Payjoin v2 is finally here, and it's amazing.

Let's walk through why it matters, how it works, and how to use it in @cakewallet today!

Why do we need Payjoin?

Payjoin as a concept has existed for many years, with the ultimate goal being two-fold:

1. Break the simplest and most effective chain surveillance heuristic (i.e. assumption) that all inputs in a transaction are shared by the sender.

2. Allow exchanges, merchants, etc. to save on fees by more easily batching payments.

The most interesting from a freedom perspective is #1, but #2 is the financial incentive to get large entities doing Payjoins even if they don't care at all about privacy!

Not only do Payjoins break this major heuristic, they also hide the amount in a transaction by constructing the change output(s) in a novel way so that the actual amount send is never published on-chain. Who knew you could have private amounts in Bitcoin?!?

This is a huge win for privacy, and one that should become the default for p2p payments, exchange withdrawals, and much more.

How does it work?

The concept of Payjoin is actually very simple -- when you want to send money to someone else, a part of the QR code or URI they send you contains all of the info they need to build that transaction together. When both wallets support Payjoin this happens seamlessly in the background with no extra steps or effort necessary.

i.e. if Alice wants to send to Bob, it goes like this:

1. Alice scans Bobs QR code, containing a URL for Bob's Payjoin data
2. Alice's wallet uses that payload to build a transaction with both her input she wants to spend, and Bob's input that he's open to spending.
3. Alice signs the transaction and passes it back to Bob to sign, who then submits it to the Bitcoin network.

The beauty of Payjoin v2 over v1 is that no longer do Alice and Bob have to have their wallets open and online the entire time, as they use a privacy-preserving trustless server to communicate through. If Alice or Bob have to go offline during the process for any reason, they can pick right back up where they left off!

For most payments you won't even notice a difference, it will feel just like a standard Bitcoin payment but with the added privacy benefits for free.

What's it like to use?

We just shipped Payjoin v2 in @cakewallet yesterday, allowing 500k users to immediately have access to this incredible tool. All you need to do to use it is:

1. Have funds in a Bitcoin wallet in Cake Wallet
a. Receiving a Payjoin necessarily requires you have funds to contribute to the transaction, so be sure you have some Bitcoin in your wallet!

2. Go to Settings > Privacy > Toggle "Use Payjoin"

3. Go to your receive screen and enjoy 🫡

Anytime you go to pay someone else using @cakewallet or any other Payjoin v2-supporting wallet (only @BullBitcoin_ so far!) you'll seamlessly improve your privacy and that of the person you're paying 🔥

Want to learn more about Payjoin?

I've quote-tweeted a fantastic visual explainer below, but you can also find @satsie's full Zine on the topic below, along with the official Payjoin docs by @bitgould and co!

Shoutouts

I cannot speak highly enough of how amazing it has been to work with @bitgould and Jaad from the @payjoindevkit team, they're doing incredible work. None of this would be possible without them and their tireless efforts.

PDK made it so much easier to ship Payjoin v2 than it would have been otherwise, and I can't wait to see other wallets jump in and give back to PDK as they implement it like we did. To see the amazing Zine by @satsie, the best visual resource out there on Payjoin by far, go here:

satsie.dev/zines/payjoin

They won't stop with "mixers," they're coming for self-custody too ‼️

While this government response is not yet enshrined in law or precedent, it paints a much clearer picture of how the state views not only the place of privacy tools, but even that of self-custodial wallet providers moving forward.

Let's walk step-by-step through this response from the DOJ together and see why in a thread. FinCEN's guidance is worthless

While we have spent so much time wondering how the FinCEN guidance from 2019 on VASPs, mixers, and wallet providers should be viewed, the government didn't mince words:

All that worrying was pointless, as even the government considers it useless in a court of law. Much of my previous writing hinged on that FinCEN guidance being somewhat authorative, but clearly the government doesn't view their own guidance as valuable.

Only 9 steps to run your own Bitcoin pool 😎

Thanks to the amazing work of @Public_Pool_BTC, I've created a guide, Docker images, and a simple repo to make it easier for anyone who wants to spin up a new solo-mining Stratum Bitcoin mining pool.

🧵👇 I've created the new guide on my blog with detailed instructions to take you from a brand new VPS or server at home to a fully-functional Bitcoin mining pool in 9 steps total.

Have a Bitcoin node already? Things get even faster and easier!

sethforprivacy.com/guides/run-you…

1/ Ledger "Recover," a thread 🧵

Last night Ledger accidentally leaked some info on their new recovery subscription service, and today they revealed the details.

Let's walk through their proposed "solution" to cryptocurrency custody and how dangerous it is. 2/ The core premise of the offering is the ability to (supposedly) encrypt shards of your seed phrase into 3 pieces, give over your identity + a selfie recording, and then trust 3 custodians to secure those shards for you.

Here's why that's problematic.

So excited to finally get to do this, I know that price has been a big factor in people's decisions around securing their Bitcoin.

Self-custody that is FOSS and FOSH from a principled and cypherpunk company just got a lot more accessible.

https://twitter.com/FOUNDATIONdvcs/status/1658479189220290563

I work at Foundation precisely because their ethos from the top down is rooted in cypherpunk, pro-privacy, and pro-sovereignty ideals.

We will never compromise on any of these core ideals and have made them clear and cemented them publicly from day one.

A thread on Wasabi Wallet after more digging/research:

First off, please do not connect my joining their Space last week or researching their protocol as lending *any* credence or support for their approach or wallet. I still do not recommend using it in any way. Digging into WabiSabi has revealed some core issues that should prevent you from considering using it. Note this list is not in any particular order.

1) Wasabi's funding and willing usage of chain surveillance companies puts your on-chain data at risk when you use them.

Busy Sunday for me so far, kicking off #SkepticismSundays a little late!

The goal of this thread (which I'll post weekly on Sunday's) is for discussing the uncertainties, shortcomings, and concerns some may have about Bitcoin.

NOT the positive aspects of it. Discussing things with a critical thinking approach and level-headed discussion helps us learn where Bitcoin and it's community can improve and go from there. We had a *fantastic* amount of good conversations last week so I can't wait to see this week's!

Tonight the creator of my favorite mobile OS, @DanielMicay, gloated that he weaponized Twitter reports to get my friend Henry's account permabanned and is trying to get @techloreistaken banned as well.

I just... I'm so tired of so much of this space. You can see my reply here, but @DanielMicay deleted his original tweet after I called him out on it:

https://twitter.com/sethforprivacy/status/1588685568161902592?t=guHjW6nhyMVumvXl_OGgFA&s=19

If this alleged abuse is actually happening and being done by Henry, prove it and let each of us come to our own conclusions.

1/ So absolutely thrilled to announce that I'll be joining @FOUNDATIONdvcs as Head of Content next week!

My goal from day one is building out the best content and educational material in the space for sovereignty and personal privacy. 2/ I want users to be able to come to Foundation for not only sovereignty tech, but all the info and content they need for a holistic approach to personal privacy as we continue building out our tools and offerings to empower the community.

Bitcoin maximalists are really making it easy to separate those who actually care about freedom and cypherpunk ideals and those who simply want to pump their bags.

Asking for millions of $ in funding to attack #Monero instead of spending it on #Bitcoin privacy dev is disgusting.

https://twitter.com/fiatjaf/status/1576615945841188865

Ethics/care for human freedom aside, Monero doesn't give an F, and such an attack would provide a live chance to test (and likely improve) Monero's anti-fragility.

If Bitcoiners want to spend their money hardening Monero and funding miners, they have the freedom to.

Only one day in, but have to say that if you have *any* ability to make it to #hcpp23 next year, DO IT!

I knew these were "my people" when I saw @SamouraiWallet, @ZeusLN, @cakewallet, @GrapheneOS, and @pop_os_official commonly in the wild.

The cypherpunk future is now. Some of the best presentations I've heard so far in the space, and all so beautifully aligned with cryptoanarchy, cypherpunk ideals, and sovereignty.

Seeing so many people in the space still holding these values gives me so much hope.

Such an honor to be able to go on @WhatBitcoinDid for this one and be able to cover the immensely important topic of digital privacy with @PeterMcCormack.

#Monero is such a valuable tool for freedom, I hope more people will take the time to see how it can fit into their toolkit.

https://twitter.com/WhatBitcoinDid/status/1542137631055777794

Many of the most common issues or worries people have with #Monero are broken down in detail (with *tons* of linked resources) here:

sethforprivacy.com/posts/dispelli…

Attempted to make a semi-exhaustive list here, please read through and let me know if I missed something, misspoke, or need to add more detail to any of the proposals:

sethforprivacy.com/posts/proposed…

Hoping to make this a useful and up-to-date list of proposals both WIP and DOA.

https://twitter.com/Ragnarly/status/1531667098522382336

Posted on @stacker_news as well, per the usual 🙂

stacker.news/items/33089

1/ Time to share some of my thoughts and experiences from getting this self-sovereign #LightningNetwork stack up and running.

tl;dr - not for the faint of heart/non-tech-savvy, but once configured and up and running it seems to be working quite well for me!

https://twitter.com/sethforprivacy/status/1526749422620745733

2/ For the Bitcoin node, I simply exposed the Dojo bitcoind node's RPC that I already had up, and was able to easily access it across my home's network:

code.samourai.io/dojo/samourai-…

Be sure to write down the ports used here if using a Dojo node externally, as they're non-standard.

Oof.

Anyone with a more #LightningNetwork-focused following want to run the same poll and see what you get?

In some ways I'm glad I'm not alone but that's... Not exactly the UX normies will put up with.

Do you all think this is why custodial LN is so commonly used?

https://twitter.com/sethforprivacy/status/1521823507235151873

If you voted in my poll don't vote here, but will add polls by others that are similar here to compare among follower sets.

Thanks for kicking it off @L0laL33tz!

https://twitter.com/L0laL33tz/status/1522952192742854656?s=20&t=l5tznuHZjFuSo_DYrg0Bfg

It's *very* early, but I've started collecting resources, open questions, and proposed efforts to explore how trustless zk-SNARKs could be useful for a potential future #Monero protocol update:

github.com/monero-project…

If you have useful resources or questions, please reach out! The goal here is to build a go-to resource that marries the promise of trustless zk-SNARKs with the specifics of Monero's payment protocol to ease potential research and interest by Monero developers and researchers, not to push for implementing zk-SNARKs ASAP.

1/ I'm really tired of responding to lots of comments from DERO people claiming they've solved the worlds problems and scamming people with false marketing, so here's a thread breaking down all of their grandiose claims 👇 2/ DERO claims to be using "fully-homomorphic encryption" to prevent nodes from being able to see transaction information.

Not only is this nonsensical (zk-proofs allow verification without revealing data simply) FHE is absolutely unusably inefficient:

anandtech.com/show/16533/int…

1/ As always, ransomware and DNM trends are a good litmus test for the usefulness of a technology, and especially the usefulness of a cryptocurrency.

Let's dive into some interesting info in the latest CipherTrace ransomware report 👇

https://twitter.com/ciphertrace/status/1516815579398774786

2/ First off, no mentions of tracing Monero or tracking it's usage, despite Ciphertrace having used social-engineering to collect XMR addresses from known ransomware entities.

1/ Get ready for the #Monerorun tomorrow by reading up and taking control of your $XMR:

localmonero.co/knowledge/hold…

Here are some excellent wallets depending on your preference to start using today 👇 2/ First off, no matter what wallet you use *save your seed*!!!

Always do so in multiple locations, in ways that you can find and recover, and inform your family or loved ones of how to recover funds as well, just in case.

While this is "just" the front-end, this continues the trend of "privacy tools" preempting regulatory pressure to kiss the boot of our benevolent overlords.

#Monero cannot do this by design, and that's what makes it such a powerful tool.

Permission-less or GTFO.

https://twitter.com/TheBlock__/status/1514967331830644736

P.S. -- "privacy tools" like @wasabiwallet and @TornadoCash using your fees to pay @chainalysis is the irony of ironies.

Quit giving these people your funds and just use Monero.

It's that easy.

Glad to see some more nuanced discussion of privacy issues in #Lightning at #Bitcoin2022!

The keys are:

1) Receive privacy is poor
2) Routing cross-network makes privacy of channels poor
3) L1 privacy issues cascade onto L2 to great detrimental effect

invidious.sethforprivacy.com/watch?app=desk… One of the biggest paradoxes of Lightning is that cross-network routing *requires* public knowledge of nodes, channels, and channel UTXOs/balances, but LN is being relied upon to "fix" all of the privacy issues of L1.

These problems are not easy to solve, maybe impossible.