-Fungibility refers to math. Bitcoin is completely fungible, regardless of what rando definition you give "fungibility"
-I wouldn't touch bitcoin if its L1 wasn't completely transparent. You'd quickly run into the trust problem that gold faced (paper L2 whereby custody was required and that custody was unaccountable)--which is where don't trust, verify originates. Bitcoin solves this because only bitcoin travels on its L1, an L1 which is trustless and transparent
-Bitcoin's security mechanism hardens with time. When a circular economy arrives, billions globally are using the network, the data set expands exponentially, and layers are scaled in, its pseudonymity is more than sufficient. It's already hard enough to find the transactions of the public DeFi/CeFi companies blowing up around us even with blockchain forensics
-If we're all hiding in the dark broadcasting transactions, that means the decentralized money never separated money from state and failed in basically every regard. It's still just a discrete payment network
-If your L1 is not transparent, there's no reason for PoW
-What good is anonymity when ordering something online and providing a shipping address? If you think the protocol layer alone solves the problem of government fuckery, you're naive. My utility bill and car payment have my name, email, and address attached
-Anonymity can be easily weaponized against the system. It can also be exploited by shady governments and businesses--both of which should be required to share Xpubs. More accountability here, not less
-Bitcoin doesn't have a privacy problem. It's drag comes off-chain from erstwhile hegemons, and no amount of L1 forking will fix the meatspace. The money will fix the meatspace over time, as will knowledge, utilizing your rights, voting, etc
-Monero is fine and extreme privacy has utility (for now). It might always exist as a discrete payment network that eventually acquires its liquidity from BTC herself. It's unfit however, to be a world reserve currency
reply
A lot to unpack here but I very much disagree with most of what you've said.
  • Fungibility doesn't refer to math, it refers to real-world implications of how something is valued. If some sats are worth less or less spendable because of history, Bitcoin is not fungibile. This has already been widely proven and is growing as an issue: https://sethforprivacy.com/posts/fungibility-graveyard/
  • Monero is verifiable and trustless in similar ways to Bitcoin, I'm not sure what you're getting at here. All nodes/miners validate transactions just the same, you don't need transparency, you just need good cryptography.
  • Banking on the "too much data" argument is one that goes directly against Moore's law (and other similar ones) that the ability to compute on this data and make sense of it will only get better, and Bitcoin's arbitrary hard-cap on blocksize means that the amount of data they have to crunch cannot be more than a set amount per time period. Privacy through obscurity is a poor approach and never works at scale, especially when all data is published to an immutable ledger they can crack at any point in the future.
  • No idea what you mean here, I don't want my transactions public no matter what, in a perfect world or a dystopian one.
  • ???? You still need PoW to have decentralized consensus and transaction validation, prevent double spends, etc. What do you mean here?
  • A very dumb comment that drives me insane -- Monero (or any other privacy-preserving tool) helps with some aspect of privacy, it obviously doesn't solve all problems you might face. It has to be paired with broader personal privacy, but even when I'm giving out my address I don't want to also give out my financial details. Monero fixes this.
  • If you can force a government to be accountable, you can do the same in Monero by forcing them to share view keys. This is not unique to Bitcoin and can be easily enforced in Monero if you have power over governments. Why rob every user of privacy for the transparency of a few that you can theoretically force to be transparent anyways?
  • No idea what you're saying, except the false statement that Bitcoin doesn't have a privacy problem. It has a deep-seated privacy problem that leads to arrests, oppression, censorship, and fungibility issues today and will only get worse as we enter a more adversarial environment around Bitcoin.
  • Idc about a reserve currency, and this hyperbitcoinization pipe-dream being sold to Bitcoiners by "influencers" is one that is far detached from reality and leads to so many of these clear and problematic issues being brushed away with "fix the money, fix the world" nonsense that assumes all our problems go away when Bitcoin gains magical world-wide adoption.
reply
Monero is verifiable and trustless in similar ways to Bitcoin, I'm not sure what you're getting at here. All nodes/miners validate transactions just the same, you don't need transparency, you just need good cryptography.
It would be much easier to claim this if both of the well known, serious attempts at implementing cryptographic privacy over transfers in a cryptocurrency (Monero, Zcash), hadn't suffered from inflation-creating bugs, already (only years after both being created). In one case, this (potential) inflation was invisible, which can reasonably be argued to be the worst bug imaginable in a cryptocurrency (even worse than arbitrary spend/stealability .. it's arguable, but you can make that argument!).
If fungibility is binary and Bitcoin isn't fungible, then you are wasting your time with Monero, since it does not eliminate the transaction graph, it only obfuscates it, and does so with non-trivial tradeoffs. If a binary 1 for fungibility is what matters, you shouldn't look at anything with a lower privacy bar than Zcash in this case (and even that doesn't quite get there, though it's extremely close ... again with unacceptable tradeoffs imo).
In my opinion the accumulation of state over time, extra expense of space/computation, and by far the most important - the danger expressed in my first paragraph above, is why we never got any energy behind creating some form of blinding or obfuscation of amounts and tx graph in base layer bitcoin. Even the experts who proposed it admitted there is a tradeoff, in implementation risk, cryptographic risk, and scalability. That's why higher layers are going to be the more effective way, long term. I do not support Monero or Zcash or other similar projects, because an endless fracture of Bitcoin into other coins to fix limitations just leads to a failure of the cryptocurrency project overall.
With a little bit more cohesive effort we can get much better effects at higher layers.
reply
I spent a good bit of time in the podcast walking through these tradeoffs, I am both aware and honest about them.
But the advantage of gaining strong privacy for every user of a tool far outweighs the minor risk of implementation bugs leading to inflation (a risk that Bitcoin also has, it's just always detectable there). You can read more of my thoughts on auditability here: https://sethforprivacy.com/posts/dispelling-monero-fud/#you-cant-audit-the-monero-supply
As for fungibility, what matters is fungibility in practice -- in practice Monero's holistic approach to privacy has provided perfect fungibility to date with no signs of that changing. People confuse ring signatures as the only aspect of privacy on Monero, which they are absolutely not (as, again, I walked through in-depth in the podcast episode). Yes, Zcash has a slight edge to potential privacy, but far worse real-world privacy due to allowing transparent transaction (and thus 95%+ of transactions being non-private).
reply
A global reserve currency isn't a discrete payment network. It's money economies hedge with, money governments use, money businesses use, money everything is settled in. It's not just for the pleb buying lunch. A global reserve currency that is DECENTRALIZED won't work without a transparent L1. If transparency of the financial system's base layer (fiat/debt) existed today, governments would have the minority data. They'd be screwed and couldn't survive the free market dynamic that creates. Their manipulation that targets stable fiat pricing wouldn't work.
You're standing way too close to the protocol and code like most devs do.
For example, when I ask most devs by what mechanism their protocol creates an overabundance of goods and services outside the money, they don't know what that means, because they've never considered the fact that if money is separated from state, then there's no government left to incentivize energy production, to subsidize it, and enable an overabundance of it. You can't have an overabundance of goods and services outside the money without an overabundance of energy. And since energy and energy efficiency are how we can directly measure the prosperity of a nation...My point is, without this, deflation is an absolute nightmare. So, like the first question I ask any aspiring politician: what's your energy policy? If you haven't got one on a massive industrial scale, your money and payment network will never be anything more than a discrete payment network, which is fine. Chucky 🍕Cheese has one of these with their tokens. I can buy pizza with them. This isn't a world reserve currency though. Only bitcoin possesses this property, which is what attracted me to it.
Lastly, what's Monero's plan to scale the velocity of money to the velocity of information the internet achieved?
Privacy doesn't fix the money or world. We already have plenty of privacy with paper money.
reply
By the way, found your podcast with Peter excellent and quite informative. Some good points, regardless of our disagreement here.
reply
This goes straight into my to-listen list :)
There is a big value in Peter McCormack asking "naive" questions, because there's often a lot to be learnt by both the interviewee and the listener...
reply
Peter is maybe the only Bitcoin podcaster I watch. Too many others use their platform to vomit out partisan political talking points.
reply
I really like @sethforprivacy publications and the Monero community is the ONLY other community that i have respect for.
I think Bitcoin can learn from Monero on L2, but (as @tenderscore has mentioned9, L1 transparency is necessary for adoption
reply
L1 transparency was arguably necessary for early adoption (imagine Satoshi trying to get people to use Monero instead day 1 where they couldn't validate anything easily with their eyes on a block explorer!), but not anymore.
Most people would much rather have financial privacy if it was easy than not.
reply
Unfortunately I believe the cultural fight for privacy died after Snowden; if there was an opportunity to codify privacy in public opinion - it was then.
The upcoming generation has no knowledge of privacy - Venmo's "social" aspect to paying your friends is a perfect example of this.
Additionally, the NPC-response of "...what do I have to hide" only compounds that the fight of privacy is being lost.
So why do I think L1 needs to be transparent? Because I think this is the only way that CEXs and governments can allow assets to be traded (without violating their "AML" laws).
Privacy is still available, but it needs to take place on L2 to be politically and socially digestible.
P.S. I am not proud that privacy isn't enabled by default.
reply
Think that's a bit of a defeatist attitude TBH, there is a great resurgence in people caring about privacy, great growth in usage of privacy-preserving tools, and lots of people getting burned and then waking up.
Yes, most people couldn't care less right now, but that is rapidly changing as governments show their authoritarian hands more and more.
Hold your head up, keep the faith, and keep pushing people to use better tools :)
reply
Yes definitely a defeatist attitude but I am hopeful that CBDCs will be a gateway drug for things like Monero and/or Bitcoin.
What's your take on my point about CEXs banning coins with privacy on L1 (I believe there was an instance related to Litecoin in Korea being banned due to MimbleWimble)?
reply
Delistings should be embraced, not run from, as they lead to people avoiding KYC natively.
If "they" don't want you to have something, you can safely assume they at least see some danger in us having access to it.
But those delistings are also why building tools like atomic swaps and decentralized exchanges have been a focus for the Monero community and our voluntary funding via donations.
reply
10 sats \ 1 reply \ @jp 2 Jul 2022
Do you know of any updates related to the Monero<>BTC atomic swap? I recall there being an alpha with a GUI, but then the service stopped functioning.
IIRC you posted it in one of your blog posts
reply
The COMIT network atomic swaps have been abandoned by the team who made them (lots of dubious things behind that, apparently...) but the work on the more complete and well thought out atomic swap protocol, Farcaster, continues:
They are actually leveraging a lot of similar modularity to some of how Lightning is built, hopefully we will get a community update from them soon with the status in more layman's terms, but I know multiple people behind it and they're making solid progress.
we cant solve every problem with technology. at some point a person or group of people have to say enough is enough.
this is in response to the focus on privacy because you may be at risk because politics can change and everything you do if linked to your identity is kept for ever in the blockchain. this gives a sense of fear, and thats not good. if we get to a point where people get persecuted for using Bitcoin then we have to stand up as a people and say NO.
reply
great episode but my only gripe is with the claim the bitcoiners who spend want to do so on monero. i will gladly spend sats on lightning and do not want any spend recorded on a permanent ledger even if monero.
reply
I definitely grasp it's a bold claim, but TBQH if you've ever actually used Monero you'd much prefer spending it than Lightning (in a non-custodial way). It is immensely more simple, has better receiver privacy guarantees, and requires far less management overhead.
I'm a big fan of the potential of Lightning, it's just not there yet and Monero is there, so it's a much better tool for spending for most people. I know many Bitcoiners who would much rather spend Monero than Lightning/Bitcoin L1.
reply