Posts in the News category

Privacy in Bisq

To write a blog post about privacy in Bisq has been already a long time on my TODO list.

One reason why I postponed it for so long was that I tried to fix the weaknesses rather than to explain such complicated stuff to a broader (potentially non-technical) audience.

But as we still don’t have the resources to fix the main issue (see section below about the BitcoinJ bloom filter) I want to explain the background of the issue and propose the solution how you can protect your privacy even in the presence of that existing weakness.

Beside that I want to give an overview about different areas where privacy is relevant in Bisq.
I think we have already achieved a very high level of protection of user’s privacy. We can do still better and are working on further improvements.

But the main goal of that article is to give those who take privacy serious enough background and guide them how they can get out the most from Bisq.

Be warned, that blog post will be a bit technical. Privacy is a complex topic and requires some basic understanding about how Bitcoin transactions work.

So let’s get started.

One area where privacy plays an important role is how the data between the peers are transferred.

Privacy in the P2P network

We use Tor (hidden services) for the P2P network.

With Tor we get a very high level of privacy on the transport layer. So there are no IP addresses visible which could be used to identify a trader. As we use hidden services we even don’t have the issue that the exit nodes are a critical bottleneck in Tor.

In Bisq there are mainly 2 different types of messages:

– Broadcast messages (e.g. offers are broadcasted to all peers)
– Direct messages (e.g. 2 peers are communicating directly in the trade process)

In the first case the messages are not encrypted as all users need to be able to read the offers. The only identifying data included in an offer is the onion address of the offer-maker. That is required to contact him when one wants to take the offer.

The direct messages are sent directly to the other peer and are encrypted and signed in Bisq. Beside that it is encrypted as well on the Tor layer.

Though there are some things which needs to be considered – even with Tor.

The repeated usage of the onion address carries a potential privacy concern:
Onion addresses of offers and trades could be used to map together an identity.

But that privacy leak to the trading peer can be also seen as a feature – and is actually used as such:
The small icon on the right of an offer entry or trade shows the onion address, whether you have traded already as well as the nr. of trades. This kind of “P2P reputation” (only you get the info about the data which you have anyway in the app from past trades – there is no centralized data collection) can be useful to easily identify traders with which one has traded already.

You can even tag a peer with arbitrary text like “Fast trader” (this data is only used in the scope of your local application).

Edit peer info




There might be different opinions if the re-use of the onion address for all offers and trades is positive (can be used for reputation) or if it is considered negative in regards to privacy.

Future improvements:
In future versions we want to make it possible to reset your onion address (in the settings).
There might be another option that we use separate onion addresses for each offer. But that might be resource heavy as multiple Tor circuits need to be maintained, multiple hidden service published (takes about 30 sec. – that is the delay at the application startup) and will complicate code as well. So this is not considered for the near future.

Beside that we will support an optional GPG key which can be used for reputation.
In the next version we will add this already on the data layer, though it is not implemented yet in the UI. With that key we could build a reputation system where a user can proof with his signature that he is the originator of certain offers or trades if he wants to and to whom he wants to.

That way we decouple the network ID with reputation and users can choose if they want to build up a long term reputation at the cost of loss of some privacy to the trading peer or if they prefer to not use reputation and in case of network ID renewals the offers and trades cannot be associated to one identity.

What can you do now?
For users who don’t want to connect potentially all their offers to one identity it is recommended to create a new data directory from time to time (you must not have open offers, trades or disputes) or to use a program argument (e.g. –appName=Bisq-2) so a new data directory with that given name will be created and you can run multiple instances of Bisq in parallel which are completely unrelated (that setup is used by developers as well).

The usage of the network ID (onion address) might be seen as privacy weakness but to have a long term ID is a requirement for reputation.
In future we will decouple that by using an optional GPG key for reputation and enable renewal of the onion address.

Privacy in Fiat trades

When the users are trading Bitcoin with a national currency the transfer of the Fiat currency requires usually some personally identifying data.

With a bank transfer it is typically the name and the bank account number. With other payment methods it might be an email address or phone number (e.g. ClearXchange, Interac, Swish,…). Only with OKPay and PerfectMoney an account number alone is sufficient. But even there the account is usually verified in the registration process at the payment provider so the company knows the real life identity behind that account number.

It is important to understand that only the trading peer will see that account data (the name in the case of a bank transfer) as well as the arbitrator in case of a dispute.
In all trades which are not disputed, the arbitrator has no access to this data. The account data is only stored locally on your computer.

The Fiat receiver needs to expose his bank data to the other peer, otherwise the Fiat sender could not transfer the money.
The Fiat sender usually also gets exposed by the receiving bank as most banks show the name and bank account nr. of the sender in the transaction history.

There is another important reason why we exchange the account data in both directions:
There are some known social engineering scams where a BTC seller receives the Fiat money from a victim who got tricked into a purchase at some Ebay-like platforms but the victim never receives the purchased good. The scammer gives the victim the bank account nr. of the BTC seller, the BTC seller receives the Fiat and then releases the BTC to the scammer. After a few days the victim discovers that he got scammed, goes to the police and probably requests a bank chargeback. The seller gets in trouble to explain that he was not the scammer and probably accepts the chargeback to avoid more hassles.

Luckily that never happened at Bisq but we need to be careful not to attract such scammers.
To protect against such fraud we require the Fiat receiver to only release the BTC if the bank data in the Bisq application is matching with the data on his bank statement, otherwise he needs to open a dispute.

Planned improvements:
The payment account data (e.g. bank account number and name in case of a bank transfer) could be encrypted by default when the data is exchanged with the arbitrator in case of a dispute. In most cases the arbitrator does not require the data so the traders privacy is better protected. Only in those rare cases when the arbitrator needs the data for the dispute resolution process he can request the decrypted data from the trader.

The exposure of the bank account data to the other peer (and arbitrator in case of a dispute) is a necessary requirement when a Fiat transfer is involved. In future releases we might add an improvement that the arbitrator does not see the account data by default and has to request it from the trader if needed.

Avoiding coin merge

The returned change amount when funding an offer and/or trade as well as the funds you get out from a completed trade are re-used for other trades if you choose to use the Bisq internal wallet.
This connects the trades at the Bitcoin transaction graph level.

To avoid that, you need to fund each offer independently from an external wallet and withdraw the funds at the end of the trade to an external wallet.
Of course you need to take care that you don’t leak your privacy with coin merge again in the external wallet (you can use multiple external wallets as well to make that easier).

UI-wise that strategy is fully supported in Bisq (in fact it was the only option initially) but we are aware that most people prefer the more convenient usage of the internal wallet to re-use bitcoins from one trade for funding the next trade.
Unfortunately there is no good solution to combine both convenience with privacy here.

To offer a tool (similar to coin control in Bitcoin Core) to let the user decide which unspent transaction outputs (UTXO) should be used for funding an offer or trade might help to mitigate the problem. But there is some complexity and difficulty involved to decide which UTXO to use as well the problem that often you don’t have enough options to choose from. So that approach does not look like a feasible strategy to solve that issue. It is a conceptual problem from the way how transactions are connected in a graph in Bitcoin.

Coinjoin is one of the very few strategies to combat that issue.
We have rough plans to either add Coinjoin to Bisq in future, integrate an external Coinjoin implementation in a user friendly manner or find another solution with an automated trade to an Altcoin which has strong privacy protection built in at the protocol level like Monero or Zcash.

Hopefully we will see more privacy improvements like Confidential transactions integrated to Bitcoin as well.

If you want strong privacy you need to fund each trade independently and withdraw the funds from a completed trade to an external wallet where you have to take care to not merge the coins again (which is not easy).

Privacy in the Bitcoin network

The connection to the Bitcoin network (we use BitcoinJ which uses the SPV model) is by default over Tor (we use a mix of connections to clear-net full nodes which are passing the Tor exit nodes and full nodes running as hidden services, therefore never exiting the Tor network).
The user can pass a program argument to use a custom Bitcoin full node as well. Alternatively a locally running Bitcoin node (localhost) can be used. The Bisq application discovers that local node automatically and uses it as the only node for the Bitcoin network connection. So no configuration is required.

The users who don’t run their own full Bitcoin node are exposed to a severe privacy leak inherited from the broken BitcoinJ bloom filters [1], [2].
I tried to fix the most critical flaws [3] but unfortunately it turned out that it requires more effort to fix that [4]. So the bloom filters are still leaking considerable information to full nodes (in case those are operated by chain analysis companies spying on the network).

What is leaked:
A spying full node will find out quite easily that all the addresses created by the HD wallet (about 1300) are from one wallet (belongs to the same owner).

They don’t see the IP address as we use Tor (with other BitcoinJ wallets even the IP address is leaked).
If one of those addresses is connected to the real life identity of the user all the other addresses are de-anonymized as well (derived from the fact that all come from one wallet – same owner).

Revealing a real life identity can happen easily if you use one of your wallet addresses for any service where you have to register with your ID (centralized exchanges, merchants,…).
Even if you don’t leak any Bisq address, with more sophisticated graph analysis using typical usage patterns (e.g. coin merge) it can happen easier than expected that you lose your privacy.

So don’t expect privacy on the Bitcoin level unless you run your own full node or you really know what you are doing and are aware of all the pitfalls.

We have some bounties open in that area and we consider this a high priority issue which hopefully gets solved soon.
Any developer experienced with BitcoinJ is very welcome to get in touch with us!

Unfortunately the bloom filters are broken also on the design level, but to fix the implementation flaws would give us at least some level of improvement (and render the effort for the spies higher as well as reduce the quality of their data due to a higher degree of uncertainty – though there might be controversial opinions about that).
That said, you should not be tempted to assume that the privacy problems of bloom filters are fixed after the BitcoinJ bloom filter implementation flaw is fixed.
To get a new bloom filter design implemented and deployed to Bitcoin Core is unfortunately something we cannot expect to happen soon. There are a few interesting efforts in that direction but I am not aware that anyone is working on that [5], [6], [7].

But there is another very promising solution on the horizon:
To use a Bitcoin Core node in SPV mode [8].
Jonas Schnelli is working on that and we consider to replace BitcoinJ by that as soon it is production ready and we have enough dev resources to implement it.

So what can a user do in the current situation to get a protection against those spying full nodes?
As said initially the only protection is to run your own full node, either locally (then Bisq connects by default to it) or you pass the IP address to your node (or a trusted node you know) via a program argument (—btcNodes=[comma separated IP addresses]).

But it is important to do that already at the first startup and always. One connection to the public Bitcoin network can be enough that you get connected to a spying node and your privacy is leaked (only a new data directory which creates a new wallet will help then – in our Github wiki there are instructions [9] how to do that).

To communicate that complicated issue by displaying a popup at the first Bisq startup would be too confusing and overstraining for most users.

One possible compromise might be to use by default a white-list of trusted full nodes. The user can change to run his own local or remote full node, use his own list of trusted nodes or use the public Bitcoin network. As explained above it must already be taken care of at the first startup, so to use the public network as default would require a popup explaining the complex topic.
To use a white-list of trusted nodes compiled by the Bisq developers introduces centralization and trust issues.
Though I think that is less critical as the user can change afterwards to the public network without any damage, which is not true for the other direction (first public then trusted nodes).

This is clearly controversial and not an optimal solution at all, but might be preferable to the current state where everyone is leaking potentially (and I assume to a high probability) their privacy.
We have not decided to go that road yet, but it is in discussion.

Though as said above a SPV Bitcoin node would be probably the solution we will go mid-term and that would solve that issue anyway.

For achieving privacy protection on the Bitcoin network level you need to run your own full node.
We are trying to fix the implementation flaws in BitcoinJ but unfortunately bloom filters are already broken on the design level so we will never get proper privacy with the current bloom filters (Bitcoin side).
Alternatively we could provide a white-list of trusted full nodes and use that as default instead of the connection to the public network. This is a problematic approach as well and still in discussion.

The mid-term goal is to use a SPV Bitcoin node integrated in Bisq (similar like we use the Tor binary). For the user that would be transparent and the usability comparable with the current BitcoinJ SPV model. That would not only solve the bloom filter issue but also other weaknesses of BitcoinJ’s SPV model (e.g. no validation of consensus rules; in case of a hardfork with Bitcoin Unlimited it would follow automatically the longest PoW chain).


Those who care about privacy, take the time to understand the complex context [10],[11],[12] and are willing to take the burden to run a full node as well keeping the funding of trades independent to avoid coin merge, can use Bisq with a very high level of privacy protection.
The others are probably leaking their privacy already in many other areas as well so Bisq does not really make their exposure worse.

This is not a satisfying situation though as we want to provide privacy by default in a user friendly manner. Convenience and privacy are unfortunately often hard to combine.
But we will continue to work to find the best solutions to solve those current weaknesses.

With all that said we have to emphasize that Bisq has already archived a very high level of privacy protection and clearly outperforms any other Bitcoin exchange in that matter.

  • No registration required. No centralized data collection.
  • We use Tor by default for all network traffic. So your IP address never get leaked!
  • Our UI supports coin merge avoidance.
  • Bisq uses a HD wallet. No address re-use
  • There will be future improvements to decouple the network ID with an optional reputation key.
  • Once we can use a SPV Bitcoin Core node instead of BitcoinJ we get rid of the bloom filter problem.

Protection of privacy is not only a core value of Bisq but we see it also as a fundamental property of money to achieve fungibility.
Bitcoin and the surrounding infrastructure (like exchanges) need to improve in that area so Bitcoin can develop it’s full potential as sound money. Sound money for a sound society. Protection of privacy has to be the default state for all, not just a privilege for techies and geeks.

America’s founding fathers have been more aware of this than today’s retarded politicians.
As we cannot expect much support from that side, let’s build our new model as we think it should look like and make the retarded model obsolete.

[1] Privacy in BitcoinJ:
[2] On the Privacy Provisions of Bloom Filters in Lightweight Bitcoin Clients:
[3] Review bloom filter fixes in Bisq’s BitcoinJ fork:
[4] Bounty: Review Bisq’s BitcoinJ Bloomfilter fixes:
[5] Leo Wandersleb efforts:
[6] Committed bloom filters for improved wallet performance and SPV security:
[7] How have fungiblity problems affected you in Bitcoin?:
[8]Complete hybrid full block SPV mode:
[9] Switching to a new data directory:
[10] Bitcoin Privacy Landscape In 2017 — Beyond Coin Mixing, General Guidelines And Research:
[11] Bitcoin Privacy: Theory and Practice – Jonas Nick:
[12] Bloom filtering, privacy – Adam Back:


Bitsquare becomes Bisq

We announced a while ago that we started rebranding as a result of trademark conflicts.

That was unfortunate as Bitsquare is well established and we all like it. But there is no way around it.
We have chosen to replace Bitsquare with Bisq.

Thoughts on the old name

The brand Bitsquare is good but not perfect.
Too many projects in the space are using “bit” in their brand so it got quite overused.
The “square” in Bitsquare was originally inspired by Satoshi Square, a term describing a place where a face-to-face bitcoin exchange is carried out. Most people did not know that association (square as a market place) but interpreted it as geometrical square, which does not have real meaning in our context.

The hunt for the new name

Rebranding an established brand is challenging. To get the best result we tried different approaches:
One was to reach out to our community to help us with their suggestions and inspiration. The response was overwhelming – over 2000 suggestions from 266 contributors, but unfortunately there was none which was sufficiently outstanding to convince us to select it for the new brand.
We also worked with a professional agency to find a new name, but we did neither find a winning candidate that way.

At the end it was a long and time-consuming process and we maintained an internal list of more than 200 names which we discussed, voted on within an extended group of about 20 contributors.
There have been several favorites and it was not easy to select a single one among those. But finally we are convinced that one name stood above all – Bisq.

What makes up a good brand name?

We think a brand name should be unique, easy to remember, easy to pronounce, short and produce some positive association or emotions. Furthermore I think that many of the good brand names are made-up and non-descriptive. Google did not choose “SuperFastSearchEngine” and Reddit did not choose “CommunicationHotspot” or the like.

We got a lot of suggestions like OpenExchange, PeerMarket,… but I think even if those names help to associate quickly what the project is about, they are not the best for establishing a unique brand.
It is a bit like calling your kid “Little Boy” instead of giving him a unique real name. A unique name represents identity, a descriptive name refers to one of many possible identities.

Another important factor was that we favoured names which somehow referenced to the original name Bitsquare. The anchor letters: B, S, Q are easily identifiable with Bitsquare. We tried to use that advantage for the new name.

However, as a result of trademark (TM) laws it is not possible to use anything which even sounds similar to “square”, so anything like Bitskware is a no-go.

Even if the new name makes no reference to “square”, we have no guarantee that we will not face a conflict again, but at least we can reduce the risk by cross-checking the new name with a TM lawyer – as we have done already. Luckily, at a first glance there are no potential conflicts from a trademark perspective with the name Bisq. A google search does not show any competing or relevant projects or companies and none of the existing TM registrations seem to represent a critical risk.

What made Bisq stand out?

– Short (consists of just 1 syllable)
– Easy to pronounce
– Has only 4 letters (those are the hardest to find)
– Is odd enough to be remembered
– Has the anchor letters B, S, Q which are a reference to Bitsquare
– One can read it as a very short form of Bitsquare or abbreviation of Bit (BI) and square (SQ)
– It is a non-descriptive name and a unique non-dictionary word

When will the new name come into effect?

We are working on a big release which includes the DAO model. That should be ready in 1-2 months.

We try to schedule the whole rebranding before that release. There might be some time where both brands overlap but we will try to do the best to keep risk for confusion low.
Please help us to spread the word to make it easier for people to know that Bitsquare becomes Bisq.

Until the rebranding has officially started, we are still Bitsquare 🙂


Outcome of Rebranding Bounty

  • By Manfred Karrer
  • In News
  • On Feb 22nd 2017
  • permalink


The team reviewed all bounty submissions, but there was no single name that clearly stood out. The Bitsquare bounty of 0.5 bitcoin will be distributed to those with best contributions.


We recently announced that Bitsquare is rebranding. Finding a new name is a challenging task, so the team offered a bounty to get some inspiration from the growing community. The rules of the bounty were introduced in the official forum of Bisq, where community members could make proposals for new brand name. If a given proposal ends up being selected by the team, the respective person will receive 0.5 bitcoin. In case none of the proposed names are selected, there is no winner to claim the bounty of 0.5 BTC. However, due to the active engagement by the community, we promised that in the event of no winner, the bounty will still be distributed to those who offered the best contributions towards finding a new name.


The bounty ran for more than 5 weeks and ended on February 20. We counted more than 2000 unique proposals from a total of 266 users. The team reviewed all proposals, but none of them really stood out as a clear winner. So as promised, Manfred will distribute the bounty of 0.5 bitcoin to those users, who we believe offered the best contributions.

Selection process

Each member of the core team put forth their selection of “best” proposals from those offered by the community. This process resulted in a short list of good names. For each of those names we listed the user who first proposed it and found out that three users appeared multiple times. We decided that those users deserve to receive part of the bounty, as they have proposed multiple high-quality names. Two more users stood out with their alternative contributions – valuable discussion and constructive feedback, both of which are helpful in the search of a new brand name.


The team selected the following winners (listed here in alphabetical order):

* dsteam – for offering 9 names the team evaluated as good
* FreepWho – for active participation in the forum, for offering constructive feedback and for posting good motivation for his/her proposals
* mirelo – for offering 6 good names, plus motivating his/her proposals
* spoken – for offering 11 names that were very close to being selected
* vieuxvicq – for offering high-quality constructive feedback and valuable discussion
* silverback – for proposing Bitsquareui, for being active in the forum and for motivating his/her proposals

These users should contact Manfred (PM from forum or email – see address and gpg key at contact page), stating their bitcoin address, in order to receive their share of the bounty: 0.1 BTC each. Nevertheless, we thank everyone who contributed in the forum for their desire to help the team!

New brand name

The team has stopped on a new brand name that at this point will not be disclosed. The reasons for this are several: checking with lawyers for any potential conflicts, securing domain names, changing slogan and name of DAO tokens, etc. All these need to be settled before we are comfortable disclosing the new name. We hope to complete this shortly.

Thank you once again to those who participated in the bounty hunt! Keep an eye on this space for the announcement of the new brand name.


Bitsquare is rebranding

Bitsquare has always been proud to say it is not a startup or a company, but a free open-source community project. It is being developed without venture capital or any other form of external funding, but with personal savings and donations from the community it serves.

To protect the values of this community and to build a stronger image there came the need to register the Bitsquare brand. The team recently initiated brand registration, but as it often happens, the name was opposed. It turns out, though to no one’s surprise, our project is not the first one to come up with the term “square” in its name.

To try and preserve the name we all came to know and love, the team sought professional legal advice from two independent lawyers. These consultations did not bring much hope though, as we learned that the odds are stacked against us.

Although the community has grown attached to the name “Bitsquare”, we’d rather focus our limited resources towards building stronger code. To avoid a lengthy and expensive legal process, we will have to find another name.

That doesn’t sound like good news… until we take a step back. Since it’s conception 3 years ago Bitsquare has undergone a significant transformation. The project has recently entered in a new stage. Bisq’s distributed governance and funding model is now under full development. Trade volume and liquidity have grown significantly. New members have joined the team. So although finding a new name is inevitable, rebranding right now might not be a bad idea after all.

The project is now seeking a new brand name that will firmly establish its presence in the cryptocurrency space. In the search for a new name, a team brainstorm produced a number of candidates. We are now turning to the community for additional proposals. To avoid bias, though, our list will likely not be shown.

Manfred, Bitsquare’s founder and lead dev, is offering a bounty of 0.5 bitcoin for the person whose proposed name ends up being selected by the team. You can find the details of the bounty in our forum post.


With the recent Bitfinex heist models for decentralized exchanges have received a bit more attention as usual.

This is a repeating pattern happening every few months after a major incident. And it goes back to business as usual after people are entertained by the next soap opera.
So I do not expect that the majority of cryptoland citizens will radically change their behavior. And that has several understandable reasons.
But beside that, there is lack of awareness for critical problems and lack of visions for possible solutions.

People are used to traditional models and centralized exchanges are serving exactly that. They are similar to stock exchanges or Forex trading. They satisfy what those types of traders or speculators are looking for. Nothing wrong with serving people’s demands and habits, right?

What makes the difference?

But hey, isn’t there something different between Bitcoin and that traditional Fiat world?
Wasn’t there something what created excitement for those who consider themselves as early adopters or cypherpunks?

Do you think Satoshi tried to satisfy people from the finance industry or give the mainstream users a more convenient payment method? Certainly not!
Paypal was built with that mindset, Bitcoin wasn’t.
It was built with a vision beyond the short sighted demands and habits derived from the past.

So like with everything what is new, those new models require a little bit of endeavor from those who are brave enough to explore that new territory.

What are the differences?

A P2P exchange has differences and will not perfectly satisfy people who are used to centralized exchanges.

But let’s first define the term exchange how we understand it, because many people use it with a different meaning:

  • The main feature is to exchange one currency to another.
  • The feature to speculate on price movements, short-selling, hedging or lending are extended features which some centralized exchanges provide, but I think that is outside of the core definition of an exchange.
  • How the exchange is implemented, if it uses automatic order matching or how fast the exchange happens are secondary characteristics.
  • A Fiat exchange means that national currencies are used, not IOUs for representing them.

Before we look at the reasons why the decentralized model provides a unique value let us have a look to the drawbacks:

  • Bitsquare is slower and trading is a more manual process.

That will be improved in future but the basic model that users control their funds require settlement controlled by the user and that takes a bit of time, even in the case for crypto currencies (blockchain confirmation). The exchange process will never be able to compete with high frequency trading. But that sort of speculative activity might get served by other solutions in future (Options, CFD,…).

  • You need to install a desktop app and you can’t run it in your browser, smartphone or your golden caged iPad.

The simple reason for that is that peer-to-peer means: all peers are equal – equally serving other peers and consuming from other peers.
Smartphones or tablets are not good in serving.
Web browsers are clients in the classical client-server architecture so they fail if you want to use them to serve other peers.
But sure, it would be convenient and nice to be able to run real P2P apps just everywhere. It might even happen some day but it comes with considerable challenges and effort. So please have patience or join our forces to make it earlier happen.

What’s on the table?

So beside those drawbacks, why should you be interested in P2P applications?
You can ask the exactly same question: Why should you be interested in Bitcoin?
You get security and privacy!

The security model is obvious:

  • If there is no sever to hack, you cannot steal money and user’s identity data from it.

Identity theft will become even more crucial in future as it is already. Regulation will soon enter that area as well.

  • If you don’t accumulate funds you don’t attract criminals.

That is an aspect which usually does not get much attention, because big numbers are impressive in our society.

Excuse me to remind on one of cryptoland’s latest soap operas, it just fits perfectly to that topic: The DAO
That completely pointless strategy to collect an enormous amount of money, without any concrete need for it was not only fatally damaging their own project. That often repeated, unethical but profitable model of externalizing risks and costs to others caused immense damage to their host community: Ethereum – giving cryptoland a new soap opera episode called ETC against ETH. Too bad that the real problems are not getting solved by those excitements.

Privacy – security’s sensitive brother

Beside security, privacy is an even more important issue. I think the relevance of privacy is widely underestimated.
If you have read that infamous EU proposal, you should be alerted. The MIT ChainAnchor project is another warning sign that our financial privacy is at risk and governments are getting more and more drunk of power abuse.
The 4 horsemen are riding again. Actually they never stopped riding the last 20 years as it seems they are pretty efficient in their job. Shocking how cheap that works…

We are getting closer to a critical junction: The future is the result of that what is getting prepared now. If we don’t engage to form it, others will do it for us.

Bitcoin seems to become the wet dream for governments to get full control and surveillance over the financial life of it’s citizens if we allow them to continue that path.
Financial information is even more critical and valuable than information derived from communication.

Matching users Bitcoin addresses with the user’s real life identity threatens Bitcoin’s weak privacy model and makes chain analysis a simple exercise – and even more crucial – it destroys a core property of sound money: Fungibility

Those companies who are engaged in that business of weakening privacy cannot be considered as anything else than parasites – destroying it’s host for short term profits.

So even those who are not convinced of the importance of the protection of privacy should be alarmed about that, because such a currency will never find mass adoption.
No company will use Bitcoin when they know that they have zero privacy with their transactions. Furthermore, people will not accept Bitcoin as payment if they cannot be sure that they can spend it later without risk. The burden of verifying the history of a coin and evaluating it’s risk would produce too much friction for mass adoption. All that would make Bitcoin inferior to the USD or EUR.

How can a decentralized exchange like Bitsquare help here?

Let us answer with a quote:

“Governments are good at cutting off the heads of centrally controlled networks like Napster, but pure P2P networks like Gnutella and Tor seem to be standing their ground.”
– Satoshi Nakamoto

Decentralization is a requirement to achieve censorship resistance. Censorship resistance is a foundation for a free society. Americas founding fathers have been more aware of that than todays retarded politicians and their corrupted media industry.

But can a decentralized exchange be efficient?

Lack of efficiency is not that what causes the most pain in our world. We are pretty good with efficiency in many areas.
Resilience is the area where we are terrible weak.

The blockchain is not good at efficiency but it is very resilient.
From an efficiency point of view it is the worst, slowest and most expensive database. Only censorship resistance gives it value and significance.

The fact that Bitcoin’s efficiency outperforms the bank’s efficiency and that they consider the “blockchain” revolutionary, is just because the banks are so unbelievable inefficient and have slept the last 20 years (or longer). They get woken up now by FinTech companies who are now considered “revolutionary” simply by applying modern IT to the banking world. We are witnessing the cheapest revolution of the century.
Bitcoin will remain alien to banks. Bitcoin is a complete contradiction to their concept and culture.

Where are we now? What is left?

We see now the first wave of P2P apps like Bitsquare and OpenBazaar operational and flourishing.
But of course there is a lot of headroom for improvements. Same like there was headroom to find creative solutions to scale Bitcoin (the right way).
It took a bit of time but solutions like Segregated Witness will give us a basket of gifts not a one-time-shot:
When you try to solve 1 problem and get 10 others solved as by-product, you know you are doing right. Then synergy happens.

That kind of synergy is what Bitsquare is aiming for. There will be soon an announcement regarding that topic.

Beside that, we are working hard to bring the project to the next level:

  • Automated trading for altcoins
  • APIs
  • The decentralized arbitration system
  • CoinJoin
  • Option trading
  • Micro credit market
  • And of course many improvements from the feedback we get from our users

If you have not already visited our survey, please lend us 5 min. of your time and let us know what you expect and think about Bitsquare.


If we start to explore the new possibilities, potential and characteristics of decentralized applications we might end up in a completely new territory. A territory which is not built by replicating old habits from the past.
It might need a bit of openness and courage for trying out new paths, but you know:

The revolution will not be televised


Beta version launched

  • By Manfred Karrer
  • In News
  • On Apr 27th 2016
  • permalink

A big day for Bitsquare – we have launched our Beta version!

After 3 months of extensive testing on the Bitcoin mainnet, The Decentralized Bitcoin Exchange is now ripe for a wider audience.

We would like to thank everybody who helped testing, providing liquidity, giving feedback or spreading the word. We extended our community channels with a new Forum, a Slack channel and more.

After the today’s Beta presentation in Fab Lab Barcelona, I will do a tour through 15 European cities to get in touch with the local community.

Hope to see you on the network!


New P2P network

Some of you might ask what causes the delay of the beta release which was planned for that summer.
The reason for the delay is a change in a fundamental part of the application – the P2P network.

The following might be a bit technical. If you are not interested in those details you can skip to the last paragraph as well.


Bitsquare used TomP2P which is the most mature Java DHT implementation available and I was lucky to get the author – Thomas Bocek – on board to help to fix the open issues with Nat traversal.
Those issues was the source of a constant concern since the project start as for any P2P network it is a big challenge to overcome the restrictions set up by NATs and firewalls to avoid that nodes are accessible from other nodes in the internet.


Bernd Prünster introduced another idea to me which turned out to not only solve the NAT problematic but also helps to mitigate other open issues I had with a DHT solution: Using a Tor proxy to delegate the network traffic over Tor and therefore delegate the NAT problematic to Tor, which has solved that to a very satisfying level (they even pass through Chinas great firewall).

But no worry the Bitsquare user don’t need to do anything. It is all integrated into the application and no special setup is required. There are also no performance drawbacks with the small amount of data sent by Bisq.

Using Tor not only solved the network connectivity issues but also adds the high level of anonymity Tor provides to Bitsquare. In fact we use Tors Hidden Services for every node to make the P2P communication completely anonymous (as far Tor provides that).
That solved another open issue with the previous solution: The offerer need to be able to get contacted by a taker and therefore leaked his IP address when publishing an offer.
Now there are no IP addresses used but onion addresses. Those cannot be used to reveal the real location or identity of the user and that previous privacy issue is therefore solved.

Flooding network

The network routing algorithm used to transport the data (offers) previously stored in the DHT to all users is now a flooding (or gossiping) algorithm. A similar one is used in Bitcoin to provide a very robust P2P network with less vulnerabilities as a structured network like a DHT.

More sophisticated and effective routing algorithms like Kademlia routing which is used in DHTs come with a serious Sybil attack risk, as anyone who can control certain nodes could control the storage of certain data. The problem is that the network ID creation is free and the network ID is used to derive the storage location. So you can create a huge amount of netwok IDs and then select those which are giving you the control over the data storage location of the data you want to control.
That vulnerability is mitigated with the flooding algorithm as every node stores everything.

Satoshi has chosen the flooding algorithm for Bitcoins P2P network to obtain a highly decentralized and randomized network structure which is very important to secure the network against hostile takeover of parts of the network.
Though it came with some costs regarding resource usage. As we know, every full node in the Bitcoin network has to store 50 GB of blockchain data.
Luckily Bitsquare uses very small amount of short living data and the number of nodes will be much smaller as well. I estimate there will be data storage requirements of a few hundreds of Kilobytes or a few Megabytes. Each data has an expiration date, so our requirements will not cause any scalability problems.

Additionally to the publicly readable data like the offers there are data stored which need to remain private. There are trade process messages which are stored in a kind of mailbox in case the peer is offline. Those data are encrypted and signed and also sent to every node for storage. Only the receiver (who has the private key) can decrypt the data. A similar approach is used in Bitmessage.

Current state

Of course building a custom P2P network is a task which needs time and caution. That’s what causes the delay in the roadmap to release the Beta version.
The new network is basically already implemented in the application but it is not completed yet.

I hope that we can release the Beta version in about 2-6 weeks.


The really interesting problem in the recent Bitcoin crisis is not the block size debate. Nearly everyone agrees that there is need for a solution, but the consensus ends there. The form that the solution should take – and even the urgency of the problem itself – are still both hotly debated.

The more interesting problem is the little-discussed shift in governance model that some would like to see take place. Bitcoin’s current governance is based on consensus, but Bitcoin XT proponents would like to see it shift to a benevolent dictatorship of sorts.

The benevolent dictatorship model is used in many software projects, is widely accepted, and works well. But Bitcoin is not a usual software project. It’s a decentralized, censorship-resistant currency with a market capitalization of several billion.

How Power Happens

To place a single person in the role of central decision-maker of Bitcoin would create an unpredictable, massive risk for that person, as well as the currency itself.

Imagine Bitcoin scales to become a globally-used currency with orders of magnitude more market capitalization than it has today. Bitcoin’s “benevolent dictator” – whomever it happened to be – would not be able to withstand the pressure that such a position would bring. No one could.

What kind of pressure would this be? When one individual’s actions have the power to affect billions of dollars worth of other peoples’ outcomes, that person becomes a magnet for bidders looking to purchase the most favorable outcome – for themselves. The actions of Bitcoin’s benevolent dictator would truly be up to the highest bidder or the most coercive criminal or government.

So we have a contradiction: those who argue for more scalability – the XTers – want to implement an even more vulnerable bottleneck to scalability. This single-person bottleneck is such a fundamental deviation from Bitcoin’s constitutional values of decentralization and censorship-resistance that the author of this article would switch to using alternative cryptocurrencies.

Most interesting to me is that the block size and fork debates have revealed how human nature responds to power. Even if the involved actors solve the current problem, it will not be the last time that Bitcoin is challenged by a non-technical, existential crisis. Many of us prefer to avoid confronting old ugly politics, but despite our best efforts, they’ve found us anyway.

How to Create & Maintain Decentralization

The current consensus-based governance process in Bitcoin is far from perfect: there is still only a relatively small group of people who are able to make decisions. The primary lesson from this crisis, then, should be how to improve that model.

A better model may be similar to what young nation-states do: set up constitutions and impose structures to prevent deviation from the founding ideas. But is that the only way to go? Is it healthy and future-proof for a project to gain so much power that imposed structures are required to make changes more and more difficult? Imposed structures which attract more and more bidders looking to buy influence as the project gets bigger? Is this inherently political environment inevitable, or are there other ways out?

I propose an alternative, one which was not possible before cryptocurrency: let us support a network of many smaller currencies instead of following the ideas of a single, dominant one.

The Domino Effect as a Sign of Centralization

Isn’t it ludicrous that the current Bitcoin crisis is affecting nearly all other cryptocurrencies as well? It reminds one of the 2008 financial crisis, in which the failure of one institution was deemed a systemic threat to the entire global financial structure.

But supporting a network of smaller cryptocurrencies would relieve the political pressure of trying to have “one true blockchain.” It would create and maintain actual decentralization in money. Releasing Bitcoin’s political burden as a multi billion dollar asset will also make space for innovation. Even the pressure of governmental intervention can be mitigated by distributing its impact across the entire cryptocucrrency sphere, where a single failure doesn’t cause systemic risk for the whole ecosystem.

Now to the caveats of my proposed solution: using a multitude of smaller cryptocurrencies is not the sort of system we are used to. Historically people haven’t preferred to deal with multiple currencies. But the problems of a multi-currency ecosystem can be solved when we have near-frictionless, automated, and trust-free exchanges.

And it just so happens that crypto currencies can provide all of those things.

The Solution Stack

An atomic cross-chain exchange is a possible solution. It currently lacks decentralized implementation, however. If you need to support multiple blockchains, you cannot easily build a P2P system which scales. Additionally, Mercury is an implementation which uses servers to overcome that particular problem.

But there is another possible solution which fulfills the requirements of a fully decentralized exchange without suffering from usability and resource problems. The full nodes of various blockchains need to support the features required for the exchange protocol. If a cryptocurrency implementation does not provide those features, an extension would need to be built for the original full nodes which adds those features.

The users supporting the exchange would then be incentivized to run these nodes, which would be fully compatible with the original node but offer an additional feature set. This is similar to the model Bitcoin XT uses (added UTXO support for Lighthouse). Tasks of a server can instead be executed by an unlimited set of P2P nodes. The node extensions might look similar to blockchain APIs, but come as a wrapper around the original full node of a given blockchain.

Application Example

Imagine a multi-currency wallet with 10 or 20 different coins, where you can decide what percentage to assign to which currency in your portfolio. It would conceptually be more similar to a stock portfolio than a traditional wallet. You could use trading agents/bots to get the best exchange rates, and your trades could be executed automatically in the background using the atomic cross chain exchange protocol.

If a merchant only accepts one coin, and you don’t happen to own that coin, you could simply buy it on the exchange market. The time it would take to wait for a confirmation could be mitigated by services that offer zero-confirmation transactions (e.g. using reputation or security deposits).

Note that this scenario lacks a dominant currency. This is not a problem. It actually liberates coin projects from bearing the burden of having too much power, with the regrettably attendant need for increasingly strict and complex governance models.

In this scenario, centrally-controlled currencies which used a benevolent dictatorship model would not be able to cause systemic risk, because a multitude of independent currencies exist as alternatives. People don’t care if a restaurant is run by a benevolent dictator or by a collective of employees, correct? As long as there are competing restaurants to choose from and no monopoly or cartel controlling the market, the governance model of individual businesses doesn’t really matter.

An Actual Internet of Money

The solution discussed here would get us closer to something like a real Internet of money. Just as the browser was the tool connecting content and later applications together, a multi-currency wallet with an atomic cross-chain exchange would be the tool to connect various flavors of cryptocurrency. As fast and as simple as it is to click links from one webpage to another, so too could it be to exchange one coin for another. It should be kind of a no-brainer, really.

Governance and Politics

We can never escape from the realm of politics and the need for governance, but when we are able to reduce the power we’re exposed to, power’s attendant problems become easier to handle.

If you are a software developer, you already know this: if a problem is getting too difficult, you try to break it up into several smaller pieces. You divide and conquer. Decouple dependencies. Avoid god classes. Because small is beautiful.

However you describe this form of problem solving, it’s nothing new. Only the tools are new. And they’re more favorable to us now than anyone could have ever imagined.


New team members

  • By Manfred Karrer
  • In News
  • On Aug 10th 2015
  • permalink

Good news! Bitsquare is expanding: Amanda Johnson and Mihail Mihaylov were delighted to join our team.

Amanda B. Johnson is well known to readers of Cointelegraph and Bitcoin magazine. She has a strong focus on privacy and fits great to our team with a good taste to cover political topics. She will take care to communicate the ideas of Bitsquare to a wider audience and help us to gain traction once we launch our Beta release.

Mihail Mihaylov is a Bitsquare contributor from the very early days on. He is the organizer of Barcelona Bitcoin Community, which is of the fastest growing Bitcoin Meetups worldwide. He is working as a research scientist in the Internet of Things and the Smart Grid environments and his academic research has always circuited around the field of decentalization. He will take care of the arbitration system, help to communicate the concept and guide the arbitrators in the first few months until we have a fully decentralized solution implemented.

We also want to add a bit of background information about our recently joined team members: Mats-Erik Pistol and Thomas Bocek.

Mats-Erik Pistol is a scientist in the field of Semiconductor physics at the Lund University in Sweden. He followed Bitsquare from the very first days on and is a great advisor for discussing things beyond code and day to day work. He demonstrated great support in the days when the project nearly fell apart after the failed crowndfunding campaign in February.

Thomas Bocek is the author of TomP2P, the P2P network library which serves as backbone of Bitsquare. He teaches distributed and Peer-to-Peer Systems at the University of Zurich. We are happy that we were able to get the best candidate to help us make the P2P network stable and safe for real life usage with the heavy burden of financial transactions.


Killer apps

Regardless of what you think or whatever you got presented by the media regarding the Greek crisis, I think many of you will agree, that our current political system is in need for a drastic improvement to say the least.
Depending on the interpretation of the severity of the problem one might come to the conclusion that our political, economic and financial system is just too broken to get fixed.

“To change something, build a new model that makes the existing model obsolete” – Buckminster Fuller

History has repeatedly demonstrated that new technologies are able to catalyze truly disruptive transformations that could never have been achieved through political efforts. Consider for instance the groundbreaking technological and social changes that the Internet has brought about all over the world.
The rise of Bitcoin and Blockchain technologies in general embody such a new model capable of moving our world to the next level while rendering the old paradigm obsolete.

The prospect of technologically induced change should not let us forget the warning awareness that technology is never neutral. We have to distinguish the elements rendering freedom, fairness and prosperity from those amplifying existing power structures.

The Internet of money

Before the Internet the production and distribution of information was much more limited to an elitist circle (journalists, writers, teachers, publishers,…). Only the process of consuming the information was freely accessible for most people (newspaper, radio, TV,…). Today, everyone with access to the Internet is enabled to write, read and distribute information at a global scale with basically no cost.

Other areas where information technology has been adopted are still lacking that kind of liberation. Interacting with money is still highly restricted to the narrow channels the gatekeepers of the financial institutions are willing to provide us. With crypto currencies we get access to the creation, the distribution and the processing of that kind of information which represents value – money.

With the Internet we have seen an explosion of new use cases emitted by the liberation of information: From usenet to mailing lists to web pages to blogs to forums to videos to chat rooms to social networks to peer to peer networks and much more. We can expect that the new space opened by Bitcoin and Blockchain technologies might have the potential to fill up a new universe similar to that opened by the Internet and which is as hard to imagine today as it was for the early birds of the web.

Killer apps

Email – the digital equivalent of postal mail – was not the killer app for the Internet. Nor was it the online version of newspapers or videos. All those who transferred traditional use cases to the Internet did a great job to enrich the ecosystem, but they did not provide the motivating reason to use the Internet for newcomers.
Following the analogy with the Internet it would mean that replacing today’s traditional payment methods (like cash, credit cards, PayPal, banks transfers,…) will unlikely lead to a killer app for Bitcoin. They simply do not add enough value to exceed the mental costs for an actual change of behavior for the majority of people.

More promising use cases are the ones which were simply not possible in the pre-Internet or pre-Bitcoin era: Search engines do not exist outside the web (you can search in a certain application but not at global scope). Social networks represent another example, since there exists no equivalent to it in the non-digital world. Bringing together the power of the crowd in projects like Wikipedia or crowdfunding platforms could likewise not be accomplished without the Internet. I leave it open to the reader to add more.

My definition for a killer app is that it is focussed on a use case that did not exist before being enabled by that new technology. Furthermore it needs to add enough value for the user to exceed the mental costs of trying out new behaviors that might tap into new and uncertain territories. That added value has the power to give that new technology the needed significance for entering the mainstream.

It is not easy to imagine use cases which do not exist yet but which are important enough to gain traction and to evolve over time within the new technological framework.
It is likely that they will arise not from a single center but from a network of emerging technologies, tools and concepts. I would like to try to spot a few building blocks to get a better picture of the fertile ground where killer apps might grow, and perhaps we may – over time – learn how a potential killer app could look like.

Building blocks

With the rise of Bitcoin a much wider audience has been made aware of the power of cryptography. Not only Bitcoin but also other important achievements like PGP/GPG or Web Of Trust are becoming more accepted while they are being used more frequently.
Bitcoin, like many other relevant IT is standing on the shoulders of giants; most prominently the idea of Free and Open Source Software, a concept so fundamental and carrying such an importance that I believe we should add it to our list of crucial ingredients.
One of the most important properties of Bitcoin is censorship resistance – a property that is achieved through the adoption of a distributed network architecture. To avoid single points of failure not only on the technical layer but also in the way how the development is organized is crucial to fulfill that property. Maybe Satoshi’s vanishing was motivated to achieve that. The removal of the need for trusted third parties is another key accomplishment.
The solution to the double spend problem for digital currencies with the byzantine fault tolerant Blockchain technology was Satoshi Nakamoto’s major breakthrough. That is mandatory for a global ledger used for value representation, but we might find new applications in a wider space which do not have that strict requirement. Although DHT (Distributed Hash Table) networks generally lack byzantine fault tolerance they nonetheless represent a powerful and useful tool in combination with other means (like Bitcoin). Bitsquare is a child of such a combination.

The actual situation of privacy and data protection is a huge unsolved problem although many people are still not aware of that. I consider the usage of ubiquitous end-to-end encryption and technology helping to protect against surveillance of meta data like TOR crucial for the society and would not like to miss that in any emerging relevant technology.
This road does not stop at cryptography and software but needs to be extended to the physical network infrastructure (Mesh networks) and to open source hardware (Arduino).
3D printing and Maker Spaces depict other family members of our fertile ecosystem.

I don’t consider Internet of Things (IoT) as a building block for those kind of killer apps I am interested in. In fact, IoT will represent an enormous threat as long as security and privacy issues are not sufficiently addressed and solved.

Let us turn our perspective to a conceptual point of view:

The leap from a digital currency to voting is small and a few projects have already started to develop this space.
A digital currency or money more generally can be defined as a representation of value. Reputation, identity, registries, DNS, property rights or smart contracts are all applications, which can extend the usage of the Blockchain technology beyond the narrow notion of money.

Perhaps Bitcoin itself represents only a transition technology and other transformations of valuable information may evolve to become more important in future. It is not set in stone that a generalized value transfer system like today’s national money system depicts the ultimate solution. If the conversion of different forms of specialized moneys becomes near frictionless, money as we know it might become less relevant.

In addition, prediction markets are able to harvest the wisdom of crowds.
Delegative (or liquid) democracy platforms could serve as a tool empowering people to attain consensus in a much more efficient and fair way than it is accomplished today.

As technology reduces the need for human work we are ceaselessly heading towards a society where there will simply be not enough work for everyone. Work and financial income will have to be uncoupled to liberate humanity from inappropriate and pointless activities thus opening up a space for a currently untapped potential of creativity. An unconditional basic income might become an important enabler of these conditions.

What has that all to do with Greece?

While our world is facing tremendous, unsolved social, ecological and economic problems, it turned out that those whom we have put in charge of solving them, are a persistent unsolved problem by themselves. We use political structures created ages ago but they are not adequate to today’s situation, possibilities and challenges.

We have seen incredible progress in the scientific and technological world, but we seem to be stuck in the fields of politics and the way how our society is organized. We need new approaches to solve global threats never seen in history.

While we already hold some promising puzzle parts in our hands, most of them are still rather randomly distributed and lack important interconnections necessary for developing it’s full potential and sparking network effects. If we manage to combine them to create a fertile ground for growing and inspiring each other, we might be able to set new pillars for a new society – replacements for obsolete paradigms.

From some of the above (incomplete) list of technologies, tools and concepts we might see new applications changing fundamentally the reality we live in.

Those are the killer apps I am interested in – they might help us to not get killed by ourselves.