 Hi, thanks for the talk, inspirational as always, I was just wondering if you had any thoughts or comments on on the Edwin Snowden interview. I'm sure you saw it or at least about it. When was this one? This was one of blocks per one, not sure which one, but his comment specifically relating to the public matter being the biggest security flaw in Bitcoin at scale. Yes, so transactions on open public blockchains are open. However, they're not associated with identities directly. So the identifiers are not IP addresses or email addresses or human identifiers. Bitcoin addresses cannot easily be correlated. However, we have a lot of work to do to improve the privacy of the system and there's a lot of research being done already to add layers of encryption And fungibility as it's called to the coin so that you can't easily trace transactions from one to another. There's a few cryptocurrencies that are specializing in privacy and doing advanced research and there are also some research projects to improve the privacy of Bitcoin and Snowden is right in terms of we cannot go to very broad use under Adversarial conditions with the blockchain as it is today That would be a bit of a privacy nightmare just like going to a mainstream broad internet Without encryption on the IP layer was a mistake that has been exploited very effectively by intelligence agencies But I think we will Add those encryption features and make the system more private keep in mind You've also got to consider what you're comparing it with Because a great deal of the world is now going plastic and cash is being abolished in many countries around the world Some European countries are all cash Germany Some European countries are now all digital in Sweden I think 95 plus percent of all transactions are using a plastic card Every single one of those transactions is under full Surveillance and not just by one intelligence agency you can assume by all of them Simultaneously overlapping and surreptitiously So we already have a digital money future, which is a totalitarian surveillance nightmare which gives enormous power to a few people and We have the alternative and the public blockchain isn't in a good state today, but we can make it much more private I tie my horse to that one reanonymizing UTXOs KJ asks hey Andres my UTXO said has been tied to my personal identity since I've been buying from Coinbase after Empty Docs blew up Specifically more than 80% of my cryptocurrency foldings are wrapped up in a single UTXO What would be your recommended process for splitting and obfuscating that UTXO in order to separate it from my identity? Thanks. So first of all Quick question. What is a UTXO a UTXO stands for unspent transaction output? And that may sound like gibberish to you, but basically UTXO is the result of a Bitcoin transaction the result of a Bitcoin transaction puts an amount that is available to spend and hasn't been spent yet as An output of a transaction it puts it into an address. So it's spendable So a UTXO is a spendable amount that an address controls Every transaction creates UTXO it creates spendable amounts What basically what KJ is saying is that he has all of his cryptocurrency in a single address Or most of it in a single chunk a single UTXO and Because that came from Coinbase or Yes Coinbase then it's basically tied to his identity. So because Coinbase knows who he is and has information about his identity and they Presumably provides Information to various analytics companies and other analytics companies can follow these identities They can track and see that this address actually belongs to KJ and they know that all of this Bitcoin belongs to KJ And what KJ is asking is how do you make it so that it's not so obvious to all of these tracking companies? That this is my cryptocurrency. Okay, first of all An important disclaimer in some countries trying to obfuscate your identity in that way is illegal So you need to understand the regulations in the country where you're where you are I don't know what KJ is and in other countries. It's a gray area It's not clear for example in the US as to whether using anonymization services To obfuscate the source or destination of funds is allowed for private individuals It's certainly not allowed for regulated institutions. They have to subscribe to regulations like AML, CTR, KYC, etc But if this is legal in your jurisdiction and if you're interested in the technology behind it this is a key issue of privacy because the fact that blockchains are Transparent and publicly available and auditable by anyone means that unless you take some basic precautions you could be Essentially creating problems for your own privacy And so what if you wanted to have the same privacy as you have with cash? And to have that modicum of privacy that human beings have had for thousands of years When transacting in the first peer-to-peer currency cash so there are a number of tools to do that and They they basically what they these tools do is they do various forms of mixing whereby you do a transaction collaboratively with other users where you take all of your Inputs and make a single transaction which has multiple inputs and multiple outputs in such a way that it's not obvious Who's making which inputs in which output so even though you can trace all the transactions going in you don't know Where they're going out to and that makes it difficult for analytics companies to track you This type of transaction a transaction that has multiple participants is called a coin join coin join and it was invented back in 2012 or 2011 I think by Greg Maxwell among others and It's since developed quite a bit. There's a number of Software packages that allow you to participate in a coin join Probably the most current one is joint market. There is also Other ways to obfuscate your ownership but the bottom line is that if you buy from a regulated institution that has KYC regulations know your customer regulations that has your identity then you are revealing the ownership of Your currency if you wanted to buy cryptocurrency anonymously, you should probably have bought it with cash It's very difficult after a multi-year Entanglement of your identity with your cryptocurrency to now try to pull back that breach of privacy The fact is that it is now known that you have that cryptocurrency So even if you obfuscate people assume you still have it They just won't know in which address it is perhaps. So it's not ideal So there you go if it's legal in your jurisdiction you can look into some of these technologies, but be careful that you understand what you're doing because This may Put you in some very deep hot water Mark asks about Schnorr signatures and UTXO consolidation Mark says I am excited about how Schnorr signatures can improve privacy for multi-signature Transactions by summing up the keys so that it looks like an ordinary ordinary single-payer transaction But how does this look like with UTXO consolidation? Does Schnorr also provide increased privacy for the individual? What would a UTXO consolidation with Schnorr signatures look like in a blockchain explorer? so mark No, you can't use signature aggregation As far as I understand in order to do UTXO consolidation the problem with UTXO consolidation isn't the signatures although we could apply a single signature across lots of UTXO the problem in that case is That you're bringing all of the UTXO all of the inputs together As inputs in one transaction which therefore Associates them now if you could construct that transaction to look or if it is a coin join So that there are multiple participants sending outputs in multiple directions and you could also encrypt the values That would be a useful privacy layer for UTXO consolidation But on its own with Schnorr signatures I don't see how that would provide increased privacy for the individual I don't a company called ZPX out of Singapore and India I First learned from your book about how Bitcoin is actually not anonymous, but pseudonymous. So it's going to be a Permanent record of every transaction You have these secrecy coins like a z-cash and Monero and Grimm and Beam and all these new coins. How do you think the end state might look like? Will governments let these things sort of exist in any form or will they be? extremely heavy-handed given the secrecy aspect if Governments could not let these things exist. They would have already not let these things exist But there are some cautionary tales and we need to be Clear on both what the risks are and the challenges we have ahead We are poking a hundred and fifty trillion dollar bear with a stick at some point It's gonna turn around and take a swipe and if you think it has it hasn't yet not at all Here's a little tidbit that will make you worry e-gold has existed longer than Bitcoin It lasted longer before they shut it down Now with decentralized systems that are based on a mathematical recipe It's not that they can't necessarily disrupt and shut down one instance They probably can given enough investment Given enough terror tactics given enough heavy-handed Totalitarian drag you away in the middle of the night beat you up with a rubber hose tactics, which a lot of governments are Absolutely happy to apply in order to maintain power and will apply and do apply The thing is and I think a lot of the people who are beginning to understand this technology really understand is if they do that They encourage a game of whack-a-mole they become The trigger that causes punctuated evolution Meaning that there's no reason to develop privacy technology strongly right now Because no one's trying to stomp on it The moment someone tries to stomp on it now, there's all the incentives and Money flows in fact to create a far more anonymous far more stealthy far more evasive system One that responds exactly to the threats that just arose It's an evolutionary system because you have independent units that operate and Can be modified directed evolution not random, but which is even more powerful It will evolve to adjust to the environmental niche right now The environmental niche is benign if it starts turning malign Then the system evolves to respond to that threat and because this is an idea based on mathematics There will be hundreds that will be thousands they will evolve you step on one Five more pop up and they're designed to avoid you stepping on them because now they need to Totalitarian governments get this if you step on Bitcoin, which is the teddy bear of crypto currencies What you'll end up with is a highly localized own language Super-stealthy system written by the very dissidents within your country Or as I like to say Right now bitcoins a gecko Every time you step on it it evolves One day it's a Komodo dragon and when you try to step on that thing it will bite your foot off Won't bitcoins confidential transactions be censored in light of the advent of new technologies such as Snore signatures confidential transactions, etc I would like to ask if this trend has the potential to make KYC or know-your-customer compliant companies Enforce a policy of not accepting a certain kind of Bitcoin transaction Just as Japanese exchanges were recently pushed to drop privacy coins such companies may go as far as to not accept any Transactions that has been tainted For example objuscated the amount or has a mixer transaction at any point in the past Unlike current AML policy such a rule won't require blockchain forensics in order to establish current transactions ancestry You merely require businesses to keep track of the UTXO set and tagging any output which has at least one tainted input Yes, of course the tainted base will theoretically keep growing But at the same time such a policy will introduce a strong incentive for customers to stay away from tainted coins And of course by extension stay away from privacy technologies How do you expect this all to play out aha? This is a very very good question And it's also very astute reading of kind of the incentives and challenges with implementing privacy technology There are some really spectacular developers cryptographers and individuals in this space who's driving principles of Privacy transaction privacy specifically the cypherpunk ethos and their attempt to preserve anonymity for purely political purposes Recognizing that this is a fundamental human right that must absolutely be defended We are so lucky to have individuals like that And there are many across the entire cryptocurrency space. This is not just in Bitcoin Of course, it's across the entire cryptocurrency space, but Specifically in the area of schnore signatures and confidential transactions and other technologies that are related from a privacy perspective One of the one of the key inventors in the space is Greg Maxwell who has a life-long dedication to privacy technologies And the cypherpunk ethos and he's been working with a number of other very talented Mathematicians cryptographers and software engineers people like Andrew Pulsar for example in Peter wool To build some very interesting constructs. I'm probably forgetting some names that deserve Kudos and it's again. I said not just Bitcoin. There's Some incredible implementations coming out of other privacy related coins implementation of ZK snarks Zero knowledge proofs the implementation of bulletproof technology and the the idea which Came out of some of the Bitcoin developers, but then was implemented in Monero very recently To reduce fees and increase security at the same time so one of the inventions that isn't talked about so much and I talked about it recently is Taproot and grafted and this is a fantastic idea and The primary idea came from Greg Maxwell and the idea of taproot and grafted is what if we could create a Transaction that on the surface looks like a pay to public key hash So it looks like a payment to a public key just like every other Bitcoin transaction However, what is not obvious from the transaction and is impossible to tell from the transaction is that that public key Isn't actually a single public key created from a private key. Instead. It's a composite key Created either by a very complex multi-sig or even better is the basis for a complex Mercalized script which has clauses underneath such as a Lightning payment channel complex multi-sig with time locks a multi-party signature a co-enjoying Transaction with multiple participants and multiple outputs. So The fantastic thing about this is you can take all of these privacy preserving very complex scripts including confidential transactions and then you can make them look like a public key payment and Taproot and graphtroot these two technologies together Do that and what they do is they make the privacy preserving transactions Indistinguishable even against the determined adversary that's trying to distinguish them from Normal payments they allow you to hide the little gems of privacy inside the The chaff of everyday Transactions so that it is impossible to single out the private transactions and censor them Which of course is the big problem with privacy technologies if the people doing them are small subset They only do them occasionally and they can be distinguished then that defeats the entire purpose taproot and graphtroot in fact are so important to this implementation that The developers who are working on confidential transactions and snore signatures have decided to delay Implementation and have decided to sequence them such that Taproot and graphtroot are launched at the same time So the people who decide to use the privacy enhancing technologies are Protected because they can use these technologies in a way that's Indistinguishable to the network from regular transactions and that decision is really critical. It was made just a few months ago It's why we're going to see a slight delay in the implementation of snore signatures and confidential transactions and why we will see the entire package of snore signatures confidential transactions and Taproot and graphtroot launch Simultaneously as a package of updates that happen at the same time allowing people to both use their privacy and Not be outed for using their privacy a really really good strategic choice in my opinion I believe Peter wool Was one of the strong proponents of doing it in that particular order together of course with Greg Maxwell