New California law limits cash to crypto at ATM machines at $1000 per day per person and also the fees that can be imposed by the machines.

The industry says this will hurt the business, hinting that they’re profiting from the lack of KYC policies

I don’t see any legitimate use from those machines. Who would have a legit need to exchange $15k from cash to crypto at 33% fees???

  • Scrubbles@poptalk.scrubbles.tech
    link
    fedilink
    English
    arrow-up
    27
    ·
    1 year ago

    As someone who tinkered with crypto and understands basic security, I don’t understand why anyone trusts these shady looking atm things. They’ve popped up on the weirdest places and I don’t see why anyone would share their information with them

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      8
      ·
      edit-2
      1 year ago

      I think they’re mostly targeted at people who don’t understand crypto. Localmonero or localbitcoin peer to peer marketplaces are so much better than these ATM contraptions.

      But if you need to buy something with Bitcoin, and you don’t have any on-ramps, the ATM works. It’s right there, it’s immediate, it’s kind of novel.

      But yeah, giving those ATMs any personal information is insane. I can’t see anybody doing that.

      Completely unrelated, I live in an environment where anybody can go up to an ATM and type in a bank account number, and make a deposit. So localmonero just works very efficiently, just find a peer on the site, initiate a trade, go to an ATM make a deposit, have instant delivery of your crypto. Or vice versa.

      So these cryptospecific ATMs are just a function of a specific banking system, cuz in places where you have more friendly ATMs, they’re totally outclassed

  • megopie@beehaw.org
    link
    fedilink
    arrow-up
    19
    ·
    1 year ago

    … I mean, frankly I don’t see many legitimate use cases for crypto anyways. Cash Is kind of a better option in most cases where credit/debit cards would be out of the question.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      16
      ·
      edit-2
      1 year ago

      I think there’s utility for digital cash. Fungible cash online.

      I personally use Monero which is fungible, private, online digital cash. Just yesterday I donated to doctors without borders, I pay for my VPN, I pay for my email hosting, I donate to signal, I donate to graphene OS, I donate to the briar project, I donate to the Tor foundation, I fund software development bounties, I pay for video game hosting, I paid for dropout.tv… all using monero.

      Why? For the same reasons I use cash. I want to have a transaction, I want to be done with it, and I don’t want to have an ongoing relationship. I don’t want third parties to be involved. If I put $5 in the local temples donation bin, or if I donate $5 in crypto, that’s nobody’s business but me and the Buddhists.

      • 🤘🐺🤘@monero.town
        link
        fedilink
        arrow-up
        8
        ·
        1 year ago

        Great description!

        Some people live in countries where some of those things are illegal. Another example of this is banned books. I can pay for entry into a private torrent tracker through a VPN to access books banned in my country.

        If you need 0 connections between the cash in your bank account and what you buy online then you need something like Monero.

      • megopie@beehaw.org
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        But you could do that with just about any digital payment system. Crypto doesn’t have anything to do with that. Hell, if you want it to be anonymous use a pre paid gift card you buy with cash.

        That’s actually anonymous rather than pseudonymous.

        • jarfil@beehaw.org
          link
          fedilink
          arrow-up
          4
          ·
          edit-2
          1 year ago

          Monero is fully anonymous, not just pseudonymous.

          Cash-redeemable prepaid cards you buy for cash, are not available everywhere, or may require you to go through the equivalent of a KYC, and/or may have a monthly fee, and/or abusive transaction fees, and/or ridiculous monthly recharge/spending limits… on top of getting recorded on camera while buying them.

          At least where I live, I’ve found no anonymous prepaid cash cards, but if I get my credit card and buy some Monero in my name, then send it to another account, nobody can link it back to me ever again.

          • megopie@beehaw.org
            link
            fedilink
            arrow-up
            5
            ·
            1 year ago

            If it is a block chain, that records transactions to specific wallets, then those wallets can be linked to an individual.

            • jet@hackertalks.com
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              1 year ago

              Monero works hard to make sure that wallet contents and transactions are private.

              https://www.getmonero.org/get-started/what-is-monero/

              The sender, receiver, and amount of every single transaction are hidden through the use of three important technologies: Stealth Addresses, Ring Signatures, and RingCT.

              Because every transaction is private, Monero cannot be traced. This makes it a true, fungible currency. Merchants and individuals accepting Monero do not need to worry about blacklisted or tainted coins.

              • megopie@beehaw.org
                link
                fedilink
                arrow-up
                2
                ·
                1 year ago

                Can the block chain of the system be viewed by anyone? Is the wallet ID listed on the blocks?

                It doesn’t matter how many fancy protocols are thrown up. If the history of the block chain is viewable and verifiable, then the history of transactions can be tracked to a wallet. Thus it is not truly anonymous.

                • jet@hackertalks.com
                  link
                  fedilink
                  English
                  arrow-up
                  4
                  ·
                  edit-2
                  1 year ago

                  Yes, no.

                  The IRS currently has a $600,000 Bounty for anyone who can deanonymize monero transactions.

                  That money is yours, just show us the way.

                  The wiki explains it better than I ever could, even have animations wiki

                  The transaction outputs, or notes, of users sending Monero are obfuscated through ring signatures, which groups a sender’s outputs with other decoy outputs.[12] Encryption of transaction amounts began in 2017 with the implementation of ring confidential transactions (RingCTs).[6][13] Developers also implemented a zero-knowledge proof method, “Bulletproofs”, which guarantee a transaction occurred without revealing its value.[14]

            • jarfil@beehaw.org
              link
              fedilink
              arrow-up
              2
              ·
              edit-2
              1 year ago

              records transactions to specific wallets

              First, that’s not how crypto blockchains work. A “wallet” holds the private key to a bunch of possible addresses (2128 for Bitcoin, or something around that, arguably up to 2160, or technically infinity, depending how you look at it), there is no way to know whether two addresses belong to the same “wallet” until they get spent (transactions signed by the same key), and transactions get recorded between specific addresses, not wallets.

              In an ideal world, people would never use the same address twice, always creating a new one… but people gonna people, so they started reusing addresses, publishing them along their personal data and photos on the web, shoving all that data into the hands of exchanges, and stuff like that. Bye-bye anonymity, hello traceable pseudonymity.

              Still, fungibility means an address can receive coins from multiple others, then send them on without marking where each came from, so the more times coins get fused and split across more addresses and transactions, the harder it is to prove a given amount came from a given address some transactions away.


              Monero takes that a few steps farther, and forces every user to use crypto as it was originally intended:

              • all on-chain addresses are single-use only, they can’t be reused neither for receiving nor sending
              • every time someone sends coins, they get some single-use address/es (where they received some coins) and sign it with their own key, plus 15 “decoy keys” picked from among other ones on the chain, then sends that as a new transaction
              • the amount being sent is encrypted, so only the sender and receiver can see it
              • some mathematical magic goes on to avoid spending from already spent addresses, and prove to everyone that the transaction is “more than 0” without revealing by how much more

              Meaning:

              • Only the wallet owner can track which addresses their wallet used
              • Someone tracking transactions, has to choose between several (16) possible source wallets for every address spent in a transaction, only one of them being the real one, and can’t know how much has been transferred to some target addresses, or whose wallet they belong to

              You can check that here:

              https://localmonero.co/blocks/

              Pick any block, any transaction, try figuring out who had control over the coins before the transaction, what is the target’s balance, or even how much got sent to where.

              If a single address gets de-anonymized:

              • the incoming transaction says nothing about how much was sent to it, and casts serious doubt about which wallets were the real ones that actually authorized it
              • if there is an outgoing transaction, an attacker can only know whether the address got spent or not, they can’t know whether, or which one of the other transactions on the blockchain used it as the real source, or as one of its 15 decoys

              If a whole wallet gets captured and de-anonymized:

              • an attacker can see all its associated addresses, with all the associated transactions, and how much was sent in each one, but still can’t be sure where exactly did the funds come from (the uncertainty increases 16-fold with each transactions)
              • a separate key is used for outgoing transactions, but it only allows seeing how much was spent vs. sent back to an address controlled by the wallet