Replying to Avatar Garbage nsec

The mint part is not so simple. Small scale, no worries. Moderate scale, many worries.

First of all it may be illegal to run an unlicensed Cashu mint operating at even moderate scale in many countries. At small scale (groups of a few friends or family members) probably fine, grey area and all. But the mint starts doing any volume in these countries and then no.

This is because of what a mint is to these countries—basically a digital bank, with deposits like a bank, withdrawals like a bank, potential to fail like a bank. In regulatory terms this is very different to running a personal LN node, even with the same volume, or smaller.

In the EU a Cashu mint might come under MiCA, and some larger community mints might become de-facto VASPs under MiCA. (The VASP categorisation doesn't actually take volume into account, rather the nature of the service, what the mint is doing, how businesslike the whole operation is, etc.) If I was an EU citizen then I'd never allow myself to become the head of a Nostr community with a busy mint that ran on my server, regardless of what the community was about.

Regardless, all it may take is one or two larger community mints rugging the community for these regulations to suddenly become more in play. Also community mints would be very vulnerable to smurfing, which is a type of money laundering vector where agents will make many small transactions through a mint; if a community suspects its mint has become a smurfing vector, what is it even to do to? It gets messy fast.

Obtaining the license could be faster and cheaper in a jurisdiction like Estonia, Malta, etc. but that will require an entity in that jurisdiction. It'll also mean AML and CTF obligations, which are tricky in a Cashu context.

This is not a popular topic here, but it is what it is.

Throw in selling Sats for euros or dollars (a whole other type of license) and the community owner is going to be putting themselves at a higher degree of risk in these countries. Not to mention how to collect payment? PayPal won't allow it, Wise won't allow it, Venmo won't allow it (underneath Visa and Mastercard won't allow it), so how is the person buying the Sats to pay the seller in a way that is compliant? (Apps like Peach try to tiptoe around this but Peach won't scale, and anyway average commission on peer to peer Sat purchases there is like 20%, due to sellers wanting to be compensated for the risk.) So basically the community would always be under the table—if not in one context then in another.

Again all of this depends on the country—the country of the mint itself, and of the users of the mint.

Anyway zooming out these are scale concerns for which Nostr is pretty far right now, and also stress testing the idea (for our own use case). TLDR small-scale casual community mints I think are a good idea, but only for close-knit groups of people who already have their Sats in hand.
Avatar
Niel Liesmons 9mo ago

Yeah, that's :110percent: why I've been talking about the Private group scale as the number one place for this. Beyond that, you run into all the regulatory issues **and ** you lose trust.

Reply to this note

Please Login to reply.

Discussion

Avatar
Garbage nsec 9mo ago

Our use case is private too, but in many places the regulator could care less about any private/public distinction. We looked at locking down a mint to a private group via various means, but lock it down too much and you've made the blind signature aspect irrelevant, lock it down too little and then all the AML stuff. (Actually all the AML stuff often regardless.)

Avatar
Niel Liesmons 9mo ago

I'm totally fine with having an AUTH mint that knows I'm in the group, but not who I am. This is possible.

Avatar
Garbage nsec 9mo ago

That was our first approach—you know everyone in the wider transaction pool but can't associate any individual transaction with any individual person. Doing that, however, ties the mint, the community, and the client all together in a certain critical regulatory sense. So if we had a Nostr client that was an EU entity then that entity would be a potential enabler of all activity on all mints in all communities (public and private) created in or accessed via that client. Same for many other places. That's the tricky part.

Avatar
Niel Liesmons 9mo ago

I don't see that issue at all for us.

1) Zapchat will have no clue about what private groups are using it

2) The payments by the mint are lightning payments, the mint being one node in the system. So only the group members know anything about the mint. (Or is it this part I'm getting terribly wrong?)

Avatar
Garbage nsec 9mo ago

I dunno how you plan to structure it, but we found the issue can be both.

The mint needs the URL, the server, the associated LN node, and whatever basis for AUTH (database or other). A community member could spin all that up independently, and manage access independently, so not asking Zapchat to assist with any of it, nor letting Zapchat know the URL or any other details of the mint in a formal-input sense, or of the mint transactions—it's all discussed in MLS e2e encrypted messages and all transactions done outside the client.

That would be no different that a bunch of people spontaneously agreeing to do all that with each other in a Signal group chat. Then Signal itself can legit say "we can't know anything about that".

But for the mint to actually be a basis for fun features then a bunch of data on the mint, the users and the transactions will have to pass through Zapchat's servers, of those of whatever other client, no getting around.

Avatar
Niel Liesmons 9mo ago

Yup, the goal is that make that spontaneous stuff, actually spontaneous.

And have the hosting provider not be the app. External service that should know as little as possible about what is being hosted.