is extreme.   From the the scammers to the takedown, to the shutdown,   to the blackmailing, to like all of this. And they trust it with their life.   Some of them trust that, you know, like in some country, if you have drugs, you get that penalty. So they some of those they trusted with their life. So if it's good enough for the guy who is doing all this,   and now you're just selling beef jerky online,   you're gonna be fine.  

And the default of Monero,   it's really great because,   yeah, as you said so it's still technically have UTXO and and, like, all those things. But because it's private by default and it's obfuscated by default,   you don't have to do a lot of,   a lot of tinkering.   It is in a way similar to Whirlpool, post mix. Basically, whenever you would spend after Whirlpool, you wouldn't care much about the details of what's going on.   Monero is like that. Now as for the node, again, we recommend everybody   just start running your own fucking node. Start with Bitcoin.   Then if you want to try out Monero, also run a node just to see what what what it is, what it does. Now the wallet,   as far as I know, the biggest risk   so I've seen one case. I'm not sure if it's true or not. I didn't do a lot of research, but there was one case where a node lied to a user and said that the fee on the network were really, really high,   like, very high. And then the one that signed the transaction   and what the rogue node did is it then did not publish its transaction   to the minpool, but send it to a miner that mined it and stole the fund through the fees.  

I think this is the only case of rogue Monero node that I know. And I'm I'm not sure if it happened or not. I remember having reading the story,   but I'm I'm not sure, if it actually happened. So but in general, you know, whoever controls the node can know a lot more about you.   So use a VPN. That's the bare minimum.   That's really the bare minimum. And   I will add also one thing that goes maybe against what I said about running a node.   When you're starting all of this, you know, experimenting with join market,   experimenting with samurai,   remember that you probably didn't start at samurai with, like, running your own dojo   and, like, doing all of this. So   for your experimentation   and if you want to play with a few bugs, it is okay to not run a node. It is okay to do. But you have   in the mind, you saw what happened with samurai.  

Now a lot of people I'm sure regret that they used the samurai node. So do your experimentation,   learn,   but then move to your own fucking server   that you control.   Right? So you don't have to start   with your own custom   hardware, but eventually, this is the goal that you should reach.  

[01:12:19] Unknown:

Yeah. I seem to remember, like, a long time ago running a Monero node or trying to run a mono. Is it called, like, manera a Monero demon or something like that? Yeah. Monero daemon. You know, this is, like, fucking   8 years ago or something. Completely fucked it up and didn't get it working. But is it quite simple for someone to do now? I mean, I don't know. For me, simple is running a script and to come online on my server.   Yeah. Your version of simple and mine is,   fucking world class.  

[01:12:46] Unknown:

For me, hard is like   having the Bluetooth speaker work on my Linux. This is extremely hard for me.   But but,   you know, you have to run some exotech driver.   I think most of those, though, they are now similar to, like, start 9 and others where you still need to use the command line, but you basically copy paste,   some command.   And again, I mean, technically, you should verify everything,   but,   most people don't.   But anyway, yeah, I think Monero is pretty much the same. You download it, you run it,   and you might have to open some port in the router if you want to share it with outside, but you don't have to. So   I think all in all, let's say the most complex stuff for people is probably   unzipping it   if they do not have access to, like,   in the command line. Mhmm. Because once you unzip it, you just   change directory into the folder and then   simply run from from there.  

Again, don't don't do like me. Don't go fancy.   Don't just use the command line. Get an old laptop. There are plenty of old laptop on laptop on eBay, on Craigslist, on whatever.   Get a I would say a gaming laptop is even better, because it has more RAM, better power,   and install   some kind of Linux on it. And then you have a good server that doesn't do a lot of noise, doesn't use a lot of electricity,   and you have a graphical user interface that you can use to double click on stuff if you're stuck. I think this is really a good way. Like my first, when I was in high school and I first started to do server, my first server was actually just an old laptop plugged to Internet. That's really, really a good way to do. Yeah. That's good advice, mate.  

[01:14:34] Unknown:

Alright. Well,   I think   we've covered everything that I wanted to get into. I know we got into the weeds quite a lot there.   Hopefully, it's been useful for people,   and,   they can start to use some of these other tools.   If anyone wants to reach out to me   and have some, like, retard level help, then they can do that. My understanding is you were doing some consulting.   I don't know if you're still doing that.   I am still doing it. You're still doing that. So Yeah. So if you want yep. Let me do this shill, mate.   If you want retard level help,   I'm here. I will help you as much as I can.  

If you want someone who really seriously knows what he's doing and, Urban, we've known each other for a few years now.   I've always been impressed with what you can do, and you're extremely good at explaining things and going through things and   calmly and quiet going through it in a nonbrash,   non country, non typical Bitcoin Twitter way. So for anyone who does need some help, I'd strongly recommend,   then   reach out to him and send him some stats, and he can give you a hand.  

[01:15:49] Unknown:

Yeah. Thanks, mate.   I appreciate a lot.   That means a lot for me. And, yeah, I've helped quite quite some people over the past month, and, it's been doing great. I've also done some work with Privacy Watchman.   It's very rewarding to help people to get more digital privacy and and security. It's it's very, very rewarding.  

[01:16:11] Unknown:

Well, my guess is, especially now, you'll probably have a lot more people   starting to sit up and take this seriously. And, you know, like, sometimes it's easy for me to forget   quite how challenging it can be because   I'm in a very privileged position where   I've got some very close friends who are exceptionally good with all this kind of stuff, and they're all very, very kind with their time, and they've sort of nurtured and helped me over the years. And, you know, like a little special needs kid, they've held my hand and and got me through it. But not everyone has that, and not everyone can just call someone up and be like, hey, mate. You know, do you wanna just, like, waste fucking 2 hours of your life helping me fix something?   And for those people who maybe aren't that technical,   this is a good way for they can get some help from someone who really knows what they're doing, and you don't fuck it up because   this is not stuff that you wanna make a mistake with. There's gonna be a lot of people out there who will have made mistakes, and now they're paying the price. And they probably look back and go, fuck. I wish I'd have just worked with someone who knew what they're doing. So,   again, highly recommend   speaking to Urban.  

Certainly   recommend just taking things a little bit more seriously and just start playing around.   Try some of these tools. See what's possible.  

[01:17:31] Unknown:

And, also,   I will do, like, a call for action for   people like   me in that case   that are running notes that know what they are doing or think they know what they are doing.   Help, Fred, like,   you could share your Dojo if you want to, you know. You could just go in the interface,   get the synchrony   the tiering code, the QR code. And   if you know someone who is struggling to recover their funds   and you have a Dojo, you can just use your Dojo. There is no risk.   So if it's just peering samurai, there is no risk, Because you're basically acting like the the samurai public server to just provide   their their wallet and their balance. And there,   my my rationale,   whenever I was setting up,   people with samurai,   I actually always propose to use my node.  

And some people are like, why should I trust you? And I was like, look. Given that maybe, I don't know, 5 people use my node, there is very little chance that,   you know, the note gets shut down, and then, there is, like, a whole,   investigation   on on the logs. And, yes, you would have to trust me. Yes. Technically, I could look your balance,   but it does offer a bit of privacy.   And depending on your friend, you know, if it's a friend that already helped you setting up a hardware wallet and all of this Mhmm. They could probably have stolen from you already, like, 10 times if they wanted to to mislead  

[01:19:06] Unknown:

you. So yeah. Absolutely. It depends who they are, doesn't it? Don't just find random on Twitter. But if it's a good friend, then   it's it's a better option than just choosing a random   server out there that could be run by   fuck knows who and sharing your balances and and all your past and future addresses.   Yeah. I think that's reasonable.  

[01:19:27] Unknown:

And I think   this is a reasonable Uncle Jim model because you're not taking custody of any funds.   You are simply providing   the latest state of the network to to the wallet. That's it. That's all you're doing.   So it is totally okay to run 1 and it is totally okay to share it. Just be aware,   Whirlpool   is different. Like, if you run the Whirlpool command line   Mhmm. And you run it for your friend, there   you would be custodian   and you would be able to access their phone if Whirlpool comebacks.   I for me, I I think Whirlpool will come back somehow,   but   so this is something I say. Of course, if it doesn't come back, then ignore what I said. But just just be aware of these nuance.  

Mhmm. And yeah.  

[01:20:17] Unknown:

I was just gonna say something that's completely unrelated,   but I think I quite like   whenever I think of beef tallow,   I think of you because we've had so many conversations about beef tallow. I've started using   tallow moisturizer,   like tallow moisturizing   face cream and body cream and soap, and it's fucking brilliant.  

[01:20:43] Unknown:

Oh,   I think do you hear me?  

[01:20:49] Unknown:

He's got so bored of my bit of information there that he's actually left the room.  

[01:20:53] Unknown:

No. I I just went get some water.   That's interesting. I never used beauty product with tallow, but I've heard good good reviews on them. The soap we used here   is all made with tallow or   with,   some kind of milk or   something like this. You know? And it is really good. It is really soft on the ends. It doesn't destroy the the ends for, like, if you have, like, sensitive skin. But I never tried the most moisturizer.  

[01:21:26] Unknown:

Never tried. Yeah. It's really good. Like, I've never reused it before, but I'm, like, started to look proper, just fucked,   like a sort of lizard type   old   creature. And I was like, you know what? I need to just have something here because this is just getting horrible. A mate of mine suggested it to me, and I was like, yeah. I kinda like the idea of that because it doesn't have any of the chemicals and bullshit that the normal stuff that you get off the shelf does. It's just really nice. Like, it doesn't smell. It's got I think the only slight thing they add is, like,   a slight scent of, like, orange peel, something like that. It's like a little bit citrusy.  

But, yeah, it's really good. So I thought I'd share that boring bit of information with you as, I always think of you when I think of tallow. No. It's it's pretty cool. I should try it out. I should try it out. No. I'm never bored. Sent you a link.  

[01:22:19] Unknown:

I'm never bored about our discussion. It's just sometime in a in your audio message, it looks like you are in a construction site with, like or, like, in a war zone with, like, full of noise and stuff. But it's always Mhmm. It's always nice to hear you. Well, that is part of the reason that my skin is fucked. I am basically in a war zone trying to take care of myself and,  

[01:22:40] Unknown:

get that beef tallow in.   It's been a dark couple of weeks, but it's been good to chat to you, mate.   I think I hope that the information we put out there has been useful. And   if you have found it useful,   reach out, send us a boost.   If you need any more help, as I said, reach out to Urban.   We'll, I'm sure,   have to cover some of these things again as the landscape changes, and   it seems like there'll probably be a lot of changes over the coming months. But, I appreciate your time, mate. I appreciate you coming on and sharing some of the info and helping people.  

[01:23:16] Unknown:

Yeah. Yeah. And I'm glad we could focus a bit on the technical side because I've heard a lot of stories about the political and and,   the regulation side of it, but I think it's good that people understand   the technical, like, what what now? What what can we do? And by the way, if you have, like, 10, 20 minutes afterwards, I would have some stuff to share with you. Yeah. Yeah. Definitely, mate. But, yeah, it has been a great discussion.   And if you have any question, Max, you can always reach me,   and I will do if I don't know them, I will do the answer. I mean, think about it. For for your podcast, I actually installed Wasabi and tried it out.   Think about it. Think the dedication that  

[01:23:58] Unknown:

You were so be shill.  

[01:24:00] Unknown:

Damn.  

[01:24:03] Unknown:

No, mate. I appreciate you taking the time. It's it's been   really useful.   If people do want to find you, do they just lurk on Twitter and find you there, or have you got some sort of swanky website or something now?  

[01:24:16] Unknown:

So I do have herbanacker.net,   which is my, like, blog where you can go. And I would say I update it every couple of months.   And yeah. Then I'm on Twitter. I also have an old no sir, but I almost never go there.   Mainly because now I'm on, like, limited Internet.   And then all the app on Android, they just use too much data, and I was always getting above the my shitty ISP limits.   But, yeah, I'm on Twitter, so you can just reach me on Twitter   and,   or Telegram,   realurbanacker   on Twitter. I'm sure you will put the links and on my website.   So yeah. And and by the way, I also have more exotic apps. Like, if you need Simplex or, like, if you want to contact me over a more secure way, I could do signal or or Simplex or other fancy stuff.  

Okay. If you have, like, specific question that you you don't want to put in a Twitter DM or something like this. Yeah. Okay.  

[01:25:15] Unknown:

Well, I appreciate your time. We'll wrap it up there, and, we'll have a quick chat off. Yeah? Yep. Alright, mate.   If you're still here, you're still lurking,   you're still listening,   I appreciate   you. And I hope you enjoyed that show.   If you have any questions about the things we've discussed, you can reach out to me.   If you enjoyed the show, please do share it with friends and family.   And if you do nothing else today,   even if it's for a few sats,   please support Sam Ryan T Dev.   They have done a lot for this space.   They've put their lives at risk to bring you privacy and freedom when no one else did.  

No one else wanted to stand in the firing line.   This is incredibly important, so please   donate.   Use the link below.   And if you have any difficulty doing it, you can reach out, and I will help you.   Free samurai.