Really, governments understand that if individuals are able to achieve financial privacy, it unlocks a lot of sovereignty for them.
And governments generally don't benefit from you having individual sovereignty.
They want you to have to fit within their paradigm to do things their way, because that's what benefits them as the people who want to have more control over individuals.
Lugano's Plan B podcast presents Privacy and Sovereignty, How to Achieve Them in Bitcoin, with Jameson Lopp and Set for Privacy.
What's privacy? What is sovereignty? Is there a correlation between these two concepts?
Right. Well, you know, privacy is the ability to selectively reveal yourself to the world.
Sovereignty, I would say, is the ability to act autonomously without asking permission from others in order to do what you want to do.
And the relationship between them, I look at it mostly from a security perspective, where the outermost layer of someone's security is their privacy.
And what I really mean by that is security is generally a series of defensive mechanisms that you have that are meant to stop an attacker.
And the reason that I see privacy as the outermost layer is that privacy, if done correctly, will hopefully prevent you from even being targeted for an attack in the first place.
Yeah, yeah, I would say I nailed the definitions.
I think the only thing I would add is just that in order to have sovereignty, just like he mentioned, you need security and privacy is really the means to an end.
Like it's you're not trying to achieve privacy just to achieve privacy, you're trying to achieve privacy because without privacy, you won't be able to act how you want, whether because someone is actually preventing you, someone is specifically targeting and attacking you, or even a phenomenon called self-censorship, where because you know you don't have privacy, you will actually act differently and limit yourself as a result of it.
So there's a lot of reasons why if you don't have privacy, you ultimately can't have the same level of sovereignty.
Do you see any promise in future in terms of privacy?
Yeah, I mean, I think it's been a wake-up call for us in the Bitcoin and really broadly the cryptocurrency ecosystem, because you also mentioned Tornado Cash, which is an equally important case for Bitcoiners, as well as people in the Ethereum ecosystem.
And ultimately, it's becoming very, very clear that governments across the world, both in the EU, we've seen prosecution against Tornado Cash in the Netherlands, and in the US, we have prosecution against Tornado Cash and Samurai White.
What we call it, really, governments understand that if individuals are able to achieve financial privacy, it unlocks a lot of sovereignty for them.
And governments generally don't benefit from you having individual sovereignty.
They want you to have to fit within their paradigm to do things their way, because that's what benefits them as the people who want to have more control over individuals.
And what we're seeing in these cases is they're both, honestly, insane when it comes to the basis of them.
I think the Tornado Cash one is maybe even a crazier example, because once the Tornado Cash devs deployed Tornado Cash, which for a quick kind of TLDR, it's a tool where you could deposit funds on the Ethereum network.
And when you withdrew funds, there was no link between the deposit and the withdrawal.
It provided very strong privacy with some caveats, but it was deployed in a way that the Tornado Cash devs, once they deployed it, they could not stop it or change it.
There was no way for them to prevent individual users from using it.
There was no way for them to edit the code.
Once it was deployed, there was nothing they could do.
And yet they're still being targeted on the basis of, because they decided to deploy it and they knew that bad people could maybe someday use it, that they are then liable for everything that happened with it.
And the precedence that could be set out of both these cases could make essentially building privacy technology on cryptocurrencies broadly illegal and easily prosecutable.
So it's a harsh reality, but it's one that's always been coming.
If we think that things like Bitcoin are actually going to give us more freedom than we had before, then those who would seek to limit our freedom are going to fight against them.
And I think we're kind of starting to get more and more heavily into that than they fight you stage.
So there are a variety of different privacy tools out there.
And there are even other Bitcoin privacy tools out there that have not been attacked yet.
It seems to me that you put yourself at much greater risk if you are a developer of a privacy tool who is seen to be directly financially benefiting from providing the service of financial privacy.
Because, of course, whenever you provide a service of financial privacy, governments and other authorities are going to come in and say, oh, you're doing money laundering, which is considered to be a crime.
Even though really what money laundering means is, oh, you're making it too difficult for law enforcement to do their job of tracking down and finding criminals who are moving money around.
But for example, you know, there's join market and that is a completely free open source piece of software that doesn't have a centralized coordinator.
And as far as I'm aware, does not like siphon fees off to developers.
So in that particular case, I think it's far more difficult for Department of Justice to come in and say, oh, you are directly incentivized to facilitate money laundering.
And, you know, maybe they'll eventually find some other reason to go after developers of that.
But at least in the United States, we still have the First Amendment and freedom of speech, which seems to include software development and releasing code for free.
I think that it's just that if you're going to be a privacy advocate, you need to be very careful about your own incentives from the state's perspective.
How can Bitcoin be used privately and does doing so enhance individual sovereignty?
Sure. I mean, this is a very complicated subject, but my initial point on privacy when using Bitcoin is I just tell people you should not assume any privacy whatsoever, because if you do want to pursue using Bitcoin privacy, it's a very high learning curve.
You really have to know what you're doing.
If you want to start going down that path, then I tell people, well, the first thing that you should do is at least understand which of your Bitcoin wallets are related to KYC services where you have already been identified and chain analysis could be used against you.
And which of your Bitcoin wallets, if any, have not.
So this is one reason why I think that broadly speaking, the best thing that we can do to improve Bitcoin privacy is to tell people to stop buying Bitcoin and start earning Bitcoin.
You know, you should be receiving it directly in a peer-to-peer fashion that's not going through centralized KYC services.
That helps improve privacy, I think, more than telling people to use any of the number of tools that perhaps Seth could talk about.
Yeah, definitely.
I mean, when we talk about Satoshi, I think that the main difference between then and now is that when Satoshi was around, there weren't any of the main touch points that are the ways that people are tracked today.
There weren't centralized exchanges.
There wasn't KYC.
There weren't these on and off ramps, which are normally the kind of gatekeeper where people are tagged and then their activity is completely tracked.
And that greatly helped him.
I mean, hopefully he wouldn't have used a KYC exchange if they had been around then.
But it was something that kind of the time that he was in was much simpler.
And even though there weren't privacy tools that we have now for Bitcoin, then that pseudonymity held up better because there was no way for him to link his identity.
And he was very cautious with his OPSEC outside of Bitcoin.
When it comes to Bitcoin, I mean, Jameson hit the nail on the head.
I think the lowest hanging fruit is if you can, as Satoshi talked about in the white paper, one of the very few things he talked about with privacy was don't link your identity with your Bitcoin transactions.
And so if you can avoid using a KYC exchange entirely, ideally, you can actually gain a reasonably good level of pseudonymity.
I would, I don't know if I could say privacy because a lot of data is still revealed about your transactions.
But at least there's no direct tie between I am Seth for privacy and these are the addresses that I've withdrawn funds to, which is a huge first step.
Once you get past that, things get much harder.
And I say that as someone who heavily uses peer-to-peer exchanges, which can be a little bit tricky to get used to as well, but really the next steps that you're going to want to take are going to be maybe running your own lightning node and starting to open a channel with non-KYC funds, even though lightning has its own privacy trade-offs, sometimes good, sometimes bad.
And then I would love to say CoinJoin as a way to break the history of coins, but it's tricky right now because Samurai Wallet, as we mentioned, is being prosecuted.
Samurai Wallet has been shut down as a centralized service.
Wasabi Wallet shut down their own coordinator and they moved essentially to just allowing anyone to run their own coordinator, which has its pros and cons, and I think there are some issues with that that have been ongoing.
Or you can use JoinMarket, which is a really fascinating tool, and it's one that I've been trying to learn a lot more about.
It's very costly in the way that it's actually architected to gain privacy, or it's very time-consuming.
You kind of have the choice between cost or time, whether you're going to be what's called a maker or a taker in the JoinMarket system.
So it can be a useful tool, but again, a very high learning curve for a lot of the more advanced tools.
And the one thing that I think literally every Bitcoiner can achieve is stop using centralized KYC exchanges.
Use things like RoboSats, which is lightning-only, and a really, really cool peer-to-peer exchange.
Use things like BISC, which is on-chain, and then they have BISC-2, which they're still working on, that supports lightning and on-chain.
Depending on where you're at, you could use things like HODL-HODL.
If you're in the EU, you could use things like Vexel, V-E-X-L, which is a peer-to-peer trading app.
There's a lot of options out there, and that's the best way to get your Bitcoin, or earning, like Jameson said.
That's going to be ultimately the even better way, because then you're not even making a financial payment in the traditional system.
You're doing work, and you're getting paid for it in Bitcoin, which is ultimately kind of the holy grail of acquiring Bitcoin.
If you accept Bitcoin payments, is it possible to be doxed even without sharing personal information?
What are your thoughts on this risk?
Yeah, I'll just quickly answer.
So on the peer-to-peer exchange side, the no KYC side, there are many, many people taking them.
I mean, there's been quite good volume on disk, good liquidity for many years.
RoboSats, yeah, there's not thousands and thousands of people swapping on RoboSats,
but every time I've wanted to buy or sell Bitcoin on there, I've been able to without any issues,
without even making an offer, just taking an existing offer.
Things like Vexel, I've heard fantastic things about.
I'm in the U.S., so I'm not able to use a lot of the European solutions,
but there are thousands and thousands and thousands, maybe even hundreds of thousands of people
who have used these things or do use these things.
It just has a little bit more of a learning curve than signing up for Coinbase, hitting buy,
and then hopefully withdrawing, maybe not withdrawing.
So it's a next step, and it requires more personal responsibility,
but it has a massive outsized impact on the privacy that you can achieve.
Well, yeah, I mean, it would depend on exactly what wallets they're using to send the money to you
and whether or not they're putting any of your personal information into some other centralized provider
that could then use that to tag and really aid in chain analysis services.
But, I mean, when I think of earning Bitcoin, I think of it more from like a merchant perspective
of like, I sell my own goods and services and, you know, hopefully run my own node,
run my own BTC pay server, accept funds directly in a more peer-to-peer fashion.
Seth, you are a strong advocate for Monero.
Why is that?
And given Bitcoin's limitations in privacy, why should anyone bother using it?
Yeah, I mean, it's a good question, and it's one that I've been kind of wrestling with finding the ideal solution with over the years.
I think the main thing that I've settled on is for the majority of people,
I think that there is extreme symbiotic benefit in using Bitcoin for savings and Monero for spending.
I think Monero could be a powerful tool for savings as well,
but it doesn't have the track record that Bitcoin does.
It doesn't have the network effect or liquidity.
So there can be some limitations if it's something that you're trying to store very large amounts of wealth in.
But Bitcoin obviously has been a good solution historically as a store of value,
but is very tricky, as we've been talking about, to actually make payments cheaply,
depending on if you're doing on-chain versus Lightning.
I know Lightning can be very cheap, but has its own on-chain costs if you're running it yourself.
And it has very poor privacy, both on-chain and often in the Lightning network.
It can have poor privacy, depending on many different things.
The Lightning network is hard to quantify exactly how good the privacy is.
So when I talk about using Bitcoin for savings, I think people clearly understand that.
But Monero provides a fantastic spending tool,
because you can very easily go back and forth between Bitcoin and Monero.
There are many centralized and decentralized exchanges.
Atomic swaps between Bitcoin and Monero,
if you want to do things in a really cypherpunk, trustless way,
where you actually either swap or you don't,
and there's no way to lose the funds either way.
And because you can move easily back and forth,
you can do things like, let's say you normally spend like $500 every month with cryptocurrency,
and the merchants accept Monero.
Instead of using Bitcoin, you could buy $500 of Monero at the beginning of the month,
spend from it, top up as you need, and you gain very strong privacy.
The benefit of Monero over something like Dash that you mentioned,
or many other cryptocurrencies that claim to have privacy,
is that Monero is private by default.
So even if you know nothing about Monero, you know nothing about user privacy,
you're going to gain very strong financial privacy using Monero,
because everyone who uses it gets strong sender, receiver, and amount privacy,
because of the way that it's been engineered.
And that's really why it's such a powerful, easy, and private payment solution.
Specifically, again, like I said, it could be a store of value,
but focusing on the payment solution, because you don't have to think about it.
You don't have to jump through hoops.
You don't have to run extra software.
You don't have to find people to coin join with.
You just hit send, and you gain strong financial privacy.
And that makes it an immensely powerful tool.
And when I'm here, I'm not here for a number to go up.
I'm not here for regulators or institutions or banks.
I really want people to achieve freedom.
And I think that financial freedom is at the root of every other human right that we have.
And if we can achieve that, whether that be through Bitcoin,
which I think can be a fantastic tool and oftentimes is the right tool,
or through Monero, which for many people I think is the right tool specifically for spending,
that's just a win for everyone.
So I think that cypherpunks are pragmatic.
We use the best tool for the job.
And it does not help us to be overly idealistic about having to use Bitcoin for everything
and having to shoehorn Bitcoin into being the solution for everything.
Because, as Seth said, defaults are a very big deal.
And the default of Bitcoin is the exact opposite, the antithesis of privacy.
Everything is transparent and out in the open.
And so in order to fight against that, you have to spend a lot of time learning a lot of eccentricities of Bitcoin privacy
and exactly how the tools that can help you improve your privacy work.
Whereas, you know, if someone comes and says, you know, I need to make extremely private payments
and make sure that no authorities can de-anonymize them,
then rather than spend hours explaining how to use different Bitcoin privacy tools,
it's so much easier to say, just go use Monero.
It doesn't even matter which Monero wallet you use.
They all have great privacy.
And so, you know, this is the pragmatism side of when privacy is the top goal,
use the best privacy tool.
I've played around with pretty much every privacy coin out there.
Monero has withstood the test of time.
And there's, I think, no reason why it can't coexist with Bitcoin if they're doing very different things.
And, you know, to my chagrin, none of my privacy coins have done well from an investment perspective over the years.
And I think the short version of that is it's because, unfortunately, most people do not prioritize privacy.
But we can still use the tools as we need them.
The world appears to be shifting towards reduced privacy.
Do you believe preserving privacy is a cost worth fighting for?
Why?
Yeah, I mean, privacy is really an arms race.
It always has been.
There's a reason why it was called the crypto wars back in the 90s when a lot of the initial government oppression of privacy tools started.
And this battle was really started.
Like, I think people felt like the crypto wars were over when we got really good First Amendment approval of you have free speech rights around the code that you write.
But it's not the end because governments, as we've mentioned, they want to limit your freedom and they want to force you to fit within the paradigms that they want.
And privacy gives you the freedom to break out of that mold.
So there's going to be pressure against it.
The kind of surprising silver lining is that every time a government cracks down on privacy, you end up in this endless feedback loop.
Where the more they crack down, the more people realize that they actually should be achieving privacy, because it's clear from the government's hatred of something that isn't a malicious thing, that this is something valuable.
So you have more people get into privacy tools, you have more privacy tools created that are easier to use and better.
And you kind of end up in this endless feedback loop where then governments decide, okay, more and more people are using this.
Now millions of people are using Signal.
We can't have people using instant encrypted messengers.
And they try to crack down on that and it makes it more and more apparent to the average person that governments are not out for our best interest in most cases.
And they're out for their own best interest and it helps to wake up a lot of people to that fact.
It's painful that a lot of times people have to experience pain or see oppression to understand the need for personal privacy.
There's often not a felt need for personal privacy, especially in the West.
But the more and more governments crack down on it, the more and more people will wake up to that need.
I believe the Cypherpunk Manifesto said something to the extent of that we should not expect governments, institutions, or faceless corporations to grant us privacy out of the goodness of their hearts.
So Seth talked about why governments don't want to do that.
Basically governments want to surveil everything that we're doing just in order to catch the citizens who are being disobedient, who are doing things that the government doesn't want them to do.
But it's far worse than that.
And from many perspectives, our loss of privacy, to a great extent, is a result of corporate surveillance.
And this is not something that is done out of maliciousness, but rather out of incentives and capitalism.
And the fact that our data about our lives and our activities is extremely valuable from a marketing perspective, and I know this firsthand because I spent the first decade of my career working as a big data engineer for an online marketing company and processing huge amounts of raw analytics data to help marketers sell stuff to people.
And so I'm well aware of just how little privacy we have by default as we go about our daily lives on the Internet.
And it's an issue of incentives where I find this is problematic to try to get across to people exactly what is at risk.
This is true for both privacy and security, mainly because the average person is really busy just trying to stay afloat, trying to take care of their daily tasks, trying to deal with whatever their Maslow's hierarchy of needs are, put food on the table, pay the bills, so on and so forth.
When you try to explain to people these more abstract concepts of, well, if you aren't proactive about your security and privacy, these bad things might happen to you in the future, most people's eyes just glaze over and they're like, I don't have time to deal with that.
So this is partially why I'm blackpilled on trying to convey to people that they need to adopt privacy tools.
And rather, I think that if we want people to increase their privacy, we just need to bake it into the tools by default, like Signal and WhatsApp.
People mostly don't use those because of the privacy.
They use them because of the user experience and the network effects.