you can’t withdraw it from their ecosystem
They changed that a while ago
So, you’re saying that if I use Coinbase, I could withdraw the keys and have full custody over it after I buy it? Then where’s the custodial catch that I always hear about with Coinbase?
Yes. Idk what specific criticisms you’re referring to but probably just related to how it is a centralized exchange, which does have some genuine drawbacks like reduced privacy, for instance they don’t sell Monero or other privacy coins. The reason I also mentioned Kraken is that it is the only fiat gateway exchange that does sell Monero, with other ones if you want to be private you would have to first buy some non-private crypto, then send to a crypto to crypto exchange to buy a privacy coin and go from there. Also there are a lot of people that just buy crypto on Coinbase and never withdraw it, so for them it’s custodial all the way.
If you are comfortable with PayPal you can buy crypto from them afaik, though I am fairly sure you will have to provide additional KYC info than name and credit card, most of the cryptocurrency community obviously hates KYC and there would absolutely be centralized non-KYC options for buying crypto if it wasn’t blatantly illegal to offer that.
isn’t Coinbase custodial? I will not use custodial exchanges
That’s totally fair but consider that if your intention is to purchase crypto and immediately withdraw it to a personal wallet, there are zero practical drawbacks to an exchange being custodial because they are only holding your crypto in custody for the brief period of time between when you click the buy button and when you click the withdraw button. A DEX with escrow is going to be less custodial than that, but I would call it still a little bit custodial, since even if the escrow person doesn’t have the option to take your crypto for themselves they could still potentially collude with the seller and send it back to them, which means there is a brief window when the crypto you have purchased is not truly under your personal control. You can have a crypto to crypto dex be perfectly non-custodial (ie. Uniswap), but you can’t have a fiat to crypto exchange be perfectly non-custodial.
The reason they need it is because of the law making it illegal for them not to collect it, though that doesn’t make it any less of a barrier that they have no choice. I would say at this point Coinbase and Kraken are at least as reputable as something like PayPal/Venmo (which I think you can actually also buy crypto from); iirc Coinbase is a publicly traded corporation, has various licenses with governments to operate, is handling custody for major financial institutions now that some crypto ETFs have been approved, it’s not like the early days of crypto where even the biggest exchanges had little real claim to legitimacy.
As for difficulty of using DEX for non KYC trades, I have heard a lot of anecdotes about that confirming your experience that it does not work well. However I would keep an eye on it, there’s significant recent changes with the shutdown of LocalMonero, the launch of Haveno, progress in the development of atomic swaps. I expect that it’s going to improve significantly in usability for the average person, so long as there aren’t major efforts by governments to criminalize it.
Cash works, but not for online purchases. I pay for a VPN subscription anonymously with a cryptocurrency wallet app, it’s at least as convenient as using PayPal, and unlike PayPal I can be sure there isn’t a middleman collecting/selling my transaction data for ads or whatever else. This is a solution that works and exists right now. I know a lot of people really don’t like cryptocurrency, but I’d also be ok with some other system that satisfies the same requirements.
To solve the problem instead by regulating payment providers, to begin with you would have to convince governments that are largely in the pockets of these companies to act against them. You would have to get these people to craft a set of laws telling them, “hey, this information you’ve collected that is on the computers you own and control, don’t look at it ok? Also don’t do anything with it unless we say it’s ok.” and then, somehow, actually enforce that. It’s taking a system basically made to centrally collect and control information, and hoping that people with an obvious interest in using it for that purpose will play along with retrofitting it to prevent privacy violations. To me this seems like planning for failure when you can instead just use a system that doesn’t involve trusting a company with this info to begin with.
Youtube’s actual website usually doesn’t even work for me anymore. The page takes a really long time to load and often gets stuck and doesn’t load at all.