Goodbye, BitBargain

source: Bitbargain.com

2020. Dec. 25. 19:34

Goodbye, BitBargain

We have arrived to the end of an era.

BitBargain launched in 2012, during Christmas. I was the only vendor for the first two days: my first trade was selling 10 BTC for £85 (yes, £8.5 per one bitcoin).

Bitnumus, Pucilowski and a few other vendors soon joined in. Until that point, they had been OTC trading on #bitcoin-otc and selling bitcoins for cash via Localbitcoins.com, which back then did not have online transfers yet - they were all about cash. Within a few weeks of BitBargain’s launch, they too implemented offers for online trading. After a programme on the BBC talked about crypto and showed BitBargain, our platform took off and became successful.

The intention of this post is to take a trip down memory lane, look back at the challenges, the successes, explain why BitBargain is closing down instead of becoming a regulated UK entity and offer hints on what the future will look like.

2012 was a very different time. Mt.Gox was THE exchange in town where you could send £1000’s without ID verification and get bitcoin in return, usually the same day. BitBargain did not ask for ID either (but you did get your coins in 5 minutes as opposed to several hours on Mt.Gox). You couldn’t ID verify on BitBargain even if you wanted to. Getting your bank account suspended for buying or selling crypto was unheard of in our circles.

It didn’t take very long for this system to be exploited by criminals and noticed by banks. I remember trying to deposit money into Mt.Gox and getting an error on HSBC saying the account was unable to receive funds. It’s no wonder they were the first big target of fraudsters. This problem had very quickly reached BitBargain vendors also.

We found out the hard way that allowing just anyone with no reputation, trading history or identification to buy £1000’s worth of bitcoins was a bad idea. We had also found out the hard way that banks just pour fuel on the fire instead of helping out. For that first trade gone wrong, a vendor’s bank account was frozen for months along with all of his other assets that had nothing to do with the trade. Without crypto, he would not have been able to pay his rent. I was later put in a similar situation when HSBC had blocked my personal and business accounts. Their reason stated through an unofficial channel was that I sent and received 1 GBP payments which were for verifying bank accounts and for some reason they thought it would be better to close my account than to send an email, text me or call me to say it was a problem for them.

Ever since that reality check and the understanding that fraudsters presented a significant danger to the business with banks just making the situation worse, we have adapted. When phone verification wasn’t enough, ID verification was added. When passports weren’t enough, selfies were required. When cash deposits became hot potato, we stopped offering that payment method.

I remember being on a family trip in Italy when reports of fraud came in for accounts which verified using Polish IDs and ended up sending money from a different account. At the first place to sit down with WiFi, I kicked the fraudster off a trade in progress. That same day selfies were introduced (holiday coding, yay!) and not much later we started attaching remitter names to the trades to be able to track fraud and notice in time if someone was using a third party bank account or violating policies by creating new accounts. We got rid of cash deposits altogether.

Thanks to these steps taken, fraud rate has been hovering near 0% since 2013, even in 2020. The unique counter-fraud measures combined with the cooperation of sellers resulted in something special, providing vendors with a safe platform that was unlike Localbitcoins or any other marketplace at the time. Shutting down fraudsters took a concentrated effort and it worked, not only in the short term.

The banking side was a bit more problematic. Not just on the bitcoin front. I remember an article about this guy who wanted to buy a car in cash and so he went to his bank to take out cash, just a few thousand pounds. The bank would not give him his own money until he showed them the advert for the car. These same banks suspended the bank accounts of their clients for simply using the word ‘BITCOIN’ in the reference. These same banks rejected transfers to a list of bank accounts owned by reputable exchanges abroad. These same banks sided with fraudsters even when it would have taken two minutes of investigation to find out without a shadow of doubt where the responsibility lied. These same banks suspended business bank accounts that had no fraud or any type of issues, just for suspicion of bitcoin trading. These same banks went as far as to put out a false fraud alert on vendors to prevent them from opening a bank account elsewhere.

I understand that some of these drastic measures were in response to rampant fraud, but they were inadequate and often came from incompetence, sometimes even clear malice. The expression “to throw the baby out with the water” comes to mind. The banks did much harm to not just the crypto community, but many legitimate clients of theirs. Banks expected us to do the impossible to counter fraud, but most online banking would not show the sort code and account number of the sender. Two banks even went as far as allowing the sender to set ANY remitter name they liked. Things like these made our job next to impossible. But we still survived.

Despite the hardships, most buyers rarely ever noticed much of it. Come to BitBargain, follow the instructions, buy your £100 worth of crypto, withdraw. It was that simple. There were several key reasons for BitBargain trades being so fast and smooth and problem-free.

- only the most relevant instructions were presented to the buyers along the way as they came closer and closer to the actual trade- we have a very extensive seller howto which is probably useful reading material for all P2P/OTC vendors everywhere, not just BitBargain- we had a strict seller test to ensure that all vendors knew the policies, understood how to communicate efficiently and handle tough situations- the “going online” method - sellers had to be active and respond within minutes, otherwise they would get signed off- SMS notifications to my phone and me jumping out the bed whenever there was a situation in which I could offer assistance- the ability for buyers to ping the vendor with a text message if there was no response- a reliable central ID verification to relieve vendors of the heavy work- taking the time to communicate with buyers and sellers to explain what was going on and why- removing buyers and sellers swiftly if they acted in bad faith or seemed consistently unable to follow instructions

It wouldn’t be right to speak only about the successes. Some things didn’t go exactly to plan. One such example was the minprice() feature. The idea was that vendors could use this function in their price formula to make sure they were competitive and didn’t offer coins at a price that was too high compared to other vendors. I expected this feature to push the prices down a little to a level where it still made it profitable for vendors to sell, but buyers wouldn’t have to pay much more than if they used competing marketplaces. Sure enough, it went the opposite way - encouraging a price cartel. Of course I didn’t mind vendors taking an extra, as buyers didn’t mind paying the markup for the quick and reliable service. But when you align your prices inside a closed system and ignore the rest of the world, eventually you distance yourself from reality and you chase away buyers. So this feature was removed in the end. Instead, I made a quicker seller test: getting more vendors to join increased competition and drove prices lower. The memory of minprice() will always remain with me as a stereotype of a solution that sounds good on the surface but ironically achieves the opposite of what it was meant to do.

After around 2014, things became less eventful. And that’s a good thing. I have the vendors to thank for that. They have been the backbone of BitBargain, they were the ones doing all the trading. They were the ones who had to get out to obtain bank accounts whenever one was closed without a good reason. They were the ones holding bags of coins and being subjected to price drops. They were under constant stress of having to compete with other vendors. They were the ones who had to deal with fraud attempts and the occasional drunk buyer. The regular vendors on BitBargain are all great people, mostly introverted, intelligent, helpful, fair, reasonable. They were a pleasure to work with.

There are so many great stories and so many people I should have talked about (R.I.P. aldur1) who were essential to BitBargain becoming a success. But I understand most of you are reading this curious to find out what is happening, why it is happening and what the future holds. So let’s get into that instead.

The counter-fraud measures we employed along with monitoring and sensible trading limits have covered not just the fraud aspect but also helped to avoid money laundering and comply with all kinds of regulations. When there was actual crime committed, we were there to help out the authorities (unlike the other way around, when a vendor was defrauded through a stolen bank account).

We would get a data disclosure request document by email from a police officer which included the type of crime being committed, the name of the person and some information about how they are connected to BitBargain. And they got the information they wanted: I would do the lookups, fill out the form, visit the post office and mail the physical letter. There were no crime syndicates using BitBargain to launder money, we were not a btc-e type operation, all the vendors and myself had incentives to keep the marketplace clean. And we did. I even had police pass my name around as someone they could turn to for help. I’ve heard other crypto marketplaces were just as helpful.

However, in addition to the reasonable requests we got, there were also some cases that worried me. Here are some anecdotes that are necessary to be aware of as we go forward to the regulation side and my decision to no longer have my crypto business in the UK.

- In one case, the investigator demanded a user’s details after clicking through 3 different levels of clusters on WalletExplorer.com. He was ignorant about what shared wallets were or how they worked. Luckily after a few emails I managed to explain where he went wrong and pointed him in the right direction without revealing any customer information. He thanked me and I hope he found the culprit in the end.

- Sometimes we would get emails from police which included in the CC field a long list of crypto businesses, domestic and foreign, addressing us and others at the same time without having any idea if we are involved in the case or not. I guess I can understand this as a last-resort option, but I’m still not convinced that it is appropriate.

- There is such a thing as “too much information” - once, the police disclosed not just the basic details of the person they were looking for, but they for some reason included a plaintext password in the report which belonged to the user. That is very irresponsible in my book.

- The FBI has a habit of posting illegal items on marketplaces and wait for criminals to bite the hook. You could argue that some listings come very close to entrapment. In at least two cases, it trickled down to me having to deal with it. A notable case that made news is the story of Kuntal Patel.

- I’ve met in person a UK trader who was using Localbitcoins. He was a lorry driver and occasionally sold bitcoins. One small trade he did in the wrong place at the wrong time with the wrong person resulted in the authorities charging him with a crime, seizing his assets, searching his home and when the case started falling apart, they put pressure on him and used tactics that no government should. When we last talked a long time ago, he was about to take them to court. I don’t know if it’s even possible to do.

- In one case, the NCA demanded information about a bulk list of transactions that had nothing to do with BitBargain. The policy is that we don’t reveal if a user exists or not, unless there is reasonable suspicion that they committed a crime. Simply revealing that they are a user on the platform could be twisted into getting a court order. So I responded that I am not at liberty to disclose the identity of any users based on the request. This did not go down well with them, so they said they would get a court order to force me into compliance. I said okay. I haven’t heard from them since. My guess is that they put on this bluff and sent the same request to several bitcoin companies. Or they were just going based off bad blockchain analysis information.

- Most of the requests we did not comply with originated from blockchain analysis based information. Blockchain analysis is essentially a best guess of a proprietary algorithm which scans the blockchain, the web, the dark web and all kinds of data sources, then tries to connect different addresses, group them into clusters, make a guess as to what entity owns the cluster, then present information about where those wallets sent coins and where they received coins from. Busting down the front door of someone based on such approximations is highly inappropriate and unreasonable in my opinion, though it is an accepted practice in the United States for example. It is important to mention that some of the BA based requests asked for information we did not have. This means that the specific tool they used incorrectly claimed that a transaction or address belonged to us.

Those in power want as much control over crypto as they have over your personal bank account. Some of them want this with good intentions without much consideration about balancing their power against constitutional rights of the people, others need it only to stay in power. They demanded a solution. Predictably, the industry jumped right on it and came up with something that would pass. And it’s good business. Some of these companies ask for tens of thousands of dollars a year to give you access to their database and tools. And they’re not all bad. Most of the time you can figure out the name of the exchange by simply providing a transaction ID. You can check out an exchange and see how much coin is going to dark web suspects. Overall, it’s a good tool to have, but at the end of the day it’s still just a best guess by a computer software.

Even when blockchain analysis spits out the the correct guess, as we have seen the authorities may combine it with other results or other pieces of information and come to a wrong conclusion because they just do not know how to interpret it all. And just because you win the case in court, your life can still be ruined in the process.

But my main issue isn’t even a small number of innocent people’s doors being kicked down erroneously. Blockchain analysis will affect all exchanges and crypto businesses in the coming years. It will not be used just to track down criminals or kick hardcore darknet market users to keep their wallet clean.

In the beginning, nobody did any blockchain analysis. It did not exist. In the next stage, some businesses started using it. But it wasn’t mandatory and you had to receive coins from a well known darknet market to get a high score on blockchain analysis to potentially get in trouble. Now you’re considered suspicious if you used a marketplace and not an exchange. Coinjoin counts as high risk. Gambling is high risk. As you use entities that are paranoid about keeping their coins clean and adhering to all the regulations, your risk scores will continue to increase and without you even knowing why, your deposits will become rejected, you may be asked to supply documents or lose the coins, your account may become suspended without you having any clue what you did wrong. And quite possibly you didn’t do anything wrong. But that won’t matter.

The goal post, the risk score threshold will keep moving along this trend until the point where you will be afraid of using your personal wallet, donating to someone online, receiving bitcoins from anywhere except for regulated exchanges. At that point, crypto will be akin to a regular bank account. You won’t have a bitcoin wallet, you will have accounts to websites. If you think I’m exaggerating, here is an article from just a week ago: https://www.coindesk.com/self-hosted-bitcoin-wallets-become-front-line-in-fight-over-crypto-regulations

And so we have arrived to regulations. In Hungarian, there is a saying: “to fall off the other side of the horse” - loosely meaning “to go to the other extreme”. Given what went down with Mt.Gox, I understand why some felt the need to regulate exchanges. But in my very personal opinion, we’ve gone overboard. I disagree with the following:

- having to ask ID from everyone, even if they only want to buy £200 worth of coins - storing their documents and personal information for years- giving access to authorities to query any transaction and customer info instantly (this is also in the roadmap)- being forced to use expensive and unreliable blockchain analysis services, eventually stop providing service to everyone who isn’t depositing from another regulated exchange (I expect we will come very close to this eventually)- paper-pushing, form filling, sending documents that look authentic but cannot be reasonably verified by the crypto businesses, not really preventing money laundering or fraud, just removing responsibility, but not really removing responsibility, meanwhile making users jump through useless hoops that drive many of them away from crypto for good- masses of innocent people being interrogated at a police station about what transaction X was, 14 months ago (once we were requested by the police to provide information on something from over 3 years prior)- having to hire separate compliance people and a legal team even just for having a custodial wallet- regulating crypto-to-crypto conversions which do not involve fiat- putting up all kinds of delays, road blocks, challenges and keep increasing these as regulations progress in a stricter direction

Before 5MLD in around 2016, I think the balance was pretty good. We kept criminals away, ID was required for vendors, regular traders and high amounts. We prevented smurf accounts. We cooperated with police requests, we used blockchain analysis in some cases and kept the cluster clean. Many have learned from Mt.Gox’s bad example, exchanges have gotten much more stable and I don’t think regulations were the most significant driving force behind this improvement. Yes, regulations are important to draw in corporate money and to keep big businesses from failing big. But forcing regulation on anyone just hosting a custodial wallet and not allowing even a few people to put their trust in a startup service is not how it should be.

Back in January of 2019 when in compliance with 5MLD I put all accounts on mandatory ID verification, it did not feel right at all. It raised the question “how far am I willing to go?” - the answer is, not much further. The FCA (Financial Conduct Authority) are now in charge of crypto in the UK and they forbid all UK businesses from offering a custodial wallet or trading bitcoins without getting prior approval. Thus, BitBargain is closing down, redirecting buyers and sellers to a chatroom and allowing them to verify each other easily. At least chatrooms are not regulated (yet). The chatroom’s address is BitResident.com by the way, some vendors are already there, waiting to see how this pans out. If you are a vendor, you are more than welcome to join. There is no registration, just sign in with your BitBargain account before opening the page.

While I do not agree with the specifics of the regulation, I genuinely wish the best to those crypto businesses that still wish to continue their journey within the borders of the United Kingdom. That is certainly the correct business decision. After most UK vendors disappear, the remaining ones will no doubt see a large volume of trading. Even from the buyers’ perspective, any crypto business is better than nothing. I have compiled a list of vendors, marketplaces and exchanges to share some love and drive some traffic to them. The list is available in the #suggestions channel over at BitResident.com.

I wanted to go into some other subjects involving trends in the United Kingdom that are not tied to crypto, but they may be divisive, so I will skip on those. My only suggestion for everyone is to read Orwell’s 1984 and Huxley’s Brave New World again, then compare fiction to the reality around you.

Personally, I will be busy with a couple of things: technical solutions for a regulated UK business (I’ve made a nifty and flexible wallet system to handle ledgers, deposits, withdrawals), maintaining order and entertaining guests on BitResident.com (hopefully it won’t be empty) and some other undisclosed projects. I highly recommend at least idling around in the community for another few months as there is a possible reward involved to those who are active. On top of being part of a great crypto community of course.

Again, I want to sincerely thank everyone who has used BitBargain in the past, whether for buying or selling. My life would not have been the same and I am very thankful to have gotten to know all you wonderful people. I wish for all of you good health, true freedom and heavy bags of coins that just keep going up in value.

Martin