Building a Transparent BTC→Fiat P2P Exchange (Internal Ledger + Wallet Isolation

[NeoMoney]

Hey Bitcointalk,

I'm working on designing a P2P Bitcoin exchange focused on cashout to bank transfer, PayPal, and similar fiat methods — think Paxful-style, but with greater transparency, wallet isolation, and internal traceability.

Here’s what sets my design apart:

📦 Each user gets a unique Bitcoin wallet address (on-chain) at registration.

🔐 No pooling of funds. Every UTXO is tracked by original owner and current holder.

📗 Trades are off-chain (ledger-based). BTC only moves on-chain during deposit and withdrawal.

🧾 I want full AML traceability: I can tell who originally deposited the BTC and who owns it at any point.

💸 Users pay no network fees when trading — only when withdrawing.

✅ Example Scenario
Let me walk you through a case that illustrates what I’m building:

John deposits 0.01 BTC into his assigned BTC address. The funds are now UTXOs controlled by the platform but credited to John's balance internally.

James also deposits 0.02 BTC into his own wallet address, completely separate.

Harry hasn't deposited anything, but he creates a trade to buy 0.005 BTC from John via bank transfer.

When Harry completes the fiat payment, ownership of 0.005 BTC (from John’s UTXOs) is transferred to Harry inside the internal ledger — no on-chain tx yet.

Now:

John has 0.005 BTC remaining

Harry owns 0.005 BTC internally

James still has 0.02 BTC, untouched

Later, Harry wants to sell that 0.005 BTC to someone else or withdraw it.

Here’s my core constraint:

When the next person receives BTC (either through trade or withdrawal), it must be the exact same BTC originally deposited by John — not from James or a general pool.

So when Harry withdraws, I want to ensure the withdrawal is signed using John’s wallet key, since that UTXO technically still resides in John’s wallet (now owned by Harry).

🤔 What I Need Feedback On:

Does this model make sense in terms of security, scalability, and UTXO tracking?

Is it acceptable that ownership transfers are purely internal until withdrawal?

Should I fragment UTXOs when trading portions (e.g., 0.005 BTC from a 0.01 UTXO)?

Are there good practices or known issues with tracking UTXOs per user without pooling?

Should I eventually consolidate UTXOs from dormant users or avoid that to preserve isolation?

Would love any input, warnings, or suggestions from devs who've built P2P exchanges or non-custodial systems before. Thanks in advance.

Edit:

I'm exploring a P2P offer approach where:

1) The buyer can verify the seller's Bitcoin address and confirm the spendable BTC they’re about to receive.

2) If issues arise or suspects funds are tainted, the buyer can request KYC from the seller. The seller can refuse, and the buyer may choose another seller.

3) For privacy, a new deposit address is generated after each deposit.

4) The buyer can audit the deposit transaction and verify the source of funds.

This ensures transparency while letting the buyer take full responsibility for the BTC they receive.

[OmegaStarScream]

I understand what you're trying to do, but not why do you want to do it?

🧾 I want full AML traceability: I can tell who originally deposited the BTC and who owns it at any point.

Is this about following regulations? Because there are obviously other ways to go by this.

Also, wouldn't this be problematic for the user? I would imagine that having a transaction from Paxful's hot wallet for example, is "safer" in terms of KYT solutions detecting it as "suspicious" compared to the approach you want to follow, where funds go from Person A -> one-time use address -> Person B?

Isn't the second approach likely to get flagged by an exchange if "Person A" funds are coming from darknet markets, mixers, etc.?

[NeoMoney]

I understand what you're trying to do, but not why do you want to do it?

🧾 I want full AML traceability: I can tell who originally deposited the BTC and who owns it at any point.

Is this about following regulations? Because there are obviously other ways to go by this.

Also, wouldn't this be problematic for the user? I would imagine that having a transaction from Paxful's hot wallet for example, is "safer" in terms of KYT solutions detecting it as "suspicious" compared to the approach you want to follow, where funds go from Person A -> one-time use address -> Person B?

Isn't the second approach likely to get flagged by an exchange if "Person A" funds are coming from darknet markets, mixers, etc.?

Good question — and this is intentional.

I don't want to act as a centralized intermediary or mixer. I only collect the ~1% fee; users trade directly. Routing funds through my pool would make me responsible for what flows through it, which I want to avoid.

The direct flow (A → 1-time address → B) keeps traceability intact. If coins are tainted, the recipient sees that and can decide. I’m not here to "clean" funds — just to provide the framework.

Yes, this might lead to flags, but that’s part of enforcing transparency and responsibility.

I’m also exploring a transparent L2 system (privacy-respecting) so users can audit internal flows themselves.

[AB de Royse777]

Here’s my core constraint:

When the next person receives BTC (either through trade or withdrawal), it must be the exact same BTC originally deposited by John — not from James or a general pool.

So when Harry withdraws, I want to ensure the withdrawal is signed using John’s wallet key, since that UTXO technically still resides in John’s wallet (now owned by Harry).

Isn't it too complicated?
I sold BTC to you and now you are waiting my approval to sell/withdraw the BTC. The relation between me and you should be completed once I release the BTC and it goes to your account (internal balance). With that balance whatever you do, why would you need my involvement.

You will give the address to your users but the private key is held by you?

[NeoMoney]

Here’s my core constraint:

When the next person receives BTC (either through trade or withdrawal), it must be the exact same BTC originally deposited by John — not from James or a general pool.

So when Harry withdraws, I want to ensure the withdrawal is signed using John’s wallet key, since that UTXO technically still resides in John’s wallet (now owned by Harry).

Isn't it too complicated?
I sold BTC to you and now you are waiting my approval to sell/withdraw the BTC. The relation between me and you should be completed once I release the BTC and it goes to your account (internal balance). With that balance whatever you do, why would you need my involvement.

You will give the address to your users but the private key is held by you?

Yes, you're right — I’ve been overcomplicating it by trying to preserve UTXO provenance across trades. That would create unnecessary friction after the trade is settled.

Small note: John himself doesn't need to sign anything after it's transferred internally outside of his balance since we have his private key.

I’m now leaning toward a Bisq-style architecture, where users hold their own keys and trades occur through escrow-based multisig. To scale that inside a fast, low-fee system, I’m thinking of using a Bitcoin-based ZK rollup-style L2, where:

Users retain control of private keys

Trades are coordinated off-chain through a state ledger

Disputes are settled via multi-sig or staked arbitrators

The full state is anchored to Bitcoin periodically

This keeps everything auditable, custody-transparent, and removes the need for pooling or origin-tracing of funds between users.

[nonlogs]

Hey Bitcointalk,

I'm working on designing a P2P Bitcoin exchange focused on cashout to bank transfer, PayPal, and similar fiat methods — think Paxful-style, but with greater transparency, wallet isolation, and internal traceability.

Here’s what sets my design apart:

📦 Each user gets a unique Bitcoin wallet address (on-chain) at registration.

🔐 No pooling of funds. Every UTXO is tracked by original owner and current holder.

📗 Trades are off-chain (ledger-based). BTC only moves on-chain during deposit and withdrawal.

🧾 I want full AML traceability: I can tell who originally deposited the BTC and who owns it at any point.

💸 Users pay no network fees when trading — only when withdrawing.

✅ Example Scenario
Let me walk you through a case that illustrates what I’m building:

John deposits 0.01 BTC into his assigned BTC address. The funds are now UTXOs controlled by the platform but credited to John's balance internally.

James also deposits 0.02 BTC into his own wallet address, completely separate.

Harry hasn't deposited anything, but he creates a trade to buy 0.005 BTC from John via bank transfer.

When Harry completes the fiat payment, ownership of 0.005 BTC (from John’s UTXOs) is transferred to Harry inside the internal ledger — no on-chain tx yet.

Now:

John has 0.005 BTC remaining

Harry owns 0.005 BTC internally

James still has 0.02 BTC, untouched

Later, Harry wants to sell that 0.005 BTC to someone else or withdraw it.

Here’s my core constraint:

When the next person receives BTC (either through trade or withdrawal), it must be the exact same BTC originally deposited by John — not from James or a general pool.

So when Harry withdraws, I want to ensure the withdrawal is signed using John’s wallet key, since that UTXO technically still resides in John’s wallet (now owned by Harry).

🤔 What I Need Feedback On:

Does this model make sense in terms of security, scalability, and UTXO tracking?

Is it acceptable that ownership transfers are purely internal until withdrawal?

Should I fragment UTXOs when trading portions (e.g., 0.005 BTC from a 0.01 UTXO)?

Are there good practices or known issues with tracking UTXOs per user without pooling?

Should I eventually consolidate UTXOs from dormant users or avoid that to preserve isolation?

Would love any input, warnings, or suggestions from devs who've built P2P exchanges or non-custodial systems before. Thanks in advance.

Edit:

I'm exploring a P2P offer approach where:

1) The buyer can verify the seller's Bitcoin address and confirm the spendable BTC they’re about to receive.

2) If issues arise or suspects funds are tainted, the buyer can request KYC from the seller. The seller can refuse, and the buyer may choose another seller.

3) For privacy, a new deposit address is generated after each deposit.

4) The buyer can audit the deposit transaction and verify the source of funds.

This ensures transparency while letting the buyer take full responsibility for the BTC they receive.

Hi, I'm a developer and I'm working on a privacy focused CEX, completely opposite of yours no KYC, no logging.

Your approach sounds good on paper, but it could become expensive on withdrawals:

1. When a user is withdrawing, they would have to pay the network Fee. As you know, Bitcoin network fees change regularly, and withdrawing a small amount of BTC might cost more in network fees than the amount itself.
2. Every time someone trades a part of one UTXO, you’ll eventually need to split that UTXO on chain. Over time, you'll accumulate lots of tiny “dust” outputs that cost more in fees to move than they’re worth.
3. Dust clean up (consolidation) means on chain transactions, and you lose your “no-pooling” promise if you consolidate systematically.
4. If you end up with thousands of tiny UTXOs across thousands of accounts, it may not be worth consolidating them at all.
5. Tracking every UTXO of every address in your database and keeping it in perfect sync with the blockchain is heavy. I think you’d need a full node, mempool access, and reorg handling.
6. You still have full custody of funds, so legally and practically, you’re back to being a centralized, custodial exchange.
7. You talk about traceability, but tracking a growing base of 100k+ users would be challenging for law enforcement.

Positive points from your approach:

1. Buyers auditing the source of funds before every trade sounds great.
2. Funds aren’t pooled, so there’s no risk of using one user’s BTC to cover another’s withdrawal.

[NeoMoney]

Hi, I'm a developer and I'm working on a privacy focused CEX, completely opposite of yours no KYC, no logging.

Your approach sounds good on paper, but it could become expensive on withdrawals:

1. When a user is withdrawing, they would have to pay the network Fee. As you know, Bitcoin network fees change regularly, and withdrawing a small amount of BTC might cost more in network fees than the amount itself.
2. Every time someone trades a part of one UTXO, you’ll eventually need to split that UTXO on chain. Over time, you'll accumulate lots of tiny “dust” outputs that cost more in fees to move than they’re worth.
3. Dust clean up (consolidation) means on chain transactions, and you lose your “no-pooling” promise if you consolidate systematically.
4. If you end up with thousands of tiny UTXOs across thousands of accounts, it may not be worth consolidating them at all.
5. Tracking every UTXO of every address in your database and keeping it in perfect sync with the blockchain is heavy. I think you’d need a full node, mempool access, and reorg handling.
6. You still have full custody of funds, so legally and practically, you’re back to being a centralized, custodial exchange.
7. You talk about traceability, but tracking a growing base of 100k+ users would be challenging for law enforcement.

Positive points from your approach:

1. Buyers auditing the source of funds before every trade sounds great.
2. Funds aren’t pooled, so there’s no risk of using one user’s BTC to cover another’s withdrawal.

Thanks for the feedback, i really appreciate it.

1) Note that my exchange is also no KYC, meaning the platform would not force it but buyers/sellers can make it mandatory whenever it is needed meaning it can be avoided.

2) Yes you are right about accumulation of dust wallets, that's not an issue for me i believe. i gather them as "inputs" (significantly cheaper than outputs) since they are controlled by the same private key and route them to the exchange's fee collection address.

3) My idea of no pooling and simply facilitating escrow would put the buyer/seller accountable in case of money of laundering scenario, meaning no stolen/tainted funds would route my pool (i could figure out a way to filter them automatically and not collect those).

4) Pooling + No KYC is absolute suicide in my opinion, if you are holding someone else funds in that pool and law enforcements comes and says that there are stolen funds in that pool that you need to refund. In this scenario you have two choices, take the loss out of your pocket or another innocent user loses their funds (You won't have 1:1 backing of user funds anymore).

5) Yes i do have full custody of funds, that could be me at legal risks even if i don't route them or collect fees at some point but significantly less risks and accountability.

In the end my goal is not to end up like exch.cx and give users the freedom of exchanging without KYC so they take the risks themselves as they are going to withdraw that exact money they exchanged.