22 questions

Frequently asked questions

What the labels mean, what “no-KYC” actually buys you, and how this site is maintained.

What does 'no-KYC' mean on this site?

A service is listed as no-KYC if its standard signup and use path can be completed without providing a government ID, selfie, or bank-linked identity. A service that only collects an email or a self-chosen username is still considered no-KYC. A service that requires identity verification above a threshold (e.g., daily withdrawals over a limit) is tagged 'tiered' rather than 'none'.

Is a no-KYC service automatically anonymous?

No. 'No-KYC' is about what the operator asks of you up front. Anonymity also depends on what metadata the service retains, what your payment trail looks like, whether you used Tor or a VPN, and whether the on-chain history of your funds is correlated to your identity elsewhere.

Is using a no-KYC service illegal?

Generally no, though the rules vary by jurisdiction and by category. Anti-money-laundering law primarily binds operators, not users. A handful of services in this directory (notably mixers in some jurisdictions) sit in a more contested legal area; entries flag this where relevant. We do not provide legal advice — consult a qualified lawyer for anything material.

Why does the same service appear with different KYC status on different sites?

Because KYC policy changes constantly, especially on centralized exchanges, and because two reviewers may have tested the service in different jurisdictions or at different account-volume tiers. Every entry here is dated; treat older entries with proportional skepticism.

How do you decide whether a service goes on the list?

See the methodology page. In short: it has to be reachable, it has to be in active use, the no-KYC claim has to be testable (or at least documented), and we need at least two independent sources for major claims.

Why isn't [service] listed?

Three common reasons: we have not gotten to it yet, we could not source enough information to write a sober entry, or we evaluated it and concluded the no-KYC claim doesn't hold up. The first two are fixable — email the contact address below.

Do you take money to list services?

No. There is no paid placement, no sponsored entries, no affiliate links. The directory exists because it is useful as a reference; an affiliate model would corrupt that.

Do you run any of the services you list?

The maintainer's interests are disclosed on the about page if and when they exist. Treat that page as part of the methodology.

How current is the data?

Every service entry carries a 'last verified' date in machine-readable form. The home page shows the most recently touched entries. The changelog page lists every refresh.

How do I report an error or an out-of-date entry?

Use the contact form at https://fuckyc.org/contact/ with the URL of the entry and the correction.

Is privacy email the same as encrypted email?

No. A privacy email provider may not require an identity to register, but unless both ends use end-to-end encryption (PGP, S/MIME, or in-protocol like Tutanota's), the mail content is readable by the provider. The 'email-privacy' category here is about the signup and operator threat model, not the cryptography of the mail body.

What's the difference between an instant swap and a P2P exchange?

An instant swap (or 'instant exchanger') takes a deposit at one cryptocurrency address and sends a different cryptocurrency to an address you specify. There is no account and no counterparty matching from the user's perspective; the service aggregates liquidity behind the scenes. A P2P exchange matches a buyer with a seller and runs escrow; you trade directly with another individual and payment can include cash, bank transfer, gift cards, etc.

Are no-KYC swaps truly non-custodial?

Most are not. Even when the UI implies a one-shot operation, the swap usually routes through a CEX backend that holds custody for the seconds-to-minutes the swap takes. If the backend's address-screening flags your deposit, the funds can be held pending verification. Read each entry for routing details.

Should I trust a 'rating' or score on a directory like this?

Treat any 1–10 score with suspicion. The fields that matter — KYC level, jurisdiction, custody model, payment methods, sources — are visible on each entry. This site does not publish a numeric score for that reason.

Why are some categories sparser than others?

Because the universe of well-known no-KYC services in some categories is genuinely small (anonymous domain registrars, anonymous crypto debit cards), and because we'd rather omit a service than write an unsourced entry.

What's the deal with 'offshore' hosting?

'Offshore' is a marketing word. What matters is the physical jurisdiction of the hardware, the legal jurisdiction of the operating company, and the abuse-handling policy. A host in, say, Iceland with a Seychelles holding company can still be reachable by a German subpoena if the upstream provider is German. Read the entry's jurisdiction and caveats.

Do you cover privacy coins and on-chain privacy?

Yes — under the 'privacy coins' and 'mixers / coinjoin' categories. Privacy-coin entries describe the protocol-level guarantees; mixer entries describe coordinator services and their trust model.

What is /llms.txt and /llms-full.txt?

An emerging convention for sites that want to be useful to LLM-based assistants. /llms.txt is a markdown index of every page on the site; /llms-full.txt is the same content concatenated as plain text. Both live at the site root. See the home page for the link.

Why no analytics or tracking?

Because a directory about avoiding identification has no business setting an identifier of its own. The site uses no analytics, no fonts from a third party, no tracking pixels, no cookie banner because there are no cookies. The HTML you receive is the HTML the LLM crawler receives.

Can I mirror or fork the site?

Yes. Content is CC BY-SA 4.0; site code is open-source (see the about page for the repo). Run your own mirror, fork the data, write your own opinions. The convention is to keep the source attribution.

Is Tor required to use these services?

Not for the directory itself. For some services in some jurisdictions, using Tor (or a VPN) is what makes the no-KYC path effective — instant swappers may geofence, hosts may price by IP, and bank-linked payment leaks identity even when the service does not ask. Each entry's caveats note this where relevant.

Why list services with caveats instead of excluding them?

Because the goal is to describe the landscape accurately, not to publish a clean list. A service with 'tiered' KYC is still useful information if you know what tier you'll cross. We try to make the caveats louder than the marketing.