Hello Vod,
I'd be happy to elaborate on my ideas,
I like your idea in principle - everything should be transparent and on smart contracts. I don't like the non-KYC part, as that could make it illegal. It is in the spirit of Satoshi, but like any following, it has honest members, and dishonest ones. The bad actors have ruined it for everyone, so consider coding the KYC as an option.
While it is true that cryptocurrencies, like other mediums of exchange such as cash, can be misused by bad actors which strongly condemn. However, I don't believe that state surveillance is the appropriate solution. As Benjamin Franklin said, "Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety". I believe that this principle aligns with fundamental value of bitcoin. In my view, the threat posed by excessive state surveillance far outweighs that of bad actors.
Regarding legality, while this approach may not comply with regulations in certain jurisdictions, it remains compliant in others. I do not advocate breaking the law, and a potential compromise could be making a good faith efforts to geo-block restricted regions. Nevertheless, I remain committed to upholding the core value of financial privacy and will not implement kyc capability.
What do you mean by "utilise anonymised data for troubleshooting"? Anonymised data can be used for research, but troubleshooting requires specific information.
The data in question looks like this I redacted addresses and transaction ids:
"[<DATEANDTIME>] [ERROR] Order failed with error: insufficient funds, main.ExchangeSession{OrderID:"b0a06943af3df054", Status:"EXCHANGING", FromCurrency:(*cryptoManager.LtcHandler)(0xc0002aa000), ToCurrency:(*cryptoManager.EthHandler)(0xc000134a20), FromCurrencySign:"LTC", ToCurrencySign:"ETH", FromCurrencyID:2, ToCurrencyID:4, FeeRate:1, SendAmount:0.0013312683123676756, ReceiveAmount:0.035, ToAddress:"<REDACTED>", FromAddress:"<REDACTED>", RefundAddress:"<REDACTED>", ToTransactions:[]cryptoManager.CryptoTransaction{}, FromTransaction:cryptoManager.CryptoTransaction{Txid:"<REDACTED>", Confirmations:1, Amount:0.35, Explorers:[]*cryptoManager.CryptoTransactionExplorer{(*cryptoManager.CryptoTransactionExplorer)(0x7ff7f819b180)}}, ToConfirmations:12, FromConfirmations:1, ExchangeRate:<REDACTED>, ErrorMessage:"", ExpirationTime:<REDACTED>, CollectionTime:-1}"
As shown, when an error occurs, the system logs the relevant transaction state, including the error and technical details, without exposing personally identifiable information (such as IP addresses). This allows for effective debugging while maintaining user privacy.
Also "It maintains a minimal amount of imports to reduce potential attack surfaces while implementing advanced form parsing for additional security." Programming use libraries/imports, unless you code yourself. With the impressive feature list I don't think you would take the time to write advanced code that is more secure than peer review.
The Go programming language was created with the idea of powering backends of web application in mind since the very beginning and thus it has a robust standard library that minimises the need for external dependencies when building web backends. While I have no objection to using well-maintained libraries where necessary, many codebases (particularly in Node.js) exhibit excessive dependency bloat, for example importing entire frameworks just to use a single function.
Though both Go and Node.js are secure by design, each additional import increases the potential attack surface. Therefore, it’s considered good security practice to keep dependencies to a minimum. This doesn’t mean reinventing the wheel, but rather being deliberate about dependencies.
Thank you for reading,
Alison Bobert