xmr.club
EN 中文 ES RU
← all guides
guide · long-form explainer

Privacy without paranoia — a gentle starter kit

Most privacy advice is written for journalists or activists, then ordinary users read it, panic, and either over-engineer (Tails + multisig for their $200 wallet) or give up. This guide is the opposite: the minimum work that gets you 80% of the benefit. Not enough for a state adversary; plenty for the threats most people actually face — data brokers, exchange leaks, casual snooping.

Who this is for

  • You hold some crypto and don't want the world's data brokers to have your wallet history.
  • Your threat model is: ISP, employer, data-broker aggregators, occasional curious acquaintance.
  • You're not (a) a journalist with sources to protect, (b) someone whose government considers you a threat, or (c) holding seven figures.

If any of those apply, this guide is too light — read threat models and step up to /stack.

The three habits (do these first)

  1. Never reuse a wallet address publicly. Public donations / your X bio? Different from the one you use for receiving payroll. The cost is zero (subaddresses are free); the benefit is permanent.
  2. Email-only accounts where possible. If a service offers signup with email-only (no phone, no ID), pick that. Use a throwaway-friendly email provider (see picks below). The result is no government-ID anchored to your crypto activity.
  3. Don't post screenshots that contain anything you didn't intend to share. Wallet UIs leak balances, addresses, transaction history. Crop ruthlessly or take a fresh screenshot with no extra surface.

The four installs (do these next)

  1. A no-KYC VPN. Cheap (~$5/mo), takes 10 minutes to set up, defends against your ISP + public WiFi. Don't pay annually until you've used it a month.
  2. A non-custodial wallet. Skip the exchange wallet. Pick something from our wallet guide; for a casual user, Cake (mobile) or Feather (desktop) is fine.
  3. A no-KYC email account. Skip Gmail for new privacy-relevant signups. Tuta / Proton accept signup without phone; both work fine for daily use.
  4. A no-KYC swap path. Bookmark kyc.rip aggregator or SideShift. Once. The first time you need to swap without KYC, you'll be glad it's there.

What you don't need (yet)

  • Tor for everything. Useful for specific privacy-critical flows, slow + suspicious-looking for daily browsing. Use the VPN for daily; step up to Tor when your threat model actually requires it.
  • A hardware wallet for $200. The risk profile doesn't justify the cost + UX overhead. Use one when you're holding more than you'd be comfortable losing to malware.
  • Multisig. If you're asking whether you need it, you don't yet.
  • Your own Monero node. Awesome project, real ongoing cost. Vetted remote nodes (Cake's, Feather's defaults) work fine until you have a reason to upgrade.
  • A no-KYC SIM. Only if you're signing up to phone-gated services. Most ordinary signups are email-only.

When to level up

Re-read this guide once a year. If any of these is now true, you're ready for the next tier:

  • You publish under your name and would prefer your crypto activity not get tied to it.
  • Your holdings cross five figures.
  • You're in a jurisdiction that started criminalizing privacy-respecting tools recently.
  • You had any kind of doxxing incident.

The next tier: /stack (the curator's actual setup) or /guides/privacy-threat-models (work backwards from the threat).

Picks

  • Mullvad — Cheap, no-account, accepts XMR. Stop-thinking-about-it default for the casual ISP threat.
  • Cake Wallet — Mobile-first XMR. Easy onboarding, good defaults for non-technical users.
  • Tuta Mail — No-KYC email signup. Works at every no-KYC service. Encrypted at rest.
  • kyc.rip aggregator — Bookmark once. No-account swap when you actually need it.