Matt Odell, co-host of TFTC/RHR joins me in this episode to talk about coinjoin techniques and bitcoin privacy. We discuss:

• What sparked off the recent discussion on coinjoin
• Binance SG flagging a customer for using coinjoin
• What’s at stake
• Is there a tension between ‘white market KYC compliant’ bitcoin and ‘grey market agorism’ bitcoin? 
• Action steps to take

Matt Odell links:

• Twitter: @matt_odell
• TFTC/RHR: TFTC.io

Ronin Dojo:

• Ronin Dojo Github

Sponsor links:

• Kraken
• Unchained Capital
• CypherWheel by CypherSafe
• GiveBitcoin

Stephan Livera links:

• Show notes and website
• Follow me on twitter @stephanlivera
• Subscribe to the podcast

Transcript:

Stephan Livera: Matt, welcome back to the show.

Matt Odell: What’s up, Stephan? Always happy to be here.

Stephan Livera: So there’s been a lot of discussion recently about the topic of coinjoining and Bitcoin privacy. So I know you’ve had some strong comments on that and I think I’m pretty much aligned with your view on this as well. But I wanted to just explore that for a little bit just to explore some of the different ideas both for and against the idea of doing coinjoining. But let’s set the scene a little bit. So what was this recent incident in relation to finance Singapore that seems to have set this off recently?

Matt Odell: Well, I mean, I think what triggered the most recent conversation before Binance Singapore was Trace Mayer’s comments. Basically I mean, he was on your show. He was on Peter’s show. He was on our show, but he didn’t actually talk about coinjoin with Marty. And basically he was dissuading people from from using coinjoin in the first place. Right?

Stephan Livera: Right. And I think I’m not, I’m not entirely clear on whether he was saying that for other people as well or whether he was saying that just in a personal capacity as in he was saying he did not personally want to coinjoin. But the impression certainly was, Oh you wouldn’t want to mix with a terrorist or whatever. So that was the implication. But, I wonder what’s your view there, because one analogy I was thinking is and unfortunately I didn’t think of this at the time, but the analogy of VPNs, right? Like you are, obviously it’s not technically accurate, but in some sense you are using the anonymity set of a VPN when you use that service. So there’s potentially some parallel there. What’s your view?

Matt Odell: Yeah, I mean especially shared VPNs, right? Where you’re sharing the IP address of other users. I mean we’ve seen Binance do shotgun KYC on people just because their IP was flagged. But you know, hundreds of people use that IP address cause it’s a shared VPN service. And you also see the analogy with Tor. You know, you also see the analogy with Bitcoin, right? So the, we’ve heard this that these statements come from no corners, plenty of times where they say, I would never use Bitcoin because terrorists and North Koreans use it, right? So to me it becomes a, it’s like where do you draw the line? And it’s hard for me to level the field where you think it’s completely fine to use Bitcoin because I mean, I think, I think all three of us agree with that.

Matt Odell: You know, trace agrees with that as well. Because these projects to protect the average user, they have to protect all users. There’s no, there’s no way to what’s a good user and a bad user. Cause as soon as you’re able to delineate what’s a good user and a bad user, then you have centralization. You have censorship there and it’s, it’s going to be abused eventually. We see that happening with Twitter right now where they’re stuck in the middle where they’re trying to police speech. And it’s such a blurry line, how do you actually decide who is a good user and who’s a bad user?

Stephan Livera: Yeah, that’s tricky. And it brings up this whole question of whether there is such a thing as taint as well. Right. So my, thought on that is more like taint is something that is externally observed and placed onto it rather than something that inherently exists at the protocol level. Right. Like quick example, right. My Bitcoin core node does not have any concept of black lists or bad dirty coins. My BTCPayserver does not have any concept of taint. Right. It just, if it’s a valid Bitcoin, it will accept it as payment. Right. But what’s your view there?

Matt Odell: Well, I mean, I guess the issue here is, the reason why this is dangerous logic to go down is because if this was ever enforced at scale to be a Bitcoin, usually you would basically, you’d have to do the Mike Hearn style blacklists in your core node. You’d have to have blacklists on your BTCPay. You would Have to be basically doing chain analysis for every payment you received. Otherwise, you know, God forbid you receive a Bitcoin with so-called taint on it. And then on, on top of that, I mean I don’t, I don’t know if you go down the taint rabbit hole, right? Are we going to include the, the miner fees? Like what happens if you know, the plus token guys did a transaction and they paid a miner fee and then so that recently mined block reward, is that tainted? Does that have taint on it?

Stephan Livera: Yeah. And there are different ways to approach and tackle that question as well, even from the pro Tainter view. The other component is also not just the taint aspect, but I think from a, again, not saying I agree with any of this government regulation, but recognizing that it applies to many companies today, part of it now is obviously KYC and some of these tools like KYT. So maybe it’s not necessarily identifying taint, but just identifying who is the counterparty. And so maybe that is the implication or that’s the real limitation that’s being enforced on all Bitcoin exchanges or large Bitcoin companies, because once you just get big enough, then they, you know, the government and regulators and so on, try to slam the, they throw the book at you, so to speak.

Matt Odell: What’s KYT is that know your transaction?

Stephan Livera: Yeah. So there are tools like that do that to try and assess that. But I, I don’t have a very strong knowledge of the specifics of that tool. But my understanding from some of the blog posts and other articles I’ve seen from, you know, these companies, so like ChainAnalysis, Elliptic, Ciphertrace, Crystal and others, is that really from a Bitcoin point of view, it looks like the main things are address reuse and the common input ownership heuristic. And then I guess potentially the other thing is the KYC part, giving them a good starting point, right? Because that, and I think, thinking back to my earlier episode with Ergo where he was pointing out, well, maybe it’s not so much that we have a Bitcoin privacy problem. It’s more that we have a KYC problem. Right? It’s that because exchanges have so much of a view into who has what coins and then if they end up, again, I don’t know the terms of the deal that they do with the chain spy companies, but it may well involve information sharing so that the chain spy companies can then say, Oh, okay, I know that Matt Odell bought X, Y, and Z Bitcoins at this date and blah, blah, blah.

Stephan Livera: But yeah. What’s your view on, where are we falling down right now from a privacy perspective? Would you agree that those are the big privacy no-nos, right? Address or use common input ownership puristic and then basically KYC services?

Matt Odell: Absolutely. I mean, I think they definitely have information sharing agreements and if they don’t, they will. So we should just assume that like, that’s the de facto standard. You know, basically databases of known addresses connected to known individuals and it just greatly reduces the anonymity set across the board. They’re able to add all these additional connections to it. You know, little things like people don’t think about it, but if you’re receiving a payment from someone and they pay you directly from their Coinbase wallet for instance, the Coinbase, the exchange, then then all of a sudden that transaction to you is linked directly to that person. And then whoever Coinbase is working with could have a connection there. You know, KYC is a tricky little fucker. Like I don’t know how we’re gonna avoid that on the on ramps we have, when we do end up as, as more people adopt Bitcoin as more people earn Bitcoin and there’s an actual circular economy that effect could get reduced and the reliance on on ramps and off ramps gets reduced.

Matt Odell: As far as taint goes to me, I feel like I would, I would much prefer to receive coins that went through coinjoined that don’t have a discernible history to them. I think if you properly use some of these privacy tools and in the future as these privacy tools get better, cause right now there’s a lot of nuance to it. It’s very easy to screw it up. I feel like the coins that have the least taint will be the ones that have gone through coinjoin that have used PayJoin, right? Like that. That to me seems like less taint than knowing the last 400 transactions that have gone, gone through that UTXO.

Stephan Livera: Right. I guess it can get complicated though because even in the case of coinjoin it still matters about how much volume is being driven through that coinjoin. So for example I think even Laurent from the Samourai wallet and OXT.me team, He was pointing out that if Plus Token for example, had tried to move that volume through any of the, you know, well known non-custodial mixers, it would have basically no one, they wouldn’t have had the volume of other people mixing to support them moving, you know, a hundred thousand or 200,000 BTC through the mixer. And so it could be identifiable through other means unless there were enough other people doing coinjoins or potentially if they moved it through very slowly, like they just did a little piece at a time. Right. Okay, here’s a hundred BTC, I’ll move that through a hundred BTC and move that through over time.

Matt Odell: Yeah, I mean volume is, you know, liquidity is basically negligible. That’s, you know, one of the reasons why I’ve been trying to advocate for people to use them more. And one of the reasons why I think it’s important for people who use KYC exchanges to use it because it adds liquidity that is, considered legal liquidity by like the Western world, you know, all these compliant nations. You know, one of the big issues here with this public ledger is timing, analysis, right? So if you’re trying to, even with, even if the liquidity is better, like if you move a bunch of coins through coinjoin and then you don’t combine the inputs afterwards, you know, you practice good coin control, but you move them all to like cold storage. As individual UTXOs and you do it like around the same time every day and like, in groups, you know, even though you’re not combining them that timing analysis can give you away, especially if it’s someone who’s like dedicated to looking for a specific person. Right. So like a lot of these tools I think help more for like a mass surveillance type of situation, right? Like where they’re just trying to gobble up lots of data. But when you start trying to target individuals and you have a starting point or you have a couple of addresses that you’re watching, you can mix that with timing analysis and you can get a really good idea.

Stephan Livera: Yeah. So it might be useful. That’s a good point. I agree with you and I think it might be useful then to distinguish between, let’s call it basic privacy techniques and then somebody who is trying to, who has a higher need for advanced privacy. And so in the same way that somewhat we wouldn’t expect, you know, it general controls to catch every possible hacker or every possible vulnerability. It’s just meant to be a way to have like a basic level, here’s kind of minimum standards because as you say there is a difference between somebody who is trying to do mass Dragnet surveillance versus a targeted attacker. Right. Because if someone’s coming after you specifically, then they’ll spend a lot more to come after you. But I guess ultimately comes down to what is the cost of attack and what’s the cost of defense here, right?

Matt Odell: Yeah, exactly. You want to make the cost of the cost of attack way more expensive, right. You want to make it so that it’s way more difficult for them to pull up these attacks, way more expensive so that they can’t do it on a mass scale. I mean, and then we also have all these other issues, right? Which is why we’re trying to get people to run full nodes. Not use hosted explorers. There’s so many ways you can leak private information with Bitcoin. That is really a minefield out there.

Stephan Livera: Yeah. And I think the tool set is not quite easy yet. It’s getting there though. Like one tool I really, I particularly like is the Ronin dojo by Zelko. I know you guys highlighted it on your show recently as well, but I guess let’s bring it back to what, what happened in that specific example with Binance though. So I think that was probably the first example where this individual had withdrawn from the exchange and then it was the exchange was tracking what was happening after withdrawal as opposed to tracking only what happened pre the deposit of Bitcoin into that exchange. And I think that was something that most people were not aware of. What was your view on that?

Matt Odell: Yeah, I mean I think that caught us by surprise because we were all watching for when coinjoined deposit, you know, UTXOs with coinjoined history would get blocked at exchanges, but in this case it was through withdrawals and it was basically they noticed that his previous withdrawals were going into wasabi and going through coinjoining and wasabi. And so then when you tried to do a future withdrawal, right, because they didn’t, they didn’t let them process that withdrawal. So they technically didn’t know exactly where it was going to go yet. They just based it on his previous withdrawal history and they were like, we’re not going to let you withdraw unless you answer all these questions. And he had already KYCed too. So I mean, yeah, I think that’s, that’s definitely an issue. If it falls in the same a category I think in terms of them not accepting deposits.

Matt Odell: Right. especially if you’re, I guess not accepting deposits in either way. They’re, they’re holding funds hostage, right? Cause if you send a deposit, they’re not going to tell you that they’re blocking the deposit until after they receive it. Cause Bitcoin’s a push system. And with withdrawals, they’re gonna lock your account under the suspicion that you’re about to go through coinjoin. I guess withdrawals, it could be a little bit messier. If you have a large amount of of funds on that exchange at any given time, but if you’re practicing good you know, Bitcoin practices and you’re not keeping large amounts on the exchange, then it should just be whatever your recent on-ramp purchase was, you know, before you swept it to your wallet. So in either case, at least the benefit there is that I don’t think there’s, you don’t have that much funds at risk, right? If you’re doing it the right way, if you’re not keeping a lot of money on exchanges, if you’re not depositing large amounts at a single time, then you know that that one UTXO that gets frozen while not ideal isn’t like the absolute end of the world.

Stephan Livera: Yeah, true. And it is also this question around how it got detected. So my understanding here is that there was some debate here around exactly how that got flagged. Right? Was it flagged because of the proximity to the wasabi fee address and therefore the chains analysis or whatever Cipher trace or whatever tool was flagging it because it, because that individual’s previous withdrawals had proximity to that address because they were part of the coinjoined transactions, right? It’s a static fee address or was there some kind of heuristic done to identify equal output coinjoins?

Matt Odell: Yeah, I mean it was definitely, it was definitely the fixed fee address. I mean, I’m like the way the email was sent to him where they list the fixed fee address and said there was a connection to it. I think, you know, 99%, it was a very simple heuristic that they put in to whatever their system was to flag connections to that fixed fee address. Now there Wasabi guys will say that the fixed fee address provides transparency into their volume numbers and I, and how much you know, fees they’re collecting and that, that is true. It is very easy to track that. But it also makes it super easy for these chain analysis companies to put it into their software. But at the same time I think that’s, I’ve said to them, I’ve spoken to them, you should probably just get rid of the fixed fee address.

Matt Odell: It’s more trouble than it’s worth, but really you’re just delaying the inevitable. I think trace is right in that a lot of these exchanges will start blocking transactions with coinjoin history. Hopefully they don’t try and do it at scale where you have large amounts of exchanges doing it right. Because if they start doing it at scale, then you’re going to have, it basically becomes a ban on self custody all together. Right. Because how do you know without doing chain analysis that the payments you’re receiving to your BTCPay don’t have the coinjoin history in them? So I, as far as I’m concerned, they should remove the fixed fee address. It just makes it way too simple for chain analysis. But these chain analysis guys could easily put in a heuristic that says, Wasabi coinjoins, flag Wasabi coinjoins is so obvious on chain, you clearly see the coinjoin and you clearly see a Samourai Whirlpool coinjoin, you know, you have five inputs, five outputs all equal. It’s pretty obvious,

Stephan Livera: Right? Yeah. So I think that also does impinge or impact the quality of the wasabi mix because it’s sort of lowers the entropy because there’s always one going that way or some input going towards that fee address. But anyway, that aside, I think it also comes down to that question of how could it be how could detection be evaded hypothetically, right? Like there is things like that idea of the Samourai ricochet for example, or just you could just manually bounce it through different addresses or split it up. Because if you wanted to still withdraw from the exchange without them knowing that you’re doing coinjoin, well then that’s another thing you have to think about as well. Because now if you, if that starts to become a common practice, then people would have to start thinking of ways to mask that behavior. Right?

Matt Odell: I mean it really comes down to how much the regular, you know, regulators in different countries want to crack down on this stuff. Right. Because it does get very blurry very quickly. Right? Like where, where do you draw the line of a coinjoin, a UTXO having coinjoin history. If a UTXO goes to coinjoin once, like five years ago and has 400 transactions after that. Is that still a coin with a UTXO? So with the coinjoin history, if it goes into lightning comes out of lightning you know, where is the, where do you draw the line there? And I’m not sure if the end goal there, if they decide to enforce it hard is basically just a complete ban on self custody. And in that case, I, to me it’s the same reason why Bitcoin, fuck it.

Matt Odell: Like it’s not a reasonable concern because to me, they could totally just say, coinjoin is illegal. Right? And if they say coinjoin is illegal and you’re trying to withdraw from like, let’s say CashApp and you would draw from cash app and you go through the five hops and then it goes to coinjoin, are they gonna, block your account for that? And if they do, then they’ve essentially just completely banned self custody cause what happens if I pay someone and then they go through a coinjoint.

Stephan Livera: Right? Yeah. And I mean, there’s a couple of things there so that might just push it more towards cash deals. Right? People might actually have to just start doing, you know, Bisq and hodlhodl or they’re not in the U S but I think Bisq is operating in the U S it may end up pushing people more towards the gray market view of Bitcoin. And perhaps this is a good topic to go into now because that’s potentially what’s at stake here. I think some have commented, I think TDev is one example. TDev from the Samourai team commented that maybe this is really the tension really that maybe we end up with bifurcation, right? We’ve got the white market compliant KYC Bitcoin view versus the gray market Bitcoin agorism kind of view. And I don’t think that’s like a novel thing. I think people were saying that even in 2017 following the SegWit 2X and BCash stuff. What’s your view there? Do you think that that is going to be attention amongst Bitcoin users?

Matt Odell: I mean, I think that will always be a tension. I disagree with, I somehow am somewhat stuck in the middle of between the, as the Samourai guys like to call them, the Compliance Bros and the street money guys. I think both are good. I think Bitcoin is stronger because, because people are investing in Bitcoin and the price goes up, so miners get paid more. And I think that supports the street money side. I go back to, do you remember the old meme where you have Neo from the matrix and it’s like when it, when it comes time to sell your Bitcoin, you won’t have to sell your Bitcoin. You’ll be spending your Bitcoins.

Stephan Livera: Yeah classic meme.

Matt Odell: Right? So if you take self custody and you practice good privacy techniques that it won’t, I think the on ramp matters more like just getting on, right, like just getting into the system once you’re in the system. Especially in these like Western democracies, like are they going to go door to door and take people’s Bitcoin from them? Like that’ll be very expensive. We were talking about defensive versus, you know, the defensive versus offensive talk, like the Bitcoin’s a defensive technology. Like they’d have to go door to door and basically take your keys from you. And that, that’ll be really hard to do from a Western democracy side. So I think it makes sense that people that are trying to trade it on a daily basis or even in the short term, like a year or two years might be worried that they’re not going to be able to deposit in a KYC exchange.

Matt Odell: But I, for me, that isn’t the concern because that is in my plan. Like I’m here for the long term and I think when it comes time, like I’m, I won’t be selling my Bitcoin, I’ll be spending it. And then, you know, you’re not even worrying about something like bisq, which I think has its own pitfalls that aren’t really talked about that much. Cause if you’re spending it like, let’s say five years down the road, the scenario I like to say is you go to your convenience store and you go and pay them in lightning and they’re using BTCPay. I don’t think if all goes according to plan, they shouldn’t know what your UTXOs are that funded that lightning payment. Right. So I think it becomes a moot point at that point,

Stephan Livera: Right? Or it’s like a specially segregated portion of your UTXOs or it’s not your main stash. Basically. Like you might have a main stash that you’ve got with your proper security and then you might spend a small amount out of that, run that through a coinjoin fund your lightning node and then you know, hopefully by then we’ve got those lightning privacy enhancements, things like Schnorr signatures and so on that help that and then basically your counterparty for that trade, the convenience store doesn’t know what your main stash is. They just kind of only have maybe some idea of what is the balance in a specific lightning channel, but even then maybe not so clear.

Matt Odell: Yeah, I mean I think the balances in the lightning channels, like it does go hand in hand, but like at the end of the day it comes down to are they going to be able to know what the UTXO’s were that funded that payment? Right. Because that’s where the chain analysis comes in and I think lightning on its own in its primitive state right now is already a huge, massive improvement. I mean, think about just three years ago, four years ago, people were putting fixed addresses along the internet. You know, you find a fixed, reused address and it’s connected to a person and then all of a sudden you have this huge insight to what they’re doing. In lightning, you know, they’re not saving, lightning by far isn’t perfect right now. It’s very early. But it, it’s a massive privacy improvement just because on chain is, is so easy to leak your privacy, little things, you know, like every payment isn’t recorded on chain forever.

Matt Odell: You need more active surveillance to watch it. The fact that invoices aren’t reused by default, you can’t reuse invoices. So if you posted an invoice on the internet you’re not leaking as much information as you’re leaking when you post a fixed address. You know, little things like that make it a massive improvement. And then hopefully we get all these other things that we want. You know, things like multi-party, creating, creating lightning channels with multi parties where, you know, you have that common input Horistic is broken because, you know, you’re, basically doing like a coinjoin into lightning. Little things like that I think will make, a huge step up improvements.

Stephan Livera: Yeah. Are there any areas that you see or what do you see that we need in terms of lightning privacy?

Matt Odell: Well, lightning, I mean, you know, we need more nodes on tor and we need more routing nodes that are not known. Actors that are run through tour that aren’t just broadcasting their IP all the time, which is basically what the majority of the top nodes are doing right now. You know, not to be a Bitcoin fudder but we’ve heard this a lot of times from like the BCash crowd and, and whatnot. That lightning will be something that’s dominated by like the Bitrefills of the world, right? Where you just have a couple of large, big routing notes. So I think a big thing that a lot of people can do is to just run, you know, run a node with some decent liquidity through tor. It doesn’t have to be like some massive node connect to some other, you know, other nodes that also respect privacy in that regard.

Matt Odell: And, and, and we can have some, some good privacy focused liquidity there. I think that is a major one. You know, just user-friendly wallets in general that don’t expose privacy. You know, like a lot of the wallets right now that are super easy, friendly to use aren’t very private. When you start talking about like network analysis. You know, I love Phoenix, I love Breez. They know all of your transactions. If they get compelled, they can give that up, right? If they’re taking logs, they’ll have no choice. So, and let alone the custodial wallets that are being used by a ton of people, but even the noncustodial wallets, like they user friendly, non-custodial wallets are leaking a ton of information. And which is why, I mean that wasn’t even discussed until last two years. No one was talking about little things like running your ledger and not using your own full node or running your Trezor and not using your own full node cause you’re sending all your UTXO’s to their server. No one was even talking about that.

Stephan Livera: Yeah. So at least the game has changed a little bit and people are getting more aware about these things. So potentially there is something that can be done in terms of let’s call it coinjoin campaigning, right? People just saying, Hey, you should use these privacy tools. And I guess bringing it to more on chain privacy. I think that’s another aspect of where people can start spending and paying with a coinjoin. Right? So there’s a few different things, right? So one is this idea of the, like the STONEWALL style, the algorithm that includes an extra input so that it’s not clear that there’s now there’s multiple interpretations to that transaction. And another is obviously PayJoin, which is supported by both JoinMarket and a Samourai wallet. It’s called a stowaway in their scheme or in their product. What’s your view there around driving use of that? Will that change the game? Change the heuristic in terms of if enough people use PayJoin features?

Matt Odell: Right. So PayJoin is particularly awesome in terms of these blacklisting discussions because it doesn’t use equal equal outputs. Basically with PayJoin, right, you’re getting an input from the receiver of the transaction. So the heuristics there get broken a bit. They also, Samourai has STONEWALLx2 where you like have a friend give you inputs that isn’t the receiver of the payment, which is also a very interesting concept. I’m like pretty bullish on Samourai in general just because I think for the average user it’s just way more convenient for them to, you know, when they have this mobile mixing they’re planning on releasing soon. It’s way more, it’s way easier for them to just install, you know, an app on their phone, click mix. And then when it comes time to spend, have some integrated tools that are very useful for them to, you know, to use without like really knowing exactly what they’re doing.

Matt Odell: You know, I’ve always loved JoinMarket. I’ve been shilling JoinMarket since it first came out. The whole idea of like, the maker taker model is like the ultimate Bitcoin incentive that we all love. You know, where you have a financial incentive to provide coinjoin liquidity, but the usability is just not there. Like, we’re not going to get the average user to use it if they need to do like seven or eight steps in command line before they even get to a GUI. And, that’s who we need if we want to get the liquidity because otherwise you just end up having a very small subset using those transaction types. Now, as far as PayJoin goes, it gets really interesting I think with BTCPay, which is relatively new like in the scheme of things like where did that project launch like two years ago or the, the famous Nicolas Dorier tweet was like two and a half years ago maybe. Cause merchants never really had an easy way to accept Bitcoin without a centralized provider. And now they have this relatively turnkey way to accept payments. And if they integrate PayJoin there, then every payment to a BTCPay merchant could be a PayJoin. Which I think would be, that would be pretty huge.

Stephan Livera: Right. And let’s talk through the on chain impact there because when you do a PayJoin with somebody, the actual, well firstly to an outside observer, they don’t know that it is a PayJoin. So that’s also, that’s win number one, right. And then when number two is that the actual amount being transacted is masked. And so that’s not clear. And I think the other big win, and I think I’ve seen Chris Belcher speak on this topic, is that when you PayJoin with somebody to an outside observer, unless they have insight into, you know, unless there’s information sharing, they don’t really have a good way to trace transactions going forward because now they either have to cluster you together or just treat that like a dead end,

Matt Odell: Right? It’s all about when you’re doing chain analysis its all about assumptions and basically probabilities, right? They’re making a guess about where these UTXO are going and if they change hands, right? Like for the longest time when a lot of people said was if you were sending from a hosted wallet like Coinbase that did KYC and you wanted to do sports betting you just send to a different wallet of yours that was non hosted and then you’d send to the betting site. And by doing that, it gives you an additional level of plausible deniability, right? You don’t know if the exchange is going to care about that extra of plausible deniability. But as far as chain analysis is concerned, they don’t know if you just paid mr Hodl and then mr Hodl went and, and you know that bet using that Bitcoin, they don’t know for sure as soon as there’s a single payment.

Matt Odell: Except for there’s one Horistic that if you send all, if there’s no change in the transaction, then it’s like very likely a self transfer. Yeah. So I think breaking down those heuristics and making it so that they have to guess and that it’s less likely, you know, their probabilities go down in terms of, of who to, you know, where to follow the UTXOs is obviously a huge benefit, but it still doesn’t solve the, Trace concern. Right. Because, you know, he, someone from that camp would just say, if you’re a BTCPay merchant and you’re doing PayJoin with your customers, then maybe you’re just tainting your Bitcoin, right? Maybe you’re making your Bitcoin harder to spend at a KYC outlet in the future.

Stephan Livera: Right. I see. Yeah. And I think on this whole topic of heuristics and so on, part of, I guess what happens currently, so again, I don’t have intimate detail of it, but I’ve heard, you know, stories and rough ideas is that some of these tools used by some of these larger, Bitcoin exchanges and maybe even the large brokers and so on that they might pay for use of a certain tool and they need to quote unquote risk score their customer. And then they might look at a certain incoming deposit and see, Oh, okay, that’s got potentially higher risk because whatever, maybe it was associated with some stolen exchange coins from years ago and therefore this customer might be higher risk and blah, blah, blah. But that may potentially be the future with coinjoin transactions. But I think if enough people start doing coinjoin, it starts to break that, you know that association that chain spy tools could no longer flag somebody as high risk merely for the fact that they have coinjoin history if enough people start doing it. What’s your view there on that and whether that kind of campaign could be driven?

Matt Odell: Absolutely. I mean that’s the biggest reason why I’ve been trying to push coinjoin liquidity. Even if you don’t do it. You know, one of the things that stops a lot of people from doing coinjoin that I’ve noticed besides the fact that these concerns that Trace has said, which I’ve heard that concern many times is a concern that they’re a little bit overwhelmed if the, if they could do it correctly, right, but we leak so much information in just the default way of using Bitcoin the way most people are using Bitcoin. That, I think, you know, as long as you don’t assume you have perfect privacy, if you use coinjoin, you’re improving the situation both for yourself and for Bitcoiners just because the default is so bad. So yeah, I also, I also tend to agree with that, if we can get coinjoined liquidity up to a certain, to an exchange, they might actually prefer receiving.

Matt Odell: You know, there might be a dirty area in between where things get like really nasty and a lot of transactions are getting blocked and deposits and withdrawals are getting blocked and you basically can’t use them. But in the, in the longterm they might actually prefer receiving coinjoin deposits because then all of a sudden that responsibility isn’t on them. They don’t have to, you know, they don’t have the means to look at this huge history then that huge history of a UTXO when you deposit to an exchange is just a massive regulatory burden for them. If they don’t see it, then it’s almost, it’s almost better for them in that regard.

Stephan Livera: Right. And although we do have to consider it’s cut and mouse game though, so let’s hypothetically say, right, a lot of people were driving coinjoin campaigning and everyone starts doing coinjoins and yeah, we really do break that heuristic and so exchanges can no longer safely flag someone merely for using coinjoin. I wonder whether that may still, you know, the compliance departments of those exchanges may still feel some level of anxiety that they’re not doing enough so to speak and that they would then need to ask for other info on every customer. I don’t know. What’s your thoughts there?

Matt Odell: I mean, I think what happens here is the end game becomes, if we go down this route successfully, the end game becomes to enforce at scale. They have to ban self custody completely. And I think that’s a fight that I’m willing to take. I think that’s a fight that all Bitcoiners should be willing to take. And I think it falls under the same exact threat model as your government just banning Bitcoin altogether. Right? They could ban coinjoin, they could ban Bitcoin just as easily. I mean we see, we see, we already see exchanges like Circle and Robinhood that don’t even give you the option. You can’t deposit and withdraw. You just hold the IOU on their platform and they don’t do have to deal with any of that regulatory compliance issues. And in my mind, I think in most bitcoiner’s minds, that’s not really Bitcoin, right?

Matt Odell: Cause you have to trust this third party. So, I don’t think any, if the idea that people have is that this is going to be an easy process, that governments aren’t going to fight back. I would dismiss that wholeheartedly. And I would say that the fight is beginning. It’s actually been slower than I expected, but you should still expect that there’s going to be, there’s going to be a fight here. And you have to decide what’s important. You have to decide if you really want control over your own money or if you’re fine with, basically just keeping it as an IOU, just like gold is on these centralized platforms.

Stephan Livera: Right. And I think Giacomo has also made a similar argument there around how KYC, I think he was talking about know your confiscation or something but basically the argument was if the government knows every Bitcoin holder, then theoretically it knows whose doors to go and knock on, right?

Matt Odell: Exactly. Man. That’s why I disagree with Ergo in that regard. In terms of, he said like once you KYC, you can never get out of that because I think that it’s still a huge improvement. If you use coinjoin and run your own node, control your own keys after you go through KYC, because at least now it’s still so difficult to hold your own Bitcoins securely. Right? It’s gotten significantly, it’s gotten significantly better. But if you practice good privacy techniques, post KYC, at least it gives you a level of plausible deniability as years go by. Right? So if they’re able to actively know your balances you know, that’s the first step. We saw that in America with executive order 6102 in the 30s, right before they confiscated everyone’s gold. I mean, that was the confiscation order, but they knew where all the gold was.

Matt Odell: So, that’s how they were able to confiscate the gold. They didn’t know, you know, where it was like in a closet somewhere and the person bought it without KYC. They weren’t able to confiscate that gold. So the first step is to identify who owns what. But like today, when we see Coldcard vulnerabilities, Bitbox vulnerabilities, Trezor vulnerabilities, if you bought on a KYC exchange three years ago and you use coinjoin properly and you run your own node and you practice good privacy hygiene they’re not sure if you still have it right. And so then it comes down to the fact like, how far does that government want to go? And, and with Western democracies, like I don’t think they’re going to go that far. Like, I think especially as we get Bitcoin in more hands like there’ll be a lot of public outrage if they’re going door to door. Basically breaking kneecaps and threatening jail time to try and get people to admit to Bitcoin that they’re not even sure if the person actually holds.

Stephan Livera: Right. Especially as you say, as time goes on. But perhaps there is also a value there in, you know, so, so we’ve got the big KYC exchanges and they’re not going anywhere anytime soon. But there might also be a value in driving the use of non KYC as an alternative, right? So if you’ve got family and friends, potentially if they have their own little informal network where they trade amongst themselves as opposed to everyone going to KYC exchanges, then there’s at least less bitcoiners who have been quote unquote bagged and tagged.

Matt Odell: Absolutely. I mean, I think this improves over time as more there’s more Bitcoin holders, so there’s more people to participate in that circular economy. And obvious venue for receiving KYC free Bitcoin is through mining. That’s one of the reasons proof of work is so important. Besides countless other reasons. Another way is to, receive Bitcoin for goods and services, especially if you offer a discount. Because you want that KYC free Bitcoin. So I think we’ll see more of that, you know, specifically BTCPay merchants accepting it. As far as you know, P2P KYC, free transactions with strangers, there’s a lot of risk involved there. Like, first of all, we’ve seen in America undercover agents we’ve seen undercover agents participate in the transaction, so you don’t know if they’re an undercover agent and the whole thing’s, you know, being watched.

Matt Odell: And in that case it could be even worse for you. Because there’s an implication of guilt there. Just because you’re trying to, you know, as far as these so-called democracies care about they think you’re trying to end around the regulations. And then the other issue is, you know, something with like bisq. Like, I don’t want to fud it. Like I love the product / project. Like, I want people to use it. But like, how do you know, like, you’re just going to get, like a random person’s going to send a bank, transfer into your account. Like, obviously you have to use cash because if you just accept bank transfers from random people that can raise a whole ton of flags, like who do you, who’s paying you. So and like, who are you paying?

Matt Odell: Like are you, you know, who are you sending a bank transfer to? They see all of that, that transaction. So, so, so cash is obviously king in terms of privacy. If you can do cash transfers that great, you know, you hope it’s not an undercover agent, you keep it under $10,000 because that’s when things start getting like extra dicey. But I think in terms of like circular economy, I think you will see, more friends and family type situations. I think we’ll see that across the board, not just with Bitcoin purchases but also with, like running your note or something like that. Like where one person runs a node and then their friends and family connect to it as like a trusted third party that they know and actually do trust. And I think this, this whole idea of, of earning Bitcoin for goods and services, like you’re a convenience store and you do offer a discount. Like I think that’s like how the Bitcoin circular economy starts because otherwise, like why would people spend Bitcoin if their dollar cost averaging in and they’re speculating on the price going up, unless there is like a substantial discount. So the, merchants should be offering discounts so they can get that KYC free Bitcoin.

Stephan Livera: Great. and here’s a hypothetical for you, Matt. If 100% of the demand for Bitcoin was all done on, you know, street deals, document markets, do you think the price would actually be higher than it is now?

Matt Odell: No way. Not in a million years. Like I strongly disagree with that, but that logic, what do you think? Do you think it would be higher

Stephan Livera: Right now? No, but I think maybe longer term it could be. I mean, if enough people started just doing it that way, I don’t know. Yeah. So let’s start talking a little bit about action steps then for people. So what are some takeaways for the listeners in terms of things they can do? What tools should they be thinking of? What are some steps that they can take?

Matt Odell: Well, I think, you know, the number one priority here should be running your own node and securing your keys, right? And like actually using your node for your keys, right? So, you know, whether that’s Electrum which is has its own issues with Electrum server, but stuff like myNode and nodl and Raspiblitz and stuff are making it easier to run Electrum servers. So that’s good. Because that’s just like an obvious, you just obviously like tons of information leak. And then I think like people should be experimenting with coinjoin. Like I said, I think that as long as you don’t have this assumption that it’s perfectly private it’s a net benefit just because the status quo is so bad. And, and I really do think that the next step will be, you know, stuff like Samourai that make it really easy. And then as far as payments and receiving payments and sending payments like lightning will be the way that people can do it in a slightly more private fashion that hopefully will scale up in time and become more private.

Stephan Livera: Yeah, and even in the case of taking deposits, I wrote an article recently about why static address deposits a really bad, so don’t use those. A lot of people use them for donations even Bitcoiners. Right. So it’s sort of like surprising in some ways when once everyone, like I could understand maybe like some streamer who’s not really like a hardcore Bitcoiner, but they just put up an address to take donations. But there are people even like Bitcoin is like we have to lead by example. Right? So I think two better solutions, I would suggest there is one, if you have Samourai wallet use PayNyms for donations or to set up a BTCPay server and use that to take donations. I think that’s one thing to combat this whole address reuse problem as well.

Matt Odell: Yeah, I mean I think I love PayNyms. The biggest issue with PayNyms is that the only way that the payer can pay you is if they have Samourai. Which means they have to not only have Samourai, but they have to have an Android phone, which greatly reduces the amount of people that could pay you. BTCPay is obviously fantastic. I mean, I think people should also temper their expectations a little bit, right? Like if you look back two years, three years, everyone was reusing addresses. Now the default is HD wallets, right? Like we didn’t even, we’ve come such a long way in such a short amount of time. I’d be really surprised if that improved, if those improvements don’t continue. Right.

Stephan Livera: Yeah, agreed, agreed. And then I think the other thing is this idea of like even using Samourai, if you’re using every for every spend, you try to make it a STONEWALL then that’s another thing as well. Because when you make every spend a STONEWALL or better, right? STONEWALL, STONEWALLx2 or a stowaway, then you’re really starting to screw with the heuristic a bit. Right now, sure the number of people using, privacy tools is lower obviously. But if that starts, if that number starts, you know, if we get number go up there, then that really does start to change the heuristics and change the way people are able to spy on the blockchain.

Matt Odell: Yeah, I mean, a lot of this relies on adoption, increasing, continuing which I’m bullish on, which helps in terms of my mental model and just usage increasing. And that’s why education is important for these specific tools. I mean, like how many people do we think are actually using Samourai STONEWALL, specifically in Samourai. And then I think, you know, also they just like these individual project teams they need to iterate on their designs, right? Like, for instance, I used a STONEWALL spend. I’ve been you know, I practice what I preach and I’ve been using both Samourai Whirlpool and Wasabi. And so post Whirlpool, right? I was sending a transaction to myself to, to practice a STONEWALL and the way their algorithm works, like it included a ton of inputs I guess a ton of outputs as you know, there’s technically no inputs, but they included a ton of outputs for the inputs out of the transaction.

Matt Odell: And like that is you know, in terms of coin control, right? Like that’s combining a bunch of UTXOs to make the payment. So you do get that benefit from STONEWALL that that common input the common output a heuristic is you don’t really know for sure, but you, you are combining all those, those UTXOs, so there’s a lot of nuance there and the tools need to be iterated on and improved on because the end user, you know, like a bitcoiner that’s educated right now can use just basic coin control. But even for them, it’s not that intuitive. Right? Hey, like I was using coin control on Electrum for the longest time and they don’t have like default labeling. Right. One of the things with Wasabi does great is it forces you to label. Samourai doesn’t have forced labels yet.

Matt Odell: Samourai’s coin control is the opposite. It’s instead of picking the UTXOs you spend you pick which ones you Mark as do not spend. And supposedly that’s gonna change with their new app. So we’ll see. But like these tools need to iterate, Wasabi has a select all button lets you select all the UTXOs at once to include in a transaction. Like why does that feature exist? That feature shouldn’t exist. It’s just tricking users into using it and inadvertently linking a bunch of UTXOs post mix. So, these tools need to be iterated on. They need to fail and then improve. And that’s just how it’s going to go. It’s going to be a slow and steady process. And as, as we have liquidity and as we have these pools, you know, improve, hopefully the situation will get better. I’m cautiously optimistic.

Stephan Livera: Yeah, no, that’s a fair point. I think there’s still work to be done, but you know, that’s the nature of it. Some of this stuff is just cutting edge. I know in the case of Samourai, I think they are looking at yeah, as you said, including labeling and more direct coin control features on the app in the coming versions. And I think they are also working on like a new engine that picks UTXOs in a more kind of smart way so that you don’t screw yourself over. So the idea is if you, when you do the tx0 that it won’t, you’ll have that unmixed change, right? Like that little bit there. And that’s the most toxic part of which you shouldn’t ever mixed together with other pieces other, you know, unmixed changes.

Stephan Livera: Cause then it links the mixes together, et cetera. And I think their new engine will actually try to intelligently hold those back or keep them segregated in what’s called bad bank. So that’s again, these are things that are coming, but I think we can be optimistic if people get pointed towards the right tools. And so for example, when I’m trying to help onboard a beginner, I’ll try to default them into the more private things, right? So I might try to, if that person has an Android phone, well then I’ll get them set up on Samourai wallet. So that way they’re at least starting with a privacy tool in their hand already. And so there’s not as much of a difficulty around trying to get them to change from some other tool to using, you know, a more privacy focused one.

Matt Odell: Yeah, I mean, right now with Samourai wallet when you do the the transaction zero, like the pre-mix, you get that, as you said, you get that toxic change and that toxic change is not automatically marked do not spend. So you have to go in and make sure you do not, you Mark it as do not spend for future transactions. And also it’s not automatically labeled. So if you don’t go back and label it, you end up in a situation, two years down the line where you’re like, I don’t even know what this toxic change thing is. You know, where’s that UTXO from? And now it’s worth like $100. Like, do I want to risk spending it or does my privacy, you know, is it worth $100. And you get into this like really dirty situation. So a little tweaks like that. I think at the end of the day, basically what these privacy tools have to do is they have to, you know, do at least the light chain analysis on yourself. Basically use the tools that, that the people tracking us are using to help automate these processes so that it’s much easier for the end user, but do it in a way that doesn’t actually sacrifice the individual user’s privacy. So, running your own node and running all that chainanalysis locally would be key.

Stephan Livera: Yeah, right. I can see that already it’s becoming more common now to have your own Explorer but potentially having your own chain analysis might be a bit more difficult because that requires more hardcore, you know, like spec’ed up hardware and so on. But yeah, look, I think that’s definitely the, hopefully that’s the direction we can at least go in. So I guess to close it up then make the case for the listeners, why should they participate in the coinjoin campaign?

Matt Odell: I mean, look, if you compare, if you compare, if you care about personal sovereignty, you know, if that’s why you’re in Bitcoin, then financial privacy is a key element of that. And the Bitcoin system as a whole is not as secure if individuals are doxing themselves left and right. So if you, I think that if users care about financial privacy, like there’s this whole divide, this perceived divide between like the number go up crowd and the financial privacy crowd. And I think that divide shouldn’t exist because at the end of the day, if individuals start protecting their financial privacy, it will help the number go up. Like I think Bitcoin becomes more valuable, becomes more resilient and robust long term if individual users practice financial privacy because that is the single biggest vulnerability that Bitcoin has today. Because if you look at the way like a government would come in and try and control the system is it starts with the lack of financial privacy.

Matt Odell: They start, you know, tagging users and then going after users and making examples out of them. And then if your question is why is financial privacy in general important? It’s because it’s, you can learn so much from a user, from just their spending habits. And I look at the world today and I look at all these people who are using all my peers that are using Venmo and PayPal and all these credit cards and all these centralized payment processors and they’re basically exposing their whole lives not only to these companies but also to the governments that they’re affiliated with. And if you have like an authoritarian come in, they’re going to use that against you. They’re going to know, you know, they’re going to know all your intimate spending habits. And then just from the most innate view, your boss shouldn’t know where you spend your money if they’re paying you in Bitcoin and the merchant that you shop at shouldn’t know what your salary is.

Stephan Livera: Fantastic. I couldn’t have said it any better. I totally agree with you there, Matt. So look, I think we’ll, we’ll we’ll call that an episode. I think most of my listeners already know you very well, but just in case any of them don’t make sure you shout out now, just where they can find you online and where they can find obviously Tales From The Crypt and Rabbit Hole Recap.

Matt Odell: Yeah, so I’m @Matt_Odell on Twitter and, we’re Tales From The Crypt, so that’s tftc.io. We have podcasts and we have a newsletter. Yeah, I love coming on the show with you, Stephan. I’m a huge fan of your show. I listen to every episode. I tend to think that we’re all part of the same Bitcoin network where we’re just like individual shows on the same channel. So it’s an honor to come on the show and it’s just an honor to be doing this whole, you know, taking part in this whole process alongside you.

Stephan Livera: Oh, of course, man. I’m a big fan of your work as well. I listen to every episode of yours, so thank you again for joining me.

Matt Odell: Cheers guys.