Bull Bitcoin becomes the first mobile Bitcoin wallet that allows users to send and receive asynchronous Payjoin transactions without needing to run their own server, using BIP77!

I am very excited about this new and bleeding-edge feature, because it has been a long-standing ambition of Bull Bitcoin to become the first Bitcoin exchange to process Bitcoin withdrawals via Payjoin (Pay-to-Endpoint) transactions.

However, it was hard to justify Bull Bitcoin investing time into building this feature since there were no commercially available end-user Bitcoin wallets that were able to receive Payjoin payments.

Indeed, in order to receive Payjoin payments (BIP78), a Bitcoin wallet needed to be connected to a full node server and be online at the moment the payment is made. This means in practice that only merchants, professional service providers and advanced full node users had the capacity to receive Payjoin payments. This is, we believe, one of the major reasons why Payjoin had failed to gain significant traction among Bitcoin users.

For this reason, the Payjoin V2 protocol (BIP77) was conceived and developed by Dan Gould, as part of the Payjoin Dev Kit project, to outsource the receiver's requirement to run his own server to an untrusted third-party server called the Payjoin Directory. In order to prevent the server from spying on users, the information is encrypted and relayed to the Payjoin Directory via an Oblivious HTTP server.

Bull Bitcoin’s Payjoin ambitions had been put on hold since 2020, until there was more adoption of Payjoin receiving capabilities among end-user Bitcoin wallets…

But it turns out that in the meanwhile, Bull Bitcoin developed its own mobile Bitcoin wallet. And it also turns out that the open-source Bitcoin development firm Let There Be Lightning, which we had collaborated with in the past, had itself collaborated with Dan to build a software library for Payjoin that was compatible with and relatively straightforward to integrate into our own wallet software. All that was missing was to put the pieces together into a finished product.

Thanks to the collaborative open source effort of the Payjoin Dev Kit team, Let There Be Lightning team and the Bull Bitcoin team, the Bull Bitcoin wallet has now become the first commercially available end-user mobile wallet on the Google Play store to implement the BIP 77 Payjoin V2 protocol.

Moreover, the Bull Bitcoin wallet has also implemented asynchronous Payjoin payments, which means that a Payjoin transaction can be “paused” until the receiver or the sender come back online. This way, the receiver's mobile phone can be “turned off” when the sender makes the payment. As soon as the recipient’s phone is turned back on, the Payjoin session will resume and the recipient will receive the payment. This is a major breakthrough in the mobile Payjoin user experience.

We would like to thank the Human Rights Foundation for allocating a generous bounty for the development of a Serverless Payjoin protocol and its implementation in a mobile Bitcoin wallet, as well as OpenSats and Spiral for supporting the work of Payjoin Dev Kit, which made this all possible.

Why does this matter?

Payjoin, also known as Pay-to-endpoint, is a protocol which allows the Bitcoin wallet of a payments receiver and the Bitcoin wallet a payments sender to communicate with each other for the purpose of collaborating on creating a Bitcoin transaction.

I first heard about Payjoin (then called Pay-to-endpoint) in 2018 and it completely blew my mind. What I liked most about it was that it was not a protocol change to Bitcoin, but rather it was an application-layer protocol that allows wallets to communicate in order to create smarter and more efficient Bitcoin transactions.

Whereas in a normal Bitcoin payment the transaction is created by the sender, and all the inputs of that transaction belong to the sender, in a Payjoin payment both the sender and the receiver contribute coins as inputs.

In the Bitcoin whitepaper, Satoshi wrote:

"some linking is still unavoidable with multi-input transactions, which necessarily reveal that their inputs were owned by the same owner"

With Payjoin, this assumption is no longer true. With Payjoin, we have fixed one of Bitcoin’s most fundamental privacy problems... without changing the Bitcoin protocol!

In a Payjoin transaction, the output amounts visible on the blockchain does not necessarily reflect the value of the payment that was actually exchanged. In other words, you can’t easily tell how much money one wallet sent to the other. This is great for users that are concerned a malicious third party may be attempting to obtain sensitive information about their finances without their consent. This does not however pose an accounting problem for the Bitcoin wallets involved in that transaction: since both wallets are aware of which coins they used as inputs and outputs, they are independently able to calculate the "actual" value of the payment that was sent even if the payment on the blockchain appears to be a of a different amount.

Payjoin breaks the common input ownership heuristic, an assumption used by hackers and fraudsters to track ownership of addresses on the blockchain. The neat thing about this property of Payjoin is that it benefits everyone on the network, not just the Payjoin users themselves.

It allows the receiver of a payment to opportunistically consolidate his utxos when he is receiving funds, in a way which does not necessarily appear to be a consolidation transaction on the blockchain. Depending on the configuration of a payment transaction, it can also make a regular payment look like a consolidation.

In addition to these benefits, the introduction of collaborative peer-to-peer transaction protocols opens up exciting opportunities for the creation of Lightning Network channels, as well as efficiencies for transaction batching.

How to use Payjoin in the Bull Bitcoin wallet:

It’s so seamless, you may not even realize you are using it!

To receive via Payjoin, simply navigate to the “Receive tab” using the network “Bitcoin” and you will see a Payjoin invoice. When you want to get paid, send this invoice to the payer, or show them the QR code. If the sender’s wallet is compatible with Payjoin, it will be up to the sender to decide whether or not they want to use Payjoin.

To send via Payjoin, simply paste the receiver's Payjoin invoice, or scan the associated QR code, in the Bull Bitcoin wallet. If you decide that you don’t want to pay with Payjoin, simply turn off the Payjoin toggle.

これnpmエコシステム使わないすべて手書きのクリプトです。nostrはこれともう一つのライブラリ系のnoble-hashでいけました！

ちょっとずつ妄想を記事に書き溜めてる

GM Nostr! 🌞

🎁 Announcing Keycast 🔑

A remote signing platform for teams.