I would like to discuss feedback on the following proposed setup:
KYC'd coins (Onchain) -> FixedFloat (Onchain -> Lightning) -> Lightning Wallet (Muun / WoS, Lightning -> Onchain) -> Non-KYC coins (Onchain).
With the goal in mind of breaking the history from the original KYC source, as far as I can tell this will work well, is cheap and fast, and is generally low-risk. No party can see more than 1 step in either direction.
I think FixedFloat and Muun are easy choices here. Both can be accessed anonymously, both have low fees and you are not going to max out liquidity by running your own Lightning nodes, etc. There are criticisms of Muun as not being a real lightning wallet, but in this situation it seems to have some of the lowest fees for Lightning -> Onchain.
Compared to typical Coinjoins, this kind of Lightning-based approach seems to me faster, cheaper, and ultimately more user friendly (No toxic change, no always-online setups). However it does have an upper limit in terms of UTXO size, does introduce a brief window of risk with the custodial providers, and there may be secondary chain analysis being done by one of the middle steps.
Discussion Any thoughts, or feedbacks to develop / improve this further? Do you have a better way to propose using Lightning instead of CoinJoins easily?
There's a couple things here to keep in mind.
Be cautious about mobile apps, especially with a custodian service (wos) or a service which can be abused easily (muun). They are likely tracking some device ID so all of that will be correlated as you go through this multiple times. I assume you're already wiping the app after each time, but that's still not enough.
The more people use non kyc custodial services in this way is going to bring them heat. You're treating them as a custodial mixer. That doesn't end well. These services are not low risk.
Timing analysis. You're leaving papertrails with your multiple on chain transactions. You should stick to purely lightning if you want to avoid chain analysis, maybe with one swap later on not near the kyc withdraw.
I'm pretty sure primage is revealed on chain when you do a swap. So that can be correlated with source or destination of payment by your lightning wallet, especially if that lightning wallet already knows all about your payments. Phoenix, wos, muum all see your destinations, amounts, and payment hashes when you spend. And this includes muun entirely since it is only on chain swaps. These will be trivial to compare to a specific on chain utxo at the end.
You just need one or two of these things to happen to break your flow. But that all depends on what you're worried about happening. Is it leaks? Private companies? A local heavily armed gang or mafia with the power to infiltrate organizations across the world? You start with the problem, not the solutions.
Tldr, too much on chain use, too much correlation with custodial use, too much lightning wallet privacy leakage. Depends on what you're trying to protect from who.
This is a great response. I think many people don't understand the logs that are collected about devices, how much entropy they reveal, and the analytics tools out there. Even these "off chain" data can be analysed at scale sometime in the future - especially if you're aiming to use some of the most popular wallets (that are more likely to have logs subpoenaed).
However, I think your point about knowing what you're protecting against is key. Even OP's setup is better than nothing - reduces chances of being confidently targeted by most actors. But if you're a journalist who is hated by your government they could turn the eye of Sauron on you and figure out a lot of the picture pretty quickly.
Excellent point about approaches like this actually turning custodial solutions like WoS into targets themselves.
I agree, I think a threat model is important here. It is all a spectrum.
Thanks for the thoughts everyone. The original limited goal here is about breaking direct history of KYC coins (withdrawn from the CEX) on the public Bitcoin ledger.
In a world-wide crackdown situation I am not even sure a 5x mix coinjoin would be enough to stop a dedicated investigation given enough resources.
Is perfect the enemy of good? That said, a no-log alternative to FixedFloat and / or a self-custodial lightning wallet in the above situation would be even better than the original idea I proposed.
There is a lot of good info in @darthcoin guides.
This is why I put my coins in join market and leave them there for months. There's simply no way you could unwind dozens and dozens of coinjoins like that
May The Bitcoin Be With You!
346 sats \ 1 reply \ @rianto 17 Sep
I think using Phoenix splice in + Deezy loop out service would be cheaper
You send onchain sats from cex to Phoenix, then use Deezy, Fixedfloat, Boltz or whatever depend on the lowest cost you can found
Cost breakdown : Emergency onchain tx fee ( splice in when using Phoenix ) Also extra 1.000 sats for "first time fee" Sending from Phoenix to the loop out service would cost 0.4% Then use whatever Loop out service you prefer
Just my 2 sats
I have been thinking about a similar approach to this as you describe above. An additional step you can take -- If you really want to reduce trust in any one LSP -- is to do a few hops. From Phoenix --> Breez --> Blixt --> <your preferred/cheapest loop-out option>.
A particularly compelling instance is if your KYC'd exchange offers LN withdrawals. The majority of centralized exchanges operate account-based systems for users, and so UTXOs are only "created" (associated with users) in an on-chain withdrawal. Thus, leveraging the LN withdrawal + multiple hop method obfuscates a user's future activity from all but the final LSP.
One or many LSPs need to have some level of trust in this strategy, but at least the user can determine that.
The difference is with this arrangement, you're not actually breaking the history of your UTXOs. You're just trading one UTXO for another one with different history in a way that there is no on chain record linking your old and new utxos.
On chain, it appears the kyc'd utxo was paid to fixed float's address. And whatever they decide to do with that UTXO is also clearly readable onchain. In a coin join, the kyc'd utxo is one of many inputs to a coinjoin transaction and the outputs of that tx are unlinkable to the inputs.
Something like supertestnet's utxo dealership might be a cheaper/simpler way to trade utxos once its on mainnet and a market develops using that protocol.
Overall, this method is fine IMO for trading kyc for non-kyc coins. The kyc exchange still has record that you bought tho.
This method is less acceptable for "washing" tainted UTXOs. If law enforcement sees the utxo enter a fixed float address, all they have to do is subpoena fixed float for details on that swap. Then, they have a lead on the next hop in the trail. If you're using a custodial LN wallet to receive your fixed float LN swap, then they can also be subpoena for additional details and potentially find the next hop. Even muun which is non-custodial can be subpoena because a fixed float swap to LN muun wallet will have paid muun's public LN nodes and there is a record in muuns database which links that swap to a UTXO in your muun wallet.
The most important thing if you think about KYC-coins in my mind is not the UTXO itself but the exchange having the information that you but x amount of btc. If you really want to get rid of KYC-coins, you have to sell them back on the same exchange you bought them, withdraw the fiat and then buy new coins on a p2p plattform (bisq, peach, robosats, hodlhodl etc.)
Thats overall not too easy and requires some effort but the only way to do that properly. To «unlink» the utxo from you and the exchange your described method is probably good enough.
What about KYC BTC exchange to XMR then send to another XMR address (which you own) and then exchange back to BTC ? Is it bad except the fees ?
Using a service like FixedFloat to do the swap?
Its not that cheap. Alternative to fixed float is boltz. Also I wouldn't use muun as a lightning wallet.
Why not use Muun in this situation? I undertand it is not an actual Lightning Wallet, but it is cheap / easy as a custodial option.
As long as you know that its not a LN wallet. If you can control the amount of sats/vb then its equal to most other onchain wallets. But I'm not sure you can do this with muun, which is why I say its not cheap.
✅ Muun + FixedFloat
Love this discussion regarding feedback on the following proposed setup with a Bitcoin-centric perspective:
  1. KYC'd coins (Onchain) -> 2. FixedFloat (Onchain -> Lightning) -> 3. Lightning Wallet (Muun / WoS, Lightning -> Onchain) -> 4. Non-KYC coins (Onchain).
The primary goal here is to break the transaction history from the original KYC source. From my analysis, this approach seems to align well with Bitcoin's principles of privacy, cost-effectiveness, and speed while minimizing risk. Notably, no party can see more than one step in either direction.
I believe that both FixedFloat and Muun are excellent choices for this setup. They can be accessed anonymously, offer low fees, and avoid the need to run your own Lightning nodes, which can be appealing to Bitcoin maximalists. Despite some criticisms of Muun, it appears to have some of the lowest fees for Lightning -> Onchain transactions.
In comparison to typical Coinjoins, this Lightning-based approach seems faster, cheaper, and more user-friendly, especially when considering issues like avoiding toxic change and the need for always-online setups. However, it's essential to acknowledge some limitations, such as an upper limit on UTXO size, a brief custodial risk window, and the possibility of secondary chain analysis during intermediate steps.
I invite your thoughts and feedback on how to further develop or improve this approach within the Bitcoin ecosystem. Do you believe there's a better way to leverage Lightning instead of Coinjoins, specifically for Bitcoin maximalists?
Let's engage in a constructive dialogue to explore the potential of enhancing Bitcoin transaction privacy while staying true to the core principles of decentralization and censorship resistance.
Why not both? You can mix your UTXOs multiples