Privacy coins at scale is a policy issue that will eventually be fixed

If you've been around Bitcoin long enough, you recall that Bitcoin's breakout moment was The Silk Road. Anonymous digital cash with which one can by drugs.

That was back when Bitcoin was well under $100. There was no Microstrategy, BlackRock ETF, Chainalysis or Strategic Bitcoin Reserve. The entire point of Bitcoin was to be an underground currency free of all the trappings of fiat and tradfi. As such, it was small: The marketcap was trying for $1 billion, certainly not trillions. Enough to support a loose network of experimental cypherpunks and drug enjoyers.

Then interest exploded, institutions got involved, and then it was now. Bitcoin spent much of 2025 with around a $2 trillion market cap

There has yet to be serious regulatory backlash. At the existential level, there is little regulators can do; you can't outlaw encryption or blockchains. It helps that the UTXO structure of Bitcoin makes the blockchain a useful tool in law enforcement - this is furthered by the large amount of KYC which crypto users have volunteered themselves for in recent years. Authorities have gone after a few developers recently, but it does not seem to be part of a large scale blowback. There's so much more they could do if they were pressed. Congress and regulatory bodies can regulate corporations; such laws exist in abundance.

But here I'm claiming three things

1) Privacy coins at large scale are against the interest of the USG.

2)The USG can take actions that will decimate the scope of privacy coins.

Therefore, once they get their act together

3) They will.

A corollary is that this recent narrative that somehow Zcash will take over everything is not only crazy, it's an order of magnitude more insane compared to promises of hyperbitcoinization. (Probably no coincidence that the narrative is being pumped by some of the same people.) There's absolutely no way that corporations are going to Saylorize shielded Zcash like it's the new digital gold. The people selling this are scammers.

I'll start with the second point, as I think it's more interesting, less obvious and less fraught with ideological arguments.

As a point of terminology, I'm thinking of privacy coins as a subset of coins that may or not be "private." Shielded coins on Zcash, or mixed/washed/nonKYC coins on Bitcoin.

One effective tool : Maintaining a taint

I expects folks to recoil at the idea of tainted coins, because it's based on breaking fungibility, but if the regulators get fed up they could use this. I think they eventually will.

OFAC currently has a very long list of sanctioned addresses. I have no idea how intelligently constructed this list is, nor how it is updated. As it's trivial to create a transaction spending your bitcoin to yourself but with a different address - to get Bitcoin off this list simply requires one miner to mine such a transaction. It's been convincingly argued that OFAC is basically helpless here (see for example recent discussion BPI paper by Josh Hendrickson and Craig Warmke) : They can supplicate US miners not to process these, but all it takes is one miner, somewhere in the world, to process the transaction, and the transaction is gone and replaced by a new one. There's about 144 blocks mined per day; US miners can't control all of them.

Bitcoin has a UTXO structure, meaning every transaction has at least one parent which it can be traced back through. So if a hacker, (or a paid assassin, pick your least lovable criminal) has a large amount of Bitcoin, we could in theory follow where all that goes forward in time, and attach a taint to it. All this would require from OFAC is software monitoring the blockchain and then adding all descendent transactions to the list. But then what?

Here's a couple easy things. First, legislate that ETFs, DATs, exchanges, or any regulated corporations are forbidden to hold such coins. If these corporations are sent one, they are required to not credit whoever sent the coins, and turn the coins over to the USG (where they are now declared clean, in case they are to be auctioned off, or just held in the SBR.)

Then, to make this much more powerful: extend the taint to the coinbase transactions of blocks that include any tainted transaction. Thus miners who choose to include tainted transactions are tainting all of their rewards. If they want to send their mined Bitcoin to an exchange in the US, they can't. They can send it to an exchange somewhere else, which may or not accept it - if it gets mixed in with their coins, their customers might not want it. If ETFs are a major buyer of bitcoins, by choosing to accept or mine a tainted transaction, you are restricting the future market of that coin to a significantly smaller and actively less liquid subset. Fewer bids and more asks means a lower price when you want to pay your bills.

Exchanges (those overseas) in turn, to stay relevant, will separate the coins. Two markets. Two prices. One for illicit use, the other for ETFs, DATs, would-be Saylors and everyone who's just LARPing about being on Bitcoin standard.

Note that we don't need to forbid people from using these or holding them, that would be hard to enforce and perhaps overly aggressive; just lean on the compliant corporations.

The rollout would take some moderate care, but not too much: After a certain block, say block 1,000,000, there's a list of tainted addresses, and this list is updated continuously. An API provided.

The game theory tracks backwards now. It's clear that a miner situated in the US who may want to sell their block rewards to pay bills won't include transactions that are sanctioned. Other miners have a decision to make: maybe there's a large fee in there. But adding the large fee is an additional cost to using the UTXO - everyone downstream will have to pay a large fee to get their transaction included, making the proceeds less desirable.

Even worse for crooks: If you meet someone in a Walmart parking lot to buy a bike with Bitcoin, even attaching a large fee to the transaction does not mean the transaction will be mined. You may have to sit there with your new Craiglist bestie waiting for hours to get a single confirmation. (Obviously you want to be careful here - next week when he gets busted, authorities will check your Bitcoin address against a list of KYC'd ones and you might have to give the bike back. Despite the fact a coin might be dirty, they still might be able to track it! )

Yes, this creates a hassle for wallets and end users. (This is a wallet and end users problem, not a USG problem.) Wallet providers ping the API as new UTXOs are added (this isn't a hard lift) and flag the tainted ones as tainted. The wallets would also be careful not to mix the tainted with the untainted (In particular, you can't "dust" someone with dirty Bitcoin unless their wallet chooses to mix, the UTXO structure gives these by default separate lineages.)

If the wallet software chooses not to do this, you accept Bitcoin at your own risk.

This would provide a massive disincentive to do things like CoinJoin: It's almost certain someone else in the CoinJoin was dirty, so now you all are. If you really want dirty but un-KYC bitcoin you can have that, but there's still no guarantee.

Now if this the taint is for temporary sanctions purposes, you could always un-taint when the sanctioned party is back in good graces - but the coinbase taint would be forever.

It's clear the same approach could apply to Zcash; taint all shielded address, taint all proceeds from a shielded address.

Privacy coins at large scale are against the interest of the USG.

This is a fraught topic, I can't give it complete treatment. I'm suggesting something will be eventually done. I've been around Bitcoiners long enough to know there are going to be normative reactions why privacy is "absolute good" and nothing should be done. But I think it's just a matter of time before something will.

In short, if we truly have this massive step forward in privacy that's useful for all the people who benefit from privacy, it's absolutely going to be used creatively by money launderers, terrorists, etc. Authorities are not going to buy Schrodinger/Goldilocks privacy arguments that somehow Bitcoin or Zcash is great for the "non-threatening" actors but prohibitively transparent for Iran, North Korea, or someone offering a bounty on the next Charlie Kirk. It's an undisputable fact that pig butchering has gone parabolic - here's an estimate that global scale is over $140 Billion - an order of magnitude larger than Tesla's profits for all time.

Large open liquid pools of untraceable money make it much easier to profit from crime at scale, and crime is scaling up.

Cash is always great, but cash is local. You can't crowdfund terrorism with cash. Your granny isn't going to send your inheritance to Cambodia in cash. You have to work to launder it, and the amount of work is proportional to the amount. Small amounts are easy, large amounts are problems. And this is good! Small time law evaders pose much less a threat to US interests than large scale international crime rings or sanctions evaders who weaken US clout.

At some point, there's going to be an Oct 7, Sept 11, or Charlie Kirk type event with a trail leading into a blockchain and going dead. Or we could find that Iran or North Korea are openly skirting sanctions and financing nuclear development using Bitcoin or Zcash. Or maybe we discover that relatives of certain politicians have an uncanny ability to make profitable altcoins trades, and we just have to trust them that it was trading prowess and not a combination of insider trading and untraceable bribes. Or maybe finally we will figure out how George Soros was able to pay millions of protestors (/s.)

While common in the crypto space to offer absolutists arguments about privacy, the authorities (and most normies) don't typically think like this. It's good that if you embezzle $400 million from a publicly traded company, you can't just deposit it in your Wells Fargo or Fidelity account the next day. It's good that OFAC can freeze funds of war criminals.

In a law-and-order world, illegitimate organizations face financials costs that hinder their growth; this is good. If it costs an extortion racket 10% of slippage every time they launder $10 million, that's $1 million that isn't reinvested in expanding their extortion racket. This hampers growth, exponentially. It's good that terrorists don't have access to the same financial infrastructure that legitimate corporations do. It's good that malign sovereigns can't exhibit dangerous influence over US corporations.

Privacy is the opposite of transparency, which is also good. It's not a contradiction if your concept of the social contract recognizes privacy as good for the smaller players and less good for the government and large corporations.

Bitcoin is interesting because it provides a little of both. On the one hand, it provides sizable opportunities for privacy for smaller folks trying to escape corruption, obtain hormones or drugs, and this is unlikely to backfire unless someone is trying to do significant harm. 99.99% of folks who obtained illegal things on the Silk Road will never be prosecuted for it, and this is fine. Law enforcement has better things do.

Bitcoin does have mixing options like CoinJoins - it's unclear if these scale to the order of magnitude demanded by large criminal organizations like drug cartels or aspiring nuclear powers. Zcash on the other hand has a massive blob of shielded transactions. You can instantly shield $467 million. It becomes part of dark blob. What goes on inside is impossible to see. This will make Zcash more attractive than Bitcoin to criminals who need banked at scale.

This seems like a godsend for quite a few criminals. Beyond scalability, one of the reasons that criminals are hesitant to use Bitcoin: If the next guy screws up and gets caught by authorities, there's a trail leading back to you. Maybe you were careful, and didn't leak your address to associate with anything real, but you never know - there's always this additional layer of risk. If you work in concert with some folks in Southeast Asia on a pig butchering scheme involving the old lady next door - they can send you Zcash that you can deposit in your Gemini account - immediately after you coach the old lady next door how to download the Zashi app so she can send some money to her new friend. Nobody will know it's the same Zcash.

I've never run a drug cartel, so perhaps I'm out of my domain here. But if I did, I would set up a structure where lower level people take their cash to the bank, wire it to Gemini to get some Zcash, and then Zcash all the way back home. Untraceable by default. This is super risky with Bitcoin.

And obviously OFAC is completely helpless trying to sanction shield zcash. Once North Korea shields their Zcash - OFAC has no tools.

Unless, they go with the tainting model. Which I think eventually they will, as they will probably have no choice.

And I get it, I'm giving reasons why privacy coins are bad, and this might prompt some visceral reactions. In the end it's not my decision, it's up to lawmakers who have their own set of objectives, and these objective probably don't include a trillion dollar liquidity pool for criminals and US adversaries.