[closed] Wanted: About 1.5-2.5 ZEC for Paypal USD

Market is way down, that means it’s time to buy! I am looking to make quick and easy purchase with all the USD I can spare, not going through usual hoops (bitcoin to zcash). From the other end, I know some people here go a circuitous route to “cash out” via Paypal. Good deal for a miner who needs to pay the electric bill!

There is not much precedent on this forum, so a little ad hoc here:

  • Escrow good, if any well-known forum member wants to be an escrow agent. I will pay a small amount of the ZEC for this. Otherwise, I will send Paypal after ZEC is sent. This is money I can’t afford to lose.

  • Send to either t-addr or z-addr ok. z-addr preferred. (If you or escrow agent send/release to t-addr, it will immediately disappear to z-addr and waste a mining fee, anyway.)

  • Price negotiable, based around rates on Coinmarketcap.com at the time when we make agreement ($232.901/ZEC at time of this writing). I think Paypal should have a premium, but I will keep it small for a well-known forum member. This is a nice community, I want a fair deal both ways. Discuss details via PM/e-mail. I currently have about $350 available in Paypal, will add more if I can get a bit more ZEC.

  • I do not mind taking reasonable measures to prove my ownership of the Paypal account. But I will not jump through extensive identification hoops (privacy activist here!). If using escrow with somebody very trusted, I also do not mind if ZEC is held for a little while after Paypal sent. Discuss details via PM/e-mail.

  • I do not do this regularly, and do not intend to. I expect ZEC value increase soon, want to get it while I can… and if you’re a miner, you need to sell some to pay that pesky electric bill anyway. Or maybe buy another GPU.

Disclosure: I am a known person here. This is a throwaway account. Avoiding identity collision/linkage. Changing my writing style, etc. I will not reveal usual username, under any circumstance. Obviously, to close a deal, I will need to reveal (privately) my “real life” identity.


Hehe zec first? Why the non-reversible trade first? Your over elaborted scheem and unwillingness to trust leads me to not trust you, i love how you assume zec miners dont have jobs to pay those “pesky” bills, i literally havent used the word pesky since i could get in trouble for cussing
Edit-but good luck!

1 Like

Note the conditional: “Otherwise, [if no escrow] I will send Paypal after ZEC is sent. This is money I can’t afford to lose.”

I do not want to mess with reversing a Paypal transaction for a private, one-off cryptocurrency trade. I do not have money to burn. I don’t want to get ripped off, either.

Best of all, I would prefer some sort of escrow. If I trust the party, with 2/3 multisig in a t-address posted publicly on the forum (so everybody can see when/how it is released), I don’t mind it being held for a moderate time either. I intend to buy and hold, not buy and sell. Or with a simple tx (no multisig), escrow hold for 24 hours.

Ok, I’ll tell you what. You have a good reputation here. You, I will send first (or trust as an escrow agent with somebody else). Want to talk price? PM me.

I have seen miners here discussing exchange of ZEC to pay the electric bill. Sometimes reluctant to sell ZEC, but non-casual mining is a business. Revenue needs to pay expenses, esp. with kW magnitude electric use.


Ok maybe i was a little out of line, wasnt insinuating your not trustworthy (though i dont know) but the way you worded it makes it sound like all the trust as well the risk lies with the seller, which it does, with only one party known, only one party is liable its a hard ticket to sell, if i needed to sell my zec (i dont but i know some mega miners do as displayed in the red sloping candles)
I wouldnt be opposed to how you say EXCEPT we would have to meet somehow and fullfill the human trust element or remove it completely which you couldnt do with paypal, no in between

Again im sorry if i offended you, been a long one today

1 Like

Ok if i wanted to do this, and you wanted to maintain your anonymity, we would need a professional escrow, someone with more at stake than just their stake, and as such would share the risk of the seller and fill the trust element, just a “trusted” member of the community would not stand to lose their livelihood if they failed to fufill their part, other than that you would have to put yourself out there somehow,
if i knew you personally id say the zecs on the way, pay me when you can

I was writing you a long reply, mostly stuff I probably don’t want to post in public anyway… here is a quicker one:

If you want, I will go out on a limb here, though not for the full amount I wanted to spend. PM me with a Paypal address and a PGP key for any further discussion. I will send you $230 for 1.0 ZEC (confirm details privately before sending money). It’s a bit under that right now, and I will not commit to the price if it drops further before deal is firm. I don’t mind if you hold the ZEC for, say, up to 72 hours… though for a longer hold, or further transaction meanwhile (which I may want), I would need a third party with 2/3 multisig.

If you want, make it for 1.0001 ZEC and send it to a t-addr which I will publicly acknowledge in this thread before you send. Then you get some reputation credit. Otherwise, I am a big fan of z->z!

Note: I can’t seem to send new PMs with a new user account. But I could reply to you.

No way I can maintain anonymity. Paypal is linked to my SSN, etc.; and you will get my “real name” with payment send, no way around that! But I do want to keep it as private as possible.

No problem. It’s a friendly community. But this is the Internet, this is money, and I am NEWNYM. You came off as harsh, but not really unreasonable.

Part of what I wanted to post earlier:

Myself, I would not usually do something like this. Too big a risk, on both sides. Why now?

In the recent crazy market, I lost about 0.9 ZEC in a bad trade. Funny because I don’t usually daytrade. I buy and hold. Didn’t touch it at all for >120,000 blocks. Held through the bubble in June (stupid!), then finally got tempted and fumbled on the downslide/bounce/tumble after the recent spike (sucker!). My long-term predictions are almost always right. My daytrades are almost always wrong.

I bought that Zcash for about $30/ZEC. (Actual cost came around $38, since I had to do USD->BTC->ZEC.) I want it back even at $230/ZEC, and to buy more if I can. Expect >$600 within 3-6 months, with new floor >$400. Beyond that, 12+ months, much more. I’d rather take the loss in USD than ZEC… USD will not be improved by long-term demand drivers like 1.0.13 lowmem proofs in November, or Sapling next year. Shielded transactions on low-resource PCs, then smartphones. Needed. Coming soon.

In other words, I think this is last chance to top up and replace my lost coin before $230 looks like buying Bitcoin at $1200. If I could spare more USD, I would be seeking a bigger purchase. I put in almost my last dollar at $30 (not that it was much). Same thing now.

These predictions are why I mentioned sale by miners. I would not recommend anybody sell if avoidable. Now is time to buy, not sell. But if you need to sell anyway, as a business matter (making a big rig pay for itself ongoing), then sure, I’ll buy your Zcash!

…if I can just get you the USD, that is. Too bad no atomic swaps on master branch for USD. HTLC is not coming to USD. Always a counterparty. Even dollar cash can be counterfeit, easier/better than digital signatures. Too bad it’s still important, this obsolete form of money. $DEPRECATED

Know your argument is logical and your method seems sound, I, having misconceived, assumed you were a bad guy and launched a miscalculated attack, I did come off as harsh (thank you for the not so unreasonable), but that was my intention, for that I apologize, I only hope that these dialectics will attract other readers and give them a better understanding, as I certainly needed. As far as selling you zec I honestly can’t help you I don’t have that much, but I do wish you luck and not smartassy this time!

1 Like

This offer is still open (though maybe for different amounts, around 1-1.5 ZEC on below terms). It became a sort of mini research project for me: How to create trust, with asymmetry in risks between Paypal and cryptocurrency. TL;DR: I must risk cryptocurrency I already have, and a substantial time of locked-up funds on 2/2 multisig. See below for idea.

@Autotunafish, thanks for the kind words. I wish that nobody abused anonymity. I also wish that nobody abused knives, axes, hammers, chainsaws, automobiles, alcoholic beverages, etc. I also wish that I lived in a community where nobody locks doors at night.

Too bad, the Internet is not that community. Though I would like to think that Zcash forums are a place where I can take the below-described risk on someone with a solid posting history.

Stay skeptical, stay safe!

With that in mind, for somebody who has Zcash to sell…

After a week exploring script options, realizing that weird scripts should be tried on testnet not with real money, realizing and then trying to prove the futility of what I was trying to do… This is the best/simplest I came up with, for aligning incentives:

  • ZEC funds held in 2/2 multisig for n days. Max n I can accept is n=30. I know theoretically, Paypal can be reversed longer than that. But I can’t afford to leave funds locked up, at my risk for longer; and your biggest risk is if it is a hacked/stolen Paypal. There is a very high probability of Paypal owner discovering a few hundred dollars missing within 30 days! I think only the real Paypal owner will make such a deal, because also:

  • I risk ZEC up-front, in same multisig. I only get my original ZEC back (plus the amount I bought) if we both perform the transaction honestly. I think no scammer will risk cryptocurrency they already have, with a very high chance for the scam to be caught within 30 days.

I have already moved ZEC funds to t-addr t1LhRiXxZynq1R2iBXorqHZuqzrb7DqjtKS for this purpose, to show I’m serious and I have the funds. (I put slightly more, to cover tx fees; I will send to the multisig 1.0001 ZEC minus whatever fee zcashd calculates.) Proof that this is my address and my money:

user@host:~$ zcash-cli signmessage t1LhRiXxZynq1R2iBXorqHZuqzrb7DqjtKS \
  "I, @uid65534 on forum.zcashcommunity.com, own t1LhRiXxZynq1R2iBXorqHZuqzrb7DqjtKS."
user@host:~$ zcash-cli verifymessage t1LhRiXxZynq1R2iBXorqHZuqzrb7DqjtKS \
  IGUZOJBMlpsp6uKZm7LKKBi15UH/j2xMVFy/OWh7bV9QQWs4smSwPSyY1mqRq6rdRND4Bzo2i5X2RlzSZTvfFqE= \
  "I, @uid65534 on forum.zcashcommunity.com, own t1LhRiXxZynq1R2iBXorqHZuqzrb7DqjtKS."

(Newbies, copy/paste the second part (verifymessage) to verify the message on your own computer. You will not be able to do the first part, because you don’t have my private key.)

Proposed concrete protocol, where you = seller and I = me:

  1. We agree privately on price and terms.

  2. You tell me a t-address for yourself. I create a 2/2 multisig address, and publish all three addresses on this thread: The multisig t-addr, your signing t-addr, my signing t-addr. If you want to verify the redeemScript for the multisig, I will send that to you privately.

  3. I send agreed USD via Paypal, and I send (slightly more than) 1.0 ZEC to the multisig address. At this point, my total risk is $[agreed USD] plus 1 ZEC.

  4. After you receive Paypal tx and verify that I sent 1 ZEC from t1LhRiXxZynq1R2iBXorqHZuqzrb7DqjtKS to the multisig, you send the agreed ZEC to the multisig.

  5. 30 days from initial tx date (I hope today), if no reversal of Paypal, you release your part of the multisig. I get all my ZEC (both the ZEC you sold me, and the ZEC I put up-front). We update this forum thread.

In case there is a big market swing, or I find a better deal, I may cancel this offer at any time before I reach a firm agreement with somebody (step 1 above).

Design notes:

  • I think most game-theoretic constructions are naive. They assume people are rational. But people are not rational! I designed this so I can only cheat if I am extremely irrational: So malicious I will spend large sum to cause trouble for some random stranger, with no material benefit to myself (only loss). The risk is shifted too much: My counterparty can cheat if only moderately irrational. But I am willing to take that risk, iff counterparty has what I consider a good reputation.

  • Here, my biggest risk is that my counterparty could hold ZEC hostage: Demand I sign to release part of the amount to me, part to him/her, instead of all to me. This is the gaping hole in most such protocols. But I should state upfront, I am one of those principled people. I would burn all my ZEC and die in a gutter before negotiating with a scammer. This is a personality characteristic. People call me words like “stubborn”, “obstinate”, “rigid”, sometimes “stupid”. If I perform my part honestly, and the seller gets my USD, then I promise I will never release my part of the multisig for anything but the full amount to me.

Any takers? This past week, there have been people complaining that “there are zero buyers around”. I am ready to buy! Current price where I sit is $232.838/ZEC.

1 Like

if i had any ZEC to sell i’d take you up on it, especially as I am interested in developing better multisig UI’s, as I have yet to see one for any coin that didn’t suck!

1 Like

Talk about rep. @anon47418038, lots of people are trusting you as a community developer for wallet binaries. (Also your involvement in other projects.) Big amount of ZEC is riding on your bits being clean. If you wind up having coin to sell, I think I can trust you for a much bigger transaction than I can afford!

Multisig UI, interesting topic. The UI on my end will be whatever I can do in my terminal. I’m adventurous. But I have some idea for your Windows/Mac users. See below.

First: I realized, people with stolen Paypal accounts, etc. are always in a hurry. I wish I had realized this a few weeks ago, and made then the following cryptographic commitment of my identity (legal name + Paypal account mail) to prove it’s the same account all along. Anyway, as you can see, I am not in a hurry. I may close this offer if the market swings (expected soon), or if I find another convenient way to get my coins. But, I’m not in a hurry. You probably noticed also, I didn’t move the coin I’m willing to risk; I don’t need to, as long as I might buy another.

Now please, people, for your safety, listen up here. I realize many of the regulars here will know this, but I am sick of seeing people publicly commit identity-linking info using simple hashes. (See Wikipedia.) The right way is with a keyed hash, and a random key:

$ EMAIL="[my paypal account mail]"
$ NAME="[my legal name]"
$ dd if=/dev/urandom bs=32 count=1 status=none | xxd -c64 -p > emailkey
$ dd if=/dev/urandom bs=32 count=1 status=none | xxd -c64 -p > namekey
$ echo -n "$EMAIL" | \
	openssl dgst -sha256 -hex -mac hmac -macopt hexkey:`cat emailkey` | \
	egrep -o '[0-9a-f]{64}$'
$ echo -n "$NAME" | \
	openssl dgst -sha256 -hex -mac hmac -macopt hexkey:`cat namekey` | \
	egrep -o '[0-9a-f]{64}$'

This way, unless my random device is hardcoded with a fair die roll or something, my identity cannot be linked to this post even by somebody with full access to Paypal account database (such as Paypal). But if I fulfill this offer with anybody, I will be able to privately prove to that person that I am paying with the committed Paypal address. And I did it so I can prove name and email separately.

Re: multisig, UI and otherwise (and not presuming to tell you anything you don’t know, @anon47418038, maybe you solved all this already):

First there is the problem of the serialization format for unsigned and partly signed transactions. Bitcoin in the wild, there are a bunch of different incompatible formats. Core has one, Electrum has another, I have seen at least 3 or 4 others, and there are probably a dozen more. AFAIK, there is no standard (not even a pretend “standard” nobody uses).

I think most existing multisig use is vertically integrated into a bigger protocol. Totally opaque to user, “just works”. Per below, users should never be copypasting and passing around fragile big blobby things anyway. And if they do? In addition to UI problems below, you need a bunch of features which make “use what zcashd spits out” a bad choice for serialization. At least by itself.

You will need a checksum of some kind. (Please no truncated SHA256; with all due respect to Satoshi, that’s the wrong tool for the job.) Also defense against email truncated/wrapped lines. Maybe serialize the raw (binary) bytes with a checksum, base64 (url?) it, wrap at 72 chars (but then what if user needs it all on same line?). Note, I don’t think any of the major Bitcoin formats go this far; their incompatibility is for simpler reasons. But AFAIK, none of them intend for nontechnical users to do their own multisig for custom purposes.

Then another thing: Correct me if I’m wrong, but don’t you need to be running (your port of) zcashd with -txindex? I do that anyway. I’m not sure about the multisig case, gotta look at the code. (Shouldn’t all necessary data be in UTXO set? But this is with raw transactions, right? Help me, I’m ignorant here.) If so, good luck having your average user reindex at 210k+ blocks. I reindexed at about 100k, and that was right before hitting that first serious spot of quadratic sighash pain. It took about 15 hours on an old laptop, slow CPU but with SSD (and it can do joinsplits!). Then going forward, txindex requires nontrivial higher resources.

Solve that, then I think for 99% of your Windows/Mac users (plus another 98% those on Ubuntu), the biggest problems are:

  • Explain what multisig means. As said above, I think most userfriendly Bitcoin multisig stuff is a prepackaged app with its own ecosystem. They don’t need to explain what, but why. I mean, use cases: “It does escrow” (many applications) or “it protects your funds from being stolen” (wallets where neither the wallet provider nor malware on your machine can steal funds). How? Then a high-level explanation of multisig, but not necessary for user to understand. It’s just magic. “Click here to do escrow.”

  • Users need big blobby strings well hidden. If it can’t be stuffed into a QR code, if it needs random looking stuff copypasted, this a problem.

  • For parties signing a partly signed transaction, how to verify user expectation? Mallory can give Alice a bunch of gibberish and say, “Here, sign this like we agreed.” In addition to serialization problems discussed above, when it’s deserialized, of course you need to verify everything with extra care including wetware confirmation that the transaction outputs are really precisely exactly what the user expects. Oh, then you need to tie payee identity to a zcash address; and it’s even harder than usual, because the multisig is a kind of action at a distance. Hello, Zooko’s Triangle.

At the bottom line: I think unless you can get rock solid standards for serialization etc. (I mean: not one of 15 competing standards, not a BIP39-style incompatible implementation meltdown), and some real use cases, it’s just not worth it. How many users will know what it’s for? (Not counting those who can do it from zcash-cli.) Chicken and egg problem though. Maybe users just need a good UI! Maybe you are better at UI and navigating these issues than I am. High probability.

My idea of good UI is a pipeline typed in at the terminal, it’s the UNIX way, maybe you should not listen to me about UI. zcash-cli, JSON-RPC, or hex dump is good enough UI, hahah. Maybe if all the existing UI are “suck”, it means they were written by somebody with that habit of thinking. Either that or the polar opposite, Web 2.0 brain damage. No, not “maybe”.


thanks! yeah when I have done OTC trades on slack or whatnot, I’ve always been “just screenshot this, I have too much to lose in rep to rip anyone off”! :slight_smile:

there are some multisig use cases and key exchange methods i am working on that I’m not gonna divulge yet, also :slight_smile:


This offer is now closed. Got my coins elsewhere (though maybe I should buy more, hahah).

Thanks to everybody who replied.

Good luck with those multisig ideas, @anon47418038! Always good to see creative ideas driving usage.

1 Like

I recently (like, today!) stumbled into a group that is also starting to build similar multisig tools for teams and we will probably collaborate, which would be great as things would end working for more coinz

shapeshift like apps are stealing the crypto show these days!

I wanna see more purely non-custodial services like shapeshift, having to have an account somewhere sux

Closed per OP