2019 FATF Recommendations
This week the G7 Financial Action Task Force (FATF) announced new virtual currency “recommendations” that lay the groundwork for an extensive new worldwide regulatory regime for cryptocurrency exchanges. Once enacted into law by member countries these laws will require bitcoin exchanges, and even individual traders, to collect invasive KYC/AML information on their clients. They will also require that this information be shared with national regulators and other regulated exchanges. These sorts of rules put every bitcoin trader’s privacy at risk and lay the groundwork for attacking Bitcoin’s role as a fungible permission-less global store of value.
The Bytabit team is building a new way for bitcoin buyers and sellers to exchange bitcoins and preserve their privacy in the face of attacks by groups like the FATF. Our mobile app facilitates the exchange of bitcoin for fiat currencies directly between users. Bytabit never has custodial control over either the national currency or bitcoin traded with our app. Bitcoin is held by a two-of-three multi-signature bitcoin transaction until the national currency is received by the bitcoin seller directly from the buyer via a bank transfer. Each trader controls one key of the multi-signature transaction and Bytabit controls a third key that can only be used if one of the traders requests arbitration. All details about the trade are encrypted locally by the app before a trade is initiated so that this information can only be seen by the traders involved.
Bytabit will not have access to any personally identifying information about the people using our mobile app, or even of their trading activity, unless we are asked to arbitrate a trade. We will only request as much information as is required to fairly arbitrate a trade and decide who should receive the escrowed bitcoin. Data requested for arbitration will be kept confidential and deleted after the arbitrated trade is resolved. For “happy-path” (non-arbitrated) trades, Bytabit will not have access to any information about the amounts traded, the bitcoin escrow transaction, or the related fiat bank transfer; we will not even know if a trade was completed successfully or cooperatively canceled prior to completion. It is in both our users best interest, as well as our own, that Bytabit does not have access to any unnecessary information about trades conducted with our software.
Why “Can’t Be Evil” Matters
There are currently few options for trading bitcoin safely and privately. Major centralized exchanges such as Bitfinex, Coinbase, and Bitstamp require users to provide full identity documentation before they are able to trade. History has shown that custodial exchanges put their clients at significant risk of having their funds, trading history and identity information stolen. Exchanges such as MtGox, Bitfloor, Bitfinex, Bitstamp, Quadriga are only a few examples of the risks inherent to custodial exchanges.
Existing peer-to-peer exchanges reduce some of the risks inherent to fully custodial exchanges but are still problematic. Even LocalBitcoins, one of the oldest ways to trade bitcoin peer-to-peer, has recently chosen to sacrifice their users privacy by requesting KYC information from high volume traders and ending support for in-person trades. The Bytabit team feels this is the wrong direction. Our vision is to create a secure and easy to use peer-to-peer exchange that is both fully non-custodial and maximally privacy preserving.
We subscribe to the guiding principles put forth by Jeremy Welch at Casa, with a special emphasis on the principle that Bytabit “can’t be evil.” It is important to us that customers do not need to trust us to keep their private information secure. We have designed our software and protocols around the idea that the only information visible to us is the public offer information explicitly shared by our users. We have also published the source code of our mobile app software under the Apache 2 open source license. This allows our users to verify that they remain fully in control of their bitcoin and personal information. We also plan to include verifiable end-to-end encryption and Tor network support in our final release so that we as a company can’t collect your identity and trade information, even if compelled to.
The Bytabit team is excited to get our app into the hands of bitcoin traders so we can start getting your feedback. Join our telegram channel and request an invitation to try the internal beta test version of the Bytabit app; you can also let us know what you think of the project, ask questions and make suggestions. If you are a developer, you can clone the Bytabit mobile app project from our source code repository to review and build it yourself.
Please follow us on twitter for future updates about our development progress and share a link to this article to let other people know about what we’re doing.