Sales for Sats - the State of Peer to Peer Electronic Cash

17 minute read

Over a decade since its inception, Bitcoin’s acceptance as a currency remains limited. The native currency of the internet is rarely seen being used as the peer-to-peer electronic cash for which it was intended. Some Bitcoin proponents neglect Bitcoin’s use as currency entirely:

Embarrassing

Here I discuss the state of Bitcoin being used as peer-to-peer electronic cash. Don’t worry this isn’t a bcash or BSV bitcoin fork post. Bitcoin donations are probably the most adopted form of peer-to-peer cash, but we’ll look at some widespread problems with address reuse. We check out some of the reasons behind Bitcoin’s lack of adoption by retailers, and discuss some payment processors currently available on the market. I share some motivation for my recent project - SatSale, and explore some possible tech and incentive solutions for advancing non-custodial bitcoin payments.

The Absolute State of P2P Cash

A significant majority of transactions on the Bitcoin network today are likely speculation related, mostly deposits and withdrawals to and from exchanges. However there certainly are some transactions which are utilizing the Bitcoin network for peer-to-peer payments. I myself use Bitcoin as cash when possible (dozens of us!), but it’s hard to quantify how many of us are there? The Bitcoin network also has a variety of other transactions falling under categories other than payments, such as coinjoins or Lightning Network channel funding transactions.

For peer-to-peer payments, Bitcoin’s simplest use cases are:

  • Bitcoin donations
  • Pay bitcoin in exchange for goods or services
    • This can be online (ecommerce)
    • or in-person (retail point of sale, paying a friend/employee)

There are many other Bitcoin use cases which will not be mentioned here. We’re focusing on peer-to-peer cash:

Donations & Address Reuse

Bitcoin is currently making the most of peer-to-peer cash in the form of donations. Currently, donation addresses are exclusively on-chain standard addresses bc1qv...; though in the coming years people may move to some newer invoice tech such as PayNyms or lightning offers (more later). You will often see Bitcoin addresses, as well as other cryptocurrency addresses, pasted in social-media bios or within website footers. Donation address posting is particularly concentrated within cryptocurrency spaces, but you will also find these donation addresses elsewhere on the internet. They are a powerful way to raise money from your supporters.

Sci Hub

After SciHub (above) was deplatformed from PayPal in 2013, Bitcoin has been crucial for facilitating donations from supporters (great financial decision too having raised over 94 BTC).

Notice how SciHub uses a single static donation address? This particular address has been reused for hundreds of donations (SciHub does rotate addresses occasionally). Given the public nature of the Bitcoin ledger, we are able to look up SciHub’s address in a block explorer (or look up in your Bitcoin node) and see all the transactions this address has been involved with. We can also see how much bitcoin has been donated in total. Unfortunately, address reuse like this is terrible for privacy and Bitcoin addresses were never intended to be used in this way.

Sci Hub

View on mempool.space

The most private way to use Bitcoin is to generate a brand new address for each payment. After you spend the coins you receive in that address, you should never use that address again. The primary issue with address reuse is that it is disastrous for privacy. For a fun example, let’s look at this donation address taken from the website of one particular Bitcoin “mentor for hire”/consultant:

this bitcoin mentor has since removed their reused donation address.

If we take a look at one of the earlier donations, we can see that one particular donor started with 5 BTC! Before they sent some small fraction 0.002 to the mentor as a donation (see image below). With some further inferences this donor can become rather vulnerable: this individual knows the mentor, likely a client and a newcoiner (susceptible to scams), datetimes, when they withdrew from XXX exchange etc.. All just for having donated some money!

OXT

Explore on OXT

Now imagine a scenario where this donation addresses hadn’t been reused. For a start, a single-use address would only be shown to the donor who is making the payment, and not posted for the entire internet to see. While bitcoin transactions are visible on the blockchain to everyone, as an outsider we have no inclination to which transaction in particular was a donation, nor that there ever was a ‘donation’ at all.

If the donation address is not publicly posted we can not link an address to an identity. We do not know what addresses belong to the mentor, and so we know next to nothing of any transactions. When addresses aren’t easily attached to a website or identity, it makes it incredibly hard to identify which transactions are going to who and for what purpose. Whereas when you reuse addresses, particularly when attached to an identity and shared publicly, linking transactions to identities becomes far more trivial.

In the past people have received unwarranted media attention for having been sent donations from ugly individuals; target was acquired by linking reused donation addresses.

Ok so reusing donation addresses is bad practice. But having to create a whole new address each time we wish to receive a payment is tedious, and requires an automated payment processor if you wish to provide a new single-use address for each payment on demand 24/7. I myself have failed here in the past, using a static donation addresses on my website. more on that later.

Bitcoin Accepted Here - Custodians & KYC

Outside of the Bitcoin bubble, websites that accept Bitcoin or any other cryptocurrencies are few and far between. A paper by Nicole Jonker in 2019 titled “What drives bitcoin adoption by retailers?” conducts a survey that gives us insight into the acceptance and views merchants have towards bitcoin. Unfortunately this survey data was collected in 2016 and adoption has likely increased since then. Jonker found that of 768 online retailers in the Netherlands, just 2% of them accept “crypto payments” compared to iDEAL payments (79%, some Netherlands thing), online credit transfers (61%), PayPal (46%), followed by credit cards (43%). It is likely some companies have recently copied Telsla’s “accepting” bitcoin announcements earlier this year, but I can not find any recent data. Adoption is low.

Regarding the reasons given for crypto-acceptance, 42% of the retailers accept them to attract
extra customers or because their customers ask for it (23%). Many retailers accept them because they
are interested in new technology (21%) or because of the low transaction fees (7%). None of the
retailers indicate that privacy provided by crypto-payments to their customers plays a role. Neither do
they indicate that the mitigation of exchange rate risk or shorter transfer time to their account influence
their adoption decision.
(page 11)

It gets worse with the payment processors these companies are using to accept bitcoin. Sadly most are using custodial solutions such as Bitpay or Coinbase Commerce (I have no data for payment processor by tx volume, just what i’ve seen). In these arrangements the custodian accepts the bitcoin payment on your behalf, which you then later withdraw or sell (sometimes automatically upon payment).

If you’re reading this I probably do not need to explain: not your keys, not your coins. Not only is there custodian risk while they hold your bitcoin and you receive zero interest. But you also give up the privacy of you and your customers; to who knows how many 3rd parties? Some of these custodians even require you to complete Know Your Customer (KYC) documents for merchants, and sometimes even for payers in the case of largish transactions. See this fantastic site on why you should avoid KYC bitcoin. The emerging presence of KYC is no surprise given retailers have zero care for privacy as shown by the survey.

Unfamiliarity with cryptos is the most cited reason for non-acceptance (58%),
followed by lack of consumer demand (36%), not feeling the need for acceptance (17%), lack of trust
in crypto (16%), acceptance not being common in their industry (12%), safety concerns (9%) and
perceived complexity (5%). Overall, both the answers given by accepting and non-accepting retailers
indicate that customers’ (expected) demand for crypto influences the acceptance decision.

Custodial payment processors are only great at one thing: making integration easy for businesses. With some custodians you can just sign up, link an ecommerce plugin, and you’re good to go with the company taking a small fee on each transaction you send through (usually 1-3%). Allowing your store to accept bitcoin in under 5 minutes without any technical installation. Bitpay is one of the older custodian providers and like many prehistoric bitcoin companies, is parasitical in its existence. Having raised tens of millions in its early days, it survives with a dying reputation, scraping 1% off naive businesses and has zero intention to keep up with modern bitcoin tech such as the lightning network.

shitpay

Many of these custodian setups are just a complete waste of time, often converting BTC straight to fiat with comparatively high fees. These custodian payment processors directly work against many of bitcoin’s values: trustlessness, peer to peer, privacy, and security.

There are also some interesting hosted semi-custodial(?) payment processors. Such as Bittery.io, which generates receiving addresses on demand and displays them within a payment gateway they host for you. The funds do indeed go directly to your wallet. However your payment processor could in theory suffer from some address substitution attack, diverting your customer’s funds. It is also not great for privacy, the company could in theory learn a about you and customers.

Non-Custodial Payment Processors

The most widely used non-custodial Bitcoin payment processor is BTCPay Server. For me, the size of the BTCPay codebase is somewhat daunting at over 100k lines. This makes it troubling to verify, customize and build upon. BTCPay also has some notoriety for being difficult to install, as admitted by their own documentation

Aside from that, for years BTCPay has been fundamental software for bitcoin adoption with an inspiring community of developers and users.

Recently they have been doing some cool things, such as their implementation of PayJoin. Payjoin is a two party coinjoin transaction that takes an input from each party, and sends them each an output of different value, rebalanced to make a payment in the process.

Payjoin improves transaction privacy by breaking the common-input-ownership heuristic that assumes all inputs of a transaction belong to the same individual. Very few wallets have this feature, and the fact that BTCPay is implementing it to enhance user privacy is elite (+ enabled by default!). BTCPay comes with a complete wallet interface and is packed with features such as the ability to host multiple stores from a single server instance (great for spreading adoption).

Breez

Other than BTCPay there is also the Breez mobile app which has a point-of-sale with lightning support, using the Neutrino bitcoin light client in the background. Following Breez closely, download and try it.

Breez

Another option if you want to easily recieve bitcoin donations privately are PayNyms, which aren’t really payment processors but rather a BIP47 reusable payment code. The sender establishes a key exchange by broadcasting a special notification transaction that the recipient is looking out for. This initiates a Diffie–Hellman key exchange where the sender and recipient now share a common secret key that allows them to deterministically derive billions of addresses for the recipient.

Only those with the shared secret key (sender and recipient) will be able to derive these addresses and know these addresses belong to the recipient. Try them on Samourai wallet. One of my PayNyms is +royalcell593 with payment code

PM8TJcmpqVeEYCeokiGqjpG4HoD22EMGi2xeRjQDBM7EyAYWEwThHwy16ZV4vKo6sFXHkiGQscbTt1tuBma6XiyqkPfHyRX6fNS84NRgHwkWg9Pu6ZMY

SatSale

Until recently I was leaking transaction privacy, exclusively reusing donation addresses in website footers. I needed to add a proper donation payment processor to my website, but I was reluctant to use the large BTCPay codebase. It is overkill for what I needed. Too difficult to achieve a “don’t trust, verify” grade installation from source. I just need something to easily install from source and run alongside my website.

So at the start of this year (2020) I started a new lightweight non-custodial Bitcoin payment processor - SatSale. This project is free software under the MIT license.

Live SatSale demo, try it^^

The SatSale project strives to be lightweight, easily deployable, and modular. With an ability to be easily customised or integrated into existing sites.

While the current UI is perhaps archaic, we enjoy the ease of theme customisation and you should too. It supports bitcoind nodes for processing onchain payments, and lnd for handling lightning network payments. I’m currently leaving the clightning implementation for anyone who wants to have a go at contributing.

SatSale Architecture

SatSale inner workings

I’m relatively new to software development, I welcome your contributions. Create an issue and open a discussion around your ideas, try to keep the project simple. Currently experimenting with tor hidden services, and today a store branch is ready for experimental use for in-person bitcoin sales:

Store Demo

Try demo

SatSale accessibility is still lacking. The base prerequisites currently require you to be

  1. Running a bitcoin node, and a lightning node if you want to accept lightning payments.
  2. Comfortable editing a file that will require you to find your bitcoin node IP, RPC details (in ~/.bitcoin/bitcoin.conf), and maybe SSH into your node if you’re running on a remote machine.
  3. Able to copy paste a start command and run SatSale, hopefully no config debugging required.

There are ways we can get rid of all three issues. For example, we could alleviate 2) and 3) with node apps, or by deploying a single-click-install VPS service (like BTCPayserver does with LunaNode). Or maybe someone who enjoys docker (gross) could compose an all-in-one node & SatSale image. Most interesting is how we can remove the requirement for users to run a node altogether, discussed below.

Peer-to-Peer Proliferation

Node Apps

Currently many people running a bitcoin node are not actually using it for anything. Fewer are connecting to their node with payment processors. I think SatSale has potential to change this dramatically. Existing node operators should have a a go at downloading SatSale and pointing it at a test wallet on their node’s IP address with their RPC credentials.

Recently, many less technically inclined bitcoiners have started running prepackaged node software, which is fantastic, bringing decentralization and self custody to everyone who desires it. BTCPay already has apps on many of node platforms. Satsale node apps for Umbrel/Raspiblitz/others are either under development or are being looked into.

bare bones

However, it is not ideal to host a web-facing payment processor from the same machine as your bitcoin node at a home IP address. Anyone could visit your payment page, find your IP, and use this to get some indication of geolocation etc. This means recieving donations on the web via BTCPay/SatSale hosted on a packaged node is a pretty bad idea. However it is possible to reach SatSale over a Tor onion so maybe we can do something with that (.onion will not leak IP). SatSale can already serve as an in-store point of sale, running off a Raspberry Pi node under a shop counter. With a monitor or tablet displaying the checkout and lightning invoice to the customer. You can use this setup without exposing the payment processor to the internet.

As well as accompanying node apps, SatSale could do with some UI improvements among other user experience features, but I am focusing my SatSale time on the ideas below

SatSale for All

I think we can make it possible for anyone to run SatSale, without the requirement of running a bitcoin and lightning full node, while still retaining custody and privacy. Make it possible for anyone with access to rudimentary hardware and internet to use bitcoin as peer-to-peer cash

Here’s how:

  1. Instead of connecting to a Bitcoin node, SatSale could take an extended public key (xpub/zpub) to generate addresses upon demand. Then we could use public blockexplorer APIs over tor to verify and confirm payments. All the tools required for this are already available today. But how about Lightning, where fast micropayments are likely to make up the majority of retail payments?
  2. Instead of users runnin a full Lightning network node, there are some alternatives:
    • Blockstream Greenlight - cloud based lightning nodes where the user retains signing keys on their own device and thus maintains custody at all times. I believe it will be possible for SatSale to create a Greenlight clightning cloud instance upon initial start up, and then use an API to get invoices and check payments. Greenlight manages backups and watchtowers so it is safe to go offline. Not realased yet, extremely exciting.
    • Lightweight clients - SatSale could be packaged with lightweight node clients, such as Neutrino, to form a complete lightweight payment processor.
    • Offline invoices or other tricks - is it possible to do something similar to the offline vending machine trick? With the ability to produce invoices and verify lightning network payments while offline? Still requires a node somewhere in the network to release payments..
    • Other lightning network developments? Offers?

If we remove or reduce SatSale’s requirement for users to run full nodes, then it could be possible for anyone with a 10 year old laptop & low bandwidth internet to run a self-custody bitcoin store. I like where Breez is going with the non-custodial mobile bitcoin point-of-sale, perhaps SatSale can take on the PC python-based counterpart. BTCPay fills the enterprise solution niche with its comprehensive tools and support.

For SatSale we’re also looking at methods for trustless lightning-based automated conversion from BTC to USDT that might please merchants who are not comfortable with volatility (weak hands mode).

Incentives for Adoption

A high impact step we can make for Bitcoin adoption right away is to reach every bitcoiner who happens to have some merchant or retail responsibilities, and enable them to start accepting bitcoin alongside their existing payment system. Likewise for those posting donation addresses. Financially reinforce those who have put the time in to establish a proper set-up, comment caution on those with risky practices.

For bitcoiners, the incentive is clear. Receiving bitcoin in exchange for goods or services is the best way to stack. Acquire non-kyc and highly private bitcoin. Non-kyc bitcoin, such as that purchased on Bisq or localbitcoins, tends to come at a premium that can range 5% - 20% depending on your country. You should be begging to be paid in sats if your customers are able. For this very reason we decided to add a 5% off sats button to the SatSale point-of-sale checkout.

I’d like to redo this poll with higher sample size, and ideally separate customer and merchant opinions.

At our current stage of adoption, retail stores “feel no added value of crypto-payments compared to other payment methods”. But they will look to start accepting Bitcoin for two primary reasons (revealed by Jonker’s study linked above):

  1. If accepting Bitcoin brings in extra customers.
  2. If customers ask to pay in Bitcoin.

USE BITCOIN

Both can only really be encouraged by vocalizing a desire to pay in bitcoin and by continuing to do business with those who accept it. Additionally this survey also showed that increasing a perceived compatibility score by 1 (on a 1-7 scale) increases the probability of a retailer “intending to adopt crypto payments” by 4.4%. Perceived compatibility and perceived ease of use were also found to be correlated with crypto-acceptance; as you’d expect user experience and education are highly important for adoption.

Closing

If i’ve convinced you SatSale is building for a worthy cause, please have a go at contributing, and support my SatSale work financially. Without your support, I am unable to give SatSale and other Bitcoin projects as much time as i’d desire.

Most importantly try SatSale out, and other non-custodial payment processors. Share us on twitter.

Get rid of donation addresses in your bios*. Next time you need a point-of-sale register, I implore you to download SatSale, point it to your Bitcoin node, and try the tools. Send us your feedback. Help bring us closer to peer-to-peer electronic cash.

*dont mind the occasional vanity address, like @wiz’s: 1wizSAYSbuyXbt9d8JV8ytm5acqq2TorC. The Tor in the checksum is a nice touch. I’m still searching for a good one..

Updated:

Leave a comment