The Satoshi Test Explained
A Satoshi Test is a method to verify ownership of an address belonging to a virtual asset service provider (VASP) customer's self-hosted wallet (unhosted wallet).
To verify the address’s ownership, a small amount of crypto assets (coins), predefined by the VASP, is sent from the wallet owner’s address to the VASP within a specific time period.
If the wallet owner can successfully send the coins, it serves as proof of address ownership.
The proof is considered invalid if a wallet owner does not complete the transaction in the given timeframe. It has to be redone with a new predefined amount and within a new specific time period. With successful transfers, the wallet user will be reimbursed for the transferred coins. However, the mining fees will not be returned.
The amount transferred is usually around the value of USD 1. This represents a fraction of a Bitcoin, whose smallest unit is a satoshi. Hence the name Satoshi Test. However, this method can be used for most crypto assets.
Depending on the VASPs jurisdiction and AML policy, a Satoshi Test only provides a proof for a limited time (e.g. 1 week) and afterwards has to be repeated, even if the wallet user's address stays the same.
In some regions, a Satoshi Test is called a Penny Test or a Micro Transfer.
Why Would a Cryptocurrency User Need
to Perform a Satoshi Test?
The Financial Action Task Force’s (FATF’s) Recommendation 16 proposed that cryptocurrency exchanges and virtual asset businesses within FATF member countries would need to reassess how crypto assets were transferred.
For compliance purposes, VASPs will need to adhere to country-specific rules when transacting with self-hosted wallets as part of their anti-money laundering (AML) efforts.
Recommendation 16 stipulates that when a virtual asset transfer involves only one obliged entity on either end of the transfer, countries should still ensure that the obliged entity adheres to the requirements of Recommendation 16 concerning their customer.
For example, when an ordering VASP, or other obligated entity, sends virtual assets on behalf of its customer (the originator) to a beneficiary that is not a customer of a beneficiary institution but rather an individual who receives the virtual asset transfer to a self-hosted wallet.
But How Does It Work?
A Complete Satoshi Test Step-by-Step
- The wallet user shares a withdrawal Bitcoin address with the VASP. Even though it’s for a new withdrawal, the address already needs some Bitcoin available to execute the Satoshi Test later.
- The VASP creates a Satoshi Test consisting of the following:
- A fresh Bitcoin deposit address,
- A random amount of BTC valued around USD 1 (e.g. 0.000060 BTC),
- And the maximum timeframe (usually between 15min and 48h) for the verification according to the applicable AML policy.
- The wallet user sends the VASP-defined amount of BTC from his pre-defined withdrawal address to the VASP’s deposit address within the specified timeframe.
This step is often challenging for the user, as many wallets do not let the user choose which Bitcoin address it will send from.
- The VASP checks if the transaction has been executed exactly as predefined. If this is the case, the wallet user's new withdrawal address will be whitelisted for the user to use.
The steps done by the VASP can be fully or partially automated using 21 Travel Rule.
What Are the Pros?
- The process can be automated on the VASP’s side,
- It is safer than the screenshot option, as anyone with basic computer or cellphone knowledge can easily manipulate screenshots per the Screenshot Method.
What Are the Cons?
- It’s not free. While the transferred amount can be returned, the transaction fees usually are not, and some VASPs will charge wallet users for that process since staff time is needed for review,
- This encourages the owner to reuse addresses to save money,
- Sending from a specific address is a non-trivial task with UTXO-based cryptocurrencies, such as Bitcoin, and often not possible with a wallet,
- It is cumbersome, adds friction and offers a poor experience for the end customer, who usually requests VASP support to perform it,
- This, too, can encourage address reuse as the VASP’s customer does not want to repeat this burdensome process,
- The process can be slow if it is not fully automated on the VASP’s side, as the VASP’s compliance team needs to review and respond to the proof.
Download the Satoshi Test Workflow
Learn how to conduct a Satoshi Test step-by-step.
To learn more about self-hosted wallet verification methods, read Self-hosted Wallet Verification Methods: An Overview.