But still you can't look at where the zaps are spent afterwards on Lightning.

Correct. But that doesn't mean it's private at all. An attacker still sees everything in and out via zaps, which is how most people use it. Our defaults have never ever been private.

Please try this tool I just made:

Onchain Zap Forensics

All the zaps that I have received so far, what did I spend them on? Can you tell? Did I even move those sats at all? Where did the sats go after I’ve received them? Less importantly: Is it possible that some of the zap receipts were faked, and thus there’s “zap events” out there that didn’t even move sats at all? Even less importantly: I had many lightning addresses attached to my profile up to now. Is it possible that one of those lightning addresses was controlled by someone else, and not me?

> Saying that lightning zaps is a "sane" privacy implementation That's not what I said. When it comes to zaps, Lightning is the sane choice, because of its properties. Using on-chain for those public payments is NOT the sane option, since on-chain leaves a trail that is forever auditable. “Forward secrecy” (if you want to call it that) does not exist. Plausible deniability does not exist. The option to say “I never touched that money” doesn’t exist. The option to say “I lost access to this wallet” does not exist either, unless you nuke your nsec.

I made Alby Hub my zap address almost a month ago and I still get zaps to wallet of satoshi every so often.

We are not using "lightning", we are wrapping a lightning proof into signed events with the sole purpose to identify the parties involved. Yes: forward secrecy doesn't exist, plausible deinalibity don't exist. But not because of some on chain zaps implementation, but strictly because you are singing with public key cryptography and advertising your pubkey key as yourself to everyone. That is the definition of *verifiably* doxxing yourself. You are arguing against pubkey key reuse while reusing the same nostr key to sign the same thing you want a new key for.. nothing here makes any sense.

Btw, I softened wording here and added a comparison table.

In Amethyst Vitor, don't we have the option to use anon zaps, if we want to? View quoted note →

You have conversation with he/him 'something'. Leftard's bs.

I mostly agree Vitor, but it depends on what you mean by "everything". A zap is a public record that one person made a payment to another person The question is whether the public record should also (implicitly or explicitly, it doesn't matter) point to the on-chain transaction That appears to be the real issue you all are discussing, and the issue would still exist even if each payment was to a different address Define "Noisy Payment" as a Silent Payment, but with a public event linking to the txid. Would that be a fix for onchain zaps, because it avoids address reuse; or equally harmful because the public can still see all the transactions?

The privacy comes with what happens to the coins after you receive them sir, you can't accidently show everyone what exchange address you use to sell bitcoin

We can make all zaps go through a mixing service before coming out to an exchange if that is the problem.