Topic: [Review] Robosats Bitcoin Lightning on-/off-ramp (no KYC, P2P, Tor) (Read 691 times)

Update: Robosats is soon to be decentralized: https://github.com/RoboSats/robosats/blob/main/federation.md

There will be a federated client app released, where users can search for coordinators, and select the most reputable. In return, completing users' trades successfully will increase your revenue as coordinator, so you're incentivized to be as responsible and fair as possible. Coordinators must be technically competent with bitcoin, lightning, robosats, and be informed with the corresponded regulations in their country.

The thing I personally dislike is that coordinators take custody of your coins, until the trade is finished, in comparison with Bisq where everything settles without sacrificing self-custody. The difference with Bisq, is that this isn't a DAO, and so, the trade cost won't be fixed, but it will drop as new competitive coordinators enter the market.

Experimental software in here: http://robotestagw3dcxmd66r4rgksb4nmmr43fh77bzn2ia2eucduyeafnyd.onion

You are forgetting about the bitcoin being traded itself. Generally (for fiat/btc trades) both parties put in a security deposit (and trading fees), and the party selling the bitcoin puts that in the escrow address as well. Should the seller not receive payment from the buyer, then the escrowed amount includes the full amount of bitcoin which was going to be sold, plus two sets of security deposits, so enough to refund the seller everything they put up plus pay for their inconvenience. And if it is the buyer who does not receive payment from seller, then again, the escrow contains all the bitcoin which were to be sold, so can fully reimburse the buyer plus use the security deposits to cover the inconvenience.

Yes, the Bisq DAO. That's the term I was missing and couldn't remember, so I just called it a pool.

But the escrowed funds and security deposits aren't going to be enough to reimburse the affected party entirely because the traders aren't locking in an amount in a 1/1 ratio. A much smaller amount is generally used for the security deposit. So the funds you receive as compensation has to originate partly from the security deposit and partly from the trading fees that Bisq collects from all of its users, right?

The arbitrator is reimbursed from the Bisq DAO, generally using the funds which the two involved parties previously locked in escrow.

The escrow is indeed 2-of-2 as you say, but as part of it being set up, both parties sign a time locked transaction which sends all the coins in the escrow (so both users' deposits) to the Bisq DAO address, time locked to 20 days after when the escrow is created. If the parties cannot reach an agreement within 20 days with the help of a mediator +/- arbitrator, then the transaction is broadcast and the funds in escrow are sent to the Bisq DAO. The arbitrator will later request reimbursement from the DAO depending on the final outcome of their arbitration.

This was posted a long time ago, so my apologies that I am quoting and replying to it now. I read a bit more about Bisq the other week after there was some talk about the service elsewhere on the forum. Bisq uses 2/2 multisig for traded funds. It used to be 2/3 in the past where a mediator had one key as well. Apparently, there was too big of a risk for collusion between one party and the mediator, so they changed the system to 2/2 multisig. Mediators can't resolve disputes any longer in the sense that they can decide who is right and should get the money (they possess no keys). They can only suggest the outcomes and explain their reasoning to the trading partners. The two parties can then agree or disagree with the mediator's decision.

If one side disagrees, an arbitrator can be contacted to step in. If the arbitrator decides that one party got financially damaged from the trade, they pay the damages personally. The arbitrator then gets reimbursement from Bisq's pool in some other way. 

The default mining fees are quite high precisely so that the first confirmation is quick. But if the mempools are empty and you don't mind waiting some more, the fees can be lowered from the settings page. And it's not really recommended to be a market taker on Bisq since the trading fee is almost 1%. Makers pay much less. 

Oh yes, you're right. That's not insignificant. I didn't pay much attention to the % I pay in fees, also because I usually use BSQ and I'm usually maker, so it's not that expensive.

Interesting; that has moved forward, apparently it is planned only for Bisq 2, though.
This should be the latest thread / discussion about it: https://github.com/bisq-network/proposals/issues/373

Last message in May, hopefully it will be implemented!

If only it was the mining fees alone: https://bisq.wiki/Trading_fees

Then you have the mining fees (which aren't cheap nowadays, especially for 4 multi-sig transactions). Taker pays most here as well. Then, due to lack of instantaneous settlement, there are the premium costs.

Robosats doesn't charge anything due to lightning. Bisq should consider adding that option; in fact they do consider.

That's exactly how I understood it, too! Should be accurate.

I'm pretty sure that it's free. In Bisq you just pay mining fees and almost nothing for the service (at least if you pay in BSQ tokens). The mining fees aren't that cheap (a couple bucks usually) since it's multisig and it sets a relatively high fee to get confirmed quickly. This is nonexistent in Robosats, of course due to Lightning. HODL invoices and the escrow platform, replace the multisig setup, basically.

This service rocks.

Essentially, as far as I've understood, it's an escrow; offer maker <-> robosats <-> offer taker.

• Alice makes an offer wherein she sells 0.01 LN-BTC for $160, and waits until someone takes it.
• Bob takes the offer.
• Alice is asked to send some bitcoin (less than 0.01) to Robosats, to ensure she isn't going to cheat. (if she tries to, Robosats won't refund this amount)
• Robosats prepares a HODL invoice, and gives it to Alice.
• Alice pays that amount, and then Robosats asks her to send the 0.01 LN-BTC.
• Robosats prepares again a HODL invoice, and gives it to Alice.
• Once that's paid, Bob is asked to send $160.
• Once Alice receives the $160, she can confirm it, and have the money sent to Bob.

I haven't checked how disputes work. The cons are two: centralized platform (can be shut down anytime), and page about safety is empty.

It's cheaper than Bisq. Not sure but I think I just settled a trade free of charge. And of course: Lightning!

Make simple youtube search with term giftcard scam and you will see what I am talking about.
Here is one example video explaining how Visa gift card scam work:
https://www.youtube.com/watch?v=_7tljKx2iyg

I didn't try it yet, however I applied for beta testing and I hope to receive the card, but it was only available for United States as physical cards, virtual cards should work worldwide.
There is unofficial CoinDebit topic topic I created few months ago, so do your own research and don't trust anything I wrote.
I am not vouching for anything

You can still make P2P trade, meet with someone face to face and you exchange Bitcoin for cash, this way no bank is involved.

Oh yes, I mean it's not on them, but hold invoices (sometimes called HODL invoices) are part of Lightning since roughly 2019 - not sure why wallet support of this feature is so bad. It's pretty exciting and useful for use-cases like here, where you 'lock in' a payment as a commitment / anti-spam mechanism, but the receiver (Robosats) simply 'holds' it instead of immediately 'accepting' it, which would actually cause the transfer to happen. This way they can use it at any time, but if you trade normally and there are no issues, it is just declined and the payment shows as 'failed' in your wallet.

Proving bank transfers in a dispute is definitely problematic; but it's inherent to P2P trades - same thing exists in bisq.
In my book, that's not a problem with the P2P trading system, but a problem with the bank. SEPA bank transfer using an IBAN doesn't technically require a name, so I would just use a bank that doesn't add arbitrary rules on top (like requiring me to give strangers my full name).

So you don't like P2P sales because banks are crap? How do you like to sell Bitcoin? Never sell?

The first thing I noticed when I checked the Robosats' website was a flaw: I opened http://robosats6tkf3eva7x2voqso3a5wcorsnw34jveyxfqi2fu7oyheasid.onion/, then in a new tab, I opened https://unsafe.robosats.com/ (which redirected me to the .onion site again). I went back to my first tab, and downloaded the JSON credentials file. This file had a different token than was shown in my browser.
When I reload the page and save the JSON without opening the same site in another tab, the token matches. I would have expected the token to be stored as a browser cookie instead of changing at each reload, but I guess it's a privacy feature.

I like how open they are on "don't trust us, use small amounts"! That's refreshing, and much better than just shouting "we're the safest".

The Wallet Compatibility Table isn't promising. The 2 LN wallets I use vary from "not recommended" to "so-so", and I wouldn't like switching just for this. It's actually the first time I've heard of a "hold invoice", it sounds like a reservation on a creditcard and I had no idea LN can do this.

The thing that worries me most is disputes: "It is useful to send images/screenshots." If you're selling P2P for a bank transfer, it's not possible to have hard evidence, and screenshots can be faked. It gets worse if you buy a gift card that gets cancelled later (for instance because it was bought with a stolen creditcard), used by the seller himself, or you receive dollars from a compromised bank account.

Amazon for instance charges your creditcard (with zero amount) if you pay by gift card, and can block your account if you try to use a gift card without creditcard connected to your account. So if the gift card is stolen, Amazon won't lose money over it. You will.

Within my country, (some) banks check the account name when making a transaction, and it will for sure show up on your bank statements. That's one reason why I don't like P2P Bitcoin sales.

I've always assumed anonymous prepaid cards are mostly scams using other people's stolen information, as I didn't think any business would get a license to issue these cards without collecting KYC. Have you tried CoinDebit personally and can vouch for it? Does it have a forum thread or similar public discussion with decent reviews anywhere? I'd be very interested in acquiring some anonymous prepaid cards so I can spend bitcoin in businesses which don't accept it directly without sacrificing privacy and risking identity theft via KYC.

Yeah, I'm always wary of using gift cards online for this reason. At least if you do it in person then you don't have an account to ban. Partly why as I said above I'd always stick to a reputable seller for gift cards and never trade them peer to peer unless I trust the other party already.

That's a pretty good point... This feature should only be used for businesses that allow you to have an account where you redeem the gift card and get credited a balance. That way you can both verify that it's the balance which has been specified for the trade and there is no way to redeem it a second time. I'm not sure how many restaurants have that, though; probably only chain restaurants.

Good point; this whole deal about anonymous / KYC-free debit cards is still new to me. I hope it's here to stay and more businesses will pop up that offer the same, as well. I've got to try it myself, though.

I wasn't aware about this risk of stolen gift cards and that freezing gift cards was a thing; thanks for bringing it up. I'm sure it is helpful information for others reading this thread.

I still prefer using cash instead of anything else, but second best thing would be anonymous prepaid cards like CoinDebit.
Last reports from them is that so many people are using this cards, volume increased and they can't handle all the traffic.

I am not fan of using gift cards, they can be limited to one specific shop and you could always end up with stolen gift cards that could permanently block your account in that shop.
Maybe this is not such a big problem as banning your bank or exchange account, but it's still problematic and there is no way to check if some gift card is stolen or not.

The only issue with this is that it is very easy for a scammer to take advantage of using gift cards. If the store or restaurant they are accepting the gift card for doesn't offer some kind of online tool to check the balance, then the receiver has no way of verifying the balance of the gift card without physically going to the merchant. And of course, even if the receiver does confirm the balance on the gift card, the other party can still spend the balance in the meantime.

There are plenty of reputable gift card sellers such as Bitrefill or CoinsBee which you can still buy from anonymously. I would favor those over peer to peer via giftcards, unless it was with a trading partner you have already developed a level of trust with.

Little 'bump' to this topic. I recently did my first (Instant-)SEPA transaction on Robosats and it went pretty quickly and smoothly again.
It took roughly 2 hours for someone to accept my +5% offer; I would recommend to choose a percentage above market that is on the low side in the current offer book to get a trade partner quickly.
It's really not bad getting a few more percentage points and still a quick trading partner; easily enough to offset costs for sending on-chain funds to a Lightning wallet, for example.

Just let it sit while working; whenever someone takes the offer the web application rings to notify you.

The downside of SEPA payments is that the trading partner will know your IBAN; however you don't have to disclose your name (if the bank's UI requires it, tell them to input anything at random) - IBANs are unique and completely sufficient to make the money reach the right bank account.

---

One idea that sprung to mind for people who actually need a form of fiat to feed themselves, but have to stay as anonymous as humanly possible and can't reveal anything (like an IBAN) to a trading partner to minimize risk.
They could use the 'free text field' payment method to choose a local restaurant chain's gift card as payment method. Some grocery stores even have gift cards. This would allow oppressed and prosecuted people who often have the highest privacy requirements, to feed themselves through Bitcoin.

I know, gift cards suck, but somehow it's currently the most private way to hold / use fiat money.. Probably the reason why they are so popular with online scammers, too.

I agree with o_e_l_e_o and would also like to refer dkbit98 to the various discussion threads we have on this topic..

WasabiWallet.io | Open-source, non-custodial Bitcoin Wallet for desktop
The default Wasabi Wallet coordinator will start censoring "illegal" UTXOs
Wasabi blacklisting update - open letter / 24 questions discussion thread

I've mostly followed all of them, and nowhere found a good argument to continue using Wasabi, but I also don't think I've read anything from dkbit98 over there, so if I didn't just miss your posts, feel free to add your opinions somewhere in there; always glad to hear what you're saying!

There is a huge difference between blockchain analysis firms blanket surveilling every address and transaction which exists, trying to gain whatever information they can from it, and your own wallet actively paying a blockchain analysis firm to spend extra resources to look specifically at your addresses and your coins and asking them to obtain very specific information about the so called "risk" your coins pose. I would liken it to the difference between Google trying to passively track everything everyone does online, and actively using Google search while logged in to a Google account, knowing they will be tracking you very closely and very specifically.

Given that we have access to a perfectly good (or even better) coinjoin implementation which doesn't do this, I see no reason whatsoever to ever use Wasabi.

You are going to get your addresses and transactions scaned by some blockchain analytics company even if you don't use any third party tools and wallets.
Coinjoin is not strictly connected with Wasabi, and anyone can fork and tweak their tech because it's open source.
Even using coins directly with Wasabi ( I don't suggest doing that) you are not going to lose your coins just denied mixing with their main coordinator.
I don't agree with some Wasabi decisions but I am not going to turn myself into witch hunter trying to burned them on stick for this.

Who can gurantee that someone is not tracking everything you do on Robosats and Lightning?
Just sayin.