reply on: Careful, Icarus - Why "on-chain zaps" are a terrible idea

pull down to refresh

227 sats \ 2 replies \ @SimpleStacker 21 May \ on: Careful, Icarus - Why "on-chain zaps" are a terrible idea | dergigi.com bitcoin nostr

I think some explanation is likely in order. (I had to work through some of these questions myself).

What is an on-chain zap?What is an on-chain zap?

(Simplifying) It's a way to send bitcoin on-chain directly to an npub. (You essentially derive a bitcoin address from the npub, I think. The owner of the npub can spend from that address using their nostr key).

Why is it good?Why is it good?

It simplifies the act of zapping on nostr without needing an online lightning wallet.

Why is it bad?Why is it bad?

The address that the funds are received into is permanently tied to that npub. This means:

If you spend funds from that address together with funds from another address, you permanently associate your other address with your npub.
You can try to keep tight coin control, but that's annoying. And a mistake could mean your on-chain history gets permanently associated to your npub.
You could just not spend the funds at all. But then what's the point of receiving the zaps? It would be like burning coins.

Another reason it's bad is that no one needs permission to zap into your npub-derived address. It basically gives anyone with a desire to dox you the ability to target you with a dust attack.

So: the recipients are not forced into any privacy loss. But they are definitely forced into an uncomfortable and risky privacy tradeoff.

One thing to keep in mind is that on-chain zaps are already possible and no one needs permission to do it. So the bigger debate is about whether it should be normalized. Personally, I don't think that would be a good idea due to the downsides already described. Moreover, it seems like it would pollute the chain with lots of small, uneconomical UTXOs.

Good for miners, though, maybe?

261 sats \ 0 replies \ @gigi 21 May

It basically gives anyone with a desire to dox you the ability to target you with a dust attack.

Precisely.

the bigger debate is about whether it should be normalized.

Correct.

the recipients are not forced into any privacy loss. But they are definitely forced into an uncomfortable and risky privacy tradeoff.

Not only that, but given the fully transparent nature of onchain transactions you could get people into all kinds of trouble very easily.

Imagine being a politician in Bangladesh (or a similar high-profile person, in any country that deems bitcoin an illegal substance). Any political opponent can provably send you this illegal substance, prove that you are "in possession" of it, and either prove that you did something with it (or prove that you are still in possession of it) without they themselves revealing who they are.

Politicians are on nostr right now. Leopoldo Lopez is one example.

That's just one attack vector of many, and I tried to make a similar point when I talking about the OFAC list.

69 sats \ 0 replies \ @Scoresby OP 21 May

the bigger debate is about whether it should be normalized

Good point here. And I think Gigi mostly focuses on it: he seems concerned that it will catch on with unsuspecting users.

It seems to me that the really bad combination is a public identity tied to a reused Bitcoin address. You are making it very easy for someone to follow you if you ever consolidate those sats.

Also on chain zaps wouldn't be instant which is just sad.