Oddbean new post about login | logout https://image.nostr.build/fe6ff2f0efe9e56c391bb2a64b7bacd833801a73df1c8cfe0268b562ffd273fe.jpg
🤔🧐🧐👀🤯
https://media1.tenor.com/m/00m6tDSXeo4AAAAC/steve-harvey-im-just-saying.gif
Yes you are.
https://youtu.be/XosysCtKxt4?si=RYHmcFytXzLFqqxi watch this
I’ve seen it. Very good. Obi is the absolute man. I have no dog in this fight. I don’t spend BTC. Ever. Buy/HODL cold & wait. That’s my strategy. L2 will figure itself out by the time I care. I hope.
Its a tool to be private We dont hodl on fedimints Whoever hodls btc on lightning needs to do more reading
I don’t do anything with lightning either.
Yo this is fake news. I tried to zap you and it worked! 😅
I'm just here for the nut jokes https://image.nostr.build/8caefa1779b78260860117c6793a9949ec05f7f6f2975cc7ab040fdbb2e6f041.jpg
https://youtu.be/XosysCtKxt4?si=RYHmcFytXzLFqqxi This interview will answer your questions but you probably wont watch it
I like using Cashu connected to my own mint
Do you run the node that backs the mint? Do the people transacting with you understand that you could rug their funds at any time? I like cashu, but for everyone except the operator of the node that backs the mint(s) it is fully custodial and ruggable.
Yup, the mint is in my own node. Of course it requires some level of trust for those who transact with me. Using eCash is not a self-custody solution, its value proposition is rather full privacy and speed IMO.
It requires complete trust in you (or any mint/node operator) that you won't rug the funds, not just "some level" of trust. Like is said, I like cashu for what it is, but I don't think enough people understand the rug risk. And I think the hypocrisy of some people touting cashu as a great option while demonizing custodial lightning is hilarious and only shows their ignorance.
You're right, it would be inconsistent to attack LN custodial wallets and promote Cashu. Not sure who you mean, but its own creator @calle 👁️⚡👁️ has been very open about it and its tradeoffs.
Calle has been very clear about it, and I think it's important to continue to help people understand. I'm not pointing fingers at anyone in particular, but in general the tone of a subset of Nostr is that "custodial lighting is bad...but wait, I like ecash"
Imo, still fair to say: ecash is better than non-ecash custodians, would you agree?
Lightning custodian has less attack surface. ECash has all the vulnerabilities of custodial lightning (rug, because it is a lightning wallet) plus additional risks of hacking, technical error, and unverified issuance (fractional reserve). I'd love to be convinced otherwise.
I've built several "Lightning custodians" myself and this is not true. All "additional risks" you're mentioning are equally or even more true for *every* custodian. Ecash introduces no additional risk, except that transactions can't be reversed. In return, you enjoy censorship resistance as a user.
I have to take your word for it in regards to the technical security. But it still looks like a mint runs on top of a lightning wallet, which has the risks of screwing up something and losing lightning funds *and* the risk of screwing up the mint (I have lost small amounts to mint bugs or operator error). It never occurred to me that custodial lightning wallet could lie about "issuance". I suppose they could in a Ponzi kind of way, siphoning funds as a "slow rug". I think you have a point. I'm trying to think through some of the privacy and anti- censorship benefits. If there's a list somewhere or a podcast where you discussed it, I'm very interested. I'm very optimistic, but also don't see it as a scaling panacea. https://primal.net/e/note1gwev8mgqf7x0wms94mw4l0knm79s3l00lh99dc7wctfxknsdfpts7tlxxk
In terms of custodians, if the reliability of the backing node/mint and the trustworthiness of its operator are otherwise equal, then yes I believe I would agree. Cashu interests me as a user for privacy reasons and for its potential to facilitate asynchronous payments between users. But I also have uncertainties about those uses. In terms of privacy, how much of the privacy benefits are lost when performing swaps between mints, or payouts back to lightning, since in both cases it involves a lightning payment? And in terms of asynchronous payments, is there a way to lock tokens so they can't be redeemed by anyone except the intended recipient, with a timeout so the sender can reclaim the funds after a defined period of time passes? If someone sends me ecash tokens, there is no assurance for me to know it hasn't been redeemed by someone else (including the sender) until I try to redeem it and see that it's still valid.
So you're saying ecash reintroduces the potential for double-spend or just that the funds might be stolen?
That it can be stolen
Your WoS (or any other LN custodian) account can be hacked as well. Infact even more easier to steal from WoS accounts: you simply log in and funds are yours. Cashu has no logins. You'll need to hack the actual phone and hack the wallet to get out the ecash.
Fair point, but I think the context from @corndalorian was it being stolen from the mint rather than an external threat actor. I'm still interested to learn more on it all. What's the best resource? Thanks
The mint's risk profile is the same as any other custodian.
Good points.
Or just hack the mint and mint the tokens
To both of your questions: yes Your privacy for paying ecash-to-LN is the same as with ecash-to-ecash except that the mint can see the LN destination (Lightning needs blinded paths for this). Much better privacy than any other custodial LN. You can lock tokens with P2PK. Wallet support is still limited but it allows what you described. Token can't be stolen if the hacker doesn't know your private keys. Cashu txs are not reservible. Once ecash is stolen, it's stolen. This property also means that you enjoy strong censorship resistance as user though, which is why it's preferable imo.
Thanks 🙏 it would be cool to see P2PK supported in wallets, or even just an option to lock the token with an arbitrary PIN or passcode. Without it, sending ecash tokens feels a bit like sending cash in the mail. And that helps put the privacy into better context. Now hopefully we will see more trustworthy mint operators, or maybe even some way to gauge their trustworthiness. I get very nervous when I see that I've accepted ecash from a mint running on the LNbits demo site. I am quick to swap those into my lightning wallet.
Demonizing Lightning and touring Cashu is idiotic. Without lightning, Cashu wouldn't work.
The issue is that cashu is so easy, and newbies walk in asking for help. You know they are going to use a custodial service one way or another. You can 'tell' them to run their own node but i highly doubt they are going to do it on average.
😂😂 https://media.tenor.com/pbderXHkWfUAAAAi/cringe-0000000.gif
Did I blow some minds? Do people not understand that Cashu (the way it's used on Nostr) is just custodial lightning with some more privacy? Lol
Isn't that what the whole Bitcoin is a shooting for more privacy? You make no sense hating on this. Stop hating on things you don't know about just for clout.
It’s privacy without self custody though. Perhaps some people didn’t know this
But everyone should know we dont hold no more than $4 on lightning hahaha they just need to do more reading
If it’s just for play around money, like a few thousand sats in a wallet for zaps, sure. I just hope some people don’t keep too much sats in this
Yeah, those people talking Yang yang. They think we keep a $100 in there. no, it's a tool you get in. You paid a $100 privately and the other person should get right out.
I see it as no different than changing fiat for Chuck-E-Cheese tokens.. there's definite use cases, but all of them rely on reputation and trust. In order to get to the "Don't trust, verify" paradigm, there's likely some sort of trustworthiness metric that will need to be developed.
Ecash is Wallet of Satoshi for men that like holding other men’s nuts 🏳️🌈
https://image.nostr.build/4c72c516450ff150ef51c62a00638681098e4f05abc847bf36086cfab12f0191.jpg
Ecash is fake and gay. Hope I read this right and you’re not in their gay orgy cult.
I'm not saying one is necessarily less trustworthy than the other. I'm saying that it is hypocritical to tell people not to use custodial lightning because it might get rugged, and then tell them to use cashu instead. In both cases, they are only as trustworthy as the person(s) who holds the keys to the nodes that hold the bitcoin. Cashu has valid uses, but self-custody is not one of them unless you are the node/mint operator.
Crap. I think i deleted my message that you were responding to because i missunderstood your prior statement. I think cashu works better for receiving money through a LN Address, even better than self hosting, assuming you are expecting to receive small amounts, e.g. a regular user, as it adds a level of privacy.
I agree, the privacy implications are one reason it's so useful. I'm not against cashu. Just pointing out that for most people using it, it is still essentially custodial lightning, albeit with some other benefits like privacy.
Crap. I think i deleted my message that you were responding to because i missunderstood your prior statement. I think cashu works better for receiving money through a LN Address, even better than self hosting, assuming you are expecting to receive small amounts, e.g. a regular user, as it adds a level of privacy.
I agree, the privacy implications are one reason it's so useful. I'm not against cashu. Just pointing out that for most people using it, it is still essentially custodial lightning, albeit with some other benefits like privacy.
