RoboSats adds privacy feature "Stealth invoices" \ stacker news ~bitcoin

RoboSats adds privacy feature "Stealth invoices"

2105 sats \ 11 comments \ @P2P_bitcoin 14 Aug 2022 bitcoin

In your trading robot's profile there is a slider labeled "Use stealth invoices". When enabled it will cause the Lightning invoice to not include details of the trade order. When this setting is left off (the default), the invoice will include:

RoboSats - Taking 'Order nnnnn' Selling BTC for nnn.nUSD - Taker bond - This payment WILL FREEZE IN YOUR WALLET, check on the website if it was successful. It will automatically return unless you cheat or cancel unilaterally.

When Steath mode is enabled, the invoice contains instead a payment reference (GUID):

This payment WILL FREEZE IN YOUR WALLET, check on the website if it was successful. It will automatically return unless you cheat or cancel unilaterally. Payment reference: [1234abcd-5678-90ef-abcd-efabcd123456]

The tooltip description for this setting shows:

Stealth lightning invoices do not contain details about the trade except an order reference. Enable this setting if you don't want to disclose details to a custodial lightning wallet.

view all related items

20 sats \ 0 replies \ @P2P_bitcoin OP 14 Aug 2022

This Tweet explains why Stealth invoices was added.

You can now enable "Stealth Invoices" on your robot profile 🥷

Enable it for invoices with succinct descriptions. Ideal if you are using a third party lightning wallet (i.e., not your own node).

Stay private 🤖🤘

https://twitter.com/RoboSats/status/1558579785361670148 https://nitter.it/RoboSats/status/1558579785361670148

And here's the issue in the RoboSats github explaining further:

Add 'stealth invoices': an On/Off toggle for lightning invoice description #168 https://github.com/Reckless-Satoshi/robosats/issues/168

25 sats \ 0 replies \ @ken 15 Aug 2022

I'm going to give RoboSats a try. I'm beginning to think more and more about non-kyc Bitcoin and holding a stack that is off the record so to speak.

25 sats \ 5 replies \ @tech5 14 Aug 2022

So if one uses a KYC account to swap via lightning, does just stripping that information prevent the custodian from knowing who exchanged with who?

1058 sats \ 4 replies \ @P2P_bitcoin OP 14 Aug 2022

Right. If you were to use something like Kraken (which requires identity verification / KYC) to pay the lightning invoice using your account balance at Kraken, you probably don't want them to have access to data that would indicate this was a P2P trade on RoboSats.

The problem was that order information on RoboSats is public. So, for example, let's say one of the 87,000 new IRS agents asks Kraken to share the invoice info from withdrawals made, and they see that Bob made a 3M sat withdrawal (~$750) for order #12345, they can then find that order #12345 was where the seller (Bob) sold bitcoin at $25,000. And Kraken shows Bob previously bought that bitcoin at $18K. And Bob didn't report any capital gains for that year. That becomes a problem. By simply not including that Order # in the LN invoice description, the ability to link the LN withdrawal from Kraken to a specific order on RoboSats is essentially impossible as only the buyer and seller have that payment reference GUID information that Kraken would have seen.

That's one example. Another is where, let's say, a data breach at Kraken reveals that Alice (buyer) has received dozens of LN deposits into her Kraken account, and from those RoboSats order numbers from the LN invoices it can be seen that she uses Zelle as her payment method used when buying those sats. And then Zelle terminates her account as a result. Nobody wants or needs that.

35 sats \ 2 replies \ @mikhael 14 Aug 2022

Just curious, why would Zelle terminate her account?

10 sats \ 1 reply \ @P2P_bitcoin OP 14 Aug 2022

Essentially every bank that supports Zelle has in their terms of service:

The following types of payments are prohibited through the Zelle® and Other Payment Services, and we have the right but not the obligation to monitor for, block, cancel and/or reverse such payments:

F. Payments relating to transactions that:

e. are associated with the following “money service business” activities: the sale of traveler's checks or money orders, currency dealers or exchanges (including digital currencies such as Bitcoin), or check cashing; or

https://banking.fnb-onlinebankingcenter.com/FNBPA/Enrollment/ConvertedUser.aspx

25 sats \ 0 replies \ @tech5 14 Aug 2022

Yea it is definitely risky.

25 sats \ 0 replies \ @faithandcredit 14 Aug 2022

that sounds good why isnt stealth invoices on by default? oh nvm someone else already asked the question further down

25 sats \ 0 replies \ @KingZing 14 Aug 2022

privacy for everyone! this is great

25 sats \ 1 reply \ @nout 14 Aug 2022

Why not enable this by default?

888 sats \ 0 replies \ @P2P_bitcoin OP 14 Aug 2022

Good question. Maybe because the Order number is how the trade is identified. For example, the path in the URL for the order is /order/nnnnn

If you have multiple offers, having the Order number makes it easier to verify that you are paying the right invoice, or makes tracking a payment later easier.

Or maybe there is another reason that I'm not aware of.