XMPP/Jabber via a web client like movim.eu sounds like it ought to work!

You can also look into Snikket as a host for small groups like friends or family, but can continue to use the Movim web client even if you’re hosting with Snikket rather than Movim itself.

I’m not 100% deep on the crypto, but my understanding is they use blind signatures (which have been around for a long time) to do their issuing. If you’re unfamiliar, these are kinda like an envelope with a hole cut in it, so you can put a document in it with a hidden unique key, and they can see some info through the hole, and can stamp their signature through the hole to validate that it’s legit without knowing the hidden info.

Then the user can remove it from the envelope (unblind) and now have a certified valid coin without the issuer knowing which coin is theirs.

So in the context of an ATM, the ATM wouldn’t “issue” coins, it would be given a request for coins from your wallet, it would certify the validity of that request, and then give your wallet back that certification in such a way that the wallet could unblind it and have the anonymous secret. So ultimately your wallet is the one that’s in charge of producing the unique parts.

It seems there’s also a system for making sure you don’t produce bad transactions by asking you to generate N, promping you to unwrap a bunch of them to prove there’s nothing weird about them, and then signing one of the remaining ones under the assumption it’s also legit. At least it sounds like it, but I’m even less familiar with that part. But even if you did spoof someone else’s secrets… it doesn’t allow you to steal their money I don’t think… because in order to have your transaction validated in the first place you had to truly give the ATM your money… so you could I guess pay $10 to screw over your friend for $10 because it’ll look like they spent money they didn’t… but you still spent $10… so it’s less like stealing their money and more like paying to throw their wallet off a bridge? You don’t gain anything, but they lose something? Maybe there’s another exploit I don’t know about in the like “renewal” or “refund” or “transfer” protocols that make that more important.

Anyway, I’m still not a Taler fan, but in this case I think it’s possible to do what they claim. Now, if the bank or ATM or whatever asks for ID or an account to use their services, they could track that you withdrew money, and how much. That’s data they can collect. The anonymous buyer part just means they can’t tie the coin they issued you to a spent deposit they receive later. So they know you got $10 out, and they can assume you probably spent it, but they can’t know what you spent it on.

You might actually like Taler, it’s fundamentally different from blockchain based systems, to the point of being a cryptocurrency only in the technical sense, but not having any of the properties people associate with that word culturally.

Taler doesn’t use any kind of proof of work, and so doesn’t consume excess power or other resources, at least not more than, like, visiting any normal webpage. It’s also not decentralized, and only partially anonymous, so I can acquire money anonymously and no one can trace the money I got to a particular spend, but the only place I can reasonably spend it has to be registered to the centralized issuer and is firmly not anonymous. And the only things they can do with the tokens they receive is redeem them, which means there’s no place for tax evasion because the issuing authority can track every dollar the registered vendors redeem with them. And you can’t really transfer money from random person to person, so there’s no black market opportunity, etc.

So basically the only thing Taler “protects” is that the buyer’s identity can be anonymous, but any vendor accepting Taler must not be and are highly trackable.

These are things I actually don’t like about Taler, but we may be on opposite sides of a few issues, which is fair.