Oddbean new post about | logout
 Something is bugging me.

Over lightning, sender privacy is good.
Over lightning, receiver privacy is bad.
Over ecash, receiver privacy is good.
Over ecash, sender privacy has a middleman.

Of course the mint doesn't know who you are, or what your source of income is, but they may know the target payee... Doesn't this open the door to potential censorship? A mint may refuse to perform the payment.

Also, seeing that the original tokens remain valid upon a payment failure, those tokens can just become blocklisted (breaking fungibility).

Correct me if I'm wrong, but it seems as if cashu improves receiver privacy, but can compromise sender privacy/targetability unless a proxy is used when making payments. 
 The mint know the destination but not who is sending it, correct. This is an intricacy of how LN works, there is a potential but complicated solution for this and that's source-based routing. 

In principle, a Cashu wallet could contrusct the onion themselves and pass it on to the mint, much like how hosted channels work. It requires running almost a full Lightning client on the wallet side though. 
 I love this answer, I guess there are multiple right answers, from self routing, to using trampoline channels, and lnproxy servers (am I wrong about this one?).

The mind blowing realisation that as a consumer, you could utilise "banking" to handle complexities of lightning liquidity management but still take control of routing in the future, and therefore your privacy. 🤯 
 I think the way mutiny does it is pretty light.  They have a rapid gossip sync service for users and apparently even do a little probing to clean it up.  That means that the full Lightning client on the wallet side can be pretty light weight (no need to listen to gossip or check onchain etc.) with minimal trust assumptions.

@OpenSecret  thoughts?