For those who want some more detail: We block swaps originating from OFAC blacklisted addresses since quite some time already (see #340280), see also 4.17 in https://boltz.exchange/terms. The goal is simple: avoid our users having their swap funds frozen by entities like European or U.S. exchanges.
But precisely this happened over the past couple of days. Turns out ByBit Hack related funds are moving through different Bitcoin rails and caused funds to be flagged and frozen by different regulated exchanges. To counter this, we added the ByBit blacklist (https://dt074px2e9qbh.cloudfront.net/exploit-api.json) in addition to the OFAC blacklist. Goes without saying, that checks against these lists run locally on our server.
So... we are not blocking Bitcoin originating from coinjoins, but if you are participating in a coinjoin round with blacklisted ByBit Hack addresses, then we do. If you intend to use Boltz with coinjoined funds, it's a good idea to investigate about your coordinator a bit beforehand (see e.g. https://x.com/Ziya_Sadr/status/1904683659686215806).
Fuck you and fuck your service then . Glad ive never touched it. And now I never will If you discriminate against people who want privacy. I'll also discourage anyone I know from using it.
You are unfairly targeting innocent Bitcoiners who want to protect their privacy. A coinjoin transaction combines inputs from multiple Bitcoin users. This means your policy of censoring every transaction participant causes unnecessary collateral damage.
The coinjoin coordinator running on my node accepts 2,500+ new BTC and confirms 20,000 BTC in total volume each month. It accepts exactly zero ETH.
Bitcoin is fungible. You are only harming innocent users, not preventing anything related to the bybit hack, and worse is you fucking know it. Shame on you for your OFAC bullshit. Bitcoiners won't enable shitty middlemen. What exchanges do is their business. What you have done is your business. Where I take my money is my business, and my business nor any user I educate's business will be going to you.
it was the taproot address of boltz exchange. Definitely not address reuse. Address reuse is not a reason for blocking, to the contrary, the surveilers wish everyone would reuse addresses.
I really hope for a malformed btc address or some kind of silly error. In case they are filtering :S ... it's a really bad signal, it was just about the when.
bad wallet privacy practices are not a reason for censorship. I sent the coins again after the refund and they were blocked again. The first transaction was from a coinjoin.
A brand new cannot. But from the screenshot, they ask to enter a BTC address to get the refund from the locked address. So the user got that error after funding said lockup address in BTC from his wallet.
Hi there,
for full transparency: Yes, we do.
For those who want some more detail: We block swaps originating from OFAC blacklisted addresses since quite some time already (see #340280), see also 4.17 in https://boltz.exchange/terms. The goal is simple: avoid our users having their swap funds frozen by entities like European or U.S. exchanges.
But precisely this happened over the past couple of days. Turns out ByBit Hack related funds are moving through different Bitcoin rails and caused funds to be flagged and frozen by different regulated exchanges. To counter this, we added the ByBit blacklist (https://dt074px2e9qbh.cloudfront.net/exploit-api.json) in addition to the OFAC blacklist. Goes without saying, that checks against these lists run locally on our server.
So... we are not blocking Bitcoin originating from coinjoins, but if you are participating in a coinjoin round with blacklisted ByBit Hack addresses, then we do. If you intend to use Boltz with coinjoined funds, it's a good idea to investigate about your coordinator a bit beforehand (see e.g. https://x.com/Ziya_Sadr/status/1904683659686215806).
We'd love to see dramatically improved fungibility on Bitcoin and are looking to implement Payjoins to do our (little) part. Particularly excited about the upcoming v3 multiparty version: https://payjoindevkit.org/2025/03/18/the-evolution-of-payjoin/#looking-to-the-future-payjoin-v3
Fuck you and fuck your service then . Glad ive never touched it. And now I never will If you discriminate against people who want privacy. I'll also discourage anyone I know from using it.
You are unfairly targeting innocent Bitcoiners who want to protect their privacy. A coinjoin transaction combines inputs from multiple Bitcoin users. This means your policy of censoring every transaction participant causes unnecessary collateral damage.
The coinjoin coordinator running on my node accepts 2,500+ new BTC and confirms 20,000 BTC in total volume each month. It accepts exactly zero ETH.
Bitcoin is fungible. You are only harming innocent users, not preventing anything related to the bybit hack, and worse is you fucking know it. Shame on you for your OFAC bullshit. Bitcoiners won't enable shitty middlemen. What exchanges do is their business. What you have done is your business. Where I take my money is my business, and my business nor any user I educate's business will be going to you.
"Bitcoin is fungible." The fact Boltz is blocking certain addresses says otherwise.
Correct. Bitcoin has a massive fungibility problem, and the fact that boltz seem unable to run a company seems like pretty hard evidence.
https://xcancel.com/Ziya_Sadr/status/1904683659686215806
😂 @kruw
Most people will use the coordinator with the most liquidity and can't check in real time if hacked funds are entering the same round.
Mmm.
What address was it? Address reuse?
it was the taproot address of boltz exchange. Definitely not address reuse. Address reuse is not a reason for blocking, to the contrary, the surveilers wish everyone would reuse addresses.
Please don't reuse addresses. Ever. Reply above: #926959
Wow! Please research, get on the boltz.exchange discord and ask. He's responsive.
Inquiring minds need to know what's going on!
Discord is surveillance technology. Not signing up there.
Here's some other contact info from the github
@Boltzhq (twitter) hi@bol.tz (email)
We are on Stacker ;)
Reply above: #926959
I really hope for a malformed btc address or some kind of silly error. In case they are filtering :S ... it's a really bad signal, it was just about the when.
The beauty of OpenSource https://swapmarket.github.io/ ...
no error. the transaction was succesfull but boltz rejected the swap and refunded the coins.
This is concerning! Please keep us posted on learnings here
I can't imagine that a brand new address could or would somehow be blocked.
Smells like some bad wallet privacy practices.
No matter the reason, it's good to know that Boltz has been back-door'd and are involved in chain analysis.
bad wallet privacy practices are not a reason for censorship. I sent the coins again after the refund and they were blocked again. The first transaction was from a coinjoin.
A brand new cannot. But from the screenshot, they ask to enter a BTC address to get the refund from the locked address. So the user got that error after funding said lockup address in BTC from his wallet.
so it begins ..
Test the address you sent payment from with the Telegram bot @green_stage_bot or @BitOK_AML_bot and tell us what you get.
Read this #924696
Telegram is spyware. Not signing up there.
Use a burner sim card from a third world country or bought with lightning
Enter a BTC address to receive your refund on:
wtf!