Citadel Dispatch #198: JUSTIN – FEDIMINT UPDATE
Date: April 7, 2026
Host: ODELL
Guest: Justin (Fedimint Open Source Project)
Episode Overview
This episode brings back Justin, one of the lead contributors to the Fedimint open source project, for a comprehensive update seven months after his last appearance. The focus is on actionable Bitcoin and "freedom tech," with an emphasis on recent developments in Fedimint—including the E Cash reference app, user experience and security tradeoffs, federation and gateway operation, mobile guardians, privacy, and the role of agentic payments and local AI models.
Key Discussion Points & Insights
1. Fedimint Project Overview & Recap
- Fedimint is a federated Chamiam ecash implementation, designed for community custody using multi-guardian multisig, as opposed to a single-point mint like Cashew ([06:01]).
- Trust Model: Multiple guardians (usually 4) collectively control funds, requiring a subset (e.g., 3-of-4) to authorize transactions, improving upon both security and censorship resistance ([06:44]).
2. E Cash Reference App Progress
- Rapid Releases: E Cash app updates every two weeks; now at v0.70/0.71 ([04:04]).
- Features:
- Supports Bitcoin on-chain, Lightning, and Fedimint ecash payments in one wallet ([04:04]).
- Integrates Nostr for:
- Contacts via public keys (endpubs).
- Wallet connect features.
- Encrypted federation invite code backup using seed-derived Nostr identity—users only need their seed phrase to recover everything ([05:14]).
- UX Innovations:
- Nostr-based federation invite backup helps solve ecash wallet recovery pain points ([05:14]).
- UI continues to improve for usability and privacy ([04:04]).
Notable Quote
"We derive the Nostr identity from your seed phrase, so you really just need the seed phrase and all your money comes back."
— Justin ([05:50])
3. Guardians: Launch, Operation, and Failures
- Deployment Simplicity: Ongoing focus on reducing friction to set up and run federations ([09:33]).
- Uptime Realities: The larger the federation, the harder high uptime is for all, but the system’s fault tolerance allows extended operation with some nodes down ([07:55], [36:17]).
- Failure Risk: Unintentional outages are a bigger threat than "rugpull" exits ([07:37]).
Notable Quote
"You get stuck in a disenfranchisement loop if you just pay attention day by day—things both move slower and faster than people realize."
— ODELL ([02:41])
4. Ecosystem Interoperability: Backups, Mints, and User Choice
- Seed Phrase/Backup UX: Ecash and Spark wallet examples show design tradeoffs between user-friendliness and security ([12:41]).
- Federation/Mint Selection: Still a UX challenge; current approach is user-driven with public directories (NIP87, mints.com, observer.fedimint.org), but more web-of-trust and privacy improvements are planned ([14:00], [15:16]).
Notable Quote
"There's something there about very low-powered local AI models making a lot of these decisions for people… pick the right mint, pick the right gateway."
— ODELL ([28:17])
5. Running Guardians/Gateways: Start9 & Umbrel Packages
- Integrated Packages: Running a guardian is now possible through Start9 and Umbrel packages, which simplifies deployment and enables secure, automated backups ([16:53], [18:32]).
- Setup Ceremony: Still a manual process—guardians must securely exchange setup codes, ideally in person, but QR codes add flexibility ([18:00]).
- Backups: Encrypted TAR files serve as the key backup artifact ([18:37]).
- Privacy: No integrated Tor; recommend guardians run behind VPNs like Mullvad due to possible IP leakage ([21:14], [22:07]).
6. Lightning Gateway App
- Separation of Concerns: Lightning gateway is a separate, permissioned entity that interfaces between federations and the Lightning Network ([23:25]).
- Uptime/Capital Trust: Gateways don’t custody user funds but must maintain liquidity and online presence; guardians must approve gateway addition ([24:47], [29:17], [30:26]).
- Multiple Gateways: Federations can, and should, support multiple gateways to improve resilience ([27:39]).
- Capital Efficiency: Gateways across multiple federations can internally settle payments without Lightning hop (ledgering), boosting efficiency ([31:39]).
Notable Quote
"One advantage of the gateway way is gateways can serve multiple federations… You can reuse your outgoing/incoming Lightning channels."
— Justin ([25:29])
7. Running a Guardian on Android Phones
- Mobile Guardians: New mobile app leverages low resource requirements to run guardians directly on Android, democratizing federation operation ([32:28], [33:42]).
- Setup Simplicity: Federation creation or joining can be done in a few taps; supports backup/restoration and easy device swapping ([34:46], [36:44]).
- Ideal Deployments: Small communities could use old Android phones as federation hardware ([35:02]).
- Resource Use: App is moderately power/data-intensive—must remain always-on for reliability ([33:40], [38:55]).
- Blockchain Data: Default is to use mempool.space Esplora, but user can connect to own Bitcoin node ([37:42]).
Notable Quote
"You can have a federation with just one Guardian in three taps… get an old phone, download the app, keep it plugged in—is a pretty low bar."
— Justin ([34:12], [36:44])
8. Agentic Payments and Local AI Model Integration
- Agentic Ecosystem: Fedimint’s Lightning/coin management outsourcing is attractive for local AI agents and user-agent hybrid flows ([39:42], [40:24]).
- E-cash Undo: If agents mishandle wallets, mints can "rug" and recover lost funds if still internal ([41:30]).
9. Community Banking Vision
- Local Empowerment: Fedimint is seen as extending "Uncle Jim" (trusted family node operator) to community-scale, and could be combined with locally hosted AI for shared services (e.g., LLM inference paid via e-cash) ([42:53]).
Notable Quote
"Fedimint is like scaling up Uncle Jim to community level—Mayor Jim."
— Justin ([45:09])
10. What's Next for Fedimint
- Gateway Improvements: Moving towards more agentic gateway management ([46:15]).
- Modular Upgrades: New consensus upgrades/modules, with a focus on backward compatibility for smoother client experience ([47:20]).
- Bolt 12 Support: Under investigation—send support is easier; receive side presents unique trust model issues ([47:23]).
Notable Quote
"Bolt 12 trust model-wise for Fedimint looks more similar to LNURL… The main challenge is that with bolt 12, the end client is non-interactive."
— Justin ([47:39])
Segment Timestamps
- [00:32] - Introduction, stats, and announcement of Justin's return
- [03:20] - E Cash app vision and updates
- [06:01] - Fedimint 101 and trust model explanation
- [07:55] - Uptime, federation scaling, and improvement focus
- [09:33] - Federation launch UX and the importance of making participation easier
- [12:41] - Wallet seed backup tradeoffs and Nostr integration
- [14:00] - Federation/mint selection—current practices and future web-of-trust ideas
- [16:36] - Guardian on Android—potential, setup, resource needs
- [18:32] - Start9/Umbrel guardian setup flows and backup
- [21:14] - Privacy, IP leakage, and networking details (Airo, lack of Tor/VPN use)
- [23:25] - Lightning Gateway app—introduction and role
- [29:17] - Gateway pairing and trust
- [31:39] - Internal gateway settlements and capital efficiency
- [32:28] - Running guardians on mobile; setup, real-world application, switching devices
- [38:55] - Mobile data/power use in guardian mode
- [39:42] - Agentic payments, Fedimint’s potential, and undo mechanisms
- [42:53] - Local community banking vision, local AI/LLM future
- [46:15] - What’s next for Fedimint: modules, gateways, Bolt 12
- [50:37] - How listeners can help (try the app, provide feedback)
Memorable Moments & Quotes
-
On Open Source Progress:
"You guys have made really massive progress. There was a decent amount of haters who wrote off the Fedimint open source project as all hype and no substance and I think you’ve been proving them wrong."
— ODELL ([53:01]) -
Friendly Call to Action:
"Download Ecash app, download the Fedimint D mobile app, give it a whirl and give me some feedback… more feedback on usage and feedback would be great."
— Justin ([50:37])
Summary
This episode offers a deep, actionable look into the evolving Fedimint open source ecosystem. From practical updates (mobile guardians, new backup/recovery flows, Lightning gateway separation, and modular upgrades) to bigger-picture discussions (UX tradeoffs, privacy, agentic payments, and community banking visions), listeners are given both the details and the philosophical context for current and future key developments.
Anyone interested in federated Bitcoin custody, permissionless Chamiam ecash, or the next wave of “freedom tech” will find this conversation both rich and directly actionable.
Resources and links are available at citadeldispatch.com.
Host contacts: ODELL on Nostr; Justin on Nostr at @mr.cool.guy.