Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
that really do hope that we can preserve
(00:02):
like the original characteristics of Bitcoin.
There can be compromises, like even with Lightning today,
it's of course a different threat model,
it's a different like trust model,
but if there are multiple layer twos
or then layer three, four, whatever,
you can choose the one that is best suited for you.
(00:24):
And I think if we take care to build good stuff,
like in honest, transparent way,
and this is also why open source
is so incredibly important,
then we can build a new financial system
that actually scales without compromising on the core values.
["The Bitcoin"]
(00:50):
Greetings and salutations, my fellow clubs.
My name is Walker and this is the Bitcoin Podcast.
The Bitcoin time chain is 858659
and the value of one Bitcoin is still one Bitcoin.
Today's episode is Bitcoin Talk,
where I talk with my guest about Bitcoin
and whatever else comes up.
Today, that guest is Staticus.
(01:11):
Staticus is an IT engineer
and the product lead at Bitbox.
We cover a range of topics today
around Bitcoin self-custody,
including the risk of keeping your Bitcoin on exchanges,
the benefits of hardware wallets like Bitbox,
the importance of backups with micro SD cards and paper,
(01:32):
and multi-sig setups for larger sums.
We also dig into the pros and cons
of different hardware wallets, stateless devices,
DIY versus managed multi-sig, guns, Switzerland,
Bitcoin scaling, the importance of open source
software development, the dark, skippy attack
and how Bitbox protects against it,
and the impact of regulations on Bitcoin,
(01:54):
plus a whole lot more.
I think you're gonna love this episode
and I guarantee you will learn a lot too.
Before we dive in, do me a favor
and subscribe to the Bitcoin Podcast
wherever you're watching or listening
and check out my sponsor, Bitbox, in the show notes
or go directly to bitbox.swiss slash walker
and use the promo code Walker for 5% off
(02:16):
the fully open source Bitcoin only Bitbox 02 hardware wallet.
You can also grab links to protect yourself
from SIM swap attacks using eFani and cloaked wireless.
I am a one man shows when you use my partner links,
it genuinely helps me keep the show running
and I really appreciate it.
If you'd rather watch this show than listen,
head to the show notes for links to watch on YouTube,
(02:38):
rumble and now on Nostr via highlighter,
but if you're like me and you prefer
to just listen to your podcasts,
I highly recommend you check out fountain.fm.
Not only can you send Bitcoin to your favorite podcasters,
but you can earn Bitcoin just for listening to this show
and they now have a Nostr integration
which is pretty fucking cool.
Finally, if you are a Bitcoin only company
(02:58):
interested in sponsoring another fucking Bitcoin podcast,
hit me up on social media
or through the website, bitcoinpodcast.net
or shoot me an email, it's hello at bitcoinpodcast.net.
Without further ado,
let's get into this Bitcoin talk with Staticus.
(03:22):
Staticus, welcome to another fucking Bitcoin podcast.
It is great to have you on here.
My pleasure.
You know, it's always fun to talk about hardware
and to talk about security.
And I say it's fun,
but granted a lot of people coming into Bitcoin,
I think it's one of the things
that is perhaps the biggest kind of scary moment for them
(03:45):
when they're starting out their Bitcoin journey is,
okay, I've gone down this rabbit hole a little bit,
I've got some Bitcoin,
and now I feel like I need to do something more of it.
I need to actually take it into my own self-custody,
but that means I am now responsible for it.
And that can be scary for people.
In the fiat world, we're not used to this, right?
(04:06):
But I wanna kind of talk to you about that journey today,
but maybe before we dive in,
can you just tell for those who don't know you,
who are you, how did you get here today
to be open source, everything, hardware, building,
what was your journey?
So I'm an IT engineer on the older side.
(04:28):
So I'm not quite a boomer,
but in our team I'm definitely the senior guy,
and not in terms of experience,
but in terms of gray hair.
I'm coming from like some big companies,
I've been working quite a while with Accenture,
then at PWC, so I'm familiar with big corporations,
(04:50):
like consulting, stuff like that.
But at heart, I'm a tinkerer.
This is also why I started the RaspberryPi project,
which was one of the first RaspberryPi lightning full node
projects.
It's not something you can download,
it's just a guide, but it has grown like a lot.
(05:12):
And basically it's a journey,
so it's less about the end result,
but to learn and grow and do everything yourself.
And of course it's open source,
because it's just like,
it lives from all the different contributors.
I'm no longer really in the lead there.
It became a community project a long, long time ago.
(05:34):
But it's still my own go-to guide,
if I need to look up something,
if I do the Linux command line and stuff like that.
Yeah, and I started at Bitbox like five or six years ago.
Actually, for this purpose,
building the Bitbox base, we called it back then,
(05:55):
it's like a fully commercial, nicely produced full node.
That was before there were powerful RaspberryPis,
so you couldn't actually sync the blockchain
and the Raspberry Pi back then.
There were no open source free projects
that you could just download like Umbrella
or Citadel or stuff like that.
Of course, that all happened.
(06:17):
And I would say the target audience
or the addressable market shrank exponentially,
because why should you pay like a few hundred bucks
for a node if you just can download one for free
and set it up yourself with like three clicks?
We had great plans, but in the end,
where Bitbox is a startup,
(06:39):
we're more than 20 people, which is quite sizable,
but still we need a lot of focus.
So eventually we decided, okay, let's do one thing,
let's do that well,
and we really focused on the Bitbox or two
or cold wallet that allows you to,
securely and easily secure your own Bitcoin.
(07:01):
Is the Raspberry Pi Bolt the same as the Raspberry Pi Blitz
or is that a different, is it within it?
Or was that a different implementation?
They share some history, so I created like the guide
and the root sol, which is the head of Raspberry Blitz,
then basically created scripts that automate the guide
(07:23):
to be used at hack days,
because of course, if you have a hack day,
you don't want to spend like manually copy pasting
like for a full day, like your Linux command line stuff.
So he basically took the recipe bolt guide
and automated it and that became Raspberry Blitz.
I asked because that was the first node that I set up
(07:44):
and it was just like a fun,
a guy learned a lot just through getting confused
and looking up other stuff and trying to figure out,
okay, what the hell am I actually doing here with this?
But it was a really cool experience that I think,
even for folks that aren't technical,
like it can be a very fun thing to do
because it actually makes you learn about this stuff.
(08:07):
Like what is it actually,
not just reading the words on a page,
like you have, okay, you have kind of this theoretical idea
of it, but in practice, what does this mean?
What are the actual challenges that you run into?
And it's really fun, honestly.
So this is still like these two things
or where my heart is at.
So I'm a full node maximalist
(08:27):
and like I would say a Bitcoin minimalist.
So the full node part of the self sovereignty
is really important to me for the recipe bolt,
which is still like available today
and quite up to date at recipebolt.org
is basically a full node with lightning as a cherry on top.
While most other full nodes are like a lightning node first
(08:49):
and maybe a full node.
So for me to on chain full node,
like having my own consensus rules
enforcing them when receiving transaction,
that was the main driver.
And now I progress more and more
into like secure self custody
with harder wallets and stuff like that.
Yeah, and let's actually get into that a little bit
(09:10):
because I think this is a good,
talking with you is a really great opportunity
to give people kind of a why you should care
and what you can do to keep your Bitcoin as secure
as possible for the long haul.
Because if you just have, let's say,
if you just have a few sats,
whether, maybe don't even keep a few sats on an exchange
(09:31):
but do whatever you want,
but you could put them on a hot wallet,
put them on your phone.
And if you've got a hundred bucks worth,
like you don't need to go and spend 150 bucks
on a hardware wallet.
But once you start accumulating more sats,
maybe you're buying them,
maybe you're earning them by doing some freelance work,
whatever you might be doing,
(09:52):
you're gonna wanna keep that safe for the long haul.
And how do you think, I guess, maybe just like zooming out,
how do you explain self custody to people?
Why does that even matter?
Why should somebody who's just getting into Bitcoin
now care about that?
And they just, let's say they've just started going down
the rabbit hole and it's like,
why does self custody matter at all?
(10:12):
So I think it really depends on what your original motivation is.
Just last Saturday, we were at the stock exchange day Zurich
where we actually were one of the two Bitcoin companies
in the exhibition, like having a full booth and selling
and like explaining and spreading and orange pilling,
(10:33):
like really threat five people.
And for these, I usually tell them
because they come from an investment point of perspective
or maybe they want a hedge against like the financial system
failing or a hedge against like inflation.
For them, I think the main motivation is if you buy gold,
(10:55):
which would be the traditional thing to do
before Bitcoin was around for this purpose,
you have to choice between buying like a Bitcoin,
a gold ETF or physical gold.
And everybody understands that's not the same thing
because we know there's about like eight times more gold ETF
going around than there's actual physical gold.
(11:16):
So it works as long as it works.
And if it hits the fan,
maybe you're gonna lose out with your paper gold.
So then I always go like explain that the Bitbox
is basically just like the magical safe
that you put your digital gold in
because you would also not stack like gold bars
(11:38):
in your kitchen cupboard.
And there you can play a lot of fun stuff
because like cryptography and Bitcoin is really magic.
You can just like tell them, okay,
you buy like this digital gold
and just like magically appears in your safe.
You don't even need to open it.
It's like so much fun stuff going on.
(11:58):
And this is where I basically like try to like bridge
the gap to boomers or like more traditional people.
But of course, if you're like depending on Bitcoin
more as a money, not as an investment,
then I think there's really no choice
because if you have your Bitcoin on an exchange,
(12:20):
they're only allowed to send it to you.
You cannot send really, at least in Europe,
exchanges are not allowed to take any Bitcoin address.
So you cannot pay for stuff.
You cannot use it as money.
It's just kept somewhat safe for you,
but to actually use it and liberate your Bitcoin,
(12:43):
you need to receive it first into your own wallet
and then you can actually use it as money.
So of course, there are many more aspects to it
because like Bitcoin is really like an onion.
You can look at it in so many layers
and it never stops basically.
But I think this would be the two main explanations
I could give why self-costed is really important.
(13:06):
I think that that's such an important point about
when it's on an exchange, first of all, it's not yours,
but it's also, it's the paper version, right?
You're trusting a custodian, whether it's,
you know, in an exchange, at least you do hopefully
have the option to withdraw it
as long as they don't for some reason block you
and say, actually, we need to know
(13:26):
a little bit more information about where this is going.
Whereas in Bitcoin ETF,
it's like you're not gonna get,
there's no, you're not gonna redeem any Bitcoin there.
You can't go to the ETF and say, I'd like the Bitcoin now.
It's like, no, no, you're holding an abstraction
of that Bitcoin and maybe that's fine for some,
you know, do what you want with your money.
(13:46):
But if you want to use Bitcoin as money
and it is the best money humans have ever discovered,
you have to be able to freely transact with it
to hold it yourself.
And the only way to do that is to have self-custody,
whether it be on a, you know, a hot wallet
or in cold storage, can you talk a little bit about,
because, you know, okay, there's self-custody,
(14:06):
even if it's in a hot wallet, that's in my self-custody.
I have controlled that.
There's nobody who can stop me
from sending that to anyone I want.
But why do hardware wallets exist in the first place?
Why should people who start to stack some,
you know, a meaningful amount of stats
look at hardware wallets as the next step for them?
(14:30):
For me, it really comes down to your, like,
personal, like, risk estimation
or however you want to call it.
I mean, for me, like, a hot wallet is super convenient.
And I need to highlight it's not either or.
Most people have both because you can have, like,
a hot wallet on your phone that has, like,
(14:51):
lightning support and all the cool stuff.
And this is perfectly fine for a few hundred bucks.
Maybe you have, like, the same amount typically
that you would also carry around in your physical wallet
in cash, but of course, nobody would, like,
log around their life savings every day
in their wallet, in their back pocket,
because stuff can happen.
(15:12):
There are pick-pick pockets out there
and the same goes for hot wallets.
They're pretty safe, but just from, like, a threat model,
the keys that secure your coins,
they are exposed to potentially harmful applications
because you need to have programmatically accessible keys
(15:37):
to receive and send Bitcoin.
So they need to be accessible to your applications.
And if they are accessible, on a phone,
it's even a bit more secure, I would say, than on a desktop,
which is for some quite counterintuitive
because the apps are more like sandboxed.
But still, maybe you have, like,
(15:58):
a malicious version of Candy Crush
and that just, like, if they just get access
to this one secret, they could just drain your whole wallet.
And maybe it's not even right now,
maybe it's just weeks or months later,
maybe they're just collecting stuff
and at one point they just, like, drain all the wallets.
So the keys to your funds are just exposed
(16:23):
on a hot wallet.
And this is where cold wallets or hardware wallets come in.
And of course, nobody's gonna buy a hardware wallet
for more than 100 bucks if they just have, like,
one, 200 bucks of Bitcoin.
But at some point, I think there's no way around it
that after a certain amount of stacking,
(16:46):
you just need to invest a little bit into security.
And hardware wallets are the way to go.
Regardless which one you take,
every hardware wallet, the reputable ones,
is better than no hardware wallet, I would say.
I think it's another, just an important frame of reference
for people to think about their Bitcoin stack.
Like, okay, it's, if you're measuring it in dollars, right?
(17:09):
In that dirty fiat currency,
it's worth whatever it is today, right?
But I think it's helpful for people to say,
okay, what if this was worth 10 times as much?
What if it was worth 20, 50 times as much?
Would I feel comfortable with my security setup in that case?
Because Bitcoin can do very unexpected things very quickly
(17:34):
and the value, the fiat value of your stack
can grow incredibly rapidly.
And all of a sudden, you may be sitting there,
you may be, you were comfortable,
you have stuff on a hot wallet on your phone,
but all of a sudden it's worth 10 times as much.
And you're saying, oh, wow, I don't feel comfortable
having this much Bitcoin just sitting here on my phone.
(17:55):
Or having, I should say, having the keys
sitting here on my phone.
The Bitcoin is just, it's just floating in the ether, right?
You're in control of those keys, the key to the vault.
Maybe that's actually another good question is
for hardware wallets,
people also call them hardware signing devices.
(18:15):
What analogy do you use to talk about this?
You mentioned kind of the vault earlier,
or like a safety deposit box type thing.
How do you explain this to somebody who is just coming in,
just trying to get their bearings of like,
okay, what is this thing that looks like a USB stick?
What is this actually doing for me?
What does this mean?
So personally, I don't really like the term
(18:38):
hardware signing device.
It's a very technical term.
It feels like it's engineering driven.
And if we want to make Bitcoin more accessible,
I think it's not enough to have like cool cipherpunk devices,
like signing devices.
You actually need like a fully fleshed out product.
(19:00):
Like something that comes with instruction,
with a wizard that aids you in every step of setting it up
that has like, it includes the customer support,
the knowledge base, stuff like that,
which you don't really buy when you buy just a hardware
signing device.
But I think it's equally important to have like a good,
(19:24):
to guide new users,
so that they feel secure and well taken care of
when they do this kind of scary step from like,
zero to one is maybe buying Bitcoin,
but then like one to a hundred is actually like,
withdrawing them into your own custody.
That can be a scary thing.
So I think it should be as easy as possible.
(19:46):
And that this is what we try to do,
to make like a very accessible version of like,
all these cool cipherpunk tech,
that it's abstracts a lot of the scary stuff.
And I'm not sure if there's even like,
an additional metaphor needed.
I think,
(20:06):
how do you say, like a safe vault or a bank,
whatever you said before,
is probably already good enough
because people are like,
they understand what that is.
The magic stuff comes on top that you can just like,
send from one box to the next without opening them
(20:28):
or whatever in a trustless way.
But people don't really need to care about that
in the beginning.
I think that that's a good point is that sometimes,
like some of us enjoy nerding out on these things, right?
And going really deep into it.
And some people can really go extremely deep into it
because they have far more technical prowess than I do.
(20:51):
But for the average person who's just trying to,
okay, who wants to protect the value of their time and energy
and save it in,
maybe they've come to the realization that, wow,
Bitcoin is the only real money that exists right now.
Everything else is credit-based, debt-based,
fiat currency that will debase forever.
(21:12):
Or there's this nice shiny metal
that people still use
and that stores value pretty well across time,
but is really inconvenient in the information age, right?
It just doesn't work that well.
So they've come to that realization that, wow,
Bitcoin is different than all this, it's better.
But they don't necessarily want to go deep down
(21:33):
the technical side of the rabbit hole.
They just want to be able to protect the value
of that time and energy in something
that's easy to use, easy to understand.
So maybe this is a good time to just kind of,
to talk about Bitbox specifically a little bit,
because so Bitbox is a sponsor of the show,
for that I'm very grateful.
And I had not used a Bitbox until you guys sent me one.
(21:57):
You sent me one prior to the sponsorship
because you said before you agreed to a sponsorship,
we'd like you to make sure you really like our product.
And I appreciated that.
I thought that was very cool,
because I also don't want to promote anything
that I haven't personally used and tried and really like.
And I started using it and I was like,
oh my God, this is so simple.
(22:19):
Like this is really so easy to use.
And I've set up many hardware wallets.
I've helped friends and family do it,
used a bunch of different kinds.
I'd like probably just about all of them that are out there
that are the modern reputable ones.
And Bitbox kind of blew me away a little bit,
because it was truly so fast and easy to set up
without sacrificing security.
(22:41):
So can you walk through a little bit kind of,
you know, you mentioned you're wanting to make this
simple for people, but can you walk through like,
how you guys actually did that?
What was the methodology behind it?
What's kind of your driving force
when you're thinking about your user?
What does that user's story look like?
And how do you build your products around that?
(23:03):
So first, thanks a lot for your warm words.
I really appreciate that.
It's the truth.
Like it was just a great experience setting it up.
I loved it.
It's fun when something works exactly as it's supposed to
and is really simple.
And honestly, when something's hard to fuck up,
like I like that.
Exactly.
I think this is one of our main drivers
(23:24):
that security doesn't really need to be like complicated.
So for us, security or simplicity is part of security
because you can have like something super secure,
but if the user just does something stupid,
like speaking bluntly, then the product sucks as well
(23:47):
because you shouldn't be able to just like
shoot yourself in the foot.
So of course for us as like Bitcoin Core engineers,
like old, a long time Bitcoiners and like, I mean,
Bitbox was co-founded by Jonas Schnelle,
the Bitcoin Core maintainer.
(24:08):
It's always a challenge to like not build something
like really cool that basically we want,
although we do that regularly,
but we try to balance it out.
So for example, Bitbox was the first as signing device
that was able to send to silent payment addresses.
(24:33):
So this is something cool that we did,
but we always need to also take a step back
and ask yourself, okay, who are we building this for?
And in this regard, of course,
like the whole product management process is very important.
We're like minimalist is one of our core values
(24:55):
next to transparency and security
and all that stuff, of course.
And for example, we started at say like more than two years ago
with also offering like white glove onboarding calls.
So you can buy a Bitbox in a shop
and immediately book a one hour call
that we help you set it up.
This is not like something that makes
(25:17):
a significant amount of money for us,
but it's a really great tool to get like immediate feedback
where people are like struggling,
where the friction points are, where they need help.
And that allows us again to like improve the product.
The same goes with support.
I think we have one of the best supports out there,
(25:37):
I would say.
And we constantly are in contact
with like support agents tell us,
okay, this is like this keeps happening.
How can we fix it?
That it's also in our self interest
because we know that like support is one
of the hardest thing to scale.
So if we fix stuff before that,
then we don't even get the tickets.
(25:59):
So that's good.
And yeah, I mean, overall, I would say, keep it simple.
Do not everything that is possible.
Although the Bitbox app has like a quite significant
advanced user section, it has like full note support,
(26:20):
tour network support, all that stuff.
But it's not in your face.
If you look for it, you can find quite a few cool things
that we like to use ourselves.
But if you set it up, it's pretty straightforward.
And I would say like we did a speed run,
like setting up a Bitbox in under a minute,
(26:41):
which is maybe not something you should try to do
if you read all the disclaimers and set the checkboxes.
Maybe you should take a bit more time.
But it's definitely possible to set up the Bitbox,
including the first backup in under five minutes
because it also has like the micro USB card
which is your first backup.
Of course, you can always show the 12 or 24 verse as well
(27:02):
and be encouraged that to have like some backup redundancy.
But just having the first experience of setting up a wallet,
not you being confronted with 12 or 24 strange words,
you don't know how these are tied in.
Is this the future of money?
Like that I now need to write down words
(27:24):
even in a foreign language for us.
This mnemonic anxiety as Douglas usually calls it,
our CEO is really like something that we wanted
to get rid of.
And I think it really pays off
because now you can also set up the Bitbox
for a friend of yours and you're never exposed
to the 24 words because otherwise you basically need
to leave the room while the other one,
(27:46):
the other guy writes down the words, right?
It's like such a strange like process.
That's actually such an interesting point
because as I mentioned, I've helped a good amount of friends
and families set up hardware wallets,
just doing what I can to help them.
Okay, they've acquired a decent little stack of sats.
And okay, let me get you a hardware wallet
(28:07):
as a Christmas present or something like that.
And there's always that weird point where it's like,
okay, they think they've got a little bit of a handle
of like what Bitcoin is, they don't at this point.
You know, they're barely peeping down the rabbit hole,
but that's okay.
But then you hit them with like,
setting up a ledger or something.
It's like, all right, you've plugged this in
(28:28):
and now I'm just gonna like look away.
I'm gonna go in the other room and get a beer
and you write down these 24 words.
What are these 24 words?
Well, they're your seed phrase.
You know, remember I told you about this,
I sent you that podcast that you didn't listen to
and that article you didn't read.
And now just write these down.
I don't wanna look at these
because you shouldn't let anyone see these
because these are basically the keys
(28:49):
to everything that you have right now.
Just these words or the keys to everything.
Like people get a little more freaked out by it
and just kind of like, whoa, whoa, whoa, whoa, okay.
I didn't know I was getting into all this.
And granted, you can make the argument that like,
well, they should know that they're getting into it
and they should figure it out.
And there's, you know, with great power comes
great responsibility, dot it out.
(29:10):
But like, let's be practical, let's be realistic here.
People want something that's gonna be simple and easy,
but still be secure and make them feel secure.
And I think that micro SD backup is really nice.
Can you talk about that a little bit more?
Cause as you mentioned, you can still,
if you're in the Bitbox app,
you can still show your words.
(29:31):
You can still show your mnemonic.
It's no problem you can write that.
Yeah, we figured that it's shown on device.
Yes, yeah, sorry.
And, but the micro SD backup,
you can do that literally right away.
Can you guys talk about why, like,
is that for anyone that's worried like,
oh, okay, I'm putting my seed on this SD card.
(29:53):
Is that, you know, is that secure?
Do I need to worry about that?
Is that another potential point of failure?
What was the choice behind adding that into the workflow
to kind of not have the seed phrase be first and foremost,
but to have the micro SD backup be first
and then seed phrase, okay, later at your leisure.
Yeah, so, I mean, we started our journey about in 2015
(30:17):
with the Bitbox 01, which is no longer on sale
because back then everybody just came up
with their own idea of a harder wallet.
There was like nothing that you could reference.
It was the same time the first Thresher came out,
like even Letcher came later.
So it didn't have a display,
but it already had a micro SD card.
(30:39):
And it was actually an encrypted micro SD card backup,
which is an important distinction to the Bitbox 02,
which has an unencrypted micro SD card backup,
which many people like question,
how can that be secure?
But in the end, only a transparent backup is a real backup
(31:02):
because if you need a backup of the password
for your backup, then maybe your backup
is not really a backup.
It's just like something in between.
And in the end, the micro SD card backup
is just exactly the same like your 24 words.
So even, you can skip it if you want.
If you really don't want it,
(31:23):
you can skip it and go straight to the recovery words.
But we usually recommend,
well, you already have a micro SD card in the packaging.
So it comes with everything you don't need to buy,
like everything individually.
So just use it.
And if you don't want to keep it separate,
just like stick it to the back of your backup,
(31:46):
like your paper backup.
So because if you ever like recover the 24 words seed phrase
on a two button device,
you know that that can easily take 15 minutes or more,
especially if you like somehow mess up in the middle.
So having a micro SD card to restore your full wallet
(32:06):
in like 10 seconds is really convenient.
And of course you can like store multiple backups
on the same micro SD.
So you can even like swap between wallets very easily
without restoring manual all the time,
which takes like ages.
So of course, if you want like edit protection,
(32:28):
you can still use like an optional passphrase,
which is never stored on the micro SD card.
It's actually not even stored on the Bitbox itself.
So it's really, you need to put it in
and then the device unlocks itself and calculates everything.
But if you plug it out, the information is lost and gone.
So there's no way that an attacker could like
(32:51):
get the optional passphrase from within the device
because it's never even stored there.
But as it's not stored on the backup,
it also adds like an additional kind of
indirect encryption to your backup,
which is, which the same is true for the 24 words, right?
So you can like encrypt your 24 words
(33:11):
with an optional passphrase.
And exactly the same is true for the micro SD as well.
It's just like very convenient and so much easier
for new people to get into like actually creating
their own first wallet,
because I think first impression matters.
And then you can like at your leisure,
like receive your first Bitcoin, send your first Bitcoin
(33:34):
and then write down your recovery words a little bit after.
So we don't really force you to go all in
at the very first second of your Bitbox experience.
Since we're talking about Bitbox,
let's talk about saving you money
on a Bitbox O2 hardware wallet.
Just go to bitbox.swiss slash walker
(33:56):
and use the promo code walker for 5% off
the fully open source Bitcoin only Bitbox O2 hardware wallet.
Then get your Bitcoin off the exchange
and into your own self custody.
As you've been hearing from Staticus,
the Bitbox team is the real deal.
They build easy to use secure open source solutions
to help keep your Bitcoin safe.
(34:18):
And like you'll hear later in this episode,
Bitbox is one of the only two wallets
to actually address the dark, skippy vulnerability.
So if you have a Bitbox, you're in luck.
Plus, and I cannot emphasize this part enough,
the Bitbox O2 is truly easy as hell to use.
Whether you're brand new to Bitcoin,
it's your first time setting up a hardware wallet
or you are a well-seasoned psychopath.
(34:41):
It is Bitcoin only.
And again, it is fully open source.
You can head to their GitHub and verify for yourself.
There is no need to trust me or to trust Bitbox.
When you go to bitbox.swiss slash walker
and use the promo code Walker,
not only do you get 5% off,
but you also help support this fucking podcast.
So thank you.
(35:01):
It's, I think it's a nice way to like slowly wade
into the Bitcoin waters for people who are new to this.
And even for myself, like again,
I'd set up many hardware wallets before.
And it was a very just enjoyable experience to go through.
And I like the, I actually like the way
(35:22):
that you guys have navigation.
It's not buttons, it's like touches and sliders.
I found it much faster than just like
clicking these little buttons a million times.
That's just me.
Maybe some people don't like it as much.
I thought it was quite nice.
But, you know, okay, so zooming out a little bit.
What, do you have any tips as far as just
general best practices for people
(35:45):
when, okay, so they've gone,
they've set up their hardware wallet.
They have this seed phrase now.
And maybe if they're using a Bitbox,
they have a micro SD backup as well.
And maybe it's just taped to the back
of their seed phrase, whatever.
Do you guys, or how do you think about it?
Do you provide any guidance on just
how people should really take care of that
(36:07):
for the long haul?
Because you've got your piece of Bitbox hardware, sure.
But it is still a piece of hardware.
It's got electrical components in it
that could potentially degrade,
could be, maybe you had a flood in your house
and there's a lot of humidity or something like that.
Maybe that gets kind of destroyed.
Or maybe just, you know, you've had it for 10 years.
(36:29):
You know, we're 10 years in the future.
And just who knows, it's not working for some reason.
Are there any good tips you can share for people
for just kind of looking towards the long-term time horizon?
How do I make sure I keep my Bitcoin safe?
And when it's in cold storage,
I'm using a hardware device, but what else can I do?
What else should I do
to really make sure it's safe for the long haul?
(36:51):
Yeah, I usually highlight that the signing device itself
has certain roles and responsibilities.
So it creates your wallet, like with maximum entropy,
it really needs to be like super random.
So that's guaranteed.
Also, of course, with like open source firmware,
(37:12):
which we can get into a bit more later, I guess.
So it's really a trustless way to create your wallet
with good entropy.
And it keeps, keeps your keys usable in insecure environments
because this is the hard part.
You have like one digital secret,
but you still need to access it with like software.
(37:35):
And to do that securely is quite a challenge
in like regular computing or on a mobile phone.
So this is the part where the hardware wallet really shines.
But the backup is equally important
because electronics don't necessarily,
they're not made to last decades.
(37:57):
They're just not.
And stuff can happen.
You can lose it.
You can like drive over with your car or can be stolen.
They can just like break due to humidity and stuff like that.
Although the Bitbox, it doesn't have any moving parts.
You mentioned like the touch sliders.
There's just induction sensors.
It doesn't have a battery.
(38:18):
So it's even here like minimalist, keep it simple,
I think is really important.
But still, I wouldn't recommend the hardware wallet
to like count on that for decades.
The backup, however, its main job is to the longterm storage
(38:43):
of your wallet.
And that can be in any medium you choose.
Like the micro SD card is the first and most like
convenient medium.
But of course, then you should write down
like the 12 words or 24 words as well.
Here, like if you use like kind like okay paper,
(39:03):
maybe acid free and use a pencil.
That's like, I'm not sure how to,
how they called it in English,
but like the woodworkers, they know like a pencil
can last decades if you mark a beam or something with it.
So that's already good.
But of course, there are other factors like your house
(39:23):
could be a fire and stuff like that.
So steel could be another medium,
but that's really your own like evaluation
what medium you want to use.
At least you should have like multiple backups
because one backup is no backup.
I would say as an IT guy.
So redundancy is good.
(39:44):
Different mediums are good, like electronic and analog.
And then it really depends where you can put the backup.
You should have somewhere kind of safe.
But of course you can also split it up
if you use like paper backup stuff like that.
So there are many ways also with the optional passphrase.
Unfortunately, there's really no one size fits all answers
(40:08):
to this, but we do have like quite a few blog posts on that
where okay, what are the five biggest misconceptions
about backups or how advanced technologies
are available to additional secure your backup.
So if you're getting into that,
I think there's great material out there
(40:31):
just to make your own personal choice.
What would you say regarding just like multi-sig
versus single-sig?
So you, cause you mentioned, you know,
either creating additional copies of your backup
or maybe splitting your backup up like,
and when you say that, I assume you mean like
taking those 24 words, chopping them in three words.
(40:51):
I mean three, that I always get a little bit nervous about
because it's like, if you lose one part of that,
well, you're screwed versus, you know,
like is that something that you would recommend or?
That you should not do, but there's like this thing called
like poor man's shammy or secret
where you can like split your 24 words into three parts
(41:13):
and you need two of these parts
because each part has eight words missing,
which is secure today, maybe not secure in 10 years.
So it comes with a caveat because like brute forcing attacks
of course get more powerful over time,
but for now it's kind of okay.
But you're right, multi-sig is definitely the answer
(41:35):
going forward if you're trying to like secure larger sums
where you want to avoid single point of failures
because even if you like split your backup
even with poor man's or proper shammy or secret,
you still need to combine the secret at one point
to actually be able to create new receive addresses
(41:56):
like and like really check them, verify them
or of course to send Bitcoin.
So there's again a single point of failure
where you could be attacked or whatever with multi-sig
you can like avoid all that
because you can force yourself to not have access
to all the signing locations at the same time.
(42:18):
Maybe you need to go really cumbersome to travel
even in multiple cities or banks
or whatever you have at your disposal.
So this is something that scales really well.
Unfortunately, it's for the common show,
it's just not usable enough today.
There are too many issues where you can really like mess up
(42:45):
with the backups with you also need to store
a lot of additional metadata.
It's not rocket science, but it's not something I could
like wholeheartedly recommend to like normie friends.
So I think this is for me personally,
I think this is one of the next big frontiers
where really need to work on making this more accessible.
(43:07):
And just, I mean the technology is here
but like improve the UX, like improve like messaging
between signers because it's not only like different locations
can also be different people, but then how do you send
around these partially signed Bitcoin transactions
and all that stuff.
So there are great wallets out there,
but they're all a bit nerdy and technical still.
(43:29):
But I hope we get there in the next few years.
And for those people wondering can Bitboxes
be used for multi-sig setups just like,
you know, any hardware wallet.
Like is there anything that, are there certain types
of hardware wallets that are not advantageous for this
or are there basically anything that's out
in the market right now, you can use it to for a multi-signature
(43:52):
as one key in a multi-signature wallet.
So in a multi-sig setup, you always have like
an essential coordinator that's like,
it's basically the wallet, but it, the wallet that talks
with multiple signing devices.
And this coordinator creates your unsigned transactions
and stuff like that.
And then when you're actually signing a transaction,
(44:16):
it can be a really hard challenge for a stateless device,
like a regular hardware wallet to really validate
what it's signing because part of the transaction,
for example, are the extended public keys of all cosigners.
And I think this is where the Bitbox really shines.
(44:37):
When you first show an address or receive coins
in a multi-sig wallet, you're actually registering
the multi-sig wallet on the device.
So the Bitbox is not stateless.
It remembers your hardware wallet.
And in case the coordinator should be malicious,
it can detect that it tries to do something shady.
(45:01):
Just an example, if you have like three devices
and you're signing with one, the coordinator could just like
add two more cosigners that are originally not part
of the setup, which are controlled by an attacker.
But then if you sign, the attacker already has the majority
(45:21):
of all the overall transaction, right?
So if the coordinator tries to swap out cosigners,
the hardware wallet needs to be able to detect that.
And that's a real challenge for most hardware wallets.
And I think this is where the Bitbox really shines.
Can you just for someone who might not be familiar,
can you explain what a stateless device is?
(45:44):
Just because you used that word earlier,
some people might be thinking, okay,
what are we talking about here?
Just trying to make sure that for those listening
that may not be as technically savvy,
they get the full picture.
I'm glad you're keeping my IT stuff accountable.
So stateless basically means it forgets everything.
So it knows itself, its own seed,
(46:10):
but that allows a stateless device also to securely verify
a single ZIG transaction because the app,
the companion app, whatever that is,
sends an unsigned transaction to the hardware wallet.
And the hardware wallet can check, okay,
this is actually like the inputs I expect,
(46:32):
they are controlled by myself.
This is the change address is also controlled by myself.
So if you can trick a hardware wallet into signing something
and all the change goes to a different address
that is not under its control,
that's not supposed to happen.
And a hardware wallet must definitely be able to detect that.
(46:56):
It becomes more tricky when in a multi-ZIG setup,
when the hardware wallet only knows itself
because that's not enough to verify it
if a transaction is safe.
So with the change address, the coordinator could just lie
and add a different change address,
but the hardware wallet cannot verify it
(47:17):
because to verify the change address,
it needs to know the other co-signers X-POPs as well.
And if you plug it out or whatever,
and it forgets everything, there's no real way to do that.
And we don't really want to like manually check the X-POPs
every time you generate a receive address
(47:38):
or send a transaction.
That's an option, of course, but it's not...
I doubt people will actually do that.
Yeah, I appreciate the explanation.
And I think that multi-ZIG is something for those who are...
Maybe if you've already set up a single SIG wallet
and you're very comfortable with your Bitcoin and cold storage
(47:59):
and maybe a little way down the line,
again, you're stacking more and more,
hopefully contributing value to society
and getting Bitcoin in exchange as your stack grows.
And again, thinking about your stack,
like, okay, it's not just my stack today,
but what's the purchasing power of this in Fiat?
10X this.
In a few years, because it will be, it's going to get there.
(48:23):
Multi-ZIG is a great thing for people to look at.
And I think it's nice to know that there...
Some of the potential pitfalls that you can run into.
And again, it's why I like working with Bitbox
because the more I learn about you guys,
it's like, you guys thought of a lot of stuff.
Clearly a lot of thought was put into this.
And with Multi-ZIG, I kind of see these two sort of buckets
(48:47):
where it's like, complete do-it-yourself multi-ZIG.
Like I've used Nunchuck in the past for that,
which is for those who don't know,
it's a pretty cool app.
They made a lot of improvements,
but you can set up your own,
entirely your own Multi-ZIG,
or set up and coordinate with other people
to set up a Multi-ZIG.
I did that as well for a shared wallet
(49:10):
we were managing some donations for,
and worked really well.
Learned a lot about UTXO management
through that experience as well, as a part of that.
That's a different story though.
But then there's also like kind of the,
I don't know if you'd call it assisted Multi-ZIG,
like what CASA does, where it's basically,
okay, CASA is holding one of your keys,
you're holding two of your keys.
So if you lose one of those,
(49:31):
one of those two keys that you have,
you still have two out of three in the Multi-ZIG,
one that you have, one that CASA has.
So you can still, okay, generate a new key,
or move those coins, do whatever you want.
Do you think that as we move forward,
do you think we'll see a trend more towards
the kind of do it yourself Multi-ZIG,
or is the managed assisted Multi-ZIG
(49:55):
gonna end up being more of the,
what more people gravitate towards?
Because it's like, people are scared, honestly,
of having everything in their own control.
Like some people want somebody else to have,
kind of, you know, still one of the keys to the castle,
they can't do anything with it,
they can't open the door, they can't open the vault,
but they can help you open the vault if you're there.
(50:15):
What's your take on that?
How do you see that kind of progressing?
I really do hope that there will be room for both.
So personally, I'm a big fan of Sparrow Wallet,
which I use for Multi-ZIG myself,
also for like company stuff.
Although we actually use different wallets
and they're interoperate really well,
(50:36):
if you use Electrum, everybody uses a different one,
it still works with the same wallet kind of.
But like, there should be a choice, right?
If I'm comfortable with setting up my own Multi-ZIG,
this gives me the ultimate sovereignty
in managing my funds.
It has the best privacy, it's low cost,
(51:00):
because of course, every time you have like a service
that aids you and guides you,
there's usually a subscription involved,
so you pay a yearly fee.
You get something in return,
which is probably convenience and assistance.
And there are all, because Bitcoin is programmable money,
there can be very creative things like,
(51:22):
we're co-signing like all your stuff automatically
up to a certain threshold,
unless like some risk management like shows red flags,
and if you want to spend more than,
I don't know, 10,000 a day or whatever,
then you need to like hop on a video call
or authenticate yourself separately with a UB key
or whatever, like it's really limitless.
(51:44):
And this is stuff that only works really with a service.
But of course, there's also like the privacy downside,
because like a CASA or an Unchained,
they basically know every transaction you spend
because they're involved in the,
they're co-managing the wallet with you.
So I think it's really important to have the choice,
(52:04):
do I want to do it myself, like full sovereignty,
maybe my own full note, my own coordinator,
my own devices, maybe even multi vendor, multi-sig,
just to be like super extra secure,
but there definitely needs to be also something
that is more accessible.
And I hope it's gonna be an assisted multi-sig
and not just like banks offering like custody,
(52:28):
because that's then, yeah.
Then we're right back where we started.
We've added back in the middlemen, right?
Yeah.
Exactly.
I think that's a good point,
even just like on a personal level,
it's like I use both, you know,
without giving too much away,
but I've got a hot wallet with a little petty cash in it
(52:50):
that I use for zaps on Noster.
Well, let's be honest, I have like probably 15 different
lightning wallets on my phone,
because I like to play around and nerd out with it.
But none of them has more than a few sats in it, you know.
And, but they're really useful,
or if I go to conferences and I need to, you know,
or somewhere where I can actually spend
(53:10):
some Bitcoin in person,
then I wanna have a little bit in a hot wallet,
but never enough where if my phone got stolen
or broken or lost, I would be like, oh my God,
I'm ruined, you know, no, I wanna be able to say,
oh, well, actually I'm more worried that I lost the phone
because that's worth more than the, you know,
the Bitcoin that I had on it.
But then having multi-sig setups
(53:31):
and distributing those keys and having it be so, you know,
because I think Bitcoiners,
especially as the price goes up,
will naturally worry about, you know,
the $5 wrench attack.
It's like, okay, somebody comes to your house and says,
I know you're in a non, but I've figured out
that you are this person
(53:51):
and I think you have a bunch of Bitcoin
and I'm gonna smack you in the head with a wrench
or break, you know,
kidnap someone in your family
until you give me your Bitcoin.
And if you literally can't give that to them,
that also presents its own problems
because then it's like,
if the attacker is just a moron and you tell them,
well, I have a multi-sig setup,
(54:12):
I literally can't do anything,
like you can break both my kneecaps,
I won't be able to do anything for you.
Like they'll be like, well, I don't believe you Walker,
I don't know what a multi-sig is.
So give me all your Bitcoins that you're keeping there.
You know, like you never know.
Like it's not a situation where you're following yourself.
This is not a new problem, right?
Because we all have millionaires and billionaires
(54:34):
that, well, they just don't have immediate access
to their fiat or gold or whatever.
And that's widely known.
So this is why they're maybe in Brazil
or whatever, there's like more of a extortion stuff going on,
but in like a semi-secure, like first world countries.
(54:54):
It's not really a thing
because thieves know it's kind of pointless.
So I think we, that should become the norm as well
for Bitcoin to not have everything like in your drawer
next to you and just like be able to have
immediate access to your life savings.
So this is also why it don't keep anything at home expect
(55:17):
like accept the stuff on my phone or whatever.
Exactly.
Yeah, that's a good piece of advice for Bitcoiners in general
is you do not want to be able to access your entire stash
at the drop of a hat.
Like granted, let's say, okay, the other snare there is
(55:39):
maybe you want to leave the country or something.
Okay, and you need to do it quickly.
Maybe you need to have a plan in place to be able
to go and get access to that Bitcoin.
But you really, you don't want to be able to be in a situation
where somebody can force you to move your coins
(56:00):
just at a moment's notice.
Like that's generally a very good piece of advice
is don't put yourself in that situation.
And are you, do you mind me asking me?
I assume you're based in Switzerland
given that Box is a Swiss company.
The nice thing about Switzerland and the US
is Switzerland, I believe has about 45 guns per 100 people.
(56:23):
The United States, I think has about 120 guns per 100 people.
We have more guns than people.
I myself, I grew up in Wisconsin and I grew up hunting.
So I've been around guns my whole life.
And I know in Switzerland, there's a very,
because there's the kind of like militia
or like military training,
there's a very big respect for guns
(56:44):
and people keep them either a service weapon
or another weapon in their home.
And Switzerland actually has insanely low gun crime though.
I was just looking at the statistics.
It's much lower than America,
even though you guys have
one of the highest gun ownership rates in the world,
which is kind of incredible.
This is totally off topic,
but can you talk about that culture at all?
(57:04):
Just like the fact that you got,
people say it's like, oh, guns are the reason
that people get killed.
And it's like, well, the gun isn't pulling the trigger,
the person is.
And clearly in Switzerland, you have tons of guns,
45 per every 100 people,
but there's not just a bunch of people getting murdered.
Like I think the majority of your gun deaths was like,
(57:26):
it's like 300 a year or something
and it's mainly from suicide.
So it's like, what's that culture like
around gun ownership there?
Cause that is really the last line of defense
against the $5 wrench attack is the, well, I've got a gun.
Well, I don't know enough to talk about the US situation,
to be honest, and I don't really want to go
(57:48):
into like contentious politics.
Oh, no, no, we don't have to.
I was just curious about Switzerland specifically.
I also like, I'm experienced with guns.
And I mean, if you're like every,
every male needs to go to the military
because we do have a militia,
like almost everything is militia in Switzerland,
politics, fire, fire, I'm also,
what's also a firefighter is it's basically purely militia.
(58:12):
There's almost no professionals.
And it works because we take it serious
and every service member also gets like a pretty good,
a damn good, like automatic rifle.
I think it's accurate up to 700 meters
or something like that.
So pretty good.
20 shots, like immediately, like no, no throttling.
(58:36):
And if you're no longer in the military,
you can just keep it if you want.
And also you're in the military until I think you're 44
or something like that or third, that's about 40.
I was discharged quite a while back.
And you need to go like shooting every year
just to do like the mandatory training.
(59:00):
But we also do have background checks.
So it's not that like every,
not can just walk into a store
and come out with like three pistols
and two automatic rifles.
So there's definitely regulation,
which I think is fair because I don't want like every
psychologically challenged person to just like stock up
(59:22):
on like an insane amount of weapons.
But I guess in the end,
it's more like a cultural difference
because you have that all that stuff in your constitution.
It's like coming from revolution.
Like it's really inbred into the American society.
For us, it's not that like emotional topic.
(59:44):
It's a gun is a gun and we're happy
if we don't need to use them.
Well, absolutely.
I hope to never need to use a gun on another human being.
That is something I don't think anyone,
I mean, unless you're a psycho wants to do.
It is, so in America, we do have background checks.
(01:00:08):
This is kind of a misnomer that people have.
Like if I bought another gun recently
in a different state,
but I was held to my own state's laws,
which means I was not allowed to buy,
I had to buy a semi-automatic shotgun
because I wasn't allowed to buy a pistol in the state.
I already have, I was looking for another pistol,
(01:00:32):
but I had to buy a semi-automatic shotgun,
which is kind of funny.
They'll let you buy a semi-automatic shotgun,
but you can't buy a pistol.
Again, but there's a three day waiting period.
You have to run a full background check.
So you can't just go in, grab a gun and pay it and walk out.
There are some processes in place,
but yeah, we don't have to get into that too much.
(01:00:53):
I was just curious about,
because again, it's sort of the last line of defense
for a person who is, if your home is invaded,
like and you pray that that never happens
and you never have to use it,
but I find the culture in Switzerland
to be really fascinating
because it's kind of a model example of look.
There is high gun ownership,
(01:01:14):
but there's also high social cohesion.
There's a lot of emphasis put on personal responsibility.
And maybe that's also why there's a lot of,
there's a lot of emphasis on security in general.
The Swiss bank account for many years
has been the gold standard, if you will.
And so as a, I wanted to get your take on that.
(01:01:37):
So I appreciate the little digression there.
Away from guns and back to Bitcoin a little bit.
You know, what are you, because,
okay, if we talk about scaling Bitcoin,
like realistically speaking in the coming years,
not every person is going to be able to have a UTXO, right?
(01:01:59):
Many people are going to be priced out there.
Just they won't be able to have a UTXO to their name.
An unspent transaction output for those
who are curious what this acronym means.
How do you guys as a company building in the Bitcoin space,
think about Bitcoin as it goes forward?
Do you think that Bitbox will stay as kind of,
(01:02:21):
as a hardware focused company,
do you guys see yourselves building other sorts of solutions?
Because, you know, I mean,
this isn't going to happen right away, obviously.
This is, we're talking down the line,
but just gaming this out, you know, at a certain point,
it's going to be hard to sell more hardware wallets
because there's not going to be people with UTXOs to secure.
(01:02:42):
So do you guys think about that at all?
I mean, is that just too far?
Like right now, you know, you're a startup,
you're still building up.
Is, am I just like way too far out in the future?
Do you guys think about that at all?
No, of course, I mean, it's even today,
it's an important part of the user journey.
And this is also why we're adding
lightning functionality to the Bitbox app,
(01:03:02):
which to be clear is not like hardware security.
So we already see today that if you go to meetups,
if you're at conferences, if you pay with Bitcoin,
you don't want to like take out your hardware wallet
to sign something publicly.
So you already have like a lightning wallet on your phone
(01:03:23):
to do that.
And I think in combination with like a very like user-friendly
on-chain wallet like the Bitbox app already is,
there's a great use case to also have a hot wallet
in the same app where you can easily like top up
from your cold storage into your hot wallet.
(01:03:45):
And then of course, it should not be like just on-chain,
like I love Phoenix wallet.
It's basically just like you liberate your UTXO,
it's all now in the lightning network.
It's like available and accessible
for like smallest purchases.
And this is what we want to build as well.
(01:04:07):
So we're currently building like lightning functionality.
And this will bring a hot wallet into the Bitbox app
that you can of course then like easily like top up
from your cold storage.
So that's of course only a first step.
If UTXOs are no longer a topic,
I don't have an answer for you.
We're not quite there yet.
Yeah, we've got a few, 20 years.
(01:04:30):
But I could very well imagine that Bitcoin
in the long run, like say decades,
just becomes more of the plumbing of the like the overlaying
like new financial system.
Because I'm an IT guy and when I like in 2017,
like the block size wars and all that stuff
(01:04:50):
which started way earlier.
This is also what radicalized me
because for me it was so obvious
that you cannot put everything on the blockchain.
It doesn't make any sense if I buy like a coffee
that this UTXO is like announced
to every participant of the network worldwide.
(01:05:11):
And needs to be stored on all nodes.
So everything in IT is built in layers.
And the good thing about building in layers
is that you can also experiment.
So the base layer like blockchain, on-chain UTXOs
and then you can build different stuff on top of that.
And the new stuff is allowed to fail
(01:05:33):
without like dragging down the base layer.
So you can like build up.
And I think we have like now seven layers
in the networking stack.
And if you watch YouTube or a podcast like this,
nobody's talking about like the physical layer
where the actual, the electronic symbol
as like signals go over the wire.
(01:05:54):
But this is the basically the first base layer
of the networking stack.
And I think over time we need to build something like that.
And I really do hope that we can preserve
like the original like characteristics of Bitcoin.
There can be compromises like even with lightning today.
(01:06:14):
It's of course a different threat model.
It's a different like trust model.
But if there are multiple layer twos or then layer three,
four, whatever, you can choose the one
that is best suited for you.
And I think if we take care to build good stuff
like in honest, transparent way.
(01:06:35):
And this is also why open source
is so incredibly important.
Then we can build a new financial system
that actually scales without compromising
on the core values.
Amen.
And I'd love to actually just talk
about that ethos a little bit.
You guys, you even have a hat that I have one of it.
(01:06:57):
I don't think I have it right here.
Oh, maybe I do it somewhere.
But it says open source everything.
And you even open sourced the design
for your open source everything hat,
which is just great and kind of hilarious too.
But Bitbox is an open source company
like throughout your entire stack.
(01:07:17):
Yes.
Can you talk about why that is so important to you guys?
Because I think it's something for folks
who are maybe new to Bitcoin
or looking in from the outside saying,
this company is just open sourcing
all of the cool stuff that it's doing
like what that they're proprietary data.
That seems insane when you're looking at it
from the fiat mindset.
(01:07:38):
But from the Bitcoin mindset,
you view that as a positive thing, as a good thing.
You want it to be open source.
Can you talk about why Bitbox as a company
has that ethos whites?
And we see it in other companies as well,
but why is that so important?
So I think that if we talk about free open source software,
they're really in the context of Bitcoin.
(01:07:59):
There are two different aspects to it.
And the first, I think is pretty logical
because it's security relevant.
I don't want any closed source code
touching my private keys.
This is like trust minimization.
(01:08:19):
We want to like get rid of all the middleman
without becoming the new middleman ourselves.
This is why we adhere like fanatically on industry standards.
The backup is always recoverable
also on competitor devices or even a software device.
It's, it can never be like a vendor lock-in.
(01:08:41):
Otherwise it just, what's the point, right?
We're just building something new, like isolated again.
And having all the source code available
is really important to keep us accountable.
Everybody can check that what we are claiming,
what the security device does, how it works.
(01:09:03):
Again, creating the initial wallet
with maximum entropy is so crucial.
It would be one of the most powerful attacks on a wallet.
If you can like somewhat create deterministic wallets
that are already like kind of random,
but not random enough so that with some sort of effort,
(01:09:27):
the person that knows the code
could actually replicate the process.
And in the end, like just drain all the wallets
that needs to be open source.
And that's not always the case, unfortunately.
And just trust, I don't think a fully trustless device
will ever be possible,
but we're working really, really hard,
(01:09:49):
at least in that direction to take us out of the picture
and just eradicate every trust that we can
that you as a user need to put in us
as the manufacturer of the device.
And this is of course, like all the firmware,
all the Bitbox app code, everything is open source.
(01:10:10):
You can check every line of code.
It's a bit harder with hardware
because you cannot really run a checksum over hardware, right?
But we do publish like high resolution X-ray images.
And what we learned is that you can easily go
to your neighborhood's dentist
and ask them to X-ray your hardware wallet.
(01:10:31):
It's not even that expensive.
And then you just compare it
if there are any additional chips or whatever.
Of course, that's not what everybody should need to do.
And this is why I always have cryptographic authenticity
checks and all that stuff.
But just as a whole, I think it's really important
(01:10:52):
to do everything that we can to reduce the trust.
And the second thing is, of course,
is the code that we publish also available
for others to use and to take.
And it was very interesting when we implemented Multisig.
We were one of the later hardware wallets
(01:11:15):
to actually implement Multisig.
And it was kind of nice for us
because we could avoid mistakes, I understand.
And actually we did responsible disclosures
of security issues to basically every other wallet
that had like Multisig implemented,
including Trezor and Ledger.
But that's only possible because we could look at their code.
(01:11:37):
And the industry as a whole is like better off for it.
Vice versa, of course, as well.
It's not only us.
And we also want to, because the second point
really is a bit more about ideology.
Like Satoshi created Bitcoin as a free open source.
(01:11:58):
And that's the only way it could ever work
because if there are patents or if you need to ask
for permission or pay licensing fees,
then it's no longer an open financial system.
So we also want to adhere to the ethos.
And yeah, I think for us it's just like
(01:12:18):
an ideological question on top of the security
relevant open source ethos that we acknowledge
that we stand on the shoulder of giants
and we are building from there.
And we want others to also reuse our work
and build even cooler stuff with that.
So it's such a beautiful thing
(01:12:42):
because if you think about like the traditional
financial system, it's also opaque.
Like could you imagine like banks being like,
yeah, this is how we run our backend software for,
no, of course they wouldn't do that.
They'd be exposing themselves to potentially malicious
attacks, but also because it's probably potentially
not that secure in the first place.
They're not building it to be that way.
(01:13:04):
But there is this.
Like security by obscurity is something
that works in the short run, but it always fails
in the long run.
And I mean, just look at credit cards.
Why are they so expensive?
Like if you buy Bitcoin with credit cards,
you usually pay like 5 to 7% of commission.
And that's not price gouging.
It's just like chargeback risk that they need to cover
(01:13:25):
because a credit card is basically a piece of plastic
where the private key is printed on the front
and you hand it to someone else.
It's like it's insane that this works at all,
but it kind of does.
But of course there are many drawbacks.
It is, that's a hilarious description also.
Just the private keys right there on the front.
And it's true.
(01:13:46):
It's like, and you've got the other little codes
in the back and you've got the expiration date
and okay, you're off to the races.
Like it's kind of insane.
You know, and just speaking of vulnerabilities,
one thing I wanted to talk to you about as well
was this dark, skippy attack,
which for some folks may have seen this,
talked about on X or on NoSter.
(01:14:09):
This vulnerability, basically the malicious signing device
being able to leak your private keys.
Can you give kind of the, like what is this attack?
I think for a lot of people,
they see some of these like,
these hacking kind of things on,
like it's done in a white hat way, right?
(01:14:29):
It's done by bit coiners who are trying to say,
like, look, this is something bad that could happen.
We need to make sure we're working on this.
But a lot of people who don't have the technical chops
to understand this, myself included,
look at this and say, oh no,
is this something I need to be worried about?
Like, do I need to panic?
Am I at risk of getting dark skippied?
Can you talk about what this is
(01:14:50):
and is this something people need to be worried about?
How does Bitparks protect against this, et cetera?
So I think there, if you're talking about like hardware
wallets, there are some advocates that even tell you
(01:15:11):
not to use a hardware wallet
because it's like a centralized form of like managing keys.
And if there's anything shady happen,
then like the manufacturer would be basically able
to drain all the wallets.
And creating wallets with bad entropy
is like the first very powerful attack
(01:15:33):
that can be solved with like open source software
and reproducible builds.
You need to make sure that the open source code
is actually running on your hardware device,
not just like the nice GitHub repo.
And the second very powerful,
I would argue even more powerful attack
is if you can somehow leak the private key
(01:15:59):
like this actual seed phrase
that is the root of all private keys
in a way that cannot be prevented either by AirGap
or a special wallet on your computer
because the seed is actually encoded
(01:16:21):
in a very normal looking Bitcoin transaction.
And this is what Darkskippy is about today.
Previously we thought it would need about 12
signed transactions to reconstruct the seed,
but Darkskippy actually showed that with,
if you have a 12 word seed,
(01:16:41):
I think you need two transactions where a malicious,
not an honest wallet, but a malicious hardware wallet,
can encode your seed phrase into the Bitcoin transaction,
which of course is then stored on the blockchain
and the attacker can just go to the blockchain
(01:17:02):
and look it up, which is a very, very powerful attack
because it scales so well.
If you can somehow manage to get this behavior
into a hardware wallet,
it doesn't necessarily need to be the manufacturer themselves.
It can be a malicious firmware update
or a rogue employee or whatever.
(01:17:23):
There need so many security checks in place.
If all it takes is two transactions
to leak all your private keys onto the blockchain
for everybody to look up,
you can basically rock pool a whole user base
because you can also just collect over time
and at one point just get all the coins out.
(01:17:48):
Of course, it's like take the money and run attack.
It's not something that can be done easily,
but it's the second thing why it is so powerful
is also because there's quite a bit of plausible deniability.
If you can have a malicious update on some devices
and maybe then even afterward replace it
(01:18:09):
with an official release again,
maybe you can't even prove anything has been leaked
and nobody knows who actually, what happened.
So the overall industry response to this
was a bit surprising to me
because it was basically only downplaying the attack,
(01:18:30):
which I think is not the proper response
if somebody like shows a very powerful attack.
Of course, it's very inconvenient for some wallets
because even air gap does not protect against that.
And what we did with the BitBoxer 2,
we were the first wallet to implement
the anti-claptop protocol.
(01:18:52):
I can explain a bit more later.
It's very hard to do with the air gap wallet
because you need multiple signing rounds.
And this is where, if you need to scan QR codes
or swap micro SD cards or all that stuff,
it's just not feasible.
So it really works.
This protection really only works if you have a kind
of a good communication channel.
(01:19:14):
But even before that air gap has always been like touted
as the silver bullet to security,
which it's more of a marketing term to be honest.
We have like a very in-depth article about that
where we looked at all potential attacks that are known
since 2020 and for no known attack,
(01:19:38):
air gap would even have helped.
It makes you feel secure,
but in reality, the attacks are much more subtle
and it's just like the code that does not validate stuff
enough or whatever, and you can trick it into signing things
that it shouldn't.
So as long as there's communication happen,
and even with air gap, it's not proper air gap
because communication needs to flow.
(01:19:59):
That's more of a rate limiting.
Yeah, it doesn't help in that regard.
What we did with the Bitbox,
just to explain quickly how the anti-claptop protocol works,
is that we force, so the dark-skippy thing works
because every Bitcoin transaction has a few bits
(01:20:23):
where it can put in random stuff.
It's called the nonce,
and the wallet is basically free to pick whatever it wants
to put into that data field.
So there are methods where you can force the hardware wallet
to reproducibly limit its ability
and it's reproducible that you can check, okay,
(01:20:46):
that's actually not like a random data,
but it's like predetermined data.
But of course, if the hardware wallet itself is malicious,
then these checks don't work
because it can do whatever it wants.
So we use the Bitbox app or any other app basically,
even over HWI like Sparrow or Spectre or Electrum,
(01:21:07):
to force the hardware wallet to commit to a nonce
and then stick to it.
And we can cryptographically check
that it actually used the nonce that we gave it
from the host device to the hardware wallet.
And we force the hardware wallet
(01:21:28):
and limits its choice to put in random data
to actually commit to using that data
or that lesser variability
so that it cannot encode random data into a transaction.
Okay, I appreciate the explanation.
(01:21:51):
And it was a very long explanation.
No, no, no, I thought it was excellent.
And I think it's important for people to understand this.
Again, because for the average,
for like, okay, for somebody who's very technical,
this may be really fascinating, right?
And they can go deep into what this vulnerability is
and what it means and all the far reaching implications
for each type of hardware wallet manufacturer.
(01:22:13):
But for somebody who is just a casual user of Bitcoin,
saving in Bitcoin, spending in Bitcoin,
they look at this and they say,
you're talking about leaking my private keys
in a transaction, I don't know how the heck it works.
Am I safe or am I not safe?
And again, we're talking about,
if I'm understanding all this correctly,
in order for this malicious attack to be executed,
(01:22:34):
this is the kind of attack where there is some sort of,
some sort of break in the security
of the hardware wallet manufacturer themselves
where somebody is able to insert either
some malicious firmware through an update,
they sneak something in,
or they, in the manufacturing process,
there's some sort of a collusion,
someone is compromised within the organization.
(01:22:55):
And what I'm hearing is that from Bitbox specifically,
this vulnerability is protected against
because the mechanism by which your private key
would be distributed, i.e. in the nonce,
via inserting parts of your seed into that nonce,
that part is protected against.
So it basically shuts down,
it shuts down the ability to broadcast,
(01:23:17):
for the malicious device to broadcast,
any sort of seed data from that nonce.
And so through that, you're protected.
And so if you're, well, if you're using a Bitbox,
you can at least rest easy.
And again, I think these attacks,
it's like, are they going to happen?
Probably not, hopefully not, but maybe.
(01:23:39):
Like, and it's all about, okay, what's your,
so you may be using another hardware wallet,
and that's perfectly fine.
You're probably gonna be fine.
And nobody's gonna execute this attack, but maybe.
And that's the whole thing, right?
Like, somebody's probably not gonna come into your house
with a wrench and break your kneecaps, but they might.
(01:24:00):
So multi-sig is a good idea.
Somebody's, your house is probably not going to catch
on fire and burn your hardware wallet
and your paper seed phrase, but it might.
So maybe a steel backup is a good idea.
Like all of these things, I think are really,
they're personal questions about your own risk tolerance
and saying, okay, yeah, these things might not happen,
but they might.
(01:24:20):
And are you okay with the percentage chance
of them happening or not?
But if you're not, the nice thing is that there's things
that you can do to protect yourself.
Like you can sleep easy knowing that, okay,
I'm protected against a wrench attack
because I've got a multi-sig set up.
I'm protected against my house burning down
because I've got a nice steel backup.
I'm protected against dark skippy
because I'm using a bit box.
(01:24:40):
And I think to their credit, I think Blockstream Jade's wallet
also protects against this.
Exactly.
And again, that is as deep as I went into this
was figuring out, okay, am I going to be protected
against this?
Yes, okay.
So I appreciate the explanation.
It's not a proprietary solution.
(01:25:01):
So we made sure to, that this is now actually
like the whole anti-X fill protocol as Blockstream calls it
or anti-Clepto as we call it.
It has been merged into like the core cryptographic libraries
of Bitcoin core.
So we made sure to contribute upstream
so that everybody else can use it
not to create a unique selling point for us.
(01:25:23):
And it's a very old attack.
It's been known for a long time
and we've worked a long time on like this
additional security measure.
And it's been in the bit box for two years.
It's just coming like seeing the light of day today
by chance because somebody actually demonstrated the attack.
(01:25:43):
But we, well, yeah, it's been in the bit box
and in Jade for a long time.
And in security, this is like called security in depth, right?
So we don't want to have any single point of failures
because open source and reproducible builds
already protect quite well against stuff like that
(01:26:06):
so that your hardware wallet does not go rogue.
But additional security measures, if that should fail
or if it's a targeted attack
and it's maybe not like publicly released
but like just like uploaded on your hardware wallet,
like your personal hardware wallet,
it then this would fail
(01:26:29):
and then this is where the anti-Clepto protocol comes in.
So it's always like multiple steps of security
in case something fails.
There's a second rule and a third rule of security measures.
That's what I love about this open source ethos though
is that it's not like bit box or Jade is trying to say,
we have this specific way to keep you safe.
(01:26:51):
Come to us if you want to stay safe, it's no.
Yeah, we implemented this and anyone can implement it
and please do implement it.
Please have the best security practices.
Like it's that idea kind of a rising tide
is lifting all boats.
Like ultimately you don't want people to get dark skippied.
And so I think that's just a,
it's cool to see that level of collaboration
(01:27:13):
within the open source space.
I mean, that's what it's all based on, right?
Is collaborating to make it a better experience
for everyone.
Definitely and I mean, as a company,
we will be successful if Bitcoin is successful.
If Bitcoin fails and like,
I don't want to name any, like point out any names.
Like some other vendor like gets rock pulled.
(01:27:35):
That could easily be like the death of self custody.
So that would also very heavily impact us.
So it's in our own self interest as well
to like contribute to the industry
to make everybody's self custody safer.
Because in the end, we want to make self custody
the de facto standard, the default way to hold your Bitcoin.
(01:27:57):
And for some, maybe custody is the better way.
For others, assisted multi-sig is
because they have like so much corn stacked already,
which is also good.
But we don't want people flocking into ETFs
or just like hold their Bitcoin on a bank account.
Because to be honest, I think regulation
(01:28:20):
is actually working for us.
Because Bitcoin on a, in a bank account,
at least in Europe is basically unusable.
You cannot do anything with it.
The only thing you can do is withdraw.
And then you're good.
And this is basically where we come in.
Yeah, it's a, it gives people something
(01:28:41):
to run away from regulation that is, you know,
it's like, okay, well, I want to actually be able
to use my Bitcoin either in a,
as close to a self sovereign way as possible
in the way that I use it as a store of value,
but also as a medium of exchange.
I want to, I want to be able to send it to who I want.
I don't want to have to, you know, KYC my friends
that I'm paying for something like that.
(01:29:01):
Just insane.
I think it's got the, this is a digression,
but the whole KYC regime across the world
is just, I think so, so destructive.
Cause it doesn't work first of all.
It doesn't work at all.
It catches a tiny, tiny percentage.
And then, you know, it's like, I think it's like 1%.
Like it's something shockingly small.
But then you just create these huge honey pots.
(01:29:23):
Like the biggest honey pots you could ever imagine.
And it's like, that's not serving people.
That's not serving the citizens.
I don't know who that's serving.
It's like a huge cargo cult where you do stuff
that looks like nice from the outside,
but it doesn't even work because everybody is like,
like if you like in Europe again,
like banning like encrypted messages.
(01:29:46):
I mean, what you do is that the regular people,
like we will probably use like still,
or like say, let's pick another example
that regular people, not like us,
will probably use like unencrypted,
but everybody who has something to hide
or is an actual criminal,
of course they will still use like encrypted messages.
(01:30:08):
Why wouldn't they?
Or they're scared to get like a fine or what?
Right.
What's the point?
Yeah, it's interesting with the whole
telegram CEO getting arrested.
I just saw the CEO of Rumble just like left Europe as well
because they've been in some sort of legal battles,
(01:30:31):
I think with the French government as well,
maybe a couple others.
And I read that the declaration
from the French government basically against Pavel
saying three of the lines were like,
I mean, their law says that you need to have like a license
to use cryptology as they're calling it.
And like you need to basically tell them what you're doing.
(01:30:54):
And of course, give them a back door because you never know.
And it's like, it's just so insane
that criminals use the internet,
criminals use pens and paper,
and criminals use guns,
and criminals use everything that normal people use.
Like you can literally,
criminals use freaking washing machines.
(01:31:15):
Like it's just this insane, insane standard
that you have to treat everybody like a criminal
because criminals use the same things that everybody uses.
And I think, I just think that's so sad and so regressive.
And so that is not what is going to help humanity move forward.
It just moves us backwards.
And in this regard, I'm really grateful that we as like
(01:31:39):
in Switzerland are not part of the European Union,
although it makes us our like job
because everything we ship abroad is exporting.
So we have like our own warehouse in Germany
so that we can distribute more easily in whole Europe.
But it's insane in what like strange direction
the whole political Europe, European Union goes.
(01:32:02):
I'm very happy that we never joined
because living is also quite painful
as you can see with the UK.
Yeah, yeah.
Yeah, Switzerland is a little island of more sovereignty,
more sovereignty it seems than the rest.
I think it's deep in our bloods, like with all the like the
very strong privacy laws, like very high regard of like
(01:32:25):
individual like liberty and like ownership rights
and all that stuff.
Because as a direct democracy,
like if something like that comes up like chat control
or whatever, we can just veto it.
And usually that's what happens.
This is why we don't have a president.
We only have a consortium of seven people that
(01:32:46):
where basically every party is involved in the government
and that somehow need to hash it out.
And it's very conservative and usually not the most
like innovative solution, but in the long run
it's kind of also like feels okay.
There are like really hard limits what politics can do
(01:33:07):
if the people don't like what it's doing.
I think, you know, and even using the word like conservative,
you mean that in the true sense for any Americans listening
that are associating that with some sort of particular
political ideology, you mean conservative in the sense
that we're going to be very careful with any changes
that we make.
We're going to be extremely careful because as we've seen
(01:33:28):
many of the quote progressive policies that have been put
forward around the world and in America is no different.
Well, they're not actually innovative or progressive
they're using that as a label to trick you into thinking
that this is something that you need to support.
There is nothing progressive about censorship
that is regressive, that is making us less free.
(01:33:51):
And so it's nice to see.
I once heard when I was in Lugano for the first plan B forum
and I heard someone who's Swiss tell me kind of joking
but also not, it was like, you know,
Switzerland is the only first world country
that's left in the world basically saying that like
(01:34:13):
even America, like you guys are, you know,
we can't consider you a first world country.
I was like, yeah, you know.
That's quite opinionated.
It is.
I think he meant it also slightly jokingly
but I think it's a.
I'm glad.
I do think that the direct democracy thing is so fascinating
because it's like really I have to imagine your participation
(01:34:34):
rates are fairly high when these things come about
or is it do you have any?
Not even.
I think the fascinating thing is that
boring stuff, many people don't even go to vote
because they just trust like the hive mind
decides in their way anyway.
(01:34:55):
And usually it actually is like that
because you can start like a public initiative
even could be very like, very progressive or extreme.
Be it left or right or whatever.
And that forces the government already
to make a counter proposal.
And when it comes to like saying yes or no
(01:35:17):
to the initiative, they also put the,
they very often say if it's voted no,
we'll still implement the counter proposal
basically as a like a fallback solution
so that the more extreme stuff is not like voted yes.
So even if your initiative is not going through
(01:35:39):
you can still like build up a lot of pressure.
And it's like, I don't know, it feels like we're
not as divided as or like politicized
like in everyday life as other like countries
even in Europe.
So I'm really glad we can still like hash stuff out
(01:36:00):
and find compromises even if it's tedious.
No pun intended on the hashing stuff out there.
No.
Yeah.
Well, Staticus, I wanna be,
I wanna be conscious of your time here
and I'm gonna link for everyone some of the resources
that you guys have.
I'll also link bitbox.swiss slash walker.
So folks wanna get 5% off Bitbox 02
(01:36:22):
or a nice seed, a metal seed backup
which is really nice.
I got one of those that is,
there's something nice about putting a seed in metal too.
It's very satisfying.
It can grab that.
Is there anywhere else you wanna send people?
I'll link your socials as well
but anywhere else they should go
or you wanna send people at all?
Sure, I think like bitbox.swiss
(01:36:44):
is a very good starting place for everything we do.
We do have a quite a little bit unorganized.
We're working on that, but a very in-depth blog.
Maybe we can link a few of them.
Sure.
Blog posts I've mentioned regarding AirGap,
regarding Dark Skippy, stuff like that.
We put a lot of effort into also like in their newsletter
(01:37:05):
to like regularly publish in-depth article,
just what we learn ourselves as well
when we research new topics and then implement it.
I think also for more technically minded people
that can be like some interesting things there as well.
And you mentioned you're from Wisconsin, right?
(01:37:28):
Yeah, originally from Wisconsin.
Oh wow.
There's something for you.
Where did you pull that cheese head from?
Did you just, do you guys have,
is it normal to wear cheese heads in Switzerland as well?
No, that's an original Green Bay Packers cheese.
Wow, I was not expecting that.
Okay.
Did you-
(01:37:48):
Usually I'm more going for the Jaguars
but Green Bay Packers is definitely my second team.
Amazing, wow.
That was what a lovely surprise.
This is the first cheese head appearance
that has been made on this podcast.
So thank you for that.
Last question, totally unrelated to everything.
(01:38:08):
Are you reading anything right now that you'd recommend?
Good point.
I just finished some things.
I think what I really, really enjoyed reading lately was
educated by Tara something.
I'm not sure.
It's like a Mormon girl that did her,
(01:38:30):
it's an autobiography that worked her way out of
like religious, cultish environment
and went on to like law school and everything.
And also just like read The Client by John Grisham.
So a bit more on the lighter side.
Oldie, but Goldie stuff like that.
I always enjoy.
(01:38:51):
I appreciate it.
I always just like to ask people what they're reading.
I need to go through these and build up
just a recommendation reading list for folks
because I've got a lot of them now.
I'll find the time one of these days to go through it.
But I appreciate that.
Staticus, thank you so much for your time.
This was a pleasure and incredibly informative.
Appreciate your time very much.
(01:39:11):
Thanks a lot Walker.
And that's a wrap on this Bitcoin talk episode
of the Bitcoin podcast.
If you are a Bitcoin only company
interested in sponsoring another fucking Bitcoin podcast,
head to bitcoinpodcast.net slash sponsor.
(01:39:32):
If you're enjoying the Bitcoin podcast,
consider giving the show a five star review
wherever you listen or sharing the show
with your friends, family and strangers on the internet.
Or don't Bitcoin doesn't care, but I always appreciate it.
You can find me on Noster by going to primal.net slash Walker.
If you want to follow the Bitcoin podcast on Twitter,
(01:39:53):
go to at Titcoin podcast and at Walker America.
You can also find the video version of this podcast
at youtube.com slash at Walker America
and at Walker America on rumble.
Or just go to bitcoinpodcast.net slash podcast
and find links everywhere.
Bitcoin is scarce.
There will only ever be 21 million,
(01:40:14):
but Bitcoin podcasts are abundant.
So thank you for spending your scarce time
to listen to another fucking Bitcoin podcast.
Until next time, stay free.