 Please explain the BTC pay server P2EP implementation for privacy. Hi, Andreas, I read this article recently about privacy and the new P2EP implementation, but I'm not sure I understand it. Can you explain it? Absolutely, it'll be my pleasure to explain it. P2EP stands for pay to end point and it's a privacy technology developed, I believe, in 2018 during a privacy-focused summit organized by the company Blockstream. Now, this is also known by a couple of different names and again, I think in the crypto space in general, but especially in Bitcoin, we suck at giving names to things because the names never explain what the thing is and are often very confusing and just to help things, we have three different names for it. So P2EP is also known as PayJoin and is also known as an implementation called BustaPay, which has become a BIP. The bottom line is this and I'll try to explain it in simple terms if I can. Let's say I am selling a book online and you have $20 that you want to send me in the form of Bitcoin and you want to make a payment on my store that's running BTC pay server. So in a traditional payment, you construct a transaction that has one or two inputs from your wallet and then pays two outputs usually, one, which is my $20 for the book that you want to buy, the payment to me and some amount in change. Now, in that kind of transaction, it's fairly easy for analysis firms to assume that the two inputs are controlled by the same person and this is called input correlation. That heuristic is the most foundational heuristic that all analysis companies or surveillance companies use in order to violate the privacy of people using blockchains. So how do you break that heuristic? And that's what Pay2Endpoint does. Now, assume that, let's say Bob who's buying the book from me instead of simply constructing and broadcasting a transaction constructs the transaction with one input from their wallet to pay me, let's say that's $30 and then two outputs, $20 to me and $10 back in change to Bob. So that's a normal transaction, but they don't broadcast it. They partially sign it, they sign their input and they send it to me as a partially signed transaction over a protocol between the two wallets. So both wallets have to be online. My BTC pay server that has this capability and has told Bob's wallet that it has this capability adds an input to Bob's transaction. Now Bob's transaction looks like one input from Bob for $30, one input from me, let's say for $30 and then $50 to me as a payment and $10 to Bob as change. I basically added an input of $30 to the transaction that's coming to me and I'm taking that back because my payment was also increased by $30 so it didn't change anything. Bob gets the same amount of change, Bob uses the same input as before. By adding this input, I then sign it, send it back, Bob's wallet broadcasts it and the payment is made. Now if you look at that transaction, it has two inputs but one of them is owned by Bob, one of them is owned by my wallet and in fact that could have been a payment from a previous customer. So now if you're looking at that from an analysis perspective, it looks like those two inputs are controlled by the same person but they're not and we've effectively mixed the history of those two coins together confusing the analytics algorithms. And if you want a simpler example, Bob comes into my store and before paying me, I give Bob $20 that he adds to the amount of payment that he's gonna pay me and gives back to me that I put in the till. Somebody looking at the amount of money that Bob handed me will be thoroughly confused as to exactly what was paid for, how much it cost and who contributed money. So that's the mechanism of pay to end point or pay join as it's called. And it's a great way effectively to break the heuristic of input tainting. If you enjoyed this video, please subscribe, like and share. All my work is shared for free. So if you wanna support it, join me on Patreon.