What are your feelings about cashu mints that kyc? I'm assuming that this would be used in an exchange context or some situation where the mint has exits to traditional banking?
Full tweet thread:
Reminder that Cashu mints have built-in safety measures to ensure that your mint can't be abused. Nutshell limits the maximum balance, size of peg-ins and peg-outs, and request rate limits.
And there is a lot more to come! You should have full control for your specific use case.
Check out the Nutshell configuration for safety limits: Link to nutshell
We will be adding optional authentication to the protocol that allow services providers to precisely limit access to their mint. This is one of the most-requested features from regulated entitites.
This will allow integrating Ecash into existing KYC and AML infrastructure.
628 sats \ 0 replies \ @anon 18 May
Reading the comments here, it feels like there is a lot of FUD around this topic.
first of, the core protocol of cashu does not change. So a mint can chose to continue working without authentication.
it is an additional feature that mints can opt in if they need to.
the reason this gets added as a protocol extension is the following:
  • some usecases require auth.
  • a lot of people/orgs want to run an ecash mint, but not one that is open to everyone.
  • sometimes it makes sense to restrict certain actions (for example if you want to limit minting to certain parties)
Auth is needed to achieve this. Normal ecash mints that don't need these features don't need auth.
Making auth a protocol extension limits protocol fragmentation (because otherwise wallets and mints would just implement their own auth schemes) and allows wallets and mints to continue being compatible across the board
reply
44 sats \ 0 replies \ @OT 17 May
I thought it wasn't possible to even see who was joining and exiting the mint.
reply
138 sats \ 0 replies \ @harrr 16 May
Privacy seemed to be the main selling point of ecash..
reply
I realized that "friends and family" solutions are irrelevant for something what wants to be money at the end of the day.
Also what's the point in "private" tokens if anonymity set is small.
reply
218 sats \ 0 replies \ @clr 16 May
So the cashu tokens are not real bitcoin, you have to KYC, and you have to safekeep the private keys. All the disadvantages of a CEX/bank with the disadvantages of self-custody combined in one package. Why would anyone want this?
reply
70 sats \ 1 reply \ @rblb 16 May
They seem a bit too eager to integrate with KYC, this is becoming suspicious.
reply
ECash has always been EDollar astroturf funded by NGOs
reply
What are your feelings about cashu mints that kyc?
Feeling strange, and why on earth do people want to join the KYC mint - isn't Bitcoin meant for leaving the cage, why going back now?
reply
Yes, in general I feel like "kyc is the illicit activity" and giving any ground on this front seems bad.
On the other hand, I didn't build cashu. The people who did have every right to build it however they like. And they probably have more insight into what their customers want than I do.
It struck me particularly strong me in light of the Tornado Cash ruling where it said the developers didn't build AML/KYC into the contract when they could have and so were culpable.
reply
For me, as a customer is more like - why do you need to know so much info? Is it even necessary?
And from what I've learned and playing around, this ecash was supposed to be more private and more accessible for new users, not sure it would be a nice start if ppl come and then required all sorts of information to start.
On the other hand, I didn't build cashu. The people who did have every right to build it however they like. And they probably have more insight into what their customers want than I do.
indeed, just trying to understand the whys.
reply
27 sats \ 0 replies \ @anon 16 May
I'll NEVER use a kyc mint. Some non-kyc mints will exist and charge fees. I'll pay the fees.
reply
not sure it make any sense... wasn't ecash a way to be private/anonymous?
reply
This seems like a bad idea.
reply
Pretty disappointing considering this guy has been appearing everywhere the last months with a mask, hiding his identity and pretending to be a privacy advocate. But yes, might be a strategic move, considering the recent attacks on privacy enhancing services. Will see how it plays out.
reply
27 sats \ 3 replies \ @tolot 18 May
This is not the point, sorry. Ecash is a technology to improve tremendously custodianships, thus KYC is only a matter of time. Also fiat shitcoins have some ecash projects out there, that are LESS privacy oriented. Therefore the adoption of Cashu in a fiat shitcoin environment is still better than the current system and the goal of Cashu has always been to improve privacy with custodians. I cannot see an issue with this protocol extension...this will not be enforced by default, it's simply a feature for mints that want to use it because of regulatory needs.
reply
So what is not entirely clear to me, what does this protocol change involve?
  1. Just support for a general authentication mechanism, like e.g. we have basic auth in the http protocol? Or
  2. more general functionality to perform kyc / aml procedures at the protocl level?
Case 1. sounds ok to me, there can always be a reason for a mint to want to restrict access only to certain users. Case 2 would go little bit too far for me, even if exchanges demand it, it still doesn't mean that a privacy activist should comply proactively and add support for this at the protocol level, even if its optional.
reply
0 sats \ 1 reply \ @tolot 19 May
Case 1 is the thing here. Just support for authentication mechanisms.
reply
ok, that sounds fine. Thank you for the clarification.
reply
I'm not sure an ecash mint can comply with the law even if they wanted to. Custodians require KYC because they are obligated to report someone when their activity is suspicious and must attempt to prevent further suspicious activity. I guess you could detect suspicious activity on inramps and outramps to the mint? I'm not sure that's full regulatory cover, but for appearance's sake this could do wonders.
I suspect this is mostly to provide protection to cashu's developers. If a cashu mint gets indicted, the cashu developers can claim they gave them the best compliance tools possible with ecash.
reply
117 sats \ 0 replies \ @clr 16 May
I suppose the mints could require authentication every time you make a transfer outside the mint via Lightning. I am not sure how ecash works, but maybe they could also require authentication every time you transfer ecash to someone else.
But maybe it's just a way for the developers to protect themselves after the Tornado Cash issue. It's also a great reminder that the mint can rugpull or shotgun KYC anytime. Every day I am liking less and less this whole ecash thing. Please change my mind if I am wrong.
reply
Yeah, @Natalia linked in her comment to this explanation by calle on nostr.
On privacy: this hurts privacy for peg-ins and peg-outs for example. Even if there was full KYC, ecash is still a lot more private than a normal custodian. The provider doesn't have a view into your wallet, can't take your ecash, and can't stop you from transacting with others.
So it sounds like you are correct.
reply
I keep noticing these half-truths, such as: "...and can't stop you from transacting with others."
A mint can't stop you from transacting with others WITHIN THE SAME MINT.
cashu tokens are only valid on the mint they are minted on. If I take a cashu token from mint A and try to use it on mint B, such as sending it to another user, that token will not work. Some kind of on/off ramp, such as Lightning, is required to transact across mints. Those ramps are the chokepoint.
This can work out in a different way too. User A invites use B to a KYC mint in order to pay for goods/services. User B accepts the invitation to add the mint (to get paid) only to discover that a KYC process is required. User B is from a sanctioned country, so... that's not gonna happen. User B goes home empty-handed.
reply
17 sats \ 0 replies \ @398ja 16 May
If you have been following the recent events, then this move should not be a surprise. Anyway, what counts is that Cashu is a protocol, and you can decide to implement/configure your mint application with or without KYC/AML requirements...
reply
I can just say I cat get alongwith this. KYC is propoganda by state. I believe true decentralisation.
reply
I don't get why so many people are surprised. Ecash is custodian technology, therefore it was always a matter of time until it grew KYC prongs.
Regardless of how many mints will want to use them, but seems obvious there'll be demand.
reply
"One by one, the free Lands of Middle-Coin fell to the power of the KYC. But there were some who resisted. A last alliance of unKYCked and anons marched against the armies of the fiat orcs..."
The nutters are obviously not one of those. RIP
reply
Sheep want to be herded
reply