Replying to Avatar Seth For Privacy

Summarizing my thoughts on ecash

For some reason this ecash trend seems to be gaining steam instead of going away, so I'll try my best to detail my thoughts on ecash into one post.

1. The incentives are broken

Ecash finds itself between a rock and a hard place. For users to trust the mint, they need to know that the people behind the mint are trustworthy. If the people running the mint reveal their identities (or even just nyms), they're a trivial target for regulators and law enforcement as it's clear a mint is an MSB.

If the people behind a mint don't reveal their identities or nyms, users of that mint are subject to trivial rug pulls with no recourse. Which do you prefer as a user? Mint operator rug pulls or government rug pulls?

If a mint had been targeted like Samourai Wallet was, instead of just a potential privacy loss, all users would have lost all of their Bitcoin.

2. Ecash is not "self-custodial"

For some reason this concept of ecash being "self-custodial" is a thing, merely because the tokens themselves are self-custodied (and require proper backups of seed phrases etc.) While the lines get a bit weird, it's important to separate two things:

1. The asset people want is Bitcoin, not ecash tokens.

2. The asset people give up custody on is Bitcoin.

The ecash tokens themselves are completely worthless IOUs without the Bitcoin behind them, so even if I can take custody of my ecash tokens, I have 100% given up custody of my sats to a third-party.

Because of this, talking about ecash as self-custodial is disingenuous -- no one wants empty IOUs, they want Bitcoin. When they use ecash they do not have custody of their Bitcoin.

3. Ecash still requires all of the hurdles of Bitcoin self-custody

The hardest hurdle for many people to adopting Bitcoin is the simple first step -- writing down 12 words and making sure not to lose them. With ecash you still have this single greatest barrier of entry as you must backup a seed phrase or secret in order to restore your ecash tokens.

4. There is no incentive for custodians to implement ecash

While a custodian could switch to ecash out of the goodness of their heart, the incentives are broken for custodians. Not only does ecash harm the UX their users are used to (not having to store a secret seed phrase), it also introduces additional infrastructure complexity. Instead of just running a database, now they have to run additional mint software to provide their users with tokens, and handle support cases where users lose their tokens.

In theory a custodian could just also store the seed phrase for their users, but then have we actually improved on custodians at all? They even have custody of the ecash tokens in that case.

5. Custody is a line that cannot be crossed

The core of what makes Bitcoin unique is that we can actually take custody of it ourselves, gaining immense freedom and self-sovereignty through a bit of personal responsibility. Even though I am a massive proponent of building better privacy tools, sacrificing custody to get better privacy is a non-option for me.

Surely we can do better and build privacy tools on top of Bitcoin (or directly into Bitcoin's consensus layer) that allow us to have both privacy and self-sovereignty via self-custody.

I will not give up custody of my Bitcoin, no matter what, and you shouldn't either. "Better custodians" are just custodians with extra steps, and still strip us of self-sovereignty and thus freedom.

6. Time is a more scarce resource than even Bitcoin

Even though I have been very outspoken on what I view as a pointless venture, I am not here to stop anyone from building what they enjoy in the space. Devs working on ecash are free to do so as of course I have no control over them, though I fear that time spent on improving custodians is time that we will not get back. It's clear that the US gov and many in the EU are seeking to ramp up their attacks on Bitcoin privacy and self-custody, and our time to build tools to route around them is growing shorter and shorter.

P.S. - None of what I write is a direct attack on any ecash dev, and I have immense respect and personal relationships with most of the people working on this stuff. Respect for an individual doesn't have to mean I agree with them on every avenue they pursue.
Avatar
average_bitcoiner 1y ago

TLDR; lots of strawman arguments

1. Gift cards and other rewards systems fit ecash very nicely. As for the other sentiment, you only want the allowed privacy then? Running any sort of digital privacy tool puts you in the State's cross hairs, so that means we should just not use them?

2. I've only seen Tony Giorgio speak as such, it's a stupid take, imho. ofc it's custodial. But let's look at the total addressable market of users. What percentage has custodial rug risk? And then tell me why it's bad that they should receive privacy as well?

3. I don't see how this negates the benefits of ecash. so you're telling me that people can practice seed and key management without their life savings on the line? sounds like a good way to test various recovery implementations.

4. You can backup encrypted copies of ecash in your iCloud, this is the expected use case for users. And ecash IS a database. These are strawmen technical arguments that all custodians already deal with.

5. See all of the above. "better custodians" offer privacy and have all of the same other trade offs as non-better custodians. There is no difference for operational complexity for a custodian running ecash or a database (because, surprise, ecash mints are just a database.) What custodian doesn't run a database? Bitcoin privacy tools don't just vanish because ecash is being adopted and used. We're all glad you won't give up your bitcoin, now let's go talk to a non-technical user just starting out. Do we offer them the more private custodian or the less private custodian?

6. "You're wasting your time because you're not working on the thing that I work on." Have seen the same from other over lightning or Sv2. Reread the second to last paragraph of the Cypherpunk Manifesto.

The unfortunate case is most digital users don't care about privacy or feel that they don't need it so we must build the systems with privacy by default.

Really poor job on the take down as it falls apart when you get into the specifics of the trade offs between custodians and ecash mints.

Custodian:

Reply to this note

Please Login to reply.

Discussion

No replies yet.