Case file · Exchange
Peach Bitcoin
Install the app and trade Bitcoin peer-to-peer - no email, no account, no ID. Peach polices abuse with hard trading limits instead of KYC.
The systematized overview
The bureau vs the internet.
7.2/10 · No-KYC (limit-gated)
A low-friction P2P marketplace that asks for no email, no account and no government ID for normal trades - it caps trade sizes (about CHF 1,000/day) instead of asking who you are. It lands at level 1, not 0, because Peach keeps a per-person device+payment hash server-side (retained for years, banned users indefinitely) to enforce those limits. Add a regulated Swiss operator with long data retention, source-available (not fully open) code, and an escrow that gives Peach a unilateral key after a ~30-day timelock, and you get a solid but not maximal no-KYC option.
3 recurring praises · 3 recurring gripes
Most praised: fast, smooth mobile experience. Most cited downside: scam-counterparty attempts happen (mitigated by escrow + disputes).
We track our editorial score and community sentiment separately — neither moves the other. Read together, they're the systematized overview.
The facts
Custody & jurisdiction.
- Jurisdiction
- Peach Sàrl, Neuchâtel, Switzerland (regulated under Swiss AMLA)
- Custody
- Non-custodial - 2-of-2 multisig (seller + Peach), ~30-day timelock
- Escrow
- 2-of-2 multisig; timelock grants Peach unilateral signing for disputes
- Traded
- Bitcoin only (on-chain, plus Liquid and some Lightning)
- Fiat rails
- No - fiat moves directly between buyer and seller
- Payment methods
- SEPA, bank transfer, Revolut, Wise, Advcash, PayPal, gift cards, cash
- Payment privacy
- No native Monero; no Tor; no ID at signup; payment data kept on-device (hashes only)
- Disputes
- In-app encrypted chat, then Peach staff mediation; timelock backstop
- KYC trigger
- No gov-ID for normal trades (trade limits instead); optional gov-ID only to lift high-volume seller limits
- Open source
- Source-available only (Commons Clause), not OSI open source
- Audited
- No published independent security audit found
- Operating since
- 2022 (Ten31-backed)
The full read
Our analysis, in plain words.
Peach takes a different route to no-KYC than the pure decentralized exchanges: it is a slick mobile app run by a real, regulated Swiss company, and it refuses to ask for your identity - not an email, not an account, not an ID. Where a compliant exchange would gate you behind verification, Peach simply caps trade sizes (around CHF 1,000 a day), enforced by a hash of your phone and payment details rather than any document you hand over. An independent no-KYC directory rates it level 0.
The trade-offs are the flip side of that regulated-but-private posture. Because Peach Sàrl operates under Swiss AMLA, it must retain trade and dispute data for ten years and reportedly cannot delete it on request - so "no ID" does not mean "no records." Its escrow is a 2-of-2 multisig between you and Peach with a ~30-day timelock that hands Peach unilateral signing afterwards; that is how disputes get resolved, but it is less trustless than a 2-of-3 where the platform holds only one of three keys. And the app is source-available under a Commons Clause licence, not fully open source, with no independent audit we could find.
On balance it is a strong, low-friction no-KYC on-ramp for Europe, with a genuinely no-ID model and a good record on disputes and custody - no hacks, seizures or frozen-funds reports surfaced. A privacy purist will prefer the trustless, account-free decentralized options; a user who wants a polished app and an accountable operator, and who is comfortable with a regulated firm holding encrypted records, is well served here. One honest gap: we could not fetch the live Terms during review, so the level-0 rating should be treated as provisional until someone reads them directly.
The score, broken down
How the 7.2 is built.
Privacy
weight 50%What identity, data and metadata the service can demand or collect.
71 × 50% = 3.5 of 10
Trust
weight 30%Whether it can technically deliver what it claims — code, audits, age.
72 × 30% = 2.2 of 10
Reliability
weight 20%Whether the no-KYC claim holds under real-world pressure.
75 × 20% = 1.5 of 10
Weighted total 7.2 / 10 · no reliability rule triggered, so the score stands. See the rubric →
Every point, sourced
What earned the score.
Privacy
The fine print, read for you
The clause they bury.
“No KYC where permitted by local law. Users are responsible for complying with all applicable regulations in their jurisdiction, including any KYC/AML requirements.”
What it meansPeach itself does not verify identity - it enforces per-person trade limits (around CHF 1,000/day) instead, using a hash of your phone and payment details rather than an ID. The honest caveat is jurisdictional: the responsibility to comply with local KYC/AML law is pushed to you, and as a regulated Swiss firm Peach must retain trade data for ten years even though it never collects your ID.
Read the source →“Escrow is a 2-of-2 multisig between the seller and Peach, with a timelock (~30 days) that grants Peach unilateral signing rights after expiry.”
What it meansPeach cannot steal funds mid-trade (it needs the seller’s signature too), and this timelock is how it resolves disputes by releasing to the buyer on proof of payment. But it does mean Peach is a mandatory co-signer and an eventual unilateral signer - less trustless than a pure 2-of-3 where the platform holds only one of three keys.
Read the source →No government ID is required for normal trading. Peach enforces per-person trade limits (about CHF 1,000/day, CHF 100,000/year) using a server-side hash of your device and payment details rather than an ID - and that persistent, years-retained identifier is why we place it at level 1 rather than 0. High-volume sellers can optionally complete gov-ID KYC (under the PolyReg SRO) to lift limits; we reviewed the live Terms and Privacy Policy directly and found no discretionary "we may demand ID" clause.
Policy review — point by point
-
No ID at signup
No email, account or identity is required to install and trade; Peach uses trade limits instead of KYC. ↗
-
Compliance pushed to the user
The FAQ frames it as "no KYC where permitted by local law," making the user responsible for local KYC/AML - a jurisdictional caveat, not a Peach ID demand. ↗
-
Ten-year data retention
As a regulated Swiss firm Peach retains encrypted trade and dispute data for 10 years and reportedly cannot delete it on request. ↗
-
Live Terms unverified
The Terms page was Cloudflare-blocked during review, so a discretionary-ID clause could not be ruled out verbatim. Flagged for a manual read. ↗
Peach is unusual in this category: a named, regulated operator (Peach Sàrl, Neuchâtel) rather than a pseudonymous project or DAO. That cuts both ways - there is a real company you can hold accountable and a clear legal home, but Swiss AMLA obligations mean mandatory multi-year data retention and a compliance posture (US excluded, not marketed in the EU/EEA) that the trustless, entity-free exchanges avoid.
We keep watching
Incident & policy timeline.
- 2022
Founded, backed by Bitcoin-focused VC
Peach launched as a mobile P2P marketplace with investment from Ten31 and angels. It positioned itself from the start as a no-KYC, non-custodial alternative to ID-gated exchanges.
source ↗ - Sep 2025
Two-way marketplace launched
An app update let buyers post offers too (not just take seller offers), making it a full two-way P2P marketplace - while keeping it no-KYC and non-custodial, with Peach never seeing payment data or keys.
source ↗ - Ongoing
No hack, seizure or exit scam on record
We found no reports of a hack, fund loss, seizure, court action or exit scam. Review volume is still low, and the platform is not available in the US or actively marketed in the EU/EEA.
source ↗
The verdict
Where it stands.
Strengths
- No email, no account, and no gov-ID for normal trades - a very low-friction on-ramp
- Non-custodial: Peach never holds your money, only co-signs escrow
- A named, regulated Swiss operator you can actually hold accountable
- Well-reviewed dispute mediation; escrow protects against scam counterparties
Trade-offs
- Keeps a server-side per-person device+payment hash for years (banned users indefinitely) - a persistent identifier
- Regulated Swiss status forces long retention of trade/dispute data; no Tor support
- Escrow is 2-of-2 with a timelock that gives Peach unilateral signing later
- App is source-available (Commons Clause), not fully open source; no public audit
- Europe-focused; no US access, thin liquidity and a no-KYC price premium in places
Across the internet
What reviewers report.
Consistently praised
- Fast, smooth mobile experience
- Genuinely no-KYC with an accountable operator
- Effective dispute mediation; escrow defeats scam counterparties
Recurring complaints
- Scam-counterparty attempts happen (mitigated by escrow + disputes)
- A ~5-10% price premium over centralized-exchange spot for no-KYC coin
- Thin liquidity in some regions; Europe-only, no US
Sentiment is positive but on low volume (small Trustpilot and directory samples, ~4.8/5 on kycnot.me). No credible surprise-KYC, frozen-funds or lost-funds complaints surfaced - a good signal, tempered by how few reviews exist. Synthesized from kycnot.me, Trustpilot and Stacker News.
Ask the bureau
Peach Bitcoin, common questions.
Does Peach Bitcoin require ID or KYC?
Not for normal trading - there is no email, no account and no gov-ID; you install the app and it generates your keys, and Peach caps how much you can trade (about CHF 1,000 a day) instead. We rate it KYC level 1 rather than 0 because Peach keeps a per-person hash of your device and payment details server-side to enforce those limits. High-volume sellers can optionally verify ID to lift limits, but it is never forced for ordinary use.
Is Peach non-custodial?
Yes, with a nuance. Bitcoin is escrowed in a 2-of-2 multisig between you (the seller) and Peach, so Peach cannot move funds alone during a trade. A roughly 30-day timelock does give Peach unilateral signing afterwards, which is how it resolves disputes - so it is non-custodial but a required co-signer.
Does Peach keep any of my data?
Your payment details stay on your device and Peach only sees hashes of your phone ID and payment info. But because Peach Sàrl is a regulated Swiss financial firm, it must retain encrypted trade and dispute data for ten years and reportedly cannot delete it on request - a real privacy trade-off despite the no-ID model.
Where can I use Peach?
It is Europe-focused (EUR, CHF, GBP, SEK) and is not available in the US, China or sanctioned regions, and not actively marketed in the EU/EEA. Fiat moves directly between you and your counterparty via methods like SEPA, Revolut, Wise or cash.
Your exact case not covered? The live Ask the bureau answers it and turns it into a public FAQ.