Crypto anonymity is getting harder

Shapeshift now requires email registration to trade. Correlating trades now becomes trivial for them, or we need to keep at least 2 emails for this purpose (BTC -> XMR and XMR ->BTC transactions). And, they impose an endless ReCaptcha. And they include Google trackers anyway. And JS of course.

localbitcoins requires ID verification once the user reaches a certain volume (not a very high volume: about 20 trades or 2 BTC a year).

Poloniex moved to ID verification long ago, even for crypto only trades.

The purpose of this topic isn’t to argue for or against cryptocurrencies in general. Please refrain. It is to share ideas, tools and possible solutions how to maximize anonymity, within the limitations.

I will sincerely appreciate feedback on those lines.

Also discussed here:

Flyp.me that’s mentioned in the article doesn’t include Monero in it’s cryptocurrencies lists.

Interesting!

Yes, unfortunately governments worldwide (the fiat money system) wants
or are bullied into applying KYC almost everywhere. Certainly when an
account gets created somewhere where anything more than petty cash is
involved. Left behind are millions of unbanked people due to these
excessive, decadent policies.

Related:

chicken:

Poloniex moved to ID verification long ago, even for crypto only trades.

The purpose of this topic isn’t to argue for or against cryptocurrencies in general.

Right. Did not perceive it in that way anyhow.

Please refrain. It is to share ideas, tools and possible solutions how to maximize anonymity, within the limitations.

Sure.

Shapeshift alternative Changelly also requires KYC in some cases, especially when Monero is involved - it’s not an alternative at all.

There are decentralized and peer- to-peer exchanges, like Bisq, where you can trade without KYC.

What are the real motives behind KYC and government regulation of cryptocurrencies anyway? Defending the monopoly of banks over money? Saving the banks once again from collapse? Keeping the unbanked unbanked, the poor poor?

Shred:

What are the real motives behind KYC and government regulation of cryptocurrencies anyway? Defending the monopoly of banks over money? Saving the banks once again from collapse?

Yes.

KYC among other tons of regulations highers the bar for new market
players and thereby effectively prevents them. Banks aren’t evil because
it’s inherent, they’re evil due to lack of competition. The competition
is kept small by regulation which is difficult and expensive to comply with.

• anti-terrorism: probably not what they are interested in (not to
  mention that a lot of terrorism is actually state-sponsored)
• tax enforcement: could be
• censorship of opposition: yes (transfers to wikileaks blocked,
  accounts of activists terminated)
• geopolitics: yes (sanctions against countries, know who transacts with
  whom and be able to stop it)

Functions of money:

• store of value
• medium of exchange
• unit of account
• often overlooked: system of control

Keeping the unbanked unbanked, the poor poor?

That’s a hard one. From external observation it’s imo not possible to
distinguish between “evil”, “incompetent” and “don’t care”. Maybe it’s a
question of priority in favor of regulation and in their view the
unbanked have to deal with it as is.

XMR->BTC can still be done by xmr.to - no account required and works well with the Tor Browser.

Bisq - an application download is required. That’s additional security risk. Anyone has experience running it in Whonix Workstation?

Shapeshift - this is even worse than I thought. Not only they need an email address and giving Tor users a terrible time, they actually require users to perform authentication on their mobile device with Google Authenticator. So, they can’t even be used as a temporary option for a few transactions (unless users escalate to burner phones…). They moved overnight from being completely OK with Tor and anonymous usage to a strict authentication.

keepassxc can be used as a replacement for Google Authenticator (actually TTOP, Time based One Time Password) on desktop computers on Windows, Qubes OS (recommended), Linux (recommended) or Mac.

Related:

The installation didn’t work for me (64 bit?), but I managed to do it with that instead:

https://totp.danhersam.com/

And then I discover… that there is a last stage as well - ID verification. Easier to open a bank account.

Yes, I use Bisq in a Whonix workstation. Works very well, all connections are over hidden services, and truly decentralized p2p.

One caveat: end up with Tor over Tor. Possibly because of onion-grater, but (IIRC) a few weeks ago I pcap’d the traffic and I didn’t even see an attempt at contacting the control port.

@qubenix Can you report it to Bisq upstream please and link to your ticket?

Reported Tor over Tor upstream: Use system Tor if possible · Issue #1761 · bisq-network/bisq · GitHub.

coinpayments was an easy and friendly crypto payments gateway. Now they too require full KYC including selfies and everything.

localbitcoins.com now requires SMS verification for all new accounts and plan to add further AML/KYC requirements before the end of the year.

Just blowing some steam off.

When trying to register to bitcointalk.org (satoshi’s original bitcoin forum) via Tor, I didn’t only get the irritating ReCaptcha, but something I never seen before:

Bitcoin Forum > Remove Proxyban

Your IP address has previously been used for evil on this forum, or it is a known proxy/VPN/Tor exit node, so you are required to pay a small fee before you are able to post messages or send PMs. You can still use all of the read-only features without paying.

Your account contains 3,545.50 units of evil. To atone, you must pay a total of 0.00240385 bitcoins (2.40385 mBTC; 240385 satoshi). Pay to the address ------------. Once you have paid the full amount, wait a few seconds and then reload this page. If the fee is so small that your wallet is unable to send it, you can send any larger amount, though you will not be refunded the difference.

Alternatively, any forum staff member and some other notable members can manually whitelist you. Paying the fee is probably easier/quicker, though.

If you find any bugs in this system, email pbbugs-J6X0kjVn@theymos.e4ward.com. For example, send email here if your payment is not registered an hour after sending it. (Note: exchanges often do not actually send transactions until long after you submit a withdrawal.) The mere fact that payment is required for your IP address is never a bug. You will be permanently banned if you send email here requesting free whitelisting.

People commonly say, “I haven’t posted anything before, so why on Earth am I banned?” You are not banned. Your IP address was previously used for evil, so everyone who uses that IP address has to pay this registration fee.

So in short they ask for about $25 to “atone” my account from the sin of coming from an exit relay. I mean, I did pass a very long ReCaptcha designed to protect against bots, why further punish Tor users?

Edit: I then tried with another VM, configured with a Tor->VPN setting. The ReCaptcha was much easier (only one series of images), and I don’t have to atone. It’s amazing how many times this setting saved my day.

Sometimes it pays to bypass Exit bans

Would make a good topic for Tor Talk.