A very interesting thread surfaced on Twitter:
Wtf?? Apparently you are not allowed to do what you want with your bitcoin once you own the keys. Fortunately that's not how Bitcoin works, but the level of chain analysis here is alarming. What is a correct response?
@MartyBent
@matt_odell
@vandrewattycpa
https://twitter.com/RonaldMcHodled/status/1222172084610027523?s=20He later added a few detail
For the record, I'm not trying to evade anything by mixing and sending elsewhere to sell...long term cold storage only. Also nothing in their T&Cs about mixing post withdraw. Wondering if anyone else who isn't breaking any rules has received a message like this.
https://twitter.com/RonaldMcHodled/status/1222172088170975233?s=20Apparently, the user withdrew his Bitcoins from the exchanges and, after several hops, put some of those bitcoins in his wallets (wasabi, one of the best privacy oriented wallets). The exchange then contacted him waring of imaginary Term of Service violations and threatening further actions.
The user was not intimidated and exposed this to the community.
This triggered @giacomozucco amongst the others:
If your exchange spies on you AFTER withdrawal & AGAINST its own ToS:
1) immediately take out all your remaining funds,
2) tell them to delete your account & to go back to fiat money, where they belong,
3) expose them on social media,
4) don't use anymore, ever.
https://twitter.com/giacomozucco/status/1222300652795256832?s=205) if you know a very friendly lawyer who will help you for a beer, have them sent a C&D letter & file report against them to any competent privacy authority (this is an optional step: using the Government to try & solve problems is almost always a waste of time & money).
https://twitter.com/giacomozucco/status/1222301584396255233?s=20It might be considered a media stunt for the conference he is speaking at next month (
www.unconfiscatable.com in Vegas, end of February), but if I know him well, he is sincerely triggered by this.
The point is: do not use services like Paxos (or Coinbase, as far as we know) who spy their users with arbitrary and sub-optimal heuristic techniques to track their coins, banning them for having used standard privacy practices to protect their own anonymity set.
Of course they are doing this tracking effort for a very valid reason: doing chain analysis, using very weak heuristic logic driven analysis, by the way, something would never hold in a trial, their aim is to trade their ability to do business wit the privacy of their own users, selling those data to government agencies, who are by definition very much interested in those kind of data.
Coinjoin is a Bitcoin best practice. Modern wallets allow users not only to create transactions with many outputs sent to many different users (something usually referred to as batching, think of a transaction exiting from an exchange sending coins to many users) but also creating transactions with many inputs from many users (a technique called Coinjoin) This is one of the most secure and efficient use to use Bitcoin, further weakening the link between inputs and outputs.
Users should do Coinjoin in every transaction to maximise the fungibility of their UTXO (of their "Bitcoins").