WBD518 Audio Transcription
Bitcoin Privacy with Matt Odell
Release date: Friday 24th June
Note: the following is a transcription of my interview with Matt Odell. I have reviewed the transcription but if you find any mistakes, please feel free to email me. You can listen to the original recording here.
Matt Odell is host of the Citadel Dispatch and venture partner at Ten31. In this interview, we discuss why each additional positive act of privacy protection improves Bitcoin's resilience and value. Perfecting privacy is not the goal; making a start is, as we don’t know what the future holds.
“I’ve already come to the conclusion that with or without me, with or without you, with or without anyone in this room, Bitcoin will be the money of the world. So it’s up to us to make sure that it’s actually freedom money and not cuck money.”
— Matt Odell
Interview Transcription
Peter McCormack: Hi, Matt.
Matt Odell: Hi, Pete.
Peter McCormack: Hi, man!
Matt Odell: Cheers.
Peter McCormack: I'm going to get told off. I get told off sometimes in the comments for drinking. Yeah, so when we book the Airbnbs, the first thing we look for is the table! We go through all of them, "Is that a good table?" When we find a good table --
Matt Odell: Yeah, because you can't travel with something like this.
Peter McCormack: Can you imagine, just turn up with a table on your back!
Matt Odell: I mean, I thought the flex might be that you just bought the table.
Peter McCormack: That would be a flex.
Matt Odell: You show up in a new town, buy the table, leave six days later.
Peter McCormack: Leave the table with them. Do we ever leave stuff?
Danny Knowles: A printer, we've left a printer.
Peter McCormack: We've left a printer, that's it. But luckily, most houses these days come with tables, it's a standard thing, tables and chairs and knives and forks.
Matt Odell: There you go.
Peter McCormack: Yeah, man. We're working on a fixed location now.
Matt Odell: Fuck yeah!
Peter McCormack: Yeah, and I know you want me to come to Nashville, because you were talking about it a lot last night.
Matt Odell: A fixed location in America?
Peter McCormack: Yeah, because I mean I've got a location in the UK.
Matt Odell: The Bedford Stadium!
Peter McCormack: No, I wouldn't do it there; you would not do it there! That would take the production out! I think it's going to end up being a UK and US, just one in the US, and we won't travel around anymore, it's a bit easier. Anyway, man, how are you?
Matt Odell: Anyway, you should do that in Nashville; consider it.
Peter McCormack: It's tempting. Yeah, I mean I like the people there.
Matt Odell: I mean, Austin would be a better fit for you, because it's more crypto friendly.
Peter McCormack: Is this how we start? All right! All right, let's fucking go.
Matt Odell: Shots fired.
Peter McCormack: Shots fired.
Matt Odell: Well, we're drinking this delicious whiskey, I just wanted to thank you for this whiskey.
Peter McCormack: Don't thank me, who bought it? Did you buy it?
Danny Knowles: I bought it.
Peter McCormack: Thank Danny.
Matt Odell: Thank you, Danny.
Danny Knowles: You're welcome.
Peter McCormack: Are you going to charge me for it?
Danny Knowles: Yes.
Peter McCormack: Okay then, thank me! Yeah, fuck you, firstly, and no, I like Austin, there's a lot of people I like there.
Matt Odell: Yeah, there's a great crew. Austin's very strong.
Peter McCormack: But Nashville has a very strong group of people.
Matt Odell: It's not a competition, you can't go wrong.
Peter McCormack: It is a competition; they're both strong. It's like choosing between children, it's very hard.
Matt Odell: I would hope choosing between children's more difficult!
Peter McCormack: Sometimes it isn't!
Matt Odell: I wouldn't know yet.
Peter McCormack: Yeah. HODL knows what I mean by that. How was Oslo?
Matt Odell: Oslo was fucking awesome.
Peter McCormack: I had so much FOMO.
Matt Odell: Yeah, you were missed. I mean, I've been working with HRF -- so, Oslo is the Human Rights Foundation Freedom Forum. I've been working with HRF now for almost three years with training their activists on how to use Bitcoin, and every year Alex Gladstein, the Chief Strategy Officer, gets more and more of the content focused on Bitcoin.
So, this year, maybe 80% was human rights stories, and then 20% was the Financial Freedom Track, is what they were calling it. And then, of that Financial Freedom Track, 80% was Bitcoin. So, there was a great crew of bitcoiners there. All my work with HRF is always a super-humbling experience. It always reminds you why this mission is so important, why people need better money, why people need better privacy and just digital privacy and digital sovereignty in general. So, their stories are always extremely touching, it's great to actually work with them hands-on.
We did clinics, we did workshops where we trained them how to install their first Bitcoin wallet, receive Bitcoin, send Bitcoin, backup, restore. Then we went into depth on privacy, and it's just always extremely rewarding. It's probably the single -- I mean, I do a lot of things in Bitcoin, but it's the single most rewarding thing I do. If I was going to drop everything except for one thing, that would probably be the thing that survived. I mean, it doesn't pay the rent, I did it all for free, so that's not going to happen! But in that theoretical world, Bitcoin at $1 million, that's all I would do.
Peter McCormack: Big shoutout to Alex Gladstein as well, it's a really important layer of work he's doing, often out on his own at times early on, trying to fight for Bitcoin on a human rights side of thing and push it to influential and important people who cover human rights. He's done some great work over the last few years. I think I've been to four of their events now; that was the first one I missed. I was really gutted to miss it, gutted because I usually see some really great humbling talks. But actually, there's a growing core of bitcoiners who go to these events, and I was just seeing all these pictures of my friends and I was like, "I wish I'd have been there". But it looked great.
Matt Odell: Your first one was in New York with me?
Peter McCormack: No, I went to one before, I think the one I did in Oslo before that.
Matt Odell: There was one in Oslo. This was my first time actually going to Oslo.
Peter McCormack: Yeah, so I did Oslo, New York. I think we then went online, and then I went to the one in Miami. Yeah, Miami.
Matt Odell: Yeah, it was last year.
Peter McCormack: Yeah, and then I missed this one, but I'll be back next year; I look forward to it. But just a big shout to Alex. Anyone listening should go and check out everything he does, and check out the Human Rights Foundation.
Matt Odell: Yeah, the whole Oslo Freedom Forum, all those talks are online if you go to oslofreedomforum.com, so everyone should check it out.
Peter McCormack: Yeah, so missed it, sad, but here we are back travelling, good to see you again. Couple of things I want to talk to you about.
Matt Odell: Last time we ripped in person, it was a lot less professional than this.
Peter McCormack: It was me with a little trolley and two mics, a zoom.
Matt Odell: In my apartment in Brooklyn.
Peter McCormack: In your apartment in Brooklyn. We drunk that day thought, didn't we?
Matt Odell: Yeah, all of our episodes pretty much are just different levels of trash. This whiskey's 120 proof, so we've got to be very careful.
Peter McCormack: What does that mean?
Matt Odell: It means it's 60% alcohol.
Peter McCormack: Okay, that's pretty strong.
Matt Odell: The proof is double. I don't know why that's even a system and they don't just say 60%.
Peter McCormack: Yeah, that would be more logical.
Matt Odell: It would make more sense.
Peter McCormack: There'll be some weird old rule to it. And what was the deal with it? This was from Prohibition era.
Matt Odell: I mean, HODL said supposedly that this was legal during Prohibition because it was too alcoholic, so it was treated as medicine, antiseptic.
Peter McCormack: All right, well we've got American HODL in the room here also, so thank you for that. Okay, Danny, when we were preparing for this show, he said, "My favourite shows with Matt are the ones where you argue", and naturally we're going to argue.
Matt Odell: Well, we can manufacture that, then we're just going to agree on everything.
Peter McCormack: We will just argue anyway because you'll get angry when you realise I'm right! There is something I did want to talk to you about, there's a few things I want to talk to you about. The first thing I want to talk to you about is the difference between 21 million and privacy.
Matt Odell: What do you mean?
Peter McCormack: I think they serve two very different purposes and they can be approached in terms of education differently. The reason I do that is because I think there is a wider macro benefit to the 21 million that can benefit individuals.
Matt Odell: So, when you say 21 million, you mean fixed auditable supply; that anyone can verify how many Bitcoin there are, how many Bitcoin there ever will be?
Peter McCormack: Yes. I think that's very important on a large macro scale, but also to an individual once we get out of these volatile times and the liquidity's higher and the price stabilises. I think there's a benefit on a macro level to nations becoming more financially responsible, but also for individuals to be more secure in what they're holding.
I think that's one thing and I think privacy is a separate issue that affects some people differently, and I think we have a wide range of people who you would argue, and rightly so, should care about their privacy, but I don't think they do; and I therefore think, you can attack those in terms of education separately. I want you to tell me why I'm wrong.
Matt Odell: Yeah, I mean I don't think you can really separate the two. Good money should be able to be spent at will and saved at will; it needs to do both. So, there's a bit disconnect to the Bitcoin community, because you have a lot of people that are pure "fixed supply over all else", or store of value; there's people that say, "Bitcoin is the ultimate asset for savings"; and then, there's people that say that, "Bitcoin is digital cash".
Then, there's a smaller subset, that's like the Venn diagram of a combination of the two, and that's where I sit, right in the middle, because you can't have one without the other. So ultimately, when we talk about the way Bitcoin works, people don't understand why that token exists, why does the token Bitcoin exist? The token Bitcoin exists because the whole point of Bitcoin is to have money that is separate of trusted third parties. If you have money that's separate from trusted third parties, you need a native bear token; because if you don't have a native bearer token, in this case Bitcoin or sats, you're relying on some kind of issuer to -- you're trusting that issuer to provide it.
A good example would be DeFi projects on Ethereum that are using USDC. They're not using a native bearer token, so as a result they're trusting Circle and the rest of the USDC Consortium, like BlackRock and shit, to maintain that piece of value. So, no matter what, they can never get rid of that trusted third party, so you need a native bearer token.
That token is used to pay miners who are securing the network without a trusted third party. So, miners can just join the network permissionless and receive tokens for the work they provide. That token needs to have some sort of value, because if doesn't have value, then we're not actually sending money around the world; the token needs to have value. Ideally, the token increases in value over time. Some might say that in a perfect world, it would be absolutely stable, but I think the key value prop is that over time, it shouldn't decrease in purchasing power. If you hold this thing over 10 years, 20 years, it should go up in value.
We come back to censorship resistance, we come back to being able to spend or save without a trusted third party, without permission, and the privacy aspect then affects that censorship resistance; because, if you have Bitcoin that you've saved, and let's say it's increased in purchasing power, at some point you want to actually leverage that purchasing power, you actually want to use it. I mean, holding savings is also using, but you're going to actually want to spend it on things that you need, necessities in life.
When that time comes, if you don't have privacy in the system, then you're going to have trusted third parties that are basically going to dictate whether or not you can spend it on what you want to spend it on.
Peter McCormack: Potentially.
Matt Odell: Are they going to do that within the protocol? No, they don't do it within the protocol. They don't have a button they can press to seize your Bitcoin, or button they can press to block your Bitcoin and stop you from spending it. But if they can see how much Bitcoin you have, when you spend it, where you spend it, then they can do the good old-fashioned gun to your head, and compel you to either not do those activities, or punish you if you do those activities, and most people will just fall in line.
In that situation, all of a sudden the value prop of holding Bitcoin gets hurt, in my opinion. Then, all of a sudden, that store of value property starts to fall apart; because, if investors or holders, or whatever you want to call them, people that are saving money in Bitcoin, think that they might not be able to spend it in 10 years or 20 years or whenever they need to spend it, then why are they holding it in the first place; why does it actually have any value?
So, to me, the whole thing is interconnected. And the beauty of Bitcoin is everything has trade-offs, but the trade-off balances try and get you as close to the best of birth worlds as possible.
Peter McCormack: So, I agree with you for an ideal best form of money. What I was really coming at with this is that the scenario you're talking about, it's kind of a worst-case scenario.
Matt Odell: It's kind of already happening. We have 99% of new users coming in on fully regulated exchanges, all their addresses are known, they're not using any privacy tools after the fact.
Peter McCormack: But what I'm saying is, that worst-case scenario where a gun's held to your head and they say, "You have to spend this, or spend it here", that's a worst-case dystopian nightmare future.
Matt Odell: I'll use two political hot button issues in America. Right now, the US Government has the capability of telling people, "You cannot use Bitcoin to buy guns and you cannot use Bitcoin to pay for abortions". Will some people still use it for those things? Yes, but the overwhelming majority of people, if they tried to use it for those two things, it would be obvious and then they would get punished after the fact. They would end up in court, maybe jail time, maybe fines, however you want to do it. They can do that right now to 99% of the new users who come in, because they're just not aware of the privacy trade-offs; and the privacy tools, a lot of people aren't using them, the overwhelming majority of people aren't using them.
The tools are there, they're better than ever, the education is there, it's better than ever; but there's a disconnect, and my optimistic take is that the disconnect is because ultimately, Bitcoin is a system without rulers, it doesn't have a top-down command-and-control structure, so usually the way it evolves and the way users evolve is, they feel pain. As they get burned and they feel pain, as the system gets attacked, it gets stronger and more robust, users learn, they get better.
So, I expect these sorts of censorship attacks to happen, external censorship attacks to happen; and then as those things happen, then all of a sudden the privacy equation becomes much more important both to individual users, but also to just network participants as a whole.
Peter McCormack: And, do you think this is the scenario whereby Bitcoin is well-distributed, well-used, but not necessarily in a hyperbitcoinisation situation, in a scenario where perhaps the state still has a lot of control and hasn't been forced to reduce in size?
Matt Odell: Look, I mean Bitcoin's a protocol, anyone can use it, people can use it however they want to use it. No participant can tell another participant how they can or cannot use it. I think, in this scenario, to me the concern is, I think Bitcoin will be successful, I think it will be the money of the world. We could end up in a situation that is kind of similar but different, same but different than our current situation, where the way elites interact with Bitcoin, the way the ruling class interacts with Bitcoin is different than the way the average person interacts with Bitcoin.
So, you would see a world where 90% of Bitcoin users are in this fully compliant, controlled system, and then you have maybe 5% of people that are essentially criminalised, because what they're doing is against their local laws; but they're savvy enough to actually do it. Then, you have 5% that is just the wealthy elite who can just do whatever the fuck they want, because they have the money and the laws are made to benefit them, and they use whatever legal loopholes, like already exist today. They have an island corporation, or a Bahamas corporation that's doing this and doing that, and they're keeping it in shell corps and different banks and stuff. They'll have privacy.
But the average user, the majority user, the mums and pops, the people that are just working paycheque to paycheque, those people will be in a completely compliant-capture system. At least they'll have a better money that holds purchasing power over time, as opposed to the current system, and they have the ability to potentially educate themselves and learn how to opt out. But then, essentially they become criminals; they'll be criminalised in terms of that respect, but they'd have that option available to them. So, it would be slightly better, or maybe even significantly better, but I don't think it's the compelling vision that a lot of bitcoiners hope to see in the future.
Peter McCormack: Yeah, I hope it's not such a dystopian future, whereby I'm worried about -- I mean, look, there's always going to be certain things. You've listed two edge cases there, highly relevant to the US, not edge cases that are so relevant, say, to the UK where I am.
Matt Odell: Well, let's say you're in Iran or something, and you're trying to buy a book about gays or something.
Peter McCormack: Yeah, I think there's different edge cases by country, and the UK will have its own edge cases. But the point I was trying to get to is that I think right now, and this is probably where we'll go at it a little bit, I think privacy is hard on Bitcoin. What I mean when I say it's hard, I've been through your tutorials, I've read various things, I always feel like I'm just going to fuck something up here; somewhere along the line, there's going to be a mistake I'm going to make. I'm not going to have the right privacy on my node, I'm not going to be using Tor in the right way.
There's so many different intricate parts to it that I'm pretty sure I'm going to screw something up. So, I've kind of accepted now that I just don't really have it at the moment. It's not that I don't want it, it's not that I don't think anyone should have it, it's just a bit tricky. But at the same time, I can still benefit from the 21 million.
Matt Odell: I mean, it's yet to be seen if you can benefit from the 21 million, because we don't know if you're going to be able to spend it in ten years.
Peter McCormack: That's in a scenario therefore though, so we still have sovereign currencies and Bitcoin is being attacked at state level, because they don't want you to spend it at all.
Matt Odell: Bitcoin has not been attacked yet really. It will get attacked more, first of all; maybe not the US, but a lot of states will attack it. And it won't just be states, it will be corporations. I mean we see today in the digital privacy world, one of the main attackers are these corporations that monetise our data. They monetise all the data, Google, Facebook, Twitter, TikTok, and they're basically these corporate surveillance machines, they make a bunch of money off of it, and then they end up partnering with governments, or getting compelled by governments, or selling that information to third parties, who then do the same.
So, we will be a bit of a corporate state partnership type of situation, and depending on where you are in the world, it could be different for your threat model. But to go back to what you said, it's very interesting that you said that, because this is not obviously the first time I've heard that. The meme with privacy is always that people say, "I'm not concerned, because I have nothing to hide".
Peter McCormack: That's not what I'm saying.
Matt Odell: No, I know, one sec; that's not the real thing I hear. What I usually hear is, "I am so fucked that I'm going to screw something up anyway, so it's not worth me dealing with it". What I would say to that is, ultimately this is not just a Bitcoin conversation, this is a digital privacy conversation, and it's easy to feel overwhelmed in the current state that we're in, in terms of our digital tools. Everything around us is a panopticon, everything's spying on us, it's all connected. You make mistakes, they last forever, you know, the Streisand effect. You put something on the internet, you're probably not going to be able to get it off.
It's even worse with Bitcoin, because you have this ledger, the Bitcoin blockchain, that should outlive all of us, this immutable ledger that can't be changed. So, you hear this a lot, and it's completely reasonable to be overwhelmed. But what I would say is little improvements do help, perfect is not the goal; the goal is not perfect. The goal is to make small improvements, and if you're talking about on the privacy side, a perfect example in privacy on the Bitcoin side is taking your Bitcoin off of exchanges and holding self-custody yourself.
Peter McCormack: I do that.
Matt Odell: Now, is that a massive privacy benefit? No, but obviously it's a better benefit than someone else holding all your keys and knowing every single transaction you make; you're taking a step in the right direction. And then, if I would say on the digital privacy world, it would be like unplugging your Alexa, don't have a smart home assistant in your house that just has a microphone on all the time.
I'm not saying you need to be Jason Bourne, you don't need to be like Jason Bourne, you don't have to be like a secret agent, but little things around your daily life: reducing your reliance on Google; reducing your reliance on social media; not sending your DNA to some third-party company. These things make a significant difference both individually, but at scale it helps everyone, because at scale you're basically hurting this mass surveillance mechanism that is that place where almost everybody's information is just constantly being sucked up and stored forever. And then, it might not be used against us today, it could be used against us in 10 years, it could be used against us in 20 years, you don't know what the situation will be at that point.
Peter McCormack: Yeah, I wonder whether it's edge cases that are banned, you've given them, or it's a full-blown attack, they don't want you to spend any Bitcoin, like holding or spending Bitcoin is considered criminalised. But I think at that point, it almost loses the majority of its value. That becomes a really viable scenario.
Matt Odell: I don't think so. I think, once again, Bitcoin means different things to different people. I think long term, it loses its potential; but I think short term, first of all it's way easier to capture Bitcoin than it is to kill it. Every day that Bitcoin survives, it gets stronger. Capturing Bitcoin is relatively easy, and it's not 100% effective, but you can capture a lot of people relatively cheaply, relatively easily. You make an example out of a few people, most will comply.
We saw that with 2020, with all of the COVID responses, stuff like that; we see it all the time. So, capturing it is easier. Corrupt politicians, rich businessmen, can also make money on captured Bitcoin, they really can't on destroying Bitcoin. So, I don't think it's going to be a scenario where they actually go for the kill shot, try and kill Bitcoin, and I don't think any government can right now. Maybe if the US Government put everything they had to do it, but they will never do that; that's just not even a realistic possibility.
But capturing it is happening today. Like I said, 99% of people are coming in on these KYC-regulated onramps; a lot of them are giving them custody, giving full ID information, social security number, everything, fully linked to their ID. But there's a group of bitcoiners that have come in as Bitcoin adoption has increased, and they're more corporate, they're more regulatory-friendly. You always hear the words "regulatory clarity", you don't hear "government attack on Bitcoin".
For those people, Bitcoin becoming more captured could be a buy signal. So, as it happens in the short- to medium-term, Bitcoin can pump on that news. There's a bunch of massive institutional funds and rich people who are waiting on the sidelines basically for the all go-ahead, "You can hold Bitcoin, just don't spend it on anything we say you can't spend it on", and they're already living their lives not spending their things on things they're not allowed to spend it on, so they're cool with that. Price pumps, Bitcoin looks like it's doing really well, but as that's happening, the majority of people are getting captured.
Now, in that scenario when I work it out in my head, I still think Bitcoin becomes the reserve money of the world; I just think it's a more dystopian scenario. That's why when people say, "Matt, if you care about digital privacy, why is your focus on Bitcoin, where it seems like privacy is maybe a secondary priority of third priority?" The reason is because ultimately, it's not up to me whether or not Bitcoin is the successful money of the world; I've come to the conclusion that I think that's going to be the case.
So, what is the most productive place to focus my time, both for myself and for the movement? Because, I'm thinking for myself, but I'm also thinking about my grandkids, right. I don't want them to have cuck money, I don't want them to have fully regulated surveillance money; I want them to have freedom money, I want them to have money that they can control.
So, where's the most productive places that I can put my time? That's on ensuring that Bitcoin users are more aware of the trade-offs, that tools that are helping users maintain financial privacy are getting supported, that those developers are getting feedback, that they're getting funding, that users are getting education. That's why the focus is there, because I've already come to the conclusion that with or without me, with or without you, with or without anyone in this room, Bitcoin will be the money of the world. So, it's up to us to make sure that it's actually freedom money and not cuck money.
Peter McCormack: And privacy isn't just important to avoid state capture around rules that we can't use it for, it's just a fundamental right.
Matt Odell: Right, and even if you just do, in general practice -- I mean, we talked about HRF earlier. I met people whose parents were in jail for thinking things that were against the Chinese Government. These are very real issues for people today.
Peter McCormack: It's a real issue in the UK!
Matt Odell: And we saw with the Canadian Truckers, right, their bank accounts were getting frozen, GoFundMe was getting frozen. If we go back even to just a simpler, way, way more fundamental transaction, if I'm getting paid in Bitcoin -- and this is the thing. A lot of people that talk about these things aren't getting paid in Bitcoin. More and more of my income is Bitcoin, so I am getting paid in Bitcoin. If I'm getting paid in Bitcoin, my boss shouldn't know what I spend my money on. And if I go buy a sandwich, the sandwich shop owner shouldn't know how much I make. That is fucking ridiculous.
So, I think for most people, if they see that, they understand, especially the older generations; they've been using cash their whole lives. Unfortunately the younger generations basically just chose not to use cash. They're used to that as a privacy setup for them, a basic financial privacy when it comes to transactions.
Peter McCormack: But they're used to the fact that if they hand over cash, the person they're buying the sandwich off doesn't know where that cash went previously.
Matt Odell: Correct.
Peter McCormack: They're used to, if they spend on their card, again they can't see that --
Matt Odell: Instead, 30 corporations are tracking you and selling your data and shit.
Peter McCormack: In a different way, yeah.
Matt Odell: Credit cards are surveillance cards as well.
Peter McCormack: Of course, but what I'm saying is there isn't that connection, there isn't this log chain.
Matt Odell: Right, the shop owner doesn't necessarily --
Peter McCormack: Yeah. So, there's a lot for people to learn, it's a big step.
Matt Odell: 100%.
Peter McCormack: And, I think Bitcoin becomes the money of the world. What I would say to you, as a friend, saying I just don't know how many people are really going to make this effort. We've got, whatever, 3 billion on Facebook; they obviously don't care about privacy because they're on Facebook.
Matt Odell: I wouldn't say that, but yeah.
Peter McCormack: Well, I think everyone's perfectly aware.
Matt Odell: No, I think a lot of them aren't aware of the trade-offs.
Peter McCormack: Really?
Matt Odell: Look, we've never been -- in the greater digital privacy conversation, we've just never been in this situation before. People have never had this much of their lives digital. So, what's going to happen is every year, there's just going to be bigger and bigger leaks, people are just going to get more and more fucked. And as that happens, it will become more obvious to people. But I think the overwhelming majority of people that have an Alexa in their home, or whatever, they don't think of it as a surveillance device, they don't think, "Oh shit, that random conversation I had with my wife three months ago got leaked, because some hacker stole it from Amazon and posted it on the internet".
Peter McCormack: But I do think these hacks and these devices, people are becoming more aware.
Matt Odell: Yeah, they are, but they're not yet.
Peter McCormack: But I think there's an ambivalence to it sometimes as well. It's almost an acceptance, "All right, fuck, I'm being tracked everywhere. I accept Google tracks --"
Matt Odell: I see it every time a new hack happens, a new leak happens, you see more and more people start to take steps to improve their situation; it happens every time. Does everybody do it? No.
Peter McCormack: It's hard as well.
Matt Odell: Maybe 5% of people that are affected, and the thing is, it's not even just the people that are affected. If your father or your neighbour or someone has their identity stolen, gets completely fucked, that's a wakeup call for you as well, right.
Peter McCormack: It's a hard transition; I've tried it a couple of times. There's been times where I've gone to DuckDuckGo instead of -- they're fucked now as well, aren't they?
Matt Odell: They are a little bit, yeah. But they're still significantly better than Google.
Peter McCormack: But the results kind of suck.
Matt Odell: Because they don't spy on you as much.
Peter McCormack: They just kind of suck. You have it with your phone, if you choose not to have, say, an iPhone, if you want one of the Android phones.
Matt Odell: Do you Google the Android?
Peter McCormack: Yeah, and then there's --
Matt Odell: Trade-offs; everything has trade-offs. At the core of the privacy conversation is, the main trade-off is convenience versus privacy. If you want the most convenient situation, it probably comes at the sacrifice of privacy. But one of the beauties of Bitcoin to me is that on the trade-off balance of security and convenience, Bitcoin goes way on the security side, and you see this with shitcoin land, where you see super-centralised chains, like Solana that has cheap fees, that maybe has more user-friendly stuff involved, because they're centralised. That's at the sake of security and robustness, right.
Bitcoin has chosen the opposite, because it's a main protocol. It's a protocol layer, it needs to survive everything else, otherwise we're just building on quicksand. To me, you have this base protocol and then you have all these different ways of interacting with it on top of it, and there's going to be trade-offs along all of them. And the cool part is, for the first time in human history, you basically can use this money protocol with the trade-off balance that you choose to use.
If I want to use dollars today, I don't have many options. I can use cash, I can use credit card, or I can use the digital payment apps. There's really not that much -- there's a big trade-off difference between cash and the two digital payments, but whether you're using a Visa card or an Amex, or Venmo or PayPal or Revolut, you're basically in the same exact type of trade-off situation.
Peter McCormack: What about stablecoins; same?
Matt Odell: I mean, I would say stablecoins obviously have a bunch of different trade-off balances. Most of them are just straight pegged. And issuer like Circle or Tether is just holding money in the bank, and they say, "One-to-one, if you have the token, you're trusting us" and you take that. So, you compare that to Bitcoin and you're getting some convenient factors, in that it's attached to a money that is currently the most desired money in the world, which is the US dollar; you're getting fast transactions; you're getting low fees.
But then your trade-off is you're not getting censorship resistance; you're trusting this third party. This third party is going to get regulated. They're in this grace period where they haven't been fully regulated like a PayPal has, but they will, that will happen. But they give you a different trade-off balance than something like PayPal and Venmo, and then Bitcoin's over here, gives you a different trade-off balance.
But my point is, with Bitcoin, users will be able to use it completely regulated, not censorship resistant at all; they'll be able to use it on the full other extreme, where they'll be able to use it privately, sovereignly, no one can tell them how to use their money, how to hold their money; and then, there's going to be a bunch of different variations in the middle that you're going to be able to choose from, rather than have a couple of large payment corporations that are all basically following the same rules that are set from above.
In the world, if you want to talk about fairness, I mean obviously I'm American so I've been talking about US regulators; but US regulators basically dictate how everyone else in the world gets to use their money. When you talk about KYC rules, there's KYC rules for exchanges. The reason BitMEX went down, even though they're based in the Seychelles, is because it wasn't enough for BitMEX to say, "Americans, you're not allowed to use it". America wanted them to take the identity information of every single person in the world, just to make sure they weren't American.
So, there's not just a sovereignty question for individuals here; the current financial system poses a sovereignty question for every single country on Earth and their citizens.
Peter McCormack: So, you're just the rulers of all of us, motherfuckers?
Matt Odell: Exactly.
Peter McCormack: So, someone like myself, who is a little bit ambivalent to things like this, maybe I've had this negative attitude where I've been previously, "I know I'm going to fuck something up, I know I'm going to get something wrong", what's your starting point? You said, "All right, get the stuff off exchanges".
Matt Odell: Self-custody.
Peter McCormack: I'm doing that, right. I'm set up, deep cold storage, multisig, cool, I'm completely protected. But what next?
Matt Odell: Well, I would say you've skipped a step with multisig. So, I mean I actually did --
Peter McCormack: What's the step I've skipped?
Matt Odell: Singlesig.
Peter McCormack: But I went on that journey though, didn't I?
Matt Odell: But I think that multisig for most people might be overkill. If you're a public figure, it makes sense to have multisig, because you don't want a single point of failure. But for most people, it could be overkill and you're doing the same thing; it's convenience for a security trade-off. Instead of a convenience versus privacy trade-off, you're doing a convenience versus security trade-off.
The scary thing about that though is, the convenience you're leaving is, there's no customer support line for Bitcoin. So, if you overcomplicate the way you store your Bitcoin, it's more likely you'll lose it. Nine times out of ten, it's people losing Bitcoin themselves, rather than it getting stolen. So, people should be careful about that trade-off balance, at least in terms of multisig.
Peter McCormack: Actually, that's why I prefer multisig though; I'm less likely to fuck up than a singlesig.
Matt Odell: I mean, I assume you're using a hosted multisig, right?
Peter McCormack: I'm not going to talk about what I'm doing.
Matt Odell: So, if you use a Casa or an Unchained, you have a third party --
Peter McCormack: That has a key.
Matt Odell: And they're walking you through it and they're making sure you don't make any user mistakes, obviously you're giving up privacy for that peace of mind. If you're doing it yourself, there are little things that you may fuck up, in terms of actually… Right now, if you do a multisig setup, it's not just the seeds, those secret words, that people use to backup their Bitcoin, you also need the information for all of your keys, so you're able to bring it back together. I'm not going to say the word; you need the xPubs of each key!
Peter McCormack: The what?!
Matt Odell: You need the xPubs of each key in order to bring it back together. So, you have more information that you need to store properly.
Peter McCormack: What's an xPub?!
Matt Odell: People can go back to our last episode if they want to learn what an xPub is, or they can listen to my show, Citadel Dispatch, on their favourite podcast app. But you need more information to do the multisig. So, there's more places where you can make a mistake or you can fuck something up and you lose your money.
I don't want to scare people out of using multisig, I don't want to scare people out of trying to use Bitcoin more privately; baby steps. But my point is, I don't know if for most people, if the best step is, okay, you come out and then you prioritise multisig. If anything, I would say maybe get more comfortable on singlesig, get more comfortable with privacy tools on Bitcoin, play around with the Lightning Network, understand that a wallet is not just a single balance, that it's really a bunch of UTXOs that have all come together that you can think of as like bills in your wallet; and learn how to use coin control and labelling and actually, "Okay, I received this Bitcoin from Pete, I received this Bitcoin from Danny, I received this Bitcoin from Coinbase, and Coinbase I know has completely tracked my identity, so I don't want the Bitcoin that comes from Danny, or the Bitcoin that comes from Pete to be attached to my Coinbase Bitcoin".
Peter McCormack: How are they attached? What, if you do a spend that uses both of those UTXOs?
Matt Odell: Yeah. So, when you spend Bitcoin, your wallet might show you a set balance, but it's really a bunch of little balances mixed together. And when you're spending, it's more than any of those individual things that make up -- so, if your balance is 15 sats, just for easy maths, and you have a bunch of 2-sat transactions in there and maybe a couple of 4-sat transactions and a 5-sat transaction, and you want to make an 8-sat transaction, you're going to have to combine a bunch of those together to make that transaction, because you don't have one that is 8 sats; you need to add the 2 and the 6, or the two 4s in order to get to the 8.
Peter McCormack: But for convenience, most people are going to be using the wallets that just don't do that --
Matt Odell: The wallet just does that in the background; that's just how the Bitcoin protocol works, but a lot of wallets will just do that in the background. And, when they do that in the background, what's happening is they're linking those transactions with each other. So, if you receive a transaction that is linked to your identity and then you receive one that isn't, and then in the future they get combined together and spent, not only do those both become linked to your identity, but also wherever you spent it becomes linked to your identity.
So, understanding at the base level how wallets work, two of the things here is first of all, education is obviously super-important; but improving the tools so we don't as much education, the tools actually implement best practices as much as possible, that they implement UX things that make it clear to the user that it's not just a single balance, that this is how it's working, that, "Oh, these are labelled, I know that I got these payments from these people".
Peter McCormack: And anyone listening that wants to learn about UTXOs, I did a show with Shinobi. I don't normally do callbacks for previous shows, but actually it was a brilliant show to understand UTXOs, so people should go and check that one out. I think Danny will put that in the show notes with the show number. But this comes back to that point of convenience.
Matt Odell: Convenience versus privacy.
Peter McCormack: And kind of security as well, in that it's a lot easier just to grab a hardware wallet that does it all for you, you've got to send something to an address, you send it and it picks it out for you. Thinking through every single UTXO that comes in and labelling it, and then when you're wanting to spend, again it's just a lot of work.
Matt Odell: And I would say, first of all, you don't have to be perfect. Try and improve your situation. I mean, for a lot of people, just holding their own Bitcoin keys in the beginning seemed insurmountable, now they're very comfortable with it. Bitcoin is a movement of personal responsibility, it comes down to the individuals. No one can force people to do anything and if they want to seek out the tools, they want to learn how to use them, then ideally we want to have them there, and I would just say that people should just get their feet wet, get comfortable; slowly come into it, slowly try and improve your understanding. Be humble enough to understand that none of us really fully understand how Bitcoin works or how to use Bitcoin, that we can always improve our setup, myself included. You can always improve.
Most of the shit I've learned about Bitcoin is just because I've made many mistakes along the way, and then you learn from those mistakes. But it's important to realise that there is a degree of, be prepared before you actually need it. Because, when it comes time -- so, I was talking to Roya, who's been operating a Bitcoin company in Afghanistan since 2010. She plays all her employees in Bitcoin and they're all women. They're all pushed out of the traditional banking system, they're not able to access their own bank accounts; they need a family member or man to open a bank account for them.
Since 2010, I guess her company started in 2010 and in 2013, they started using Bitcoin and she started paying them in Bitcoin. The Taliban come in, they take over. Their full financial system, everything that had been built up over the years was completely decimated basically, overnight, cut out from the rest of the world. Those women were prepared for that situation, they were ready for that situation.
She had a friend who was a well-connected politician in the post-Taliban, pre-Taliban era, and he never understood Bitcoin. He was like, "It doesn't make any sense. I have this full financial system at my fingertips, I can pay anyone anywhere. The UX is great, it's super-convenient for me". The Taliban take over, he loses everything, all of his assets. He has to flee his home with just a backpack. After that, he realised the importance of Bitcoin. I mean, he lost everything.
So, people will realise the need for this stuff eventually. The question is, how many people are actually going to be prepared before they need it, and don't get absolutely rekt; and how many people are going to be the opposite and they're just going to have to lose everything before they realise the need for it.
Peter McCormack: So, back to my last point though, whether it's singlesig or multisig, that's one of the first recommendations. Let's just keep it singlesig for ease of use or ease of explanation. Someone's bought their hardware wallet, they've moved their Bitcoin from the exchange. Where do you take people next? One thing I've never done, you're probably going to look at me and say, "What?" I've never done a CoinJoin.
Matt Odell: Right, I mean everyone's aware of that.
Peter McCormack: Yeah, I've still never done one. Is that something -- should I be moving it to one wallet and then doing a CoinJoin, and from the CoinJoin to a new wallet?
Matt Odell: I think you've got to play with the tools. You've got to use the tools and play with the tools and get comfortable with it. When you're talking about tracking Bitcoin, the whole thing is a probability game. So, every transaction that you make in Bitcoin is on this ledger we call The Blockchain. That ledger isn't saying, "Matt sent Pete money". It says, "These addresses came in on the input side", sometimes they'll just be one address, but like we said earlier, sometimes if you need to combine them, your wallet will put multiple addresses there. Then on the outside, it either goes to one address or it goes to two. When it goes to two, it's usually one is the payment and one is the change coming back to your wallet.
Now, there are these surveillance companies, these mercenary surveillance companies, they call themselves chain analysis companies, they are surveilling all Bitcoin users. They're using the KYC information, all this identification information you provide when you use a service, to basically connect these addresses to real-life individual names. They'll use other external surveillance, like IP addresses and stuff if you go to websites, this is why the whole digital privacy conversation comes into it, to link all those addresses to names.
Once they do that, the thing is with Bitcoin, unlike something like PayPal or Venmo or Cash App, you can actually send yourself Bitcoin. So, I can just keep sending myself Bitcoin; the protocol allows me to do that. So, their job basically is, they have all these people that they basically know which addresses are theirs and how much Bitcoin they own. Their job is, every time a transaction is made, to have a probability of, "Did that actually switch hands?" The first step is, "Did that actually go to someone else?" The second step is, "Okay, if it went to someone else, who did it go to?"
So, when you're talking about Bitcoin privacy, the whole play of successful Bitcoin privacy is that probability gets shattered, that they just are not able to have high probability estimations or guesses on when Bitcoin changed hands and who it changed hands to. So, the core of every Bitcoin privacy conversation is that, and that's why one main thing that people talk about is, "Okay, avoid KYC services".
If you avoid a service that you hand your full ID over to, if you just are earning Bitcoin and people are paying you Bitcoin, rather than using a regulated service, and if you're just spending Bitcoin instead of selling Bitcoin at a regulated service, you remove that whole ID information from the beginning part. All of a sudden, your job is a lot easier, as someone trying to use Bitcoin privately, and their job is much more difficult.
Then it comes down to, okay, let's say you've fucked that up already and whatever Bitcoin we're talking about, you bought it from a regulated service and you gave them full ID information; then the question is, "How do I break this probability?" They'll always know, those surveillance companies or their partners, governments they work with, authoritarians they work with, other corporations, anyone that information leaks to, will always know you had this much Bitcoin at this time.
But if you break those probabilities going forward, they don't know necessarily what you spent it on, and they don't know how much Bitcoin you have in the future. If you five years go by and you've made 2,000 transactions, and the probability of you handing it over to someone else, just that whole pot probability graph is broken, you're in a way better situation.
So, when we talk about CoinJoin, at its core, CoinJoin is a collaborative transaction. So, instead of just your inputs being on the inputs side, instead of your two inputs coming in to pay those 8 sats, you really have five people come in with you at the same time and on the outside, five people go out at the same time. Those can be any number; I'm just using five as an example, because that's what Whirlpool uses, which is one of the popular CoinJoin wallets. But you do that, and all of a sudden you're breaking that probability analysis.
There's other ways to break probability analysis. There's something called PayJoin, which is another collaborative transaction, where the sender and the receiver both provide an input. Then on the outside, they each get an output. Those look like a normal transaction wallet; the CoinJoin, because it has many participants, is pretty obvious on-chain. So, these things together, all of a sudden you start breaking this probability graph. So, I would say the first step is basically getting comfortable with this as a concept.
Peter McCormack: Why is a CoinJoin obvious?
Matt Odell: Because if I just send you a naïve Bitcoin transaction, it's a couple of inputs on this side and then there's two on the outside; I'm paying you and I'm taking my change. Everything I'd use is heuristics. If I do a CoinJoin, the most common type of CoinJoin right now is if there's five of us here and we're all doing a CoinJoin -- let's just say there's two, you can do a CoinJoin with two people. Me and you both put in equal amounts. So, on the input side, it will be equal amounts and on the output side, it will be equal amounts. You see that, you can guess it's a CoinJoin.
Now, it could be someone CoinJoining with themselves; I could just put all my own inputs in. But the point is, a CoinJoin type transaction happened there. And if you use other chain data, depending on how the person did it, you might be able to tell that they used their own funds, rather than had different sources of funds.
Peter McCormack: Danny, is it Whirlpool that you used?
Danny Knowles: No, Wasabi.
Peter McCormack: Wasabi.
Matt Odell: So, Whirlpool and Wasabi have differences, but they both use these equal amounts. So, you have equal amounts on the input side and you have equal amounts on the output side, so it's obvious on-chain.
Peter McCormack: You see, I think what will end up is a world of two bitcoiner types generally, I'm going to be quite genetic here, and you're going to encourage me to jump from one to the other; but there will be the person who acquires their Bitcoin on a KYC exchange, they use a Ledge, a Trezor, a COLDCARD to store that Bitcoin and when they spend it, they will just spend and they just probably won't get much of this.
Then there's going to be people who go down the privacy rabbit hole and they start looking at all these different things and they start improving things and maybe CoinJoining, etc. But I do think there's a world where there's just a lot of people who will do things that probably you don't like, like keep on exchange, use custody services.
Matt Odell: They can do whatever the fuck they want to do.
Peter McCormack: Of course, but I wonder what kind of minority it is that actually go on this journey, and whether these things end up becoming baked into it makes life a lot easier for people. And how important is it? Is it important that we have 20%, 30%, 40% of people doing stuff like this, or does it just not matter?
Matt Odell: It does matter. So, first of all, it's a little bit too technical for this conversation --
Peter McCormack: Try me!
Matt Odell: -- but, there's a bunch of differences between Wasabi and Whirlpool. But with Wasabi, not all the input side are the same amounts. But on the output side, everything is the same amounts. So, that's the key; the key is, on the outside side -- and Wasabi specifically is a 99-person transaction. So, there's 80 outputs that are all the same amount; very, very obvious on-chain.
The way I look at it is actually, most people, as Bitcoin becomes more of a standard, people are going to realise the privacy thing is important, they're going to realise, "I don't want to pay someone and have them know exactly how much money I'm holding, how much I make".
Peter McCormack: Of course.
Matt Odell: I already see that first-hand, because people know that I'm aware of how a lot of this shit works. So, when people pay me, they're worried about giving up information when they pay me, they're worried about that I'm going to look back on the chain and see what they do. And you know what they do? They pay me from a regulated service; they pay me from a Cash App or a Strike, because it's not connected to their savings stash, even if they're self-custodying.
Peter McCormack: I didn't do that with you. Did you go and look me up?
Matt Odell: I look everybody up after they pay me!
Peter McCormack: You should tell me what you found out! Did you really look me up?
Matt Odell: When did you pay me Bitcoin?
Peter McCormack: Your wedding.
Matt Odell: Oh yeah, I did!
Peter McCormack: You looked me up?!
Matt Odell: Yeah!
Peter McCormack: You can tell me what you found out afterwards.
Matt Odell: Yeah, we'll talk about that afterwards.
Danny Knowles: Going back to the start of this conversation, if you think that Bitcoin could be captured from a regulatory standpoint, do you think it can be a fungibility issue in terms of the people that are trying to transact privately?
Matt Odell: Yeah. So, I mean the concern is that ultimately, privacy loves company. So, if we don't have that many users using Bitcoin privately, then you stand out like a sore thumb. I'll be extreme about it, but if there's five of us using CoinJoin, then you know anyone that uses CoinJoin is those five people. You need a group of people to basically blend in with.
On top of that, there's a separate thing here where the reason the war on drugs wasn't successful, even though it was 40 years of criminalising drug users, was because there were so many people that just chose to use drugs in a sovereign way without their government. If most people had just rolled over and 98% of people were like, "Well, it's a crime, I'm not going to do it, it's too difficult for me; I can't go down to the street corner and buy some weed with cash", weed would still be illegal in America, it never would have become legalised.
The key was that there was a normalisation of acquiring weed privately; there was a normalisation of going back against these Draconian laws. In Bitcoin right now, it's the opposite. In Bitcoin right now, the overwhelming majority of people are just, "It is what it is", just rolling over, just handing full privacy out the door to these exchanges, to these governments that are forcing the exchanges to do these things, regulatory clarity, we need to do that… Now, I don't think that's a doom sentence, I think that what will happen is, the pendulum will shift, everyone will get burned and people will start to learn and people will come back.
Anyway, the point I was trying to make earlier is that, the thing I expect and the thing that is probably the most dangerous, is that people will realise they need privacy, but they're used to their credit cards, they're used to PayPal, they're used to Revolut, they're used to Cash App; and as a result, I call this custodial privacy, they give the privacy over to the regulated entities.
So, okay, Strike knows my information, Strike knows my transactions, these are my balances, potentially Strike has to provide this information to whatever my government is if they ask for it. But I trust Strike, and as a result I use them and anyone I pay or anyone who pays me isn't able to see into my financial history, and that is how the majority of people will use it. Then, you're introducing a centralised third party into the whole equation for the sake of privacy, and then all of a sudden you don't have that censorship resistance element to Bitcoin.
Peter McCormack: And, with regards to Wasabi and Whirlpool, how do I know to trust them? I know that, for example, I've seen arguments online with regards to, say, Samurai. Is it that you give them your xPub?
Matt Odell: Oh, so you do know what an xPub is?!
Peter McCormack: I had that one just to impress you! But they take your xPub, right?
Matt Odell: No, for some users they do.
Peter McCormack: But why do they do that, by the way?
Matt Odell: So, first of all, a CoinJoin is not a custodial relationship; CoinJoin is a native Bitcoin send transaction on the network that is a collaborative transaction, so you're doing it with multiple people. You're never trusting someone with your keys, they can never take your Bitcoin, spend your Bitcoin. You're just basically doing this group transaction with a bunch of people, but you always are keeping custody.
Peter McCormack: But where do you do it? Is there a tool you do it with?
Matt Odell: Your wallet is doing it.
Peter McCormack: Yeah, but what I'm saying is, if you want to go and do a CoinJoin --
Matt Odell: So, you open -- so I'm wearing my Sparrow hat. Sparrow's on computer, they use Samurai's Whirlpool protocol. So, you open Sparrow, you basically choose which UTXOs, you choose which Bitcoin you want to go through CoinJoin, you press, "Go into CoinJoin", and then it's hitting the internet, and it's waiting to see if there's other people that are also ready and waiting, and a transaction's constructed and the wallets are going back and forth with each other and signing the transaction.
Then, all at once, the single transaction goes out that no one is actually taking custody. So, you're signing a transaction that's like, "Okay, I'm putting in one input, he's putting in one input, five people are each putting in one input", and then you're signing the destination addresses, and you know you control one of the destination addresses, but no one else knows which one you control and which one someone else controls, and you're signing it all at the same time. So, it's not a custodial relationship.
What you are trusting with Samurai and Wasabi is, there's this aspect, and this is a very deep hole that we're going into right now, but there's this thing called Sybil attacks which is the main type of attack scenario that you could see in these types of collaborative transaction.
Peter McCormack: Is that where someone like Chainalysis comes in and they try and become part of it?
Matt Odell: You think you're doing a collaborative transaction with four other people, who really those four other people are chain surveillance companies; that's the most extreme. Now, the way Samurai and Wasabi get around that threat is that, for an attacker to do that, they're going to spend a lot of Bitcoin, because they have to spend this CoinJoin fee, and as they spend the CoinJoin fee, they're going to run out of money, it's going to cost them a shit ton of money. And if you're an honest user, you just keep going into CoinJoin rounds, it won't cost you nearly as much; specifically with Samurai, the way Samurai has it set up. If you're trying to flood rounds, it's going to cost you significantly more money than if you don't flood rounds, if you're just using it like an honest user would use it.
The thing is, because they're the ones taking the fee that stops the Sybil that stops the flooding, it doesn't protect against them doing the flooding. So, Samurai and Wasabi could be flooding the rounds, because they're paying themselves so it doesn't really cost them any money.
Peter McCormack: Okay. So, if they're captured and we don't know?
Matt Odell: Then, they're paying themselves and then they can de-anonymise the rounds. Now, there's another tool called JoinMarket that doesn't have that centralised party, it's just two people interacting with each.
Peter McCormack: Isn't JoinMarket new?
Matt Odell: No, it's older. JoinMarket's from like 2014.
Peter McCormack: Oh, it's older, okay.
Matt Odell: Or maybe 2015. But JoinMarket sacrifices convenience for more robustness, so it's the same trade-off; but anyway, I'm getting sidetracked here. So, neither Whirlpool or Wasabi's implementation protects against the people running the coordinator software that is connecting the people, because they're the ones taking the fees, they're the ones protecting against Sybil attacks, and they can't protect if they have any Sybil attacks on themselves; unless there's high Bitcoin mining fees, but we just haven't seen high Bitcoin mining fees. Because, every transaction you still have to pay mining fees. But in a low-fee environment, there's very little Sybil resistance from the actual parties.
Now, once again, we're probably getting too deep in here, when we talk about Bitcoin privacy, avoiding KYC, avoiding linking your ID to your Bitcoin transactions is probably number one; self-custody is number two, and these are not mutually exclusive. Even if you don't avoid KYC, you're still better of using self-custody.
The third one maybe is coin control, understanding your UTXO balances. The fourth one is probably using your own node, and one of my podcasts, Citadel Dispatch, there's an episode 43 where I literally just go two and a half hours with this guy, BitcoinQ_A, and we just go through from start to finish, acquiring Bitcoin, storing Bitcoin with privacy in mind, for a beginner-focused audience. But I think I would stay step four or step three, whatever fucking step we're at, is using your own node. That's because, to interact with the Bitcoin Network, you have to use a node and if you don't use your own node, you're using someone else's node; and if you're using someone else's node, you're trusting them with your privacy.
Most wallets today that people use, you use a company's node, you're not using your own node, so Ledger, Trezor, MetaMask on Ethereum, all of these wallets are all basically using a company's node and that company can spy on you.
Peter McCormack: COLDCARD, you can use your own node, right?
Matt Odell: All these wallets, you can use your own node as well. Sparrow, for instance, supports every hardware wallet, and then you can use it with your own node. The point is, out of the box, when you get it out of the box, hook it up with Ledger Live, or you open a BlueWallet on your phone, you're using a company's node, and that company can track your transactions. Same deal with Samurai.
With Samurai, you have two options. You can use your own node or you can use their node, and by default it uses their node. So, if you use their node, they can see all your transactions. And if the majority if people that are doing a collaborative transaction are using their node, then even if you're using your own node, presumably there could be a process of elimination to figure out which transaction's yours, because the majority are using their node.
Peter McCormack: And, is that where all the arguments regarding Samurai --
Matt Odell: Pretty much yeah, it comes down to that. My belief is that the way Samurai and Whirlpool is set up is it's set up so if you have it running 24/7, you're getting all these free CoinJoins that happen, and I think the majority of people that do that are using their own node; because, if you're running that software 24/7, you're probably technically proficient enough to understand the importance and to be able to run and use your own node. So, I think the majority of those people are using their own node, so it's not really a concern to me, but that's what the whole concern comes down to.
If you're not using your own node, the wallet can spy on you, most wallets are already doing that. But with Samurai specifically, it's a privacy-focused wallet, it could potentially be used to de-anonymise people that are using their own node when they're doing CoinJoin. That's what that whole argument comes down to.
Peter McCormack: Can you have coin control if you're using multisig?
Matt Odell: Yes, of course. You can have coin control at any time.
Peter McCormack: But does it depend upon the service you're using, so if you're using Unchained or Casa?
Matt Odell: Yeah, so Unchained doesn't have coin control. I believe Casa does. Last time I used it, they didn't have labels; the labels are important, because it's one thing to know, "Okay, I have UTXOs that are 2, 4, 8, 10 sats", but if you don't know which one is which, it's pretty much useless information for you. So, when you receive a transaction, you want to be able to label it. So, yeah, it depends on the software. Once again, Sparrow has that.
I would also say that Samurai conversation has changed a little bit since Sparrow has added Whirlpool, as more wallets -- Whirlpool is designed so other wallets can implement it. For instance, on Sparrow, he doesn't run a node for the users. So, if you load up Sparrow and you don't want to use your own node, you're using a random Electrum node. He has a list of a bunch of Electrum nodes and you're using that node. So, it further splits up the nodes that are seeing into these CoinJoin transactions that are happening, and that's basically what you want; you want to see as much diversity in collaborative transactions, so that one party can't necessarily unwind them.
Peter McCormack: And, if you want to acquire Bitcoin, your advice is to avoid KYC exchanges?
Matt Odell: Yeah.
Peter McCormack: Which a lot of people won't, and if you can't earn it, how can you acquire a KYC-free --
Matt Odell: Well, I would say earning it is probably going to be the way most people --
Peter McCormack: But right now. If I want to buy a bunch, but I'm trying to avoid a KYC exchange, for whatever reason, are there ways to acquire Bitcoin relatively easily now KYC-free?
Matt Odell: Look, I think everything has trade-offs and the goal shouldn't be perfection, once again, because if the goal is perfection, you're just going to overwhelm yourself and just say, "I'm already fucked". So for some people, what that might look like is, okay, I'm a high net worth individual, I have $1 million I want to deploy into Bitcoin, or something, I can't do that in a private fashion, so I'm just going to go to Fidelity or Coinbase or Gemini, or whatever, and do a bank transfer.
Okay, that might make sense, but you should still consider maybe having a smaller position that is a private position. Maybe you have some that is your 401(k) that is fully shown to whatever government you're under, a bunch of corporations, all these different things; but then you also have your fuck-around stash, or your freedom stash, the proverbial duffel bags of cash in the walls of Tony Soprano's house, right.
If it's smaller amounts though, that's if it's a very big, high net worth person, someone trying to -- they use the words "deploy" and "capital" and shit when they're buying Bitcoin! For the average person, we see this in America and it's true in other places in the world as well, is we see a lot of these lower income working-class people that are more or less cut out of our traditional financial system, they have a lot of trouble using the payment apps. I mean, Cash App has specifically done really well in terms of lower-income communities, like it cut out banks; but people don't realise that even in America, a lot of people get cut out of the traditional system.
I think Roya said something, it was like 3 billion people in the world, half the population of the world, is completely cut out of the financial system. What a lot of them do in America at least is they go to these Bitcoin ATMs. Now, the Bitcoin ATMs might have slightly higher fees, they might not allow you to do it completely anonymous, maybe they ask for a phone number or something, but it's significantly better than giving the blood of your first-born child, your photo, your full address, all these other things, than even doing it at an ATM in a naïve way without a burner phone, and just going to the ATM, putting cash in, you don't have a bank that knows about it, you're reducing those data points, you're reducing that exposure.
So, a lot of people coming in through ATMs, a lot of those ATMs you can use with burner phones if you want to. But once again, like I said, even if you use your own phone number, is it ideal? Can they connect that phone number to a bunch of personal information? Yes. Phone numbers suck, phone numbers are a fucking problem. It's definitely KYC, but it's better than the established quo of using these regulated exchanges.
Then, you also have these P2P exchanges, you have stuff like Bisq, which is a network that you can use to trade Bitcoin with other people; then there's Hodl Hodl, which is a company that does this; there's a couple more coming out. There's one called RoboSats that works pretty well, that's completely in your browser. These are all going to be for smaller amounts, they're not going to be for way larger amounts. Then you also have mining. Mining right now, you can buy --
Peter McCormack: That's the next one I was going to ask. With my mining, my S19s, I send that to a new address.
Matt Odell: Exactly.
Peter McCormack: But it's a new address within a new wallet that has other addresses in it.
Matt Odell: Well, that's where the coin control comes in.
Peter McCormack: But is there any way -- so, obviously I have my xPub and I have my sub-addresses on it --
Matt Odell: He pretends he doesn't know what an xPub is, but he knows! Go on, with your sub-addresses, continue.
Peter McCormack: I told you, didn't I? I know what it is, I just never think about them.
Matt Odell: Okay, continue.
Peter McCormack: Is there a way of linking those sub-addresses back, can they be linked? Like, if I have five wallets --
Matt Odell: Everything has trade-offs. So, if you're not using your own node, whoever's node you're using knows they're linked.
Peter McCormack: Okay, because they've got access to my xPub.
Matt Odell: Maybe you trust them and maybe they won't share it out to the rest of the world, right.
Peter McCormack: Because they have access to my xPub.
Matt Odell: Right. But the rest of the world might not know, if they keep that information to themselves.
Peter McCormack: Yeah, so that's more risk analysis.
Matt Odell: But then, if you make a transaction obviously that combines those transactions, combines a KYC transaction with your mining transaction, then obviously those are linked together. You combine a transaction that's linked to your ID with a transaction that's not linked to your ID, then obviously those are going to be combined and linked together on-chain, and they'll know they're owned by the same person.
So mining, depending on where you live in the world and what your electricity rate is, in America specifically, electricity is way cheaper than the rest of the world, pretty much all else equal, mining can be a very good way of getting more private Bitcoin; because when you buy these miners, for whatever reason, you don't need to provide identification information right now.
Peter McCormack: But say I bought my miners via Compass, so I have that additional layer there.
Matt Odell: So, when we were talking about it earlier, we were talking that the cool part about Bitcoin to me is that people have a lot of different options with different trade-off balances, right. The negative of that is there's no one size fits all, or easy way to explain the different pros and cons of all the different tools you can use.
Peter McCormack: Well, it's overwhelming, Matt, that's what I think.
Matt Odell: Right, because there's so many different scenarios and each of those different scenarios have different trade-off balances. So, with something like a hosted mining option, where you're buying miners, they're setting you up in a server farm somewhere that you don't have control over, obviously that is not as private or sovereign as you having miners in your own home, in your possession; especially for a "not your keys, not your coin" type of situation.
But if you compare that to a regulated exchange, buying Bitcoin on Cash App, for instance, if I buy Bitcoin on Cash App, a single company, Cash App, knows my ID information, they know my bank account information, they know how much Bitcoin I bought, and they know which address I sent to. If you use a hosted mining solution, they know you bought a miner, they know where it's hosted. Then you actually choose which pool you use; they don't run the mining pool.
Peter McCormack: I run the mining pool.
Matt Odell: No. Someone else is running the mining pool.
Peter McCormack: Well, no, I choose the mining pool.
Matt Odell: Okay, so you choose your mining pool. That mining pool then knows your payout addresses. So, those two companies basically need to collude to have the same amount of information that a Cash App has. You're splitting up that private information between two different companies, and they'd have to combine together and work together, or both get compelled by the same government, or both have a data leak, for the same amount of level of information as you're providing a single regulated entity when you're using like a Cash App.
Now, there are some mining pools -- nuance! There are some mining pools that are doing KYC. The largest mining pool in the world right now, Foundry, based in America, fully KYCs all of their users. So, if you used Foundry then you get absolutely no privacy benefit, and it's the same exact thing. But mining will always be an option for people to accumulate private sats, private Bitcoin. And like I said, I think ultimately a lot of this is a pain point of how early we are in the adoption cycle.
Most people are going to be earning Bitcoin, they're not going to be getting it from regulated exchanges, and most people will be spending Bitcoin, they won't be selling it on regulated exchanges; they'll be going to the corner store and they'll just be spending Bitcoin. So, all of a sudden, you take out a major pain point from the whole system, but the question is, "How long does that take?"
Peter McCormack: Yeah, fair question. And with the Lightning Network, if I'm spending Bitcoin, how much privacy do I have there?
Matt Odell: I mean, I did a three-hour Citadel Dispatch episode on that.
Peter McCormack: You did? What episode; we can go and listen?
Matt Odell: I think it's 21.
Peter McCormack: Hell, yeah!
Matt Odell: So, you type in Citadel Dispatch in your podcast app and it's episode 21. But yeah, just like Bitcoin, there's a lot of different nuances and things. In general, senders on Lightning have better privacy than receivers. So, if you're a merchant or something, particularly I mean we were talking about HRF; if you're a human rights activist and you're trying to raise funds in an authoritarian environment under an authoritarian regime, we saw this in Canada, if you're trying to raise funds and that government's coming after you, you need to take care of privacy, because if you don't take care of privacy, you're putting your donors at risk, but you're also putting yourself at risk.
In Canada, they went after the people who were organising the Bitcoin fundraiser. They couldn't take the Bitcoin.
Peter McCormack: They did take the Bitcoin though.
Matt Odell: After they went to the guy's house and like put a gun to his head and said, "Give us the fucking Bitcoin or you're going to jail".
Peter McCormack: I think to me, Matt, that was --
Matt Odell: They knew to pressure the person, and they knew how much Bitcoin there was. They didn't know where to find the Bitcoin, and they didn't have a button they could press to take the Bitcoin, but they went through the privacy attack vector. We saw the opposite happen in Russia, I guess not even the opposite, where Navalny, the main opposition to Putin, has been raising Bitcoin donations for a long time. He reuses addresses, he doesn't even use Lightning. He doesn't even create new addresses, he reuses the same address over and over again.
Putin pressured Binance and was like, "Let us know which users have donated to this address", and they just gave full KYC information.
Peter McCormack: Really?
Matt Odell: They give a list of everyone who donates to Navalny.
Peter McCormack: Fucking hell, it's easy.
Matt Odell: And some of them have family in Russia, and all these people were probably saying to themselves, "What do I need to know about privacy? Privacy's too difficult, why should I fucking deal with it?"
Peter McCormack: Now they know.
Matt Odell: But now it's too late, right, they already got fucked; you want to avoid that situation. But they'll never make that same mistake again, their friends and family will never make that same mistake again. So, I guess the point I'm trying to make there is, there's an obligation if you're receiving Bitcoin and you want privacy, you're going to have to go a little bit more effort, especially on the Lightning Network. It's just not really set up well for receiver privacy. But on the sender side, so we'll go back to the Canadian example.
If you look at the blockchain data on when the Canadians were raising Bitcoin donations, you can tell everyone who donated on-chain very easily. The people that donated through Lightning, no. So, when you send, in general the expectation is, if you send Bitcoin via Lightning, the receiver doesn't know which UTXOs were used to make that payment. So, you're breaking that chain of information, as opposed to if you send on-chain, there's a direct history of the chain data of all your transactions before it.
Peter McCormack: I think the Canadian situation was probably the biggest example we've had so far of massive overreach from a developed, liberal, western democracy to interfere in what should be considered the free right to protest. That was one of the ones that really stood out to me as, "Okay, now I see it".
Matt Odell: Yeah. I mean, there was a moment there where I thought that was our terrorist moment; I thought they were going to make us all terrorists, they were just going to call us all terrorists, "If you want to use Bitcoin privately, you're a terrorist". And when I say that, I don't mean me, I mean you too. If you want to hold self-custody Bitcoin, then you're a terrorist. If you have to send a form in and say, "I own all this Bitcoin, this is where I own it, these were the transactions I made, please daddy, let me be okay", and if you don't do that, you're a criminal. I thought that was going to be our moment.
They pulled back off the ledge at the last second. I was hoping it was going to be a bigger wake-up call for people, but people forget so quickly.
Peter McCormack: Well again, that's the point. This is overwhelming, Matt.
Matt Odell: Yeah, I'm aware it's overwhelming, I don't pretend it's not overwhelming.
Peter McCormack: Yeah, it's overwhelming, there's a lot to think about, and I've always tried to represent what I think a lot of people think, rather than what people want me to think, right. That's what I was chatting about last night, and it's overwhelming, there's a lot to think about. My hope is, in the future, a lot of this is abstracted away for people.
Matt Odell: Yeah, likewise. It's already more abstracted than it was before.
Peter McCormack: Yeah, of course. I mean, we were talking about it earlier, but when people were first using Bitcoin, they used a command line interface, then we had wallets, and now we have wallets with additional tools. There is this constant advancement. What things are coming on the privacy side that excite you in a way that abstracts this away from people? For example, I would love a wallet where a UTXO comes in, it immediately goes to a Whirlpool so it's just done.
Matt Odell: So, first of all, you're wearing this beautiful hat on your head.
Peter McCormack: Yeah, that's my birthday.
Matt Odell: Ten31 is my venture fund, largest Bitcoin-only venture fund in the space, and part of our mission, we only invest in Bitcoin companies, Bitcoin-only companies, no shitcoin projects. Part of our mandate is that we also provide grants out of our fees to open-source projects, no strings attached. To your listeners who may not understand the difference, with closed-source projects, closed-source projects are controlled and owned by a corporate entity or an individual; open-source projects are free, available for the world to modify, distribute, verify, check all the code that's running.
Bitcoin's an open-source project and as a result, it's viral in nature, it outlives any individual, it outlives any corporation. It's extremely important when it comes to the freedom of movement that we have strong, open-source projects. So, with all that said, at Ten31, we fund no-strings-attached, open-source developers that are working on interesting things. One such project that we just gave a Bitcoin to is called FediMint, and FediMint is this idea of a privacy-preserving wallet that you can install on a mobile phone, that is easier to use than any Lightning wallet that currently exists.
Basically, you have a multisig of custodians, so you'll have a group of custodians that are holding all the funds, but they can't take your money unless the majority of them decide to take your money. So, you're hoping that they won't all come together to steal all your money. You have privacy from them, because they use something called Chaumian e-cash. And then, you're able to pay any Lightning invoice in the world, or receive any Lightning invoice in the world, regardless of what wallet they use.
In practice, what does that look like? That looks like you, Peter McCormack, installing this wallet on your phone, choosing which group of custodians you want to use. There'll be custodians around the world, they'll all compete with each other on fees and uptime and reputation, because you need to have the wallet up and running and working, and you don't want to pay them any high fees, and you want to use someone that you can trust that is not trying to fuck you over. And then, you can just pay any Bitcoin invoice you see, anywhere, and it will be done with privacy best practice taken into account and you don't have to think of anything else.
What's the trade-off there? The trade-off there is that you're putting some trust into that group of custodians to keep that wallet up, and to not take your funds. But as a result, you're getting a very convenient wallet experience that gives you very strong privacy guarantees, that's cheaper and faster than a regular Bitcoin transaction. So, all those incentives really line up really well, and they're a lot closer to releasing a first wallet than people realise. So, it's the single most exciting project in Bitcoin for me right now, this thing called FediMint.
Hopefully, it will mean that this whole CoinJoin conversation we just had just ages horribly in a year and just not even needed. It will still be used by power users, larger amounts all this other stuff. But if you're just the average person and you want to be able to just spend your Bitcoin privately, just load this mobile wallet, load it up with some Bitcoin, pay at will, you'll have your separate savings wallet, boom, done.
Peter McCormack: And if people want to learn more about privacy, where would you say go, apart from Citadel Dispatch, which you've promoted at least 42 times in this show, which I advise people to go and check it out; no, I'm only kidding! But where are good places to go and learn.
Matt Odell: Citadel, what was that?
Peter McCormack: Citadel Dispatch!
Matt Odell: I mean, so when are you having Seth on?
Peter McCormack: When's Seth coming?
Danny Knowles: Thursday, two days.
Matt Odell: So, after this podcast releases, in a couple of days?
Peter McCormack: I mean, the order we release this or that one doesn't matter.
Matt Odell: You don't even know?
Danny Knowles: No, this will go first, I think.
Peter McCormack: This will go first.
Matt Odell: This is coming out first? Okay, so after this comes out, there's going to be another show that comes out with Seth. Seth has his own podcast, called Opt Out, that is really good. So, definitely listen to that with Pete, but also listen to his podcast, it's a really good podcast, and he's been on my show multiple times, I'm going to go on his show. He's just a good dude.
Peter McCormack: I like Seth.
Matt Odell: He means well and he cares about privacy, he really cares about privacy.
Peter McCormack: So, his point on achieving privacy with Bitcoin, his analogy to using PGP, I thought was very good, because I've tried multiple times to use PGP, and I give up because I don't fucking know what I'm doing here; I just give up.
Matt Odell: I think there's definitely a very strong lesson, particularly between PGP and Signal. PGP is technically sound encryption protocol. So, if you want to send a message on the internet, regardless of your message medium, you can encrypt it with PGP and a malicious actor that intercepts that is not going to be able to read your message. The problem was, it was way too far on the privacy versus convenience scale, and just was never convenient enough for mass adoption to happen, and most people don't use it. I use PGP, but very few people use it.
Peter McCormack: Not even just convenient, like the actual ability to do it!
Matt Odell: No, I mean there's software now, you can think of them as wallets that hold your keys that'll do it for you, there's mobile versions, but it's just not polished. To me, that's a cautionary tale. And then, you see something like Signal that takes a different trade-off balance, but is really polished, you just install it on your phone, it connects to a phone number, which a lot of privacy advocates would say, "Phone numbers fucking suck, it shouldn't connect to a phone number".
But if you talk to the Signal team, they'll say, "WhatsApp had billions of users and they used phone numbers; iMessage has hundreds of millions of users and they use phone numbers. People just like using phone numbers as their communication method, so we're going to do that, but we're going to do it with very strong encryption, where you don't have to know how it's working behind the scenes". That's also obviously relying on this open-source principle, where their software is open-source. The server isn't, but you're not trusting the server, because the client is encrypting it, and that you can verify.
So, there's definitely a lesson to be had there that I hope bitcoiners are aware of, and I think we are. And I think that could be handled on the app side, and this is where something like FediMint comes in. FediMint could be the Signal privacy, and just because Signal exists, doesn't mean people can't use PGP. I talk to people using PGP all the time; you can still use PGP, but you also have the option to do dead easy encrypted messaging that someone like yourself could use, that I could use with my mother, I can use it with my grandmother; my grandmother's on Signal. I don't use PGP with her.
So, there's definitely a lesson there, but anyway my point was, Opt Out, great podcast; bitcoiner.guide, by BitcoinQ_A, has a bunch of great guides over there. Actually, if you go to mattodell.com, I have a bunch of resources listed. Actually, I have citadeldispatch.com/help mirrored as well there, but there's just a bunch of different guides that you can go to. Bitcoinprivacy.org is another collection of guides. There's a lot of resources out there. When I first got into Bitcoin, there was fucking nothing, but I'm definitely not saying it's not overwhelming. I think the most important thing is not necessarily that people are perfect with privacy, it's that they're aware that they're all leaking information.
Peter McCormack: And they start.
Matt Odell: The most important thing that I hope that people get away from this conversation at least is, we're all leaking a ton of information. Myself, I'm not perfect.
Peter McCormack: Try and do less.
Matt Odell: Yeah. I mean, I came here with a cell phone in my pocket.
Peter McCormack: You know obviously I work for the British Government.
Matt Odell: Right, spook for hire.
Peter McCormack: Part of the contract is we have to get the guests in that they want, and then we have to put listening devices in, and then they want us to capture the conversations before we start an interview and afterwards, and they're going to follow you with a drone home. That's fair! You got some whiskey out of us.
Matt Odell: What? I got some whiskey out of this.
Peter McCormack: We didn't have one argument.
Danny Knowles: Very disappointing.
Peter McCormack: Yeah. I want to get back to the Christmas specials where we just fucking shout abuse at each other. Anyway…
Matt Odell: Those are always fun.
Peter McCormack: They are always fun. Matt Odell, thank you very much for coming on What Bitcoin Did, appreciate you, man; love you, man.
Matt Odell: It's been a pleasure, it's always a pleasure.
Peter McCormack: Always, man. Peace out, bro.
Matt Odell: Cheers.
