Not your keys, not your coins: Claiming better ownership of your stack with Bitcoin privacy

Not your keys, not your coins: Claiming better ownership of your stack with Bitcoin privacy

The tools to be a better sovereign Bitcoin user are at your disposal – and recent developments suggest you should use them

hen significant consolidations happen in the cryptocurrency market, Bitcoiners have a habit of sounding the alarm, reminding folks to remove their hard-earned Satoshis from exchanges and brokerages. It’s sound advice both from a price perspective (loaded exchanges signal selling pressure) and a control perspective.

The general mantra is “not your keys, not your coins”. The practical reasons are simple: you cannot 100% rely on exchanges to ensure liquidity, withdrawals often take time (think Celsius), and you just never know when a genuine shock, hack, or government seizure (think Canadian trucker convoy) could put your Bitcoin at risk.

That’s why self-custody is one of the most important principles for Bitcoiners.

There are some exchanges and brokerages that publish info on their cold storage and proof of reserves, and they should be commended for that.

But the point of having Bitcoin as digital money or a store of value is truly “having” it, safe on your own wallet encrypted by your seed phrase and passwords. Otherwise, it might as well be a paper bill stamped with an IOU.

While this is an important lesson to repeat, there is also another principle that will be just as important once broader Bitcoin adoption — or scrutiny — takes hold. And that is Bitcoin privacy.

On-chain transactions are public for all to see, and copied onto the blockchain tens of thousands of times by the many Bitcoin nodes worldwide. If we assume Bitcoin will have generational staying power, that transaction history is permanent.

Much like you wouldn’t want the entire world to know each one of your bank or cash transactions, you want to keep some of your Bitcoin spend/earn history private.

When you buy Bitcoin with fiat money on a regulated exchange, Know Your Customer (KYC) and Anti-Money Laundering (AML) rules apply, meaning that these services know who you are and the path your Bitcoin will take once you withdraw.

If a court, tax agency, or government entity wants to know where said Bitcoin has gone, they can petition the exchange to find out, and they’ll be forced to comply. It wouldn’t take much to follow the trail from the exchange to your hardware wallet. Blockchain analysis and surveillance firms, now worth in the millions with funding from venture capital, are making this easier every day.

Herein, we’ll outline the practical steps you can use to enhance the privacy of your Bitcoin treasury. I am by no means an expert, but rather a happy consumer of many of these projects and products.

For a more complete guide that reads like a “Flag Theory” for Bitcoin, I’d recommend @BitcoinQ_A’s masterful Bitcoin Privacy Guide.

Private Exchange

One of the best and most entrepreneurial ways of growing a private stack not tied to any KYC exchange is to maintain or offer a service that can receive Bitcoin as payment, or you just receive BTC as reimbursement of some kind.

Ideally, you use some kind of open-source payment processor directly tied to your Bitcoin node or wallet like BTCPay Server, rather than a static BTC address (which can be surveilled on the blockchain).

Think of an online 3D-printing service that sells node cases, miner parts, or art collectibles (like famed pleb @Printer_Gobrrr’s Gobrrr store), or even a book marketplace (like German book merchant Aprycot Media).

If you run a podcast (check out Podcasting 2.0 on the Podcast Index), write books or publish online, or provide value in some other way that people are willing to provide value back (Value-for-Value like on Nikolaus’ Was Bitcoin Bringt page or Gigi’s excellent site), this is a great way to build a stack not tied to your identity.

Among friends or people you know, you can also buy dinner with cash and have them reimburse you in Bitcoin. Or vice versa if you’re looking to do some orange-pilling.

Once Bitcoiners began earning and spending in Bitcoin en masse, the deterministic links so heavily tracked by governments and larger institutions will prove impossible. You can start to make that happen.

Collaborative Transactions (Coinjoin)

Some great innovations in Bitcoin privacy are found in the entire field of collaborative transactions, or coinjoining.

Unlike the custodial Bitcoin mixers of yesterday (I’m looking at you, dark net market customers), coinjoins noncustodially obfuscate the trail of Satoshis by randomly batching transactions, giving each participant forward-looking privacy on their Bitcoin. It breaks the link that a chain analysis firm or bureaucrat would usually be able to track.

One of the most popular tools, Whirpool, is made by the developers at Samourai Wallet, an open-source mobile wallet for Android phones. Once you pair it with the Whirlpool GUI, it’s easy to begin a coinjoin and see the magic happen. More on that on the RoninDojo wiki or in Bitcoin magazine. There you can learn about how coinjoins work, and how to best safeguard your privacy by separating the “toxic change” you receive as an output from the trade.

I’d also recommend a RoninDojo Bitcoin node setup on a Raspberry Pi or Tanto box if you’re serious about it. And if you don’t have an Android, consider getting a degoogled Pixel and loading it up with a privacy-conscious operating system like CalyxOS or GrapheneOS, which will allow you to download Samourai. @SethForPrivacy has a great rundown on his blog.

Whirpool is also integrated into the technology stack of the desktop Sparrow Wallet, another robust open-source Bitcoin wallet that allows customization on multi-sigs, connection to your signing devices (hardware wallets), and more.

Another honorable mention is JoinMarket, another open-source coinjoin implementation that even has a dedicated UI on the Umbrel Bitcoin lightning node software called Jam.

One other implementation is in the desktop Wasabi Wallet, with a coinjoin feature as part of its tech stack. There have been some criticisms over the recent announcement that their centralized coordinator may be willing to blacklist particular UTXOs, but it remains a great project with talented developers. I will leave it to Bitcoin Privacy Twitter to adjudicate its fate.

BIP47 and Paynyms

Because I already mentioned Samourai and Sparrow, I should mention that both wallets support BIP47 “Reusable Payment Codes,” known as Paynyms. These are unique codes and IDs based on users’ private hash, and they come with a nice-looking robot you’ve probably seen on Twitter.

https://paynym.is/+yael

When you connect your Paynym with someone else, it generates unique sending and receiving addresses for each transaction, ensuring pretty good privacy on the whole.

There is a lot of discussion about retooling this Bitcoin Improvement Proposal (BIP), and hopefully, more wallets will add this feature in the future.

This is a stellar way to practice Bitcoin privacy among friends, vendors, or frequent collaborators on the Bitcoin network. Even between your wallets if you wish.

Decentralized Exchanges

Decentralized exchanges are vital for seasoned Bitcoin folks, especially those who have been around for a while and don’t mess with any KYC or AML exchanges. While they ensure great privacy, be warned that you will have to pay a premium.

These are peer-to-peer exchanges where you use ordinary payment methods (SEPA bank transfers, Venmo, Revolut, Cash App, Interac, etc.) to send money to private people and they send you Bitcoin. That's what God intended.

The two I would recommend for on-chain Bitcoin transactions would be Bisq and Hodl Hodl. Hodl Hodl is accessed via the browser whereas Bisq must run as a native app on your computer. That said, Bisq doesn't require an account to "sign-up" and uses the Tor network to encrypt your access to the server, so it's definitely more secure and private. Both provide a good modicum of privacy, though.

A new service that launched some months ago is Robosats, a simple and private lightning exchange that should only be accessed via the Tor browser.

The amounts transacted are usually under 500 EUR and will depend on the local currency you want to transact in. Popular ones are Revolut, N26’s Moneybeam, Amazon gift cards, or just a plain SEPA bank transfer for you Euro folk.

It also uses a version of paynyms to interact with others in order to share transfer information. All information in the chat is encrypted and can be lost if you don’t write down your token, so be sure to take note.

For users of Telegram, there is also a bot called lnp2pBot that allows anyone to buy and sell sats on lightning directly via Telegram.

These services are great for replenishing nodes or getting access to quick sats you may need on your mobile lightning wallet, which I’ll tackle next.

The Lightning Network

The most obvious way of ensuring Bitcoin privacy is to use the Layer 2 Bitcoin solution of the Lightning network.

One of the most eloquent writers on lightning privacy is Darthcoin, and he told me to focus on lightning above all else when it comes to privacy.

The advantage of this method is that your privacy is nearly guaranteed once your funds are on the lightning network.

The disadvantage is that managing channel liquidity is messy and difficult, even for expert users, and looping in and out of the lightning network means you have to pay fees.

How you can use lightning for privacy is by sending or receiving lightning invoices.

Lightning invoices can either be generated automatically or manually from your wallet and then sent to the party who should pay you. Even if the payments travel through several nodes, there is no direct link between the two people involved.

When you open a channel with another node on the lightning network, only the opening and closing of the channel are broadcast to the blockchain, allowing you to trade the liquidity up and down completely privately and securely.

As of writing, there are close to 4,000 BTC locked in public lightning network channels, meaning that at any one time, there could be tens of millions of Euros worth of transactions happening each day, and no government or firm can track it. And we don’t even know how many are in private channels.

For the tech savvy, this can either be done through your own physical lightning node you run at home on a computer or Raspberry Pi, something like Umbrel, Citadel, myNode, RaspiBlitz, or on cloud nodes such as Voltage, or BTC Pay Servers on Lunanode. You can send and receive lightning invoices using these tools, or by connecting the nodes to apps such as Zeus or Zap.

The mobile lightning wallet space is impressive, with the star players being Muun Wallet, Breez, Phoenix, and Wallet of Satoshi. If you’ve seen a lightning wallet in the wild, then it’s more than likely one of these four. Fountain app is also a great custodial lightning wallet integrated into a podcast app I’d recommend for podcast listeners who want to use Podcasting 2.0 by Dave Jones and @AdamCurry.

This is a very rudimentary overview of everything possible on the lightning network, and I‘d encourage you to check out the plethora of guides.

In closing

You don’t need to use these privacy practices if you don’t want to. You may have a good setup on your own or, God forbid, trust your government. But regardless, innovators and developers are creating the foundation for a sat standard, and it behooves us to try out their products, use them, and critique them where possible.

If our goal is to fix the money, then we should be sure we do it right.

Yaël Ossowski is a Canadian-American consumer advocate and writer living in Vienna. You can follow him @YaelOss.

Originally published on Fix The Money.