Secure & Secret: Advancing Bitcoin Privacy as the Default | Bitcoin 2026

All right, everyone. Welcome. Thanks for joining us. I'm Satsy. I work on the Bitcoin Dev project and today we're going to be talking about the level of privacy that Bitcoin users currently have in the tools that they use and if it's good or not and like how to make it better. So, if I could please have my panelists uh introduce themselves starting with Seth. >> Yeah, for sure. So, I'm Seth for privacy, chief operating officer of Cakewallet. Uh we're building Bitcoin privacy tools uh all the time. silent payments, pay join integrated, bitcoin lightning as well. Been researching this stuff as well for a really long time. But yeah, excited. >> Yeah, I'm Fabian. Uh I'm open source developer. I'm funded by Brink. Um and I work on uh Bitcoin core uh a lot of my time, but I also spend research in uh privacy related topics and particular Caesar crossput signature aggregation. >> And I'm space bear. I work on page join transaction batching protocol and uh with the pagein foundation. Awesome. Okay. So, let's start with I want to ask you what is the current state of privacy for your average Bitcoin user? What do we get for default and what do we not get by default? >> I I think the unfortunate thing is it's normally quite poor for the average Bitcoin user. Uh I think thankfully the idea that like we have anonymity in Bitcoin and it's a it's a useful privacy tool by default is gone. We all understand that's not true anymore pretty much. Uh but usually at best users just have fragile pseudonymity where if they're buying their coins, no KYC, their identity isn't attached to the things they do on Bitcoin. Most users are buying their their Bitcoin on Coinbase, Kraken, you name it. And so their ID is connected to their onchain activity and then they're not using any privacy tools. So that exchange and anyone who hacks that exchange then knows everything that they do on Bitcoin from that point forward. Uh which is yeah, not good. >> Yeah. The I think the most positive thing I can say is that the privacy of a sender in lightning is okayish at least if you're not like assuming you don't use a custodial solution to use lightning. Um but uh otherwise yeah there's like a ton of pitfalls even like just for the for the self server and people like um requires education requires usually using tools that are more power user oriented to actually get it right. Um and so yeah, like going towards the default uh for privacy, that seems like the the long way to go. >> Yeah, I would agree. I mean, it's like the tools are out there. It's possible to use Bitcoin privately if you're motivated and you put in a lot of thought and effort, but I'd say the default situation is pretty bad. >> Uh well, there's there's some good though. Seth, you work on Cake Wallet and it's really a wallet that's at the forefront of integrating some privacy technologies. What does cake support right now and are there any technologies that you're really excited about integrating in the future? >> Yeah, I mean right now our our primary focus has been how do we bring like actually practically usable uh privacy to onchain Bitcoin is the primary focus. Lightning is a whole another can of worms as Fabian mentioned, but onchain that looks like silent payments which is basically an a reusable stealth address. You can give out the same address. It looks longer than a Bitcoin address normally would and anyone who pays you actually creates the address for you that you're going to receive funds to. On chain, it just looks like a regular Bitcoin payment to a tap routt address. Nothing special. No one can know it's to a silent payment address, much less to a specific silent payment address. Uh so that was one we launched that a couple years ago now. That was quite a while back. Um and then Payjoin B2, which we worked really closely with the Pay Join Foundation. They've done fantastic work, which is where you you actually work with the person you're paying. you both contribute inputs and it helps to to hide the sender or the receiver and the amount in that transaction at least obuscate them. So that's been our focus. Uh there is clear demand for privacy tools in Bitcoin. Like everyone wants financial privacy but for way too long it's felt like even if you want financial privacy actually achieving it on Bitcoin is just not practical and trying to change that. >> Nice. And you mentioned Payjoin V2. I want to ask you space bear um like what's the state of adoption for payjoin v2 and has this recent wave of vibe coding kind of impacted how you guys approach integrations? Yeah. So the current state we have two mobile wallets that actively uh implement page one. There's cake wallet and there's bull bitcoin mobile. Um and we shipped those early last year and then kind of used that to inform what we need to do with the API to like make it easier, cleaner for like actually facilitating more integrations. Um, and now there's quite a few integrations that are in flight and just like in the home stretch to actually um go live. But yeah, to your to your vibe cording point, I think it's immensely helpful for, for example, you're working in a foreign codebase, it takes a very long time traditionally to like go in and understand how everything works and how everything links. Uh, with LLM, that can be done in like 30 minutes. You have a pretty good idea of how the code maps. So, it's definitely helpful in that aspect. Um, it's also useful for like we have all these language bindings for different uh languages that we need to target. So having an LLM port test over between languages, it's very good at that. Um, we're not yet at the stage where you can just say implement page join in my wallet, make no mistakes, and like not have to worry about it. But that's definitely I think the the goal and I think the um we it really paid off that we have the PDK model where all the internal logic and like privacy and security stuff is handled in a well-reviewed audited library and then the LLM or some dev can just like implement that. Um I think that's really going to pay off in the age of AI. >> Nice. Uh, Fabian, you mostly spend your time on crossinput signature aggregation, also known as CISA, and you were recently on plan B's cipher tank, where a proposal was made for something called PISA, which is Payjoin plus CISA. Um, can you describe how that would work and how that would impact privacy by default specifically around like the user experience? >> Yeah. Um, so specifically the user experience shouldn't change at all. It should just cleanly integrate. Like that's really like the the the goal of of of the default, right? Like the users ideally shouldn't even notice that their their experience becomes more private. Like it should be as simple as possible um while also being private. So um this uh pizza project is basically the the joining of Caesar plus Payjoin. So um this was not just my own pitch but also uh Dan from Patreon Foundation uh was there together with me um and basically the idea is that we really do uh a proof of concept implementation end to end that uh uses Caesar together with Payjoin to make privacy preserving transactions that are also a lot cheaper than using Bitcoin in in the normal way and creating just um standard transactions. So uh maybe just to to to kind of recap that briefly, Caesar allows you to um aggregate signatures uh within one transaction. Um and that means that if you have a transaction that is larger that has uh a lot of inputs like for example a payin transaction would typically be um then you can save a lot of space and space on the blockchain also means that you that you save a lot of fees. Um and uh yeah, this way you can have more privacy um while saving money at the same time. Um and so this this this effort is ongoing. Um basically um one one downside of of Caesar it's a it's a soft work first of all that has that has to be done. Um and also it requires interactivity uh between the participants. So I mean the software like getting getting that uh done is is a more long-term project but I mean we want to have the proof of concept to actually give the software a chance of of of coming in the future. Um and so since payjoin itself is an interactive protocol. Um that is thankfully that is hopefully the thing that we will achieve to show is that the Caesar interactivity can basically be done together with a page on interactivity and that way uh what you asked initially like the the experience will be exactly the same for the users. >> Yeah. Yeah. That's awesome to hear. Um, so Bitcoin privacy can feel like an arms race at times where you're really trying to get ahead of whatever chain analysis has, you know, recently come out with. And um Space Bear touched on how LLMs are helping privacy developers, but I do wonder like if that same technology has allowed for more advancements in the people that are like actively working to dean anonymize Bitcoin users and like do any of you have insight into like how that works or what the status is? >> I would actually like push back a little bit on what you said. Like to me it doesn't really feel like an arms race because we don't even know what they come out with. like we we have no insight into what they are developing and like what what what their their uh secret source is. Um and so that that what that's what makes it really hard to to actually um even just engage with the problem. Um we saw in in in these like um privacy related um uh legal affairs that that that just happened recently that um ch analysis or or related companies were being used for for um uh data and like they they basically just presented results um and those were kind of taken for granted. Um and so it's it's almost impossible to challenge that when when when the court uh believes that that this is correct. um but you don't actually know what's going on and they they um use their um uh intellectual property as as protection to to actually disclose what what the algorithms are are like. Um and so I think that's something very interesting that we've seen um a tool that uh is called Takar which is basically like an open- source uh chain analysis software. Um there's probably other projects that that are going in the same direction. um that like it seems on the surface like something that uh we we don't want like we don't want chain analysis to be to be out there for everyone to use but actually we do want it because we want to know what the huristics are and how reliable like you can try to exploit them in order then for from our side to break them again. Yeah, I I think something to add on to that too, like the the lack of visibility we have into how chain analysis, etc. actually work is especially terrifying with AI because one thing that if you've done a lot of work with AI or used it a lot, like something that it's exceptionally gifted at is is bullshitting you. Like AI is fantastically talented at making you think that what it's telling you is what you want to hear. It really just wants to hear you say, "That's what I wanted." And when you're talking about your your little vibe coded project, like that's a it's a problem, but that's not putting someone's life in danger. When we're talking, will this guy go to jail or not for having done this crime, and the only link we have is maybe some onchain activity, and they go, "Hey, chat GPT, here's our data. Tell me if this guy was the criminal." And they can just show the output and not show how they got the result. We we're talking people could literally go to jail because an AI is bullshitting the operators at chain analysis. And that that is the terrifying part to me is like whether or not they're using it necessarily to to actually additional build additional heristics or anything like that is kind of an aside because the fact that they are I mean I'm sure they're using it like everyone is using AI at this point in some way. Uh but the fact that they they can use those findings in court and not have to show their their sources, show how they get there is uh yeah, that's a worrying piece that that needs to be pushed back on and we need to be talking about it a lot and yelling at people a lot about it because that that has to change. >> Yeah. the uh I mean the hard thing is we kind of tend to assume that like uh these companies have super advanced onchain capabilities and that that's what they rely on but in truth like they have a lot of other tools that they rely on like they just have KYC exchanges basically tell them exactly like how many coins you like your full name and your address and all that. So we don't actually know if they use the chain if they consider like privacy technologies like uh page join so much in their onchain analysis. Um, but that being said, I think it's still useful for us to build like open source analysis tools so we can actually have an idea of like does page one work like can we measure the privacy gains of um any of these technologies and that's a place where I think LLMs can be very useful because uh one example is wallet fingerprinting there there has been some work in the past on wallet fingerprints and it's it was kind of like manual where you go and you compare all these wallets and you compare the code and that was just kind of like six years ago. No one's really done more research on that. >> I think with LLMs, I see a world where you could have like a wallet fingerprints dashboard. And because all these wallets are open source, you could have LLM just like constantly scouring for specific fingerprints and then kind of like naming and shaming. Um, it is a hard problem because some wallet fingerprints are not necessarily bugs. Like there are some features you might want to offer that just in inherently leave a fingerprint, but it's at least like a step forward that we could take and and start actually measuring. >> Yeah. Yeah, for sure. I did see that Payjoin recently came out with um some analysis on those fingerprints and it's it's very helpful to see. Um, Fabian, I just want to follow up with you on DAR. Is it unusual that that's an open source chain analysis tool? That's I guess what that's that's not normal. Okay. >> Well, I think um there were some like visualization stuff OXT project or so I think in the past um but that shut down and I think it's something that is like aside from it like on the surface level doesn't look like something that we would want to have. It's also kind of um yeah like the open source developers are time constrainted anyway like we we have we're lacking resources left and right um and so motivating yourself for doing something that is kind of like an adversarial software project basically um is is maybe something also that where people had a hard time to motivate themselves to to do it and of course then um becoming much more productive uh through AI um I think can help to get over the hurdle to actually like have people like consider doing such a project and and working on it and and maintaining it also over a long period of time um which which apparently wasn't the case so far. Yeah. >> Yeah. Oh, that's interesting. Okay. Um I really want to dive into this next question. Are there any other projects that really excite you about the future of Bitcoin privacy? Um whether projects that are, you know, just starting or are are pretty close to implementation. And then, you know, if you'd like to touch on it, conversely, is there anything that you were excited about and upon further investigation, you were less enthused? >> Uh, I I'll jump into the second one first, honestly, because it kind of answers both questions where we've had this this renaissance lately in new layer 2s on Bitcoin, specifically ARC and Spark both had a lot of promise in terms of privacy. uh arc when it was first the idea was first announced by Barack uh three years ago now he actually introduced it as a scaling and privacy tool like the goal was that it would solve for both at the same time that it would be an extremely useful tool for privacy in reality we didn't get that we we did get the scaling side we did get some of the functionality for payments uh but ARC doesn't provide any user privacy right now essentially the the ARC operator knows everything about your transactions and can choose whether or not they publish that we'll see what they choose to Spark very similarly uh we had a state chain solution called Mercury layer over the years. They were a blinded state chain solution. So they couldn't see anything about the transactions that they signed. Uh but they could know that they were legitimate transactions. They could sign them but they didn't have to actually know anything about the users within the state chain which was great. Spark is built on very similar state chain technology. Could do blind signing. And as someone who implements Spark and uses it and recommends it, it's still very frustrating to me that they don't have blind signing today and that they do then know the data about what their users do on chain. Now obviously they don't have any connection to KYC. They're not an on-ramp or anything. So they don't know who you are necessarily, but they have visibility into into your transactions. So I think both like they they showed a lot of promise and they still could become very good privacy tools. Both have a very clear path to becoming very good privacy tools, but we'll see if that actually pans out. Yeah. >> Yeah. Um I'm pretty excited about shieldless CSV. Um there was already a session on it uh yesterday. Um so if you want the full details, I think that I would recommend to watch that. Um but in in in very brief uh summary, it's basically a way to offchain um accumulate the uh transfers of uh transactions um and then basically put what's called a nullifier on chain. Um so the idea is that um instead of everyone validating um the the chain of transactions um only the person that receives the transaction would validate uh what the history of the coin is basically that they've received um and they would check on the chain just is correctly tested for with with a nullifier. Um but but otherwise this is just something that is between the sender and the receiver. Um and that is obviously a lot more private than having the full transaction history um the full graph on the chain. Um and so this is a topic that is being worked on quite actively. Um but uh yeah I can't really say when when exactly it will be ready because I'm not I'm not part of that project. Um but yeah it's a very exciting concept and I think has a very high potential of pushing uh the boundaries of um making privacy much more attainable for for the average user. Yeah, shielded CSV is really cool because it's basically you can bridge Bitcoin into Zcash level privacy but with better scaling. >> It's still conceptual like you mentioned. It's not actually something you can use today, but it is very promising in terms of what privacy can be achieved but with really good scaling at the same time. I think at the end of the day like if we want to make Bitcoin privacy the default I think it's more a UX challenge than like which specific technology it's going to end up being because like already if a user has to choose between ARC or eCash or shielded CSV or lightning then it's like we're not talking about the default experience they should be able to like go into the wallet start receiving and paying in a way that's private they don't need to know about address reuse they don't need to to know about UTXO management. Um, so yeah, I think it's just a it's a UX challenge and um, it's a lot of work ahead of us. Yeah. >> Yeah. I kind of do want to dig into that like there's only so much that you can do from a technical perspective and there is a lot of friction. Do you do you think part of the UX challenge is because people need to be knowledgeable about what they're doing or is is there is there something we can do where it's just like you actually don't need to know that much and and you get a lot of privacy? >> Yeah, I think it's I mean one example in like the internet is you have you had HTTP or not private at all and HTTPS came out and everyone uses HTTPS. Can the average person explain the difference? Probably not. They don't know why. they don't probably don't even know they are using HTTPS but it's just like a default thing that everyone now uses and browsers actually kind of like uh enforce that better that better private experience. So um yeah, I think that's the path is to have like a sort of standards like that whether it's page one or CISA or um any of of these L2 proposals where wallets can come to a standard where it's just like the default path is to use these uh private and cheaper more scalable methods of of transacting. >> Yeah. Yeah, I think the hard part is like you can't just like as a wallet company, we can't just like roll our own privacy solution and call it a day because then we're limiting not only the anonymity set of the privacy tool itself to our users, but also we're not actually really helping Bitcoin become more private because again, I don't want you to have to use Cakewallet to gain privacy. Like would that be good for Cakewallet as a company? Sure. But it wouldn't be good for Bitcoin as a whole or for people's individual freedom because not everyone will be a Cakewallet user. The goal really should be that like you said we we coales around standards something like payjoin. We figure out how to make it really easy to implement which I think has already been done and then wallet devs just do it like actually take the steps to do it. And it it is always tricky because you need the tools to be good enough for you to be able to actually build good UX on top of it. Like lightning for instance, the old way to do self-custodial lightning of running a channel, running a node, uh managing liquidity, there was only so much actual like UX paint you could put on top of that to make it something that people could actually do. But I think like page one is a really good example where it's good enough today. It should be the default in every wallet. It is in Cake wallet and it's more frustrating that other wallets are not pushing as hard on that and they really need to. And that's that's kind of a combined failure. If you're a wallet dev, go implement Payjoin. Like go do it. Like you said, You don't need forks today. >> Yeah, you don't need a soft fork. You don't need any change to Bitcoin. You can just do it today. Immediately you'll have compatibility with Cake and Bitcoin and others as more come online. But if you're just a user and you don't use something like Cake Wallet that provides these tools, like go talk to the wallet company. Go talk to the devs. Say like, "Hey, there's this really cool privacy tool. I know it works today. I want to see this implemented." And they they can and should do it. But often times companies will just do whatever the demands for their users are. And now that you know about privacy tools like Payjoin, go harass your your your local dev and force them to implement it so that you can actually have good privacy in your favorite wallet as well. >> Oh, that's awesome. I love hearing that. Yes. Uh builders usually listen to their users. So, definitely communicate that. Uh we have a couple minutes to close it out. Do you have any not even Bitcoin specific privacy tips, but it could even be a general privacy tip that our audience can walk away with um from this panel? Throw out your laptop. >> Throw out your laptop. Yeah. Yeah. Burn it. Go live in the woods. >> We'll solve a lot of problems for sure. Yeah. >> Computers were a mistake. >> Yeah. >> Um I think that's there's so many different like appro so many different angles you could take there. I think the simplest one with Bitcoin and the one that you've probably heard about before but have maybe have felt that it's too daunting to do is just stop buying Bitcoin on KYC exchanges. Stop connecting your ID to what you do on Jane. Even if you do nothing, even if you don't use Pay Join, Silent Payments, whatever, but you just get your Bitcoin from Bisque, from Robboats, from Hottlehddle, from any of the plethora now of good peer-to-peer places to get it, you'll have drastically better privacy than the vast majority of Bitcoiners. That's the starting place for a lot of people. It feels a little daunting at first at first, but once you once you actually try it and you you actually buy some, it's it's really straightforward. It's not that complex and it's an absolutely vital first step, I think, for privacy. >> I don't know like don't do what I did and uh be here with your full name. Uh rather use a name >> on a N. >> I don't know. Maybe. >> Yeah. >> Space Bear, you didn't come here with your full name. He got me. >> Yeah, I show my face though. I got to do the shinobi thing. >> I mean like one one one thing that I can add that like maybe maybe share some paranoia like um I've seen that a lot of like podcasts that I get invited to like they try to do like to be on YouTube of course and they try to um of course record your face. Um, and I'm just not a big fan of that because I like I mean I listen to podcasts only in audio. So I don't really see like a and I don't think anybody really wants to look at my face for for an hour while I just talk. Um, so yeah, I usually refuse to to to get that recorded because I think it's just great training data for for AI to generate a face of me that then calls my grandmother um and and tells her that uh she needs to transfer all her bitcoin to somewhere. Um, so yeah, that's that's uh my my um paranoia tip. >> Yeah, the fishing attacks are getting a lot more sophisticated, so stay safe out there. Uh, we're just about at time. Any more final words or >> I think just the the tools are actually getting there. It's time that we actually build around those, that we build good UX, and that people actually achieve the privacy they want. Like this this time of like nobody wants privacy or like I have nothing to hide. It's just it's just simply not reality anymore. So, it's exciting that we're we're kind of in the cyberpunk future and people just need to take advantage of the tools. >> Implement page join and then let Caesar follow. >> Make privacy cheaper than the alternative. That would be my >> my way forward. Yeah. >> Nice. Well, thanks everyone. >> Thank you. Every year this community comes together to celebrate, to debate, to build what comes next. And every year the stage gets bigger. Sound money center stage. So, where do you go to celebrate the next chapter in Bitcoin history? You come home. Nashville, July 2027.