pull down to refresh

For the past two months, I've started building Fedimint integrations into Mutiny Wallet, and it has been all that I've been thinking about. It's such a fascinating rabbit hole into philosophy, technical, and legal implications of this kind of tech. Some of my views might be obvious, but worth saying out loud. In other ways, it might be controversial or complicated to derive naturally. I plan to share these in a series of posts relating to specific topics around Fedimint.
This first article might not be the best "introduction to Fedimint" piece. There are several resources available to learn more about it. For now, I'll leave it at a few introduction points.

Intro

Fedimint is best understood as a "Federated Custody" solution where a group of guardians "custody" Bitcoin on behalf of users in a multi-sig. That's a framing that many of us have understood. Still, as I dig into it more, I have an alternative view of its functionality, especially compared to other technologies.

What is NOT the problem

It's not that self-custody is hard.
I'll repeat that because it's an important distinction that leaves many people with, "Why would anyone want this or think it's a good thing to let others custody on my behalf?"
Fedimint, in my opinion, is not solving key custody for users who "don't know how" or think it's "too hard." Many other things exist to solve that problem. While there's a part of Fedimint that can solve that problem in unique ways, it's already a known problem with known solutions.

Existing Custody Solutions

Let's examine existing custody solutions to determine how they align with Fedimint.
When it comes to custody, it's a multi-sig like many other solutions that exist out there. There's Unchained, which allows the user to retain one (or more) of the keys, with Unchained holding one as a backup if you lose the other(s). A typical scenario is a 2 of 3 multi-sig solution that doesn't allow Unchained to spend the funds. If you lose one of the keys, then you can go through their verification process to recover your funds. This has sometimes been called collaborative custody since the user holds at least one of the keys.
Other solutions, like Blocks's Bitkey approach, have a similar setup but multiple backup schemes that could allow for a combination of social key recovery, hardware wallet usage, collaborative custody through CashApp, a phone-based key, etc.
There are also others like Onramp, an Unchained fork, that features 3 keys that DO NOT belong to the user. They belong to 3 different financial institutions that can spend the funds on behalf of the user if a majority of them agree. Their intended use case is more for high net-worth individuals and corporations that need more internal controls and expertise without relying on a single key holder.
These are custody solutions. Some of them have existed for years. Consider a Fedimint federation to function much like Onramp. Specifically, the user does not have one of the keys to any Bitcoin. Instead, a group of other guardians that they trust hold the keys. However, Fedimint is more advanced and expandable in its role. It does far more than help users custody funds.

The problem I think it is solving

Fedimint is a scalable self-custodial off-chain programmability layer on top of Bitcoin. It allows for use cases that are difficult, time-consuming, and unscalable for general users to do on-chain today.

Self-Custodial

You might think I had a typo calling Fedimint a self-custodial network. Let me explain.
Fedimint uses Ecash under the hood, which operates as a bearer instrument instead of a "balance" in a ledger. If you have Ecash within a system, you can freely spend it within that system, much like cash. If you lose or give away (e)cash, you lose the ability to spend it. You must have custody of it in some way. Therefore, each Fedimint federation is its own self-custodial network.
A real-world example of this is looking at cash. If you have USD cash in your pocket, that is considered custody of the dollars. Still, it is not inherently interoperable with EUR cash in someone else's pocket. Each Fedimint federation operates in this way as well. Ecash from one federation is not inherently interoperable with the federation of another. To move between federations or between networks such as Bitcoin or Lightning, you must partake in an atomic swap. The transaction either is completed or is refunded. This can be done with the federation guardians (for on-chain Bitcoin) or through non-trusted entities that operate as liquidity swap providers (such as Lightning).

Federated

Some of what I describe can be true for Ecash on both Cashu and Fedimint. However, I will be focusing specifically on Fedimint. The most crucial difference between Cashu and Fedimint is that each Cashu mint is currently entirely controlled by a single member. Meanwhile, each Fedimint mint can have many members (guardians) who do not have complete individual control. Fedimint can be arranged as a 3 of 4 multisig, 5 of 7, etc. The more guardians you have, the slower they achieve consensus. More research is being made into its practical limitations as you extend beyond 40. Eventually, it should be able to dynamically swap out guardians if most of them agree.
The fact that there is no unilateral control of funds by a single party makes the most significant difference regarding how it technically and legally operates.
Custody is typically defined as a single party having clear control over the funds or establishing a contract or legal claim to the funds. If there are none of these things and there was ever a dispute of the funds, it may be considered unowned or abandoned property.
I believe there is no guarantee or cryptographic claim of the Bitcoin sent to a federation in exchange for Ecash. Many people who worry about using Fedimint as a custody solution would agree with me. So, let's call it what it is, not a claim to the "underlying" Bitcoin. I believe it behaves more like Wrapped Bitcoin on other chains where it's a smart contract of federation members (such as the one Bitgo was a proponent of on Ethereum).

Pricing mechanism

So if an individual Fedimint federation is its own self-custodial network where users swap Bitcoin and Ecash to enter or leave that network, there's no longer a claim to the Bitcoin that a user-traded for Ecash. So then, what determines the price of Ecash? If it is its own currency on a decentralized network, it must have some price when it is traded.
How does anything determine the price? It's determined by the free market. Even if you do not take my position that Fedimint is a self-custodial decentralized network with its own digital currency, the way Ecash is/can be interchanged does imply that it has its own pricing mechanisms.
There are two main ways to get into and out of an Ecash federation.

Direct Swaps

Anyone with an invite code or QR code has the information needed to speak and interact with the Fedimint protocol. You can go directly to the guardians of a federation to atomically swap your Bitcoin on-chain for Ecash. You will receive the same quantity of Ecash as you had in Bitcoin. Each federation guardian has one of the keys needed to spend this Bitcoin later, according to the Fedimint consensus rules.
Later, that user might return wanting to swap out to Bitcoin on-chain with the same amount of Ecash. The user and the federation guardians will then atomically swap the user's Ecash for on-chain Bitcoin, minus the mining fees needed to interact with on-chain Bitcoin. As the Bitcoin leaves the federation, the Ecash is burnt, keeping the supply of outstanding Ecash consistent with the Bitcoin inside the federation.
The consensus protocol that the Fedimint federation guardians abide by will only move the on-chain Bitcoin when an atomic swap occurs. As long as the majority of Fedimint federation guardians run this code and do not hard fork the protocol, then there's a reasonable assumption that you may later trade Ecash for Bitcoin directly from the mint at a near 1:1 rate (minus mining fees).
One distinction I will stress here is that it will rarely be precisely 1:1. There should NOT be an expectation that an Ecash will ever redeem the exact amount of Bitcoin because of the fees involved. You can never go directly to the source to get the same amount of Bitcoin as you entered. The same concept can be applied to other layers, such as Lightning. A sat on LN is valued differently than a sat on-chain. This is important to understand the actual cost of Bitcoin ownership, the cost to control and manage capital in a blockchain, and how market rates will be determined.

Market Swaps

If we look at a real-world example, I can go to a shop to purchase some salmon toast if they are willing to take that specific note from that mint. However, you can't force this. It's up to the shop to be willing to accept a particular note from a particular mint through a particular network.
If a shop does not accept the notes in my pocket, I could use an in-store ATM exchange to swap my notes for ones from a different mint. If an ATM is unavailable, I ask a friend if they have any notes that the shop accepts and if they are willing to take my notes for a specific exchange rate. My friend is just a user of multiple mints. They value each one differently and will swap between them at a price they believe they can redeem them for later.
All of this applies to Ecash as well. Users can transfer Ecash notes directly to each other at a price they both agree upon. The transfer happens internally if both users have already joined the same mint. To interact with external networks, Gateways are needed.
Lightning is an example of an external network. Fedimint guardians don't run a Lightning node or hold HTLCs. Lightning Network swaps happen between other users of a mint, just like an ATM or friend might provide this service to you. Due to the off-chain smart contract functionality of Ecash, you can make the transfer of Ecash contingent upon completing a cryptographic task, such as swapping Ecash for a preimage to redeem a Lightning payment. This allows for any Lightning Node to be a user & note holder of any mint and provide swapping functionality on behalf of the other users of that mint. And due to this, they may charge whatever rate they wish, just like your friend or ATM might. However, unlike trusting an ATM, users do not need to trust any Lightning node gateway. Fedimint guardians enforce the smart contracts. The transfer of Ecash from the user to the Lightning node gateway will only be completed once the Lightning transfer is completed.

Determining price

Network costs

Since Lightning uses the same unit of account as Bitcoin (and thus Ecash), the swaps are easy to reason about. However, operating a different network does have a cost. As such, the exchange rate between Ecash and Lightning will have a fee associated with it as well. This may include a base charge and fee based on a percentage of the total amount, which can be considered their exchange rate.
Suppose the network does not use the same unit of account as Bitcoin. In that case, that's where holding two different currencies at the same time can introduce slippage. You could have a Monero gateway attached to a Bitcoin-denominated Ecash mint to provide swaps between XMR and BTC. However, if you hold too much XMR and it goes down in price relative to BTC, you're losing purchasing power. Therefore, if you prefer to have BTC, you must charge an exchange rate that you believe you can swap extra XMR for at a later price with BTC and charge a fee that you think you'll be paying to do those swaps in addition to a fee that you profit from for providing this service.

Risks

Each holder of Ecash carries a risk that the majority of guardians in a particular Fedimint federation either ceases to function or has hard forked to break the consensus rules. At a certain point, all decentralized protocols face similar risks but have different consequences. Suppose a supermajority of Bitcoin users/miners have decided to hard fork or stop participating in Bitcoin. In that case, it faces systemic risk from the behavior of third parties that you individually have little control over. The price of Bitcoin is a function of trust and market demands in the system. You trust that you can spend and use Bitcoin at a later date, and a significant factor in that price is global belief in it as a system.
Ecash carries the same type of risk on a different scale, and the market rates can be considered a function of trust in a particular federation coupled with demand to be in that system. Why might there be demand? Gateways have services that they can provide the users of that system. These services can expand the programmability and interoperability between the federation and external networks, such as Lightning. There is demand for users to hold Ecash and use it for both on-chain Bitcoin and Lightning, which takes a lot of work to do seamlessly on Lightning today. Gateways receive fees for providing such services, so there might eventually be enough demand on a particular federation to profit off of such swaps, and they take a risk for it. Therefore, they can charge what they wish. It would be foolish to expect an exact 1:1 with no fee or exchange rate involved.
Therefore, there's nothing that guarantees that users of a federation can participate in Lightning swaps. An individual Lightning node needs to provide this despite the risks. At the beginning of Fedimint's usage, these Gateways will likely be the federation members of their specific federation. The relationship between gateways and federations is a fascinating one that I'll dive into more in a later article.

Expirations

This could be extended to another article as well. I believe it's fascinating to think about how the protocol can conceptualize adding "expirations" onto each mint. It's an optional metadata field that you may apply to your Fedimint federation, and its implications are interesting.
We've seen far too many instances in the space of early Lightning custodians like BlueWallet and BottlePay eventually shut down their custodial services, and we're already seeing Cashu mints shut down on very short notice. There will always be users of these services who expect them to be around forever. It's also impossible to inform everyone that it is shutting down. These "forever liabilities" are a big problem, and they eventually cause significant headaches for all involved.
Expirations reinforce the expectation that Ecash is not a guaranteed claim on the underlying Bitcoin. As soon as a user joins a federation, it can be communicated that their notes will expire at a specific date. We see this a lot in the gift card space. Some gift cards last 10 years, and I've seen others that last hundreds of years. Gift cards or reward points commonly get legal carve-outs for them. To me, there is no difference between reward points, gift cards, or Ecash inside a specific network.
Another good practice about expiration dates for mints is to allow federation members of the mint to get out in case they change their minds about being a participant. It's early days for Fedimint, and things can change; companies may die, environments can become hostile, etc.

Beyond a financial network

It's worth a callout, but there are also non-financial things that could benefit from a federated smart contract system. I won't dive into them in detail, but here are some ideas:
  • Social key recovery
  • Encrypted password management
  • Social communication
  • Discreet log contracts
  • Prediction Markets
  • Federated mining pools
  • Dynamic lightning node subnetworks
  • Decentralized exchange
  • Privacy tool (Ecash has privacy that's as good as cash, as it must be an effective bearer instrument)

Conclusion

Fedimint is not a Bitcoin custody solution but its own protocol and network that can provide financial and non-financial solutions for any user of any mint. A majority of federation guardians enforce the contracts in the protocol, but no single guardian can unilaterally make decisions. Users have fantastic privacy inside the system to transact without censorship concerns. Users must have custody of their Ecash and back them up to spend them later. It's a new type of distributed ledger network without a ledger at all.
I welcome constructive comments and opinions around these ideas. If anyone has conflicting thoughts, you should be looking at this in comparison to other things that exist. Consider how it compares to Bitcoin's trust model or other currency networks. How does it compare to Wrapped Bitcoin on ETH, to ZK-Rollups, to state chains on secure enclaves that are technically considered non-custodial, to other cryptocurrencies without their scammy pricing mechanisms (at least as far as they are legally allowed to exist as self-custodial networks)? Some of it sounds cringe to compare it to, and I don't endorse any of them. But evaluate how they operate technically and legally if you'd like to challenge some of my thoughts around Fedimint being its own decentralized network with its own stable, but dynamic pricing structure.
Originally posted on my blog
Great post. I disagree with one very central premise though:
Custody is typically defined as a single party having clear control over the funds or establishing a contract or legal claim to the funds.
I do think so. Custody is when one or more parties have control of your funds, and you don't. It doesn't matter if it's a single sig, or a multisig. Not your keys, not your coins.
reply
Please let's not start saying that ecash is self-custodial. It is not.
You hold the ecash, we get it. The ecash part is non-custodial, ok. It's been thought of that way since the 80s. It's fine to think that way if you're literally the central bank and the ecash you issue IS THE MONEY AND NOT A REPRESENTATION OF AN UNDERLYING ASSET – only a central bank can do this. Repeat with me: Only a central bank can do this.
Ecash today is a representative of an underlying asset. In Cashu and Fedimint that's BTC. You give up control over that underlying asset. You measure everything in terms of that underlying asset. It is all about the underlying asset. You have NO GUARANTEE WHATSOEVER TO REDEEM THAT UNDERLYING ASSET BACK – ecash systems the way we are building them today ARE CUSTODIAL – please don't make things more complicated than they need to be. Please do not manipulate language and especially, do not confuse noobs who are still learning. I almost want to say that a framing like this irresponsible.
What are you going to say to the noob who wants their Bitcoin back but the federation broke down during an update and the database got completely rekt? How is that non-custidal or self-custodial or whatever the opposite of custodial is.
With all due respect, this is a bad take.
reply
This so much.
Honestly starting to feel like this push towards Fedimints is very much due to VC money.
reply
Hard disagree. Recent excitement is coming from highly technical builders, and a wave of early adopters.
reply
I'm not disputing that, I'm just saying it feels like it. The wave of early adopters (podcast hosts for example) are mostly non-technical folks, they do not understand what it is they're pushing out and do not know what questions to ask.
Ask yourself - why are these builders pushing something that is pretty much the equivalent of a Wallet of Satoshi with some bells and whistles?
reply
Multisig bitcoin bank doesn't sell as well as bitcoin scaling solution.
reply
reply
How does e cash compare to Liquid?
reply
Perfectly put
reply
There’s a difference between self custodial and non custodial. Self custodial is only I can spend my funds, non custodial being no one else can spend my funds.
reply
How is "only X can spend" different from "every non-X cannot spend"?
reply
A 2of3 multi sig would be an example. No one has self custody but it’s still non-custodial
reply
The difference is the case where no one can spend at all :)
(Not disagreeing, I also don't really get what is Ben's point there.)
reply
Thank you I was always wondering what the difference is but that actually makes sense now!
reply
I'm also saying there's no custody of a currency that you have given up ownership of.
Users custody ecash, not bitcoin. It's not a Bitcoin custody solution.
reply
I'm not sure I understand what you're saying but it seems very clear to me:
  • you give up custody of your bitcoin. it's custodial.
  • you hold the ecash yourself. it's noncustodial.
it's custodial bitcoin and noncustodial ecash.
I thought we were talking about Bitcoin custody: it's custodial Bitcoin.
reply
it's custodial bitcoin and noncustodial ecash.
This is the part that I think is confusing and tripping people up (or at least me) when thinking about Fedimints, Cashu, and ecash. Good clarification that should be said more often. Thank you
reply
you're doing an atomic swap of bitcoin for ecash
not tryna put words in tony's mouth - but that's my interpretation.
reply
I am but a young girl unschooled in the ways of war, but...
Isn't it that you sold your btc for the mint's ecash and when you go back on chain you have to buy btc with those ecash tokens?
If I use bitcoin to buy dollars from coinbase, I give them btc and they give me dollars. They aren't custodying my bitcoin for me until I ask for them back. Its their btc now.
reply
If I use bitcoin to buy dollars from coinbase, I give them btc and they give me dollars. They aren't custodying my bitcoin for me until I ask for them back. Its their btc now.
That's not how banks work.
reply
Right. I'm saying ecash mints might not be banks. They might be more like exchanges.
reply
deleted by author
So there is a capital gains tax event incurred? (at least in jurisdictions where there is a tax event when selling/swapping an asset)
reply
That's a good question. Perhaps something the user has to worry about.
On the mint side, hard to argue having just one of the keys gives them a tax liability when they don't technically own it either.
reply
I have to say that, despite his caveats, Tony does a great job of explaining Fedimint in a clear way here. Usually when he and other devs start discussing stuff I understand maybe a third of what they're saying, but I recommend that you read this article if you are still baffled by the whole project.
reply
This is great. I like how you contextualize self custodial. I hadn't found a good way to talk about this idea, but I think I may steal yours: Fedimint is self-custodial in the context of the operant layer, in this case, the relevant federation. Each layer (or sub-network) provides its own guarantees that participants can evaluate as they like, and holdings are sovereign within that layer.
Just as layer-1 btc is sovereign within the bounds of the btc protocol and not outside it, holding federation notes is sovereign in terms of that federation's affordances. If you find the guarantees of a particular federation to be compelling, it effectively scales btc for you, as transactions with acceptable guarantees can occur off the btc chain. If you don't find its guarantees compelling, then it provides no scaling as far as you're concerned.
This is inevitable and there is no other solution for scaling. The only question is which form[s] of such scaling people ultimately find compelling enough to use.
reply
…but there is another solution out there that does not involve a custodian - mercurylayer
reply
Beyond a financial network
  • Prediction Markets
Glad you mentioned prediction markets since I asked myself exactly this the past few weeks:
Couldn't a fedimint federation fedimint federation1 be exactly what I am looking for to solve the oracle problem in a way which requires less trust?
For example, @gunson mentioned here this:
Market settlement is going to be a very interesting problem to solve in future versions.
I wonder if you could nominate an npub (or have an m of n npub model) to agree on the outcome. Then anyone participating could:
  • Choose a market based on the npub they most trust
  • Vs. the market with most liquidity
Market settlement then only possible based on nominated npub signing a settlement message with their nsec.
So maybe I could just nominate a federation? In that case, I could also solve two problems at once: oracle and custody of funds.
Really looking forward to what you guys build at Mutiny.
I don't know enough about Fedimints yet to have an opinion but I have a feeling that Fedimints could be what Hal Finney talked about here with "Bitcoin Banks":
Actually there is a very good reason for Bitcoin-backed banks to exist, issuing their own digital cash currency, redeemable for bitcoins. Bitcoin itself cannot scale to have every single financial transaction in the world be broadcast to everyone and included in the block chain. There needs to be a secondary level of payment systems which is lighter weight and more efficient. Likewise, the time needed for Bitcoin transactions to finalize will be impractical for medium to large value purchases.
Bitcoin backed banks will solve these problems. They can work like banks did before nationalization of currency. Different banks can have different policies, some more aggressive, some more conservative. Some would be fractional reserve while others may be 100% Bitcoin backed. Interest rates may vary. Cash from some banks may trade at a discount to that from others.
George Selgin has worked out the theory of competitive free banking in detail, and he argues that such a system would be stable, inflation resistant and self-regulating.
I believe this will be the ultimate fate of Bitcoin, to be the "high-powered money" that serves as a reserve currency for banks that issue their own digital cash. Most Bitcoin transactions will occur between banks, to settle net transfers. Bitcoin transactions by private individuals will be as rare as... well, as Bitcoin based purchases are today.
I could be wrong though.

Footnotes

  1. I still get hung up on the terms around fedimint similar to what @Car mentioned during a SNL episode.
reply
Cash from some banks may trade at a discount to that from others.
This is also exactly what you mentioned here:
One distinction I will stress here is that it will rarely be precisely 1:1. There should NOT be an expectation that an Ecash will ever redeem the exact amount of Bitcoin because of the fees involved. You can never go directly to the source to get the same amount of Bitcoin as you entered. The same concept can be applied to other layers, such as Lightning. A sat on LN is valued differently than a sat on-chain. This is important to understand the actual cost of Bitcoin ownership, the cost to control and manage capital in a blockchain, and how market rates will be determined.
reply
Thinking about gift cards in relation to ecash is pretty interesting.
If I ran a restaurant and sold gift cards and behind the scenes I used a Cashu mint to keep track of it, you might think it was not any better than the current standard of somebody's database.
If there were a lot of restaurants that did this, it still wouldn't be so different than the current situation either.
But if they pegged to bitcoin and had a gateway to lightning, all of a sudden you could use any gift card in the system anywhere that issued a gift card.
Okay, so there's a lit of problems with this: the main one being that it'd be really hard to make sure that the ecash was actually backed by what it claims it is backed by.
But here's the thing with that: when you get a Walmart or Carrefour gift card, you don't really worry about being able to redeem it, even though you haven't got a clue how many gift card liabilities they've sold and you surely don't imagine they are keeping the cash value of your card on hand.
This is probably because you don't have a huge amount of value there (nobody has a $10k gift card that I've ever heard of, but maybe I'm just poor). Also, these are huge companies, and so you kind of assume they'll be good for it, because if they aren't there would be some major signs. (For instance, when Bed Bath and Beyond was going bankrupt, I imagine people who had their gift cards redeemed them sooner than they otherwise might have).
I doubt we will ever get the interoperable gift card network of my dreams based on ecash, but I could see fedimints and cashu mints working like different sort of gift card, one that's much more transferrable.
Perhaps what you are buying when you trade btc for a particular mint's ecash is a functionality bonus (programmability) or a privacy bonus or cheaper cost of transacting. And when you peg out, you are selling those functionalities to someone else.
Last thought on this: why do people use gift cards anyway? I mean, if you are giving someone money, why nit just give them money? Why encumber it with restrictions? Is it just etiquette? Giving cash is an insult or paternal in a way that gift cards aren't. I think this plays a roll, but there's also discounts or perks merchants provide in return for money in advance. Maybe ecash mints will find a way to incorporate such things in order to attract users.
reply
Really good post. I suppose ecash is non-custodial in the framework you propose as long one considers it completely separate from bitcoin and not a promise for Bitcoin. I think what interests me most is the extensible framework the Fedi team is building which allows teams build solutions which serve a community’s needs across different facets including technical, legal/regulatory, and counterparty risk.
reply
I suppose ecash is non-custodial in the framework you propose as long one considers it completely separate from bitcoin and not a promise for Bitcoin.
No, the argument for "even federated ecash is custodial" would not be dependent on that. It's an argument to be sure, there is more than one facet here, but the power that the (federation) mint has over you is the issue, and that doesn't disappear because what their token represents is not bitcoin.
(In the extreme, if they didn't claim their token represented anything, not even trust in their integrity, then the token is meaningless. If the token is supposed to represent value, then there is a trust issue, so that "self-custodial" is a problematic description).
reply
Controversial and will take people a long time to see what you're seeing, I think. Took me a while for sure. Fascinating stuff. It's literally made me reconsider (and articulate more clearly) why I dislike shitcoins.
My distaste for shitcoins it's not about decentralization anymore. The difference between a high quality ecash (good federation) vs a shitcoin token is literally one thing - the level of redeemability to bitcoin. Across time, how close can the token get swapped 1:1 to bitcoin.
ETH tokens, XMR, and other shitcoins: at any given moment in time, I have very low confidence they can be swapped 1:1 (same value as the past) to sats.
A high quality ecash token issued by a well-run federation (or even, L-BTC issued by the Liquid federation!), I will have much higher confidence, and so I wouldn't consider that token a "shitcoin".
reply
anyone can run their own cashu mint, even on an IP address. Not sure about TOR hosting though.
Fedimint uses Cashu as a component.
reply
Fedimint uses ecash, it does not use cashu.
reply
Frac-Reserve bitcoin is eCash / Fedimints biggest and most realistic risk. (ie. mint operators will print themselves their own tokens and spend within ecosystem. Such situation is undetectable afaik)
What is the current fedimint concept for how users would audit the issued eCash tokens?
reply
You might be interested in this: A Proof of Liabilities Scheme for Ecash Mints
reply
You can ask for an audit from the mint. Still trusting then but it's available.
Most surefire way would be to enact a bank run.
reply
Having an option in wallets to "auto cashout tokens after X hours/days" would help protect individual users.
However, this wouldn't solve anything for the ecosystem of vendors. Suppose that mint becomes insolvent at 12:00....there could still be frac-reserved eCash being presented to Vendors, which they would have no way to check. (unless of course they immediately withdrew presented eCash into LN, but that defeats the purpose)
reply
I also find it suspicious this Fedimint stuff is getting a ton of attention just as the SEC approves Bitcoin ETFs.
Smells like an attempt by the banking elites to manipulate the price of Bitcoin.
reply
Great! bookmarked
reply
Great article!
"Fedimint can be arranged as a 3 of 4 multisig, 5 of 7, etc."
I thought that Fedimint's trust model breaks down when 1/3 or more of the guardians become malicious. What proportion of guardians have to coordinate to rug users?
reply
Depends on how the guardians set it up. As mentioned, it can be any denomination.
reply
A federation size of (3n + 1) is resilient to n bad guardians.
reply
great article. very informative! definitely clears some things up for me.
I do have one question about the swaps to/from btc to the ecash. since it seems the value of the ecash in a federation is not tied to the underlying sats that initially created the ecash, swapping back to btc for whatever reason should not imply that I'm getting back the same amount of sats I sent in to the federation? so there is the opportunity for speculation on ecash value in relation to btc for those inclined to do that. so I could send in 500,000 sats hoping the value of the ecash increases so I can exit and maybe get back 600,000 sats instead?
reply
The theory that it could in fact be more favorable in BTC terms to exit is an interesting one. If a particular mint could be valued less, in theory one could be valued more.
Because of the smart contact module system in fedimint, there's a possibility that the functionality of modules on one mint but not another could push demand to be in that system. If it costs 200k to swap BTC in for Ecash on chain (mining fees) and there's an LN gateway willing to let you come in for 100k fee, in that case your 500k sat swap costs you 600k and netted the gateway (a user of the mint functioning as a swapping provider) an extra 100k profit. In the end, it saved you money.
reply
This is an absolute goldmine for free education 👏 thanks for writing ✍️ this out @TonyGiorgio
There you go tipped you over the 10k barrier 😋
reply
So ecash is self-custodial in the same sense that my ZBD Wallet password is in my custody and it gives me access to my funds?
Got it.
reply
Bearer instruments that are indistinguishable from each other and don't have the ability to be selectively censored and can't be unilaterally prevented by any single entity is what actually makes it self custodial money.
Your company has full control over the ledger of the users that you actively censor and discriminate against. If your password was as good as cash, maybe. But it's not and you have full control of whether or not your KYC'd users can access the funds.
reply
Ecash is great, in theory. I just don't see any scenario where a mint it not considered a custodial mixer for Bitcoin: you deposit (any) utxos, and get perfectly private ecash out.
That's a Tornado Cash treatment in 3..2..1
reply
"Fedimint guardians don't run a Lightning node or hold HTLCs"
It should be built into the app to enforce the existence of a LN node for the mint, including statistics about said node. Such as inbound/outbound balance, number of channels, etc.
If the mint's LN node is offline, there should be a giant red notification to all users that the health of the mint is not good.
reply
Did you not read that fedimint guardians don't run lightning nodes?
reply
Yea, I know.
I'm speaking more from an app design perspective. An LN node isn't required in the protocol, but it should be such an important piece of a mint's infrastructure that the app makes it clear what the node's status is and whether there even is one.
reply
I still don't get it. How is this better than MercuryLayer that is ACTUALLY non-custodial?
reply
Great article. Thanks. It couldn't come at a better time personally, since I just started playing with the minibits wallet.
reply
It looks like you edited out what I was responding to so I'm editing out the original comment I made here...
reply
Yes. I foolishly missed a critical sentence. I'm still trying to wrap my head around self custody in this context. I like your analogy of ecash as dollars in your pocket. Physical control as custody.
reply
Great article on a truly fascinating subject
reply
what the hell is fediment?
reply
stackers have outlawed this. turn on wild west mode in your /settings to see outlawed content.
Are there other gateway options between different fedimints rather than Lightning?
reply
Sending from one mint to another will need to be settled in LN. So you better look carefully what kind of of a back end LN node your uncle Jim is running. Truth is that most uncle Jim's won't have this kind of a setup, so then it turns out to be another more centralizing hub and spoke model.
There's a lot of hope in fedimint. I'm not seeing it yet. And honestly I hope they aren't building on sand.
reply
Users don't need to trust the LN nodes attached to federations. I explain that.
reply
It's not self custodial. It is possible to use federated solution without spreading misinformation.
reply
You just invented banking.
reply
Whats the principle difference between Fedi and Liquid? Liquid has dozens of members. To imagine majority fo them being compromised is quite difficult.
reply
Liquid "guardians" are 15. The rest of the dozens of members are not for consensus, it's for partnership marketing.
Fedimint actually can run past dozens of guardians.
reply
didnt know that. I thought they take turns being signers. Zapity zap
reply
The 15 do take turns signing.
The other federation members, while not being able to produce blocks (which are the 15 functionaries only), are not just Marketing though. They have a PAK (pegout key) and can thus perform peg-outs to BTC onchain
reply
This is why I love stacker news :)
reply
You have more privacy with ecash token as the mint is blind to them and there is no public ledger. Liquid is more or less a Bitcoin copy with all the privacy issues.
reply
confidential transactions
reply
Also looking forward for fedimints, I think it will become the main onbording gate for most users. I think it might kill the current cashu model. One thing I think it's important is to know and/or have proof of who are the guardians bc it's useless to be a multisig if it's a bunch of anons or even just the same person. I think I will use a fedimint as a spending account just like I use lighting now but Fedi will make on-boarding a lot easier.
reply
Really great post. I truly believe that the inevitable high on chain fee environment will continue to inspire and push innovation to other layers that will help bitcoin scale. Looking forward to seeing how this plays out with Fedimint.
reply
I have renamed my blog "Fedimint (Federated Ecash) is Self-Custodial" to make a better distinction that I'm talking about the ecash within a federation, that the user swaps Bitcoin for. I think that's clear by my article but I've clarified it in the title.
I don't think I can rename the title here on stacker news after the fact.
Hey great post Tony! Two quick questions:
What stops everyone from eventually picking the same mint?
What's the flow/ux when the shopkeeper doesn't accept the same ecash you have and a lightning swap is needed?