Bitcoin Forum

I'm quite new to the lightning network and I just learned that it offers better privacy. If someone got KYC bitcoins and would like to un-KYC them, is it possible to do it through the lightning network or would Monero still be a better solution?

Well let's compare what both solutions do exactly:

- Monero creates ring signatures. This can be compared to big transactions with many senders and recipients (with some "fake addresses", i.e. existing addresses which in reality are not sending nor receiving anything mixed in afaik), and obfuscated amounts and receiver addresses. So while there are techniques which can identify senders if the user is careless, the exact transaction is very difficult to reconstruct.

- In Lightning, you would create a channel with the coins you want to "un-KYC", then transfer the coins via Lightning to another address, and close the channel (not mandatory). There is no on-chain connection between both addresses, but in the case a chain analysis company operates a Lightning node and you happen to route through it, then it could detect you. Via onion routing this is prevented a bit but it's not perfect.

In my (advanced but not expert!) opinion, in both cases the privacy is not 100% perfect, but you're private if you do several transactions but spaced out a bit and using several addresses. The likelihood that someone is able to analyze your transaction pattern decreases with every transaction.

Lightning has however a slight disadvantage: if the channel is closed, then chain analysis companies will know that you used Lightning because of the script which is pushed on chain. And your counterparty in the channel will probably eventually close the channel if you stay unresponsive for a too long time. So then they could use this information to follow your way through Lightning if they operate Lightning nodes like explained above.

Another disadvantage is of course that you will pay more fees with Lightning in this case, because you can't simply re-use the channel to "un-KYC" other coins.

On the other hand, Monero is 1) less secure and 2) more volatile, so there are also some risks.

Some more info: https://www.voltage.cloud/blog/lightning-network-privacy-explainer

Would it be better solution to use a bridge between different crypto currencies?

I would be careful with "bridges", as most of them are partly centralized, and this is of course not good for privacy (neither too secure). You can never be sure one of these "bridge platform" custodians runs analytics software. And many of them make it possible to follow the "tracks".

IMO both Monero and Lightning offer both good privacy if you use them well. Use several transactions with different amounts with Monero or use several channels, also playing with amounts, if you want to do it via Lightning. And in both cases never deposit the "KYCed" and the "un-KYCed" coins on the same exchange or centralized wallet platform, nor use the same HD wallet (e.g. Electrum) for them. If you use HD wallets create two wallet files, one for KYCed and one for non-KYCed coins, connect both via Tor, and never connect them simultaneously.

I think if I had only basic technologic knowledge I would go for the Monero approach, of course also other privacy coins work (e.g. Grin).

Another technique to improve privacy are atomic swaps, i.e. trading one crypto for another one decentrally. Be aware that there are various techniques, only the technique with adaptor signatures improves privacy. A quite good option is: Atomic swap Bitcoin -> Monero, split the coins with XMR to variuos different accounts -> Atomic swap back to Bitcoin, but to different wallets, and never re-using any address in the process.

You can also use private exchanges, like those suggested in kycnot.me (http://KYCnot.me), at least for one of the Bitcoin <-> privacy coin exchanges.

Depending on what exactly you mean by "Un-KYC", CoinJoin or mixer may works for your use case. But,
1. It's easy to detect CoinJoin TX, where some centralized exchange/service doesn't accept coinjoined Bitcoin.
2. You need to trust mixer.
3. Some mixer give you "tainted" Bitcoin, which also not accepted by centralized/service.


Just don't forget you still need to trust many of the listed exchange and the fact they usually have worse fee/exchange rate.

I have done a bit more research and I'm thinking about avoiding Monero and mixers as it can give me problems with proof of source of funds later. Does anybody know if this is the same if you use atomic swaps but with other coins?

Does the atomic swap only work for Monero or does it also work with, for instance, USDT? That is, could I use atomic swap for BTC -> USDT -> BTC and still succeed to un-KYC my coins? Would this approach still create problems for future proof of source of funds?

To my mind, it's not a good idea to use Grin because first of all, its CMC is 2.5 million (nothing) and daily trading volume is very low, a few thousand dollars. Also, compared to Monero, it's harder to exchange Grin.

---

P.S. I also think that when we talk about Privacy, not only transaction methods matter but we have to keep in mind the timing and volume of transaction. You can't send $8K worth Monero and immediately receive $8k worth Bitcoins. You have to make multiple transactions at different times to make it impossible to get tracked.

As far as I know you can technically always prove the source of funds if you keep all your transaction data, it doesn't matter if you use Monero or Lightning. If you use mixers, this may be different as there is a centralized intermediary. While they often provide a letter of guarantee signed by them which contains the deposit address and withdrawal address, an authority could distrust the certificate if they don't have a list of mixers.

Edit: See this guide (https://guides.monero.com/docs/tutorials/prove-payment/) to prove you made a transaction with Monero. You must do this with all intermediate transactions on the XMR network. With the atomic swap transactions you must do something similar but the exact approach may be a bit different with the incoming (BTC -> XMR) and outgoing (XMR -> BTC) swap, if you're interested in this approach I can investigate.

Atomic swaps with adaptor signatures and other private techniques exist for several coins, but I don't know if there's a software solution to exchange directly to ERC20 tokens like USDT (or on another blockchain). But for your purpose, you should also be fine if you exchange BTC to ETH and then back to BTC. This approach (https://github.com/distributed-lab/taprootized-atomic-swaps) for example works with Ethereum.

Take into account that it's common to re-use addresses in Ethereum, but you should do like you would do with Bitcoin-style coins and realize some transactions in ETH with different addresses ("accounts") before you change it back to BTC to maximize privacy.

Yes, it's perhaps not ideal for beginners. However it's one of the few serious Monero competitors so I mentioned it.

MimbleWimble - the Grin approach to privacy - can also used with Litecoin through the MWEB function.

Exactly, this is very important in all techniques mentioned, I mentioned it also in one of my earlier posts.

If you have KYC coins, then usually, a more preferable approach is to sell them back to the exchange, and go buy from somewhere else no-KYC, like in Bisq. This would mark your account as "not having any bitcoin".

If that's not an option, then you need to mix your coins after you withdraw them from the exchange. Not that this does not "un-KYC" your coins completely, because "KYC" means "Know Your Customer", and the exchange knows that you withdrew them, and that you might have access to them.

Thanks for the answers! Are there any negatives in using atomic swaps? It seems like the best possible solution(?). I cannot see any negatives and it does seem like it offers close to 100% privacy. Is there something that has not been mentioned regarding the privacy side?

I know that coinjoin was very popular before but now it is known that it can be easily flagged. Maybe it is harder to prove source of funds?

It seems like it cannot get flagged that easily as with coinjoin but maybe there are some other risks like getting tainted coins or actually ending up with coins that are investigated by LE? As it is only swapping the transaction history with anther person?

There's indeed still an issue I forgot to mention and you already suspected: In all solutions where you exchange a Bitcoin UTXO for another one coming originally from another person, e.g. CoinJoins and also atomic swaps, you could actually end up with coins from a doubtful source.

If your route is BTC -> XMR -> BTC then the obvious problematic step is the XMR -> BTC part. If you already did some transactions with XMR to obfuscate the amount, maybe for this step it is actually advisable to use a trustable non-KYC exchange (see link in my first post for several options). Or, if you know how to do it, check the Bitcoin UTXO's provenance (but be careful to not expose your privacy in this step, as chain analysis tools can check the IP addresses from those querying an UTXO ...).

Another possible negative for atomic swaps is that it can be difficult to find an exchange partner. https://kycnot.me has some platforms for atomic swaps too.

In CoinJoins it is easy to prove source of funds: simply prove you own all addresses involved (sender and those recipients who receive your coins).

In atomic swaps you should always be able to prove the source of funds as long as you keep stored all data involved, i.e. all addresses, private/public keys, amounts and transactions IDs, however I don't know the exact procedure in the case of atomic swaps with adaptor signatures. You can easily prove that you sent an amount and received an amount on the target blockchain. But I don't know how you do the "connection" here, apart from the amount itself (which can be variable due to the exchange rate).

Is there a risk of ending up with tainted coins when you move back to the blockchain after using the lightning network?

There's always a chance you end up with "tainted coins" when dealing with entities who discriminate you based on inaccurate data. For example, if you deal with a CEX like Binance, it's very likely that you mix your coins, either through coinjoin, or lightning, and their chain analysis buddies find this suspicious, because they cannot track it. So just don't use them.

Are there any downsides to coinjoin or is it as good as the other alternatives?

It depends how you "move back to the blockchain".

You can deposit the coins to a lightning networking service provider or to an exchange which accepts BTCLN and can exchange it back to BTC. It depends on the nature of these providers if you are risk that they send "tainted coins" to you. Trusted exchanges and service providers normally don't do that but one can never be sure.

The other option is simply open a channel yourself to a Lightning node to cash out. In this case you may also end up with tainted coins: the node opening a channel with you may want to get rid of his tainted coins too.

The question is of course also what you want to do with the coins. If you want to eventually move them to cold storage (one can deduce that from your questions about sources of founds), then Lightning may not be the best option. But if you want to use the coins to buy things then I would simply deposit them to a Lightning channel and then use Lightning to make the payments.

Regarding CoinJoins, the main risk is that you end up with funds coming from few parties pretending to be many, which want to get rid of tainted coins too.

Yes, perfect privacy is really complicated on BTC ... but for basic privacy I would simply use, as I wrote before, a mix of various methods, and splitting your funds to lower amounts so if you end up in some of your movements with tainted coins it doesn't affect such a large percentage of your coins.

The main downside of CoinJoin is its susceptibility to detection. Since it's a widely known technique for improving privacy, many exchanges and chain analysis tools flag transactions that appear to have used CoinJoin. This can raise concerns if you're planning to use a centralized exchange or require clear provenance of funds later, as some platforms may see CoinJoin transactions as mixed or tainted even when you haven’t actually engaged in any illegal activity.

While it is true that the transaction may be flagged, as I wrote in an earlier post, if you participated in a CoinJoin you can prove that the funds you pay out to your addresses came from your own input and were paid to addresses you own.

So all you have to show the exchange is that you had access to the address corresponding to the key which sent the coins. For this purpose, for example you can sign a message with all private keys involved, give the exchange the public keys, and they can check that you have indeed sent these funds. And if there were dubious funds involved in this CoinJoin, you can prove they are different from the funds caming from your sending address.

For example, let's say we have a CoinJoin:

- Address A pays 1 BTC
- Address B pays 2 BTC
- Address C pays 1 BTC
- Address D pays 3 BTC

Now the CoinJoin pays to Address E-K 1 Bitcoin each. Address E and F are owned by the owner of Address B, addresses G, H and I by the owner of Address D, J by the owner of Address A and K by the owner of Address C.

Address A owner wants to prove their source of funds, because an exchange found out that the funds coming from addresses B and D came from hacks. So they sign a message with the private key from Address A and another one with the private key from Address J.

Of course this makes it possible for the exchange to match the chain of transactions before the CoinJoin with chain analysis results. But as far as I understood the OP, their purpose is to anonymize the coins "for the public" (for observers on the public blockchain) but always to be able to prove the chain the funds came from, when requested by an exchange or authority.

If I use coinjoin like JoinMarket, does JoinMarket keep track of transactions or logs some other information regarding my transactions? Are the smart contracts public somewhere?

In a JoinMarket coinjoin, there are makers (who provide liquidity) and takers (who buy liquidity from them). These coinjoin transactions are all public on the blockchain, with a distinct footprint. Takers trust no one in JoinMarket. Makers leave a log of the movement of funds with the taker who pays for their liquidity.

"Makers leave a lof of the movement of funds with the taker..." does this mean that there will be a history of transactions that the maker or JoinMarket will be able to see, and through them, keep records of how you mixed your coins? Is this true regardless of if the mixer is centralized/decentralized?

Takers, who coordinate the coinjoin, pay for the mining fees of makers. This allows the taker to know which equal sized output belongs to each maker since the taker constructed the transaction themselves.

All other outside observers besides the taker do not know which equal sized output belongs to each maker. However, outside observers can usually calculate clusters of inputs belonging to the same entity and the change output belonging to that same group of inputs.


JoinMarket uses a decentralized order book for buying and selling liquidity while other coinjoin protocols like WabiSabi use a central coordinator with a timed round to gather liquidity. WabiSabi coordinators do not learn any links between the UTXOs of a user.

"However, outside observers can usually calculate clusters of inputs belong to the same entity and the change output belonging to that same group of inputs." How big of a problem is this?

Also, is there any risk of having your "identity" revealed when using coinjoin through statistical analysis or does this only happen when you reuse addresses?

It's more of an "inefficiency" than a "problem" since a lot of extra block space is required to make a UTXO private. In order to turn BTC private with JoinMarket, here are the steps:

- Receive a UTXO into your wallet
- Act as a taker to sweep that entire UTXO amount into the next mix depth of your wallet with a coinjoin transaction (turning it private)
- Wait as a maker for additional remixes until you spend

After you spend your coins, you also have to act as a taker to sweep your change output from that spend just like you do whenever you receive a new UTXO.


Coinjoins are specifically designed to defeat statistical analysis, but if you reuse an address then it won't make a difference whether you coinjoined or not.

You guys end up in double accounting. The clean version for the exchanges and the casino money you can't spend anywhere.

BTW. Bitcoin is exploding. What are we here for?

The general opinion seems to be that the lightning network offers good privacy for the sender but not the receiver. However, I will be both the sender and receiver. Would it be good practice to swap the coins on the lightning network with coins on the blockchain and therefore improve the privacy that way? How good of a solution is this compared to coinjoin or Monero?

The research is 2 years old now, but you can check https://lightningprivacy.com for an overview of the weak spots in Lightning and the improvements that mitigate them. A powerful way to layer these tools is to coinjoin first, then open a Lightning channel with your private UTXO once you want to spend your coins.

Hey Folks
 i know it a Bit old but still relevant topic

will the follwing constellation be enough to obfuscate the coinjoin and break the other chain links in an sufficient way:

1.Kyc buy Bitcoin Exchange ( atm not invitable) ->
2.Wasabi wallet coinjoin  ->
3. atomic Swap with lightning and vice versa to 2 different electrum wallets ( May also AN ADDITIONAL  SWAP to monero and Back.) ->
4. moving around approx 5 Times  one some other different electrum/sparrow wallets ( TOR BUT NOT AN PRIVATE NODE) ->
5. make an sparrow private send ( its Like payjoin i think) to an other electrum wallet.

Planned delay Intervall from one to another step : approx 12-24 hours.

 Btw. Is it useful to make the CJ at the beginning?  What else can i improve ?

Best regards

You could open your own topic you know.

Whether the actions you undertake are sufficient really depends on what you plan on doing with the coin, besides the importance of the details of execution.

The question is what you want to do with the coin later. Realistically after so many steps nobody can easily claim that the coin did not change hands, even if they could trace them through all of this. If you are not going to do something extremely illegal on the level of funding terrorism (which I would not recommend that you do :D), I don't think anyone would spend the quantity of resources required to try to break this chain. In any case, I do recommend adding the Monero step and possibly make this step with the longest interval possible if you don't mind the slight risk of losing some value until you wait to swap back (a week or two at least).

Always randomize the interval of the steps.

It doesn't hurt.

---

---

Usually with so many steps involved you are good. How people get caught is most often through some basic mistakes.

Hello @Satofan44


I thought it was so related to, and i wouldnt create a new thread for the same topic.
But next time i'll do so.


No definitely not just staying private  :)


I'll take this into consideration thnx , btw. why this step so long and the other ones not.


my thoughts are sth like, if u go straight from the kyc to CJ an observator sees oh ok this is an CJ and the guy from the kyc is involved, or did i miss sth.

Best regards

Then you should be fine.  :)

Monero's anonymity and privacy are so strong that a lot of the observation attacks will be focused at the entry and exit points. I'll give a short and extreme example to illustrate. Assume the following scenario.

You do a swap of 0.0213849 BTC from BitcoinAddressA to Monero and receive it on MoneroAddressA with a 1% fee (can be network fees, platform fees or both but we assume 1% round number for simplicity). It confirms within 20 minutes, you transfer all of the Monero to MoneroAddressB. You come back in an hour and swap all the Monero back from MoneroAddressB with a 1% fee to BitcoinAddressB. The data will show that there was an entry and exit of Monero of 0.0213849 BTC +- 2% within 2 hours. This will show a high probability that it is the same user and defeat the steps in between.

Of course the devil is in the details. Some things can be better hidden than others, but good behavioral advice works in general. Make the step as long as possible, preferably split the coin if you can as well. So that after Monero it lands on 2 or more addresses (as long as you won't merge the coin later).

That will definitely show, whatever your first step is it will link the KYC'd person to it. Coinjoins are not illegal though so just because you are involved in that it should not be a big problem. Alternatively you can do some other milder steps first to obfuscate the data like Payjoin.

May Not illegal but more under survillance Than other tx'es


Sounds logical Ill  bear this in my mind Thnx


Good Idea i tried this with 2 sparrow wallet for Testing but fails

but on this point we're still Off topic i think  
May i create another thread for this

Best regards

A very interesting topic! I never even thought someone might set themselves the task of hiding the fact that the coins they withdrew from an exchange are still in their possession.
I usually use Lightning to deposit bitcoins to exchanges, not to withdraw from them. And in my four years of using it this way, I’ve gotten the impression that none of the exchanges try to trace the network to figure out where a deposit came from. That’s why I think that after a withdrawal through Lightning, the exchange won’t try to find out whether the bitcoins remained with the client or were passed on to someone else.

But if I were paranoid, I’d probably solve the task like this: I would withdraw fiat money from the exchange into a bank account. From there, bank secrecy comes into play. Neither the exchange nor anyone who gains access to its logs would be able to know whether the money stayed in my bank account or was converted back into bitcoins on platforms like Robosats or LNP2PBOT, where there’s no KYC.