MeterCall has no named founders. That is a deliberate product decision, not a marketing trick. Anonymous teams ship crypto infrastructure that named teams cannot, because anonymous teams cannot be pressured out of decentralization by the same levers that bend named teams. It is also, if you do it badly, a short career. This is the checklist we actually use. It is not legal advice. It is survival hygiene.
Before any tool, a threat model. “I do not want my neighbor to know” is a different threat model from “I do not want a state-level actor to know,” and the controls are different. Ours is in the middle. We assume:
We do not model state-level adversaries as a routine threat. If you are building something that attracts them, this checklist is necessary but not sufficient and you should talk to someone who does this professionally.
One laptop, one phone, one SIM, one set of accounts. Never cross the stream. The cleanest way is to run the anonymous persona on a dedicated machine that never sees your real email, your real browser profile, your real Apple ID. If you share a machine, at minimum use separate OS user accounts and never sign into both at the same time. Browser profiles are not enough — DNS cache, clipboard, and network-level fingerprints leak across profiles.
Persona email is hosted somewhere that accepts crypto for payment. Domain registration is through a registrar that accepts crypto and permits WHOIS privacy everywhere your persona operates. Renewal calendar is on the persona machine, not your real one.
Your voice is a biometric. Your writing cadence is a biometric. Your handwriting is obvious. The persona does not do voice calls with external parties. Ever. Written only. Video is similarly off the table; if you absolutely must appear, it is fully-masked or fully-avatared, and the avatar stays consistent.
Treasury, multisig signer, token cold storage — all hardware, all in air-gapped signing. The persona never types a seed phrase on an internet-connected machine. Seed phrases are split, stored geographically, and tested semi-annually.
Every hot wallet is considered compromised by default. Rotation is automated. Balances are small. A compromise of any single hot wallet should cost us less than a week of router revenue, not a treasury.
Chain analytics will cluster your hot wallets if they ever touch a CEX deposit you also use personally. Never. The persona’s fiat on-ramp, if it needs one, is through a separate KYC’d entity with a dedicated bank account. Most of the time you do not need one — income comes in as stables and stays in stables.
Every commit you make has a name, email, timestamp, and timezone. Your real name sneaks in through git config --global on a machine you once used for both identities. The fix is a persona-only git config on a persona-only machine, and a commit hook that hard-fails if the configured email is not the persona email.
# ~/.config/git/persona-check.sh
if [ "$(git config user.email)" != "yoshi@metercall.ai" ]; then
echo "wrong git identity; aborting"
exit 1
fiCommit timestamps leak timezone, which narrows you geographically. You can normalize to UTC, and you can also rewrite timestamps at merge time. The bigger signal is consistency of working hours. If you always commit 09:00–18:00 Eastern, you are in Eastern. Spread the work. The swarm setup helps here because agents commit at any hour.
Stylometry works. If you write public posts under both identities, a decent stylometry tool will link them. Either do not write under your real name at all, or write very differently. We run every public post through a style-shift pass so voice does not match casual writing.
Travel is the highest-risk vector. A customs inspection of your persona machine at a border is, in most jurisdictions, lawful. “Travel mode” for us means:
Anonymity is not about hiding. It is about refusing to let the product’s integrity depend on one person’s willingness to say yes to whoever asks. Anonymous founders cannot be flown to a conference and pressured into a deal. They cannot be docx’d out of their own repo by a lawyer. The product is the product, and the code is the code. That is the only trust surface we want.
If you want to see how we structure it publicly: the honesty ledger lists what we do not disclose and why; the company page describes the pseudonymous governance; governance documents how decisions get made without named signatories.
The goal is not to be unaccountable. It is to be accountable to the code, the receipts, the chain, and nothing else.