Lili joins me to talk about her journey of learning about Bitcoin and using it privately. We chat about: 

• Trade offs of KYC vs Non-KYC coins
• How to acquire non KYC coins
• Staying private through the lifecycle of using Bitcoin
• Bitcoin for donations
• Canadian Trucker Bitcoin
• Wasabi and ZkSnacks debacle thoughts

Links:

• Twitter:  @Marketsbylili

Sponsors: 

• Swan Bitcoin
• Hodl Hodl Lend
• Compass Mining
• Braiins.com
• Unchained Capital (code LIVERA)
• CoinKite.com (code LIVERA)

Stephan Livera links:

• Show notes and website
• Follow me on Twitter @stephanlivera
• Subscribe to the podcast
• Patreon @stephanlivera

Podcast Transcription:

Stephan Livera:

Lili, welcome to the show.

Lili :

Hey Stephan, thanks for having me.

Stephan Livera:

Yeah, well it’s great to chat with you and I know you’re very focused on Bitcoin privacy and a bunch of these topics. So I wanted to get you on and chat about a bunch of these things, but maybe just give us a little bit of an overview. Who are you? What was a little bit of your journey of getting down this Bitcoin and Bitcoin privacy rabbit hole?

Lili :

Yeah, of course. So I actually started buying Bitcoin end of 2018. I came in from the traditional finance space. So prior to working in Bitcoin, I was an investment banker at J.P. Morgan. And then I moved to UBS Bank where I managed client portfolios for the ultra-high-net-worth. And while I was there, I was looking for a way to hedge my clients’ equity positions. So end of 2018 comes and Jerome Powell comes on on television and he says, We’re gonna raise rates a quarter of a percentage point. That spooked them market. But what really spooked the market was when he said, We are far from terminal. Meaning: a lot more rate hikes are planned, so get prepared. Markets took a dive. We almost went into bear market territory—bonds dived, paper gold dove as well, and the only thing that was working was the options strategies that I had put in place in these portfolios. And the problem with that is the options strategies are very expensive. So my boss at the time, he said, I want you to find something else. This is working, but it’s expensive and it’s taking a lot of your time. So I started doing some research and I found Bitcoin. Previously, I had experience with crypto back in early 2018—I was not looking at Bitcoin—I was looking at these other coins trying to make money, kind of got rekt, and then I dismissed it completely. So I came across this article again and it was talking about Bitcoin as a hedge against inflation. And it was talking about the growth of the Bitcoin hashrate and how the network was so resilient. So I took that—I ran with it. I ran stat analysis on it. And I saw that the correlation between Bitcoin and equities at the time was 0.6—that makes it a great candidate for a hedge mathematically, so I put together a presentation and I pitched this to my team. I kind of wish I could take that back, because I got so much backlash for bringing it up. My boss at the time said, You know, it makes sense, but if you do this, you’re gonna be a liability for us and you’re gonna be a liability for the clients—I don’t want you bringing this up. And then I thought, Okay, well we could introduce it through Grayscale Bitcoin Trust. That’s what was on the market back then—we couldn’t buy physical Bitcoin. He’s like, I don’t care—I don’t want to see this proposal ever again. So I tabled it and I started going down the rabbit hole from there. I started buying Bitcoin on my own. Every week I would buy it—I did the whole bulk purchase and DCA and all that. I didn’t care too much about privacy at the time. I didn’t really understand Bitcoin as like freedom money. I just thought, Okay, it’s just another asset. This is a hedge. Just a way to protect my stocks, so I’m just gonna buy it. It wasn’t until 2020 where I realized, Okay, Bitcoin is money. Bitcoin is protection against authoritarian governments. It really is the only asset that you can take custody of, and it’s the only asset that is truly censorship resistant. So from there I started going down the privacy rabbit hole. I started learning about CoinJoin. It was actually your podcast, was the first Bitcoin podcast that I ever listened to. And I started learning about what a node was. And yeah, so it’s kind of crazy to be on right now. But then I saw like, Okay, now I know what Bitcoin is—there’s no way I can continue to buy this on a centralized exchange. If it is what we say it is, if it is what it is in the white paper, it’s P2P, it’s censorship resistant money, it’s protection against the state. How can it be protection if we’re going through their on-ramp? Like, we’re handing them our information. And even if we do take custody of it, they know what time we bought, at what price, at what date, the amount—we’re exposing ourselves and we’re taking this asset that’s supposed to be censorship resistant and we’re dollarizing it. We’re putting it in the same category essentially as stocks and bonds. So then I was trying to find out ways to buy non-KYC. So I started buying non-KYC. I started looking into mining. At the time, there was barely any resources out there talking about non-KYC, talking about mining. The only mining talk on mainstream was, Don’t do it. It’s not profitable. It’s too hard. You’re gonna get scammed. It’s complicated. It was so hard to break out of that. And when I first started buying non-KYC and going down the mining rabbit hole, I actually didn’t want to. I didn’t have a desire to do it, but I felt that it was necessary. Once you see the truth, and once you see what’s happening around you, you have to react and you just have to take that step, even if it’s uncomfortable. And now I’m so glad I took it, because seeing all the news that’s coming out, I don’t have to scramble to learn how to use Bitcoin privately, or how to acquire it—I took that step a little bit ahead of the curve. So I’m just glad I did it, and I think anyone can do it. They can start. It’s not impossible. And it’s never too late to start caring about your privacy.

Stephan Livera:

Fantastic. Well yeah, I think that’s a great walkthrough there of what is for many people—it’s a common journey, I think. Everyone has different views around KYC and how much they’re willing to tolerate it. And of course, I’m more in that camp of, I think you can still have a foot in both worlds, but I understand, of course, there is the position of the hardcore never-KYC gang. And I think it’s probably useful for listeners to hear that spoken out, like what are some of the trade-offs of purchasing or acquiring or mining non-KYC as opposed to KYC. So from your point of view, how would you spell out some of those differences?

Lili :

Yeah. So the way I look at it is like, I think it’s totally fine to have two stacks—one KYC and one non-KYC. I personally have two stacks. We are still in a dollarized economy and we still interact with the fiat system, so I say like, You can use KYC Bitcoin as an investment. You can buy it as like a liquid emergency—fine. If you know you’re gonna be buying a house within two years, that’s a big purchase. You want to put your money into something that will appreciate, so by the time you’re ready to make that big purchase, you’re inflation-protected and you have more money to make that purchase. So I say, Okay, use KYC Bitcoin as a liquid emergency fund, you can use it as collateral for loans, and you can use it on the balance sheet of your business. You’re not gonna be able to use non-KYC Bitcoin as loan collateral—usually they want records of where it came from. There are platforms where you could potentially get a loan with non-KYC, but if you’re a registered entity like an LLC or a business, I think you have to play within the rules. You have to keep it very clean. You don’t want to give yourself a headache and a mess when it comes time to—Maybe we’re gonna audit you. So I think there’s a lot of value in having a KYC stack. Non-KYC is for people who want to transact privately, for people who want that real protection against the government and potential hostile regulations. It’s always good to hedge yourself and have that secret stash of money. Back then it was gold in your house in a safe—you bought it with cash, no one knew you had it. Now we’re in modern day and we have something better. So get that non-KYC Bitcoin and you keep it on a wallet in your home, and that’s your real protection just in case you’re locked out of your fiat bank accounts and you need to transact, just in case you have to flee a bad situation, just in case your country ends up in war. Like, I’m sure the Ukrainians didn’t expect that to happen to them. So it’s important to have that stash and to have that separation.

Stephan Livera:

Absolutely. And so I think you’ve put it quite well there that you can see a case there for having some in each world, but as long as you understand the trade-offs of what decisions you’re making. And so let’s spell out some of those trade-offs. I guess maybe let me put a few ideas out there. So as an example, in the KYC world, you’re generally paying less of a premium to acquire it. And potentially, you might be able to purchase more than you otherwise would have, depending on which country or which city or town you’re in. And it might be in some ways more convenient. That’s the KYC side. Now, the non-KYC side, probably the benefit then is less people know you have it. The institution who gave you the KYC coin—well that doesn’t exist now. Now it’s just a counterparty who knows. And so that’s less potential people, it’s less able to be seized by the government or requested or subpoenaed by a government, or potentially even hackers. If that data were to leak, then they might know your name. They might know your address, your phone number, your e-mail, et cetera. So I think those are a few of the different trade-offs. Are there any others that you want to spell out for people?

Lili :

Yeah, I think those are the main trade-offs—having to pay the premium. I think another thing to note is liquidation. It’s harder to liquidate non-KYC Bitcoin. Ideally, you want to liquidate it the way that you got it, like through a decentralized exchange like Bisq, with another person in a P2P market or some kind of P2P group, or you can even go to a Bitcoin ATM and liquidate it that way. Some ATMs go both ways—you can put in Bitcoin and get cash back. So yeah, if you’re trying to make a big purchase in the future, going through that liquidation process right now, unfortunately, is still very complicated. A lot of these decentralized exchanges, they don’t have high liquidity, so you’re gonna have to do multiple transactions to get back to that huge amount of fiat that you put in. But I do want to note too about the premiums: there are ways to get around that. One of them is mining Bitcoin. When you mine Bitcoin, you’re essentially mining it below spot, depending on your electricity rate. So you’re getting non-KYC Bitcoin at a discount. You’re mining it at home, so you don’t have to deal with Bisq. You don’t have to drive and go to an ATM. Another thing too is, if you’re very patient, you can go on these decentralized exchanges and place your own orders. You can place your orders around like 1%-2% above spot, and a lot of times they will actually fill. A lot of people they just go in and take an order, but if you place an order, leave it there for a couple days, I can guarantee you that it will fill. One thing I like to do personally too, with respect to ATMs, is you can go to an ATM and you don’t have to say, Okay, the limit is $800 a day per number—there’s a way to get around that. You can use something like Text Verified and you can spin up a lot of non-KYC phone numbers. You can spin up say five numbers and you can run those transactions all on the same day. That creates that smash buy effect that you would get if you went through a Coinbase or a Kraken or something like that.

Stephan Livera:

Right. And so there’s different ways to go about that, depending on the different platforms. As listeners know, Hodl Hodl is one of my sponsors, so that is also an option if you post up an offer, and you can then use that to trade USD or other fiat, basically. And so they’re a few of the different angles. And also, I think it’s interesting because in some parts of the world, it’s seen as like this non-KYC premium. But in other parts of the world, it might be more like it’s not really a KYC premium, it’s more just like maker-taker premium. As in, the maker is the one who is providing both sides—the bid and the ask—as in, they’ve got their spread. And then if you’re the taker—you’re the person taking that offer—then you’re the one paying the premium. So I think it’s interesting that in different parts of the world, it can operate like that. So for example, in parts of the world where there’s not a capital gains tax, it might be seen a bit more in that way. So it’s just an interesting thing I’ve noticed just in my travels around the world as well. So bringing it back to the mining method, I guess that’s also another reason where some individuals would say, Okay look, I’m treating it like I’m taking a little bit of a hit in terms of the electricity cost, but I’m treating it like, Okay, I’m okay with that premium because getting some non-KYC coin. So I think that’s probably another angle that some people are thinking about it, right?

Lili :

Yeah, definitely. And it depends on their electricity costs. Some people, they can actually mine and make good money—like, they’re not losing money. But regardless, if you’re holding that mined Bitcoin for at least a full cycle, you’re gonna come out and you’re gonna have a lot more profits than somebody who’s stacking through a KYC exchange. I think one thing that’s important to note, too, is if you’re mining and you’re in the US, you’re eligible for something called a power purchase agreement. So that means that, if you’re using more electricity, you go to your electrical service provider and you ask them, say, I want to increase my electrical use—what kind of discount can you give me? A lot of times they’ll lower your rate per kilowatt hour. And you don’t have to tell them what you’re using the electricity for. They want you to use electricity, so they’ll give you a discount for stepping up that usage.

Stephan Livera:

Yeah. That’s a good point I think a lot of people might not have considered. So yeah, certainly that’s out there. So we’ve spoken a little bit about non-KYC methods of acquiring. In some cases, as you said, there are certain thresholds—you might be able to stay below those thresholds. In other cases, you might be mining. In other cases, you might be earning. So that’s another way that you could take your existing service or product and just sell that for Bitcoin, if you’re able to find somebody who wants to buy it.

Lili :

Yeah. What’s nice too about earning is now there’s a lot of sites that you can use. Like, people post jobs and say, I want somebody to design a website for me and I’m gonna pay them in Bitcoin. One that I really like is the jobs for Bitcoin subreddit. There’s also a really cool site called Freelance for Coins. So there are marketplaces that exist where you can connect with people who want to pay in Bitcoin. And a lot of times, these people who are seeking to provide these services, they are in parts of the world where their currency is just not good, or their job market is really shitty, so they have to find other ways to earn income. It’s really cool. I think everyone has a skill that they can monetize and sell for Bitcoin.

Stephan Livera:

Absolutely. And so then we’ve spoken a little bit about using non-KYC acquisition. What does it look like to then actually retain our privacy in our Bitcoin usage? And I know this is an area where you’ve gone down this rabbit hole quite a bit, so I think you’ll have some interesting insights to share for listeners who are maybe newer to this non-KYC world.

Lili :

Yeah. So the way I approach Bitcoin privacy is: it’s five key areas. The first obviously being acquiring Bitcoin privately. Number two would be how you store your Bitcoin. You don’t wanna store huge amounts on a hot wallet. You want to store most of your funds offline in a cold storage wallet. Another thing to consider too is coin management. If you buy non-KYC coins, you have KYC coins in a wallet, the last thing you want to do is send your non-KYC coins to that wallet that has the KYC coins, because what you’re doing there is you’re negating all the hard work that you did to get those coins, and now they are what we call tainted. So my thing is: choose a wallet that has coin control and labeling—coin control, meaning you choose which UTXOs are spent in a transaction. And then labeling, you can tag the UTXOs and say, Okay, I got this from mining, or this one came from ATM, this one came from Coinbase or wherever. Some really good tools for that are Samourai Wallet, Blue Wallet has this, and then Sparrow Wallet—they all have coin control and labeling. Another thing people need to look at is, if you really want to transact privately, you need to use your own node. When you’re setting up a node, there’s a lot of things to consider like the cost of the node, which wallets are compatible with that node, your own technical ability, like how much do you know and how much of a technological leap do you want to go through? And then also the community support of that node project. For beginners, definitely I would recommend a plug-and-play nodes setu—something easy. Like, you can use the Ronin Dojo Tanto plug-and-play or the Umbrel node. They’re both really great for new people. Because when you’re transacting, every transaction goes through a node, and if you are not running your own node, you’re using someone else’s node and you’re trusting them with your privacy. Another thing to consider too is CoinJoining. So CoinJoining is basically like you’re breaking the links between that Bitcoin that you have, and it’s past. I think you should always CoinJoin if you’re sending out Bitcoin to somebody. It doesn’t matter if it’s an innocent transaction or not, you should be CoinJoining that Bitcoin. And this can be done with Samourai Wallet or with Sparrow on desktop. Another thing too to note is it’s okay, I guess, to CoinJoin without a node, but you have to understand the trade-offs, is you are sending your XPUB information to that CoinJoin coordinator. If you want to avoid that, you should be running your own node. So with Sparrow, that looks like: running your instance of Bitcoin Core while you’re using Whirlpool, and with Samourai, that would be like running your own Dojo. That’s included in a lot of these node packages. It’s included in Umbrel. It’s included in MyNode. You can run a Ronin Dojo plug-and-play—that’s already included. It’s really not a huge setup hurdle.

Stephan Livera:

Excellent. And so I think that’s a good point for people who are new to consider, is that distinction between this idea of: one is holding your keys, and then the other part is running your own Bitcoin node. So just for anyone who’s new, could you just explain that part again? Just simply: what’s the holding your keys part? And what’s the running your own Bitcoin node part?

Lili :

Yeah. So obviously number one step for privacy is holding your own keys. You want to have that Bitcoin in your possession. You don’t want to keep it with a custodian or somebody else. And then that distinction between how much risk are you willing to tolerate? If you’re holding your own keys in a hot wallet, know that that is connected to the Internet. And basic security says that any software that you’re running on an Internet-connected device is only as secure as the device itself. So you have to make sure that your actual device is secure and free of malware. Even if that software is a strong privacy-focused software, it’s only as secure as the device that you are running it on. And then the other part of course is long-term storage, using something like a cold wallet, holding your keys offline so that it’s away from hackers and actually secure—because if you are putting in all this time to get non-KYC Bitcoin, you want to protect it. If you’re holding a lot of funds, you want to keep those funds offline. Running a node is more for people who want to transact and who are transacting pretty regularly. You can run a node as a HODLer to support the network, but it’s not going to benefit you with respect to your privacy if you’re not using it—it’s just another piece of technology. So I think running a node while you’re transacting is extremely important because you want to verify your own transactions—you don’t want to rely on somebody else. And there’s actually a lot of reports too that show that chain analysis and these bad actors, they run nodes, and you never know what node your transaction is being passed through if you’re not running your own.

Stephan Livera:

Right. And so that’s an interesting point as well, because in the broader ecosystem, there are various elements of surveillance going on. And as you rightly pointed out, this is like a known thing where basically these chain surveillance firms would run some of the public Electrum servers. And so this would basically be the means by which people who are unsuspecting users of the network who would think people don’t know about my transactions, but actually their server knows about it. And so this is like taking it to that next level. Now, to be clear for listeners if you’re new, just understand that some software uses relatively safer defaults. So as an example, Sparrow has a semi-trusted list of Electrum servers who are providing the info there. So it’s like Blockstream and Emzy and a few other people out there. But obviously, as you’re saying, the idea is you might graduate up to running your own software, either your own Bitcoin Core or running your own Electrum server using the likes of Ronin dojo or Umbrel and so on. And so I think those are a few points to think about. It’s a life cycle, isn’t it? Like, don’t just think, Oh, it’s just the stacking of the coins. It’s also—whenever you’re spending those coins—you have to think about the privacy implications of that. And so how do we best maintain our privacy through the lifecycle of our acquiring and spending of coins?

Lili :

Yeah. So the best thing really is—you know, you acquire your coins—is to manage those UTXOs, that Bitcoin, make sure that you’re labeling everything, where it’s coming from, keeping track. Don’t combine non-KYC and KYC coins in a spend. Always CoinJoin before you’re spending. And what I really like too is, in the Samourai Wallet, for example, there are these post-mix spending tools. So that makes sure that you are retaining that privacy that you got from the CoinJoin. It takes a lot of that user error out when you’re transacting, so I definitely recommend people to use those tools.

Stephan Livera:

Yeah. And so for listeners who maybe you’re struggling to follow along, the idea here is that there are algorithms built in into the way that those coins are spent. So this algorithm is there in Samourai Wallet, and it’s also there in Sparrow Wallet also as an option. So as an example, there’s Stonewall. And so it’ll use these algorithms in a way to help obfuscate or mask your behavior on-chain. And so the general principle or the general theory here is that you might earn some coins, and then you might run them through a CoinJoin through Whirlpool as an example. And then after you’ve done Whirlpool, then when you’re going to spend, that’s where you use these what’s called post-mix spend tools. And so Stonewall is the obvious or the main example, but there are other post-mix tools that can be applied and used, right?

Lili :

Yeah, definitely. And I do want to note that it’s more important to go through that process if you’re spending KYC coins versus non-KYC coins. Like, you don’t want to be spending directly out of an exchange, for example,. it’s important, because we saw what happens if certain transactions get flagged, certain addresses get blacklisted like with the Canadian truckers, they were able to trace these people because what they did was they donated directly from their exchange wallet, so it made them very easy to track. You always want to make sure you get it into a noncustodial wallet first and CoinJoin it before sending out any KYC Bitcoin.

Stephan Livera:

Yeah that’s a great point. And so I think it’s important for listeners to understand the difference between an account and a wallet. So accounts are what you have on an exchange, but a wallet is the one where you hold the private keys. So that’s like Samourai Wallet or Sparrow Wallet or using a hardware wallet. And so what you want to do is make sure you’re withdrawing out of that account on the exchange into your own wallet. And that’s an important point for people to understand. And then of course, think a little bit carefully about the privacy implications of when you spend and what you’re spending. And so as you were saying, Lili, there are certain tools that we can use to retain our privacy through the lifecycle of our Bitcoin use. So I think those are important points to understand, especially for new users and new Bitcoiners. So I’m curious as well, while we’re here talking about the Canadian truckers, do you have any thoughts on how that went down and what could have been done? Well, firstly, do you have any thoughts on how that was executed? And whether there are things that should have been done to improve that?

Lili :

So with respect to actually collecting Bitcoin donations and passing them out to the truckers? Or with respect to the situation and what happened? My first thoughts on this was this situation was a great advertisement for Bitcoin and highlighted the important of censorship resistance and being able to transact freely, but it also showed some of Bitcoin’s flaws. The blockchain is open and auditable for anyone to look at. Anyone with a block explorer can see where transactions are going and see what’s going on. This highlights the importance for strong privacy practices. A lot of people were spending their Bitcoin from exchanges directly and sending it to the truckers, which was wrong. But I do think there should have been more education to the truckers about what Bitcoin is and how they should be using it. I saw some videos that came out from Canada and they were giving Bitcoin to truckers and they were filming them. I thought that was a huge blunder—like that just destroys their privacy right there. I don’t think it’s enough to be able to say, Okay, we raise all this money, we pass it out. You need to show them how to actually use it and convert it to goods and services. I feel like that was the missing piece. Like there wasn’t any education on, Okay, this is how you use a decentralized exchange to cash out of that Bitcoin. It’s a learning process. I just felt like it could have been handled a lot better. I do think it was a good initiative with respect to the people who participated, but the execution was where the problems were.

Stephan Livera:

Right. And I think it’s a combination of things. So historically, there has been this line of thought or school of thought of, Oh look, it’s transparent, so let’s try to amp that up. Let’s emphasize that, Oh look, see, we’re all publicly donating. And you can sort of understand a bit of an argument around, It helps that other people see those donations going. So maybe that might help get more donations. But what’s the downside? It means if everybody’s donating to the same address or to the same fundraiser, it becomes very transparent unless the users know how to then CoinJoin and be private after the fact. And in the case where it’s a very public donation address and you can see exactly, this is where the money went. I can understand there’s a conflicting argument here, because on one side it’s like, Oh, the transparency for the donators—they should get to see where their money went. And then the other angle is more the privacy angle. It’s like, No, actually we should be veering away from this idea of transparency on the blockchain—although yes, if you use it wrong, it is very transparent—that we should just be veering away from that idea altogether. And we should instead be just saying, Look, make the donation and let them be private after the fact.

Lili :

Yeah, I definitely agree. When you’re collecting donations, I know that a static Bitcoin address is very convenient. It’s easy for people to plug that in and send money. But when you have a government that was openly hostile towards the people who are receiving the donations and was openly hostile towards the people who were actually donating, they need to find a way to collect those donations whether that be through a PayNym donation or a BTCPay Server to collect the donations—they need to be responsible for collecting that on behalf of the people who are going to receive it. Because the last thing you want is doing more harm than good, where these users who receive these donations or gave these donations, they get found out and then their fiat bank accounts—traditional bank accounts—get frozen and they get locked out. There were reports of people saying they couldn’t buy groceries, they couldn’t put gas because they didn’t have cash on hand and their accounts were frozen.

Stephan Livera:

Right. And as you rightly pointed out, the authorities in this case took it to a level far beyond what had happened previously, right? We had heard of cancelings before and things like this, but this was, in the past—historically—it was things like political reasons to shut down let’s say a drug business or a gun business or a porn business or something like that. Whereas in this case it was everyday Canadians who are having their normal bank accounts and normal accounts shut down or stopped. And so the fiat world has taken it to another level. And I think it also means that Bitcoiners have to take it to the next level as well in terms of execution and the ability to educate quickly and make Bitcoin practically usable for people. I believe it can be used practically, and it could have been, but things like static address reuse o this sort of overly transparent culture of Bitcoin usage might be holding us back. And so maybe this is a good point for you just to explain for people who don’t know what is a PayNym, and how does it work for people who want to do this kind of thing in the future?

Lili :

Yeah. So a PayNym is basically like a way to transact and send and receive money without address reuse. Everything is managed directly, and you can add peoples’ PayNyms and send money to them, basically like a reusable payment code. All of the stuff happens behind the scenes of like changing out the addresses and all that. But I think it’s really valuable because some people say, Oh, it’s hard to get into—it’s really not when the wallet is doing it automatically. And I think that BIP47—PayNyms—should be integrated into every wallet. This is just another way to reduce that friction for the users, and giving them that privacy by default so they don’t have to be technical to actually transact. So I think if you’re new to Bitcoin, this is how you should be transacting. You should be transacting with PayNyms—that way you don’t have to remember, Okay, don’t reuse addresses. And a lot of smaller charities now, they’re actually taking donations via PayNyms versus a static address.

Stephan Livera:

Got it. And so in this case, if you are raising funds, whether you’re in an adversarial environment and you don’t want to dox the amount of donations you’re receiving, or you want to make it easy for other people to donate to you, well then this is an example. Now, of course, I think there are various knocks that are out there against PayNyms and this kind of thing, although I’m still supportive of them personally, and I have been for a while. I think the main knock currently is just that there’s not as many wallets that support it, and so from the point of view of a person who’s out there asking for donations or trying to do commerce, in that example, they might see it like, Oh, I want to use things that are more compatible with lots of wallets. But, that said, we have Samourai and Sparrow currently who have it, and my hope is we see more wallets that implement this as a feature, at least, and put it out there for people who want it. And it’s not just donations as well. I think it’s important that you could, as an example, have a trading partner, or, as an example, you could have an employee. If you are paying an employee and you just do it all with PayNyms, every time you pay them, you can just say, Hey, I just made the payment to your PayNym—boom, you received it, and there was no need for each person or one person to give the other an address to pay into.

Lili :

Yeah there’s so many use cases, and I think more wallets will follow suit and implement it now that the use case is even stronger after the trucker situation, and after the situation in Russia. And Coinbase was also blacklisting some of the addresses for these users. I think we’ll see more of it. We have to follow and innovate on what the users want and what will actually benefit them. I don’t see much of a reason that wallets shouldn’t offer this. It’s not something that is mandatory. The users can choose whether or not they want to use PayNyms, but they should have the option.

Stephan Livera:

Got it. And so just more broadly around privacy tools and techniques—even just aside from Bitcoin—do you have any tips or pieces of software or tools that you think people should be thinking about? That they should know about?

Lili :

Yeah, so I actually put all of my Bitcoin stuff ona privacy-dedicated phone. So I use something called the Calyx OS operating system. And with that operating system, what it does is it takes all of the Google software and trackerware on Android and it removes that, and it keeps the functionality. I like to use my Bitcoin on there, because, like we mentioned earlier, the software that you use is only as secure as the device you’re using it on. Another thing too is: when you’re using a Bitcoin wallet, you want to use a wallet that connects to TOR by default. You connect to TOR, all your activity is obscured and it’s hidden from the software maker. Personally, if the wallet doesn’t connect to TOR automatically, I wouldn’t use it if you’re a privacy-conscious user. So something like Samourai Wallet or Sparrow Wallet, they connect to TOR automatically. I definitely recommend people looking into that and using it. Another thing too is if you’re looking at trying to protect your private data, only use apps that are open source or on the F-Droid store. It’s a lot to think about, right? Like, if you’re taking notes, for example, on Apple Notepad, this stuff’s not encrypted and people can see it. If you’re taking notes about Bitcoin, writing down an address, you want to put it in something like Standard Notes and encrypt those notes. Another thing I like to use too is, when we copy addresses to our clipboards, it gets retained there and other apps can access the clipboard and see that information—the users should clear that after every transaction, so I use something called a Clipboard Cleaner. That’s exactly what it’s called, and you can get it on the F-Droid store. It’s pretty simple: you open it and say, Okay, I want to clear the clipboard—that gets cleared out. Obviously, you want a good hardware wallet to go with it. I use the Foundation Passport to secure all my funds. And then if you want a good node package, there’s a lot of good offerings out there, but I use the Ronin Dojo node to CoinJoin all of my Bitcoin. That’s like my sovereign stack. The sovereign stack should be a really good hot wallet that has privacy tools built in that does connect to TOR, good supporting apps, a strong mobile OS to keep those apps running on, a good node, and then a really good privacy-focused cold storage wallet. Not all cold storage is created equally. I really would discourage the use of cold wallets that connected directly to the computer if you want be like this privacy power user.

Stephan Livera:

And just while we’re on that topic around hardware wallets—whether you’re using a hardware wallet or a cold wallet—how would you advise a newcoiner when they’re thinking about let’s say having a smaller amount on their spending wallet and then that larger amount on their hardware wallet or cold storage setup? How should they think about that?

Lili :

Yeah, you have to look at the same things that you look at when you’re evaluating node packages: you want to look at the cost of the hardware, the functionality of the hardware, the ease of use of it. Can you actually create encrypted backups? How are you gonna back up your seed?—that kind of thing. I wouldn’t go for something as a new user that is extremely technical and has a lot of friction associated with it. I would try to opt for something that is easier to use but doesn’t compromise on their security. Definitely like when you’re setting up a hardware wallet, regardless of where you get it from and who’s making it, you need to test it with smaller amounts. So never just say, Okay, I’m gonna send my whole stack to this hardware wallet or 90% of my stack in one go—you want to test it with small amounts first. Test it with small amounts and then test your backups before sending a lot of money. Send a small amount, test that backup, see if you can restore your wallet from the seed, and if that like works, then you’re good to go. And you can send all larger amounts to that wallet. Hardware wallets are for long-term storage. They’re not really for day-to-day spending, right? Like, you just want to store your long-term funds there. So definitely consider your technical aptitude, make sure you test your backups, and choose something that is on your level. Don’t exhaust yourself and say, Okay, I want to test all these wallets. Make sure that the provider that you choose has good support, documentation for you, good tutorial stuff for you to reference, and a good community around it, because you want that support as a new user.

Stephan Livera:

Yeah. All good tips there. And so it just behooves all of us to think carefully about what we’re doing and making sure most of our stuff is in harder to access cold storage, and keeping a smaller amount in that day-to-day spending. And for some people, they might have different hardware wallets, one that they’re keeping as they’re deep cold, and then one is like a warm hardware wallet, and then maybe a small amount on the phone just for that day-to-day, say if they’re going to a Bitcoin event or a conference and they want to be able to spend and receive and get amongst it in that way. And another area that’s quite topical at the moment in this whole realm of privacy is what’s going on with Wasabi and this whole zkSNACKs, which is the company behind Wasabi Wallet. So I’m curious, Lili, do you have any thoughts on what has gone down there? Or actually, if you could just first give a bit of an overview from your point of view? What have you seen there?

Lili :

Yeah, so there’s a lot to unpack here. This new decision that they said, We’re gonna blacklist UTXOs—it caught a lot of users by surprise. My view is: the idea of blacklisting, UTXOs is an attack on Bitcoin fungibility. And for people who don’t know what fungibility is, fungibility is basically how interchangeable are the parts of the money supply, and how indistinguishable are they from each other. So basically, if you’re moving to mark some coins as tainted and unusable, that destroys fungibility, because you’re separating the parts from each other. You’re saying like, This is a good piece of the money supply, and this is a bad piece of the money supply. This is exactly what we’re trying to avoid by using Bitcoin. We’re trying to avoid censorship. So what Wasabi did was they said, Okay, we’re gonna censor users in the same way that GoFundMe said, We’re going to censor users—You can use our service only if you’re using it for this purpose. And I get it—maybe they had good intentions, but the way I see it is this is just the beginning: give them an inch and they’ll take a mile. Wasabi has essentially become a surveillance app. And on top of that, this is the nail in the coffin for them. They had problems in the past. They had problems with address reuse in their mixes. When you have deterministic links in the mix, the mix can be unwound and traced back to you. Essentially, that negates all the benefits from a CoinJoin—they had problems in that you could not verify the anonymity set of your mixes. They said like, Okay, I’m going to get this anonymity set of 50 and I’m gonna pay this certain amount for it. There’s no way to verify the method of mixing. As opposed to something like Samourai Wallet, the method of calculating the anonset and that the way the mix is done—it is reproducible and verifiable. So that’s another red flag. Another thing too that we were all wondering—like, Okay, were they pressured? Did somebody send them a letter? A cease and desist? Some kind of court order to tell them that they need to start blacklisting UTXOs? The answer is clear now: the answer is no. You had the lead developer and some of their team give an interview and say, No, we were not pressured by regulators, we are just preempting a potential regulation in the future. So you have a privacy wallet that’s coming out and saying, Oh, we’re going to start complying with non-existent regulation to protect the users or to protect ourselves. It’s just very messy, and I don’t want to get too much into the drama of it and the politics, but I do encourage everybody who wants to learn more to go on Twitter, you can search Wasabi with my tag and Samourai’s tag and Nopara73’s tag and see what people have been saying about the wallet for years. You can see the research reports for yourself. You can see the back and forth and what was said. My thing was: search chain analysis—search it with the names of the Wasabi developers, and you’ll see that there was talk of hiring chain analysis and using these chain analysis companies for over three years—since 2017, was the first mention of potentially hiring these firms to help them manage UTXOs. So I think anyone who went out and did their research wouldn’t be surprised by this decision.

Stephan Livera:

Right. And I think in my role as well as a podcaster and a person just talking about Bitcoin, I’ve caught a little bit of flak myself about things. There have been times where I’ve said, I would prefer to use Samourai Wallet. And there have been times where I’ve caught a bit of flak myself even for my criticisms, of when I would criticize things that are just strange behavior in terms of things like address reuse and architectural flaws in the way that the Wasabi Wallet was working. Now, it remains to be seen what happens if there is a new coordinator and so on—I personally would avoid. I’m waiting to see what happens there. I’ve been obviously more in the Samourai user camp myself. But I think it’s a bit concerning to see the use of chain surveillance firms inside what is purportedly a privacy wallet, and it does arguably cut against the very ethos of this idea of Bitcoin as a freedom money. I understand no wallet is perfect and no person in this space is perfect—we’ve all got our flaws. I’m just very confused by what’s going on. I personally would avoid Wasabi myself. So those are a few comments that I just wanted to share as well, just for any listeners curious on my perspective there. I guess it’s hard to ascribe intention, but it seems a little bit like a regulatory capture play. It’s almost like a, Let’s try to kowtow, or let’s try to play along with that narrative in the hopes that our masters will throw us a few scraps at the table, or so that we won’t get banned. And obviously it’s difficult in this space, right? It’s difficult to just say, Yeah, you should just tell ’em, No. But maybe there were arguably unforced errors here too—there were errors being made in terms of the structuring of the business or the way it was. It could be argued that there were unforced errors there also, along the way.

Lili :

Yeah. It’s really unfortunate, because I place a premium on honesty, and if you go back and see how these developers were talking about privacy in the past, like you had someone come out—I think it was 2018 or 2019—he said, Chain analysis, he tagged all the firms, he said, You are my enemy and I will end you. Two days ago, he came out—same guy—and he said, Well, we’re not censoring. This is curation. We’re curating which users we serve. And that’s the right of every entrepreneur—which is a true statement, right? But it’s the complete opposite of what he was showing himself to be, somebody who is a champion of privacy, who is a champion of anti-censorship. [If] you want to work in this space and you want to advance privacy, you need to understand that you’re going to face friction. If something like what you’re building is truly going to decentralize power and give its users the ability to transact privately and outside of the state’s control, you’re gonna face friction. People are gonna come after you, and I think you had a great point when you said maybe the structure of the company was a poor structure. I mean, they have a headquarters, right? They have a headquarters that’s a known location, a lot of these devs are doxxed. So their full names are out there and they’re known, so that creates some vulnerability on their part. But really, they had no court order, no cease and desist telling them that they need to preempt regulation. My guess is maybe this is a play to try to get ahead of other CoinJoin providers, try to get ahead of their competition in the regulatory space and say, Okay, we’re gonna start doing this. They’re gonna go and lobby governments for more regulation on CoinJoins to try and get ahead of their competitors. This is something that is very common in the mining space. Core Scientific has put out a lot of statements saying that they’re pro-ESG and they’re taking all these steps that they weren’t asked to take. And I think part of that is they’re preempting the future of regulation. They want to be ahead of the curve—I think that’s very shortsighted thinking. I think people are going to challenge this regulation. And at the end of the day, code is law, and code can’t be regulated within borders. It lives in cyberspace and that is outside the jurisdiction of any government.

Stephan Livera:

So yeah, I think it will remain to be seen how much that gets respected. Of course, I wish we could live in the world of some part of the full cypherpunk vision, but I think a lot of states around the world will see it like, Nope, what happens inside this border is inside our jurisdiction. And so as long as you’re inside this jurisdiction—and that’s not me supporting that, obviously I’m just neutrally speaking about that’s the world we’re in—so I think we will see that. And I think it’ll be interesting, that argument back and forth even in the ESG aspect, the mining ESG aspect of it—how much of that is merely communication as opposed to how much of that is actually arguing for regulation, in the case of government creating a cocoon around, let’s say, the large players in the industry, which you could arguably say is happening with some of the chain surveillance firms that are trying to ingratiate themselves into the government and say, Look, look, Mr. Politician or Mr. Regulator, I will help you keep the crypto streets clean. That’s the message that we’re getting from these entities. So closing up then, if you’ve got any thoughts for listeners out there, what should they be thinking about from a privacy point of view? And what kinds of things are you looking forward to seeing in the privacy space?

Lili :

Yeah, so just to summarize everything we talked about: definitely you need to consider how you’re acquiring your Bitcoin, how you’re storing it, and then how you’re spending it from a privacy standpoint. This isn’t to say—like don’t think that you have this KYC Bitcoin and it’s like a worthless thing because that’s not really true, but I do think that it’s okay to take those steps and acquire a non-KYC coin. You can start very small. You can start by going to a Bitcoin ATM and getting some from there. You can look up some tutorials and go through Bisq and try that out. But I say like, You need to be very intentional about how you’re buying and storing your Bitcoin, especially in the current environment. We can’t just say, Stack sats and we’re gonna out-hold the government, because that’s simply not really true. The way that we win with Bitcoin is through creating a circular economy and through buying Bitcoin privately. That’s how we can mitigate a lot of this regulatory risk.

Stephan Livera:

All right. So Lili, where can anyone who wants to find you online—where can they find you?

Lili :

Yeah, so I’m very active on Twitter. You can find me at @marketsbylili is my handle. If you need anything, DM me. My DMs are always open. I’m happy to send anyone any resources or tips on Bitcoin privacy.

Stephan Livera:

Fantastic. Well thank you, Lili.

Lili :

Thanks, Stephan.