A

What if the biggest risk to your Bitcoin isn't the price but where you're holding it? Everyone's buying ETFs, everyone's leaving coins on exchanges, and almost no one is asking the real question that we used to always ask. Who actually controls your keys? In this interview I talked to Trezor CEO Matej Zak and we break down self custody exchange hacks.

B

The biggest hack in the whole industry happened last year on an exchange, right? Like the Bybit hack. You think about self custody being like completely decentralized obviously because you have the individual owners, you don't know where they are, you don't know who they are, you don't know their setups, etc. So those attacks are at scale are basically impossible.

A

AI powered scams, quantum threats.

B

If Quantum comes, the whole world has a problem. Your bank accounts, your credit card, like security of the, of the digital space would be kind of at risk. Besides Quantum, I'm worried about AI and the speed of this attack that can happen scares me and why hardware wallets

A

may be more important now than ever before.

B

And honestly I think hardware wallets will play a role in this as well. Where you can really rely on a device that is like purely built for. It creates the wallet and it signs a transaction. That's it. Like it doesn't do anything else. And that's the beauty of it.

A

If you own Bitcoin, Bitcoin or crypto or plan to, this conversation could change how you protect it and how you view it moving forward. Let's get into it. That's dope. When did you get into Bitcoin?

B

I think seriously only when I joined the company, which is well seven years ago. So I owned some before but then I applied for, you know, for a job with Cheszer, I really as a product manager. And then that's where I think things started to get more like serious for me.

A

So it was just a job for you at first. It wasn't that you'd been orange pill or you had a deep libertarian values or was that part of the reason that you took the job? I came in as a trader and didn't care at all about Bitcoin by the way. And eventually found my way. I was not one of those early

B

people either, you know, interestingly I had those values obviously. I mean person doesn't change that much. I think like, or at least these deep values didn't change for me. But I didn't know there was a name to it, you know, I didn't know There was like a whole thing, but then it clicked so well, like when, you know, like I joined the company, I mean it was tiny team, it was like 30 people. And I had the amazing opportunity to work with the founders directly. Right. Because it was a small company. So I think they introduced me to basically they properly orange told me. And that was kind of nice to have that experience from, you know, somebody who set up basically the whole SOF custody hardware vault industry. So it was cool.

A

So obviously self custody has become more popular, I would imagine as the industry has grown more people buying wallets. But it seems like now there's a lot more competition with self custody from either institutional custodians or exchanges that have admittedly improved security to some degree. From the early days, I remember when you had no security on any exchange period. So now it seems like we're this interesting place where a lot of people who are coming into Bitcoin come in through ETFs or leave their coins on an exchange and use a yubikey or something as the maximum security. And maybe they don't even find their way to self custody.

B

Yeah, so just maybe a bit of a statistic, but the biggest hack in the whole industry of the crypto industry happened last year on an exchange. Right. Like the Bybit hack. So whether the security of the exchanges improve significantly. Well, it definitely did, but there are still some other problems, such as these institutions are basically honeypots for hackers. Right. So it's exactly what we saw with the Bybit hack, where I think it was the North Korean hackers, the Lazarus group, basically got onto this big exchange. Whereas if you think about self custody being like completely decentralized, obviously because you have the individual owners, you don't know where they are, you don't know who they are, you don't know their setups, et cetera. So those attacks are at scale, are basically impossible. Right. So that's what the hardware wallet does in general. And that's why everybody should sort of consider, consider it for, for themselves as well. And then you also mentioned the ETFs. So there, it needs to be said that like this is something, what is called like indirect exposure to Bitcoin. So you don't actually own the Bitcoin, you only own when you buy an etf. You sort of get an access to like a legal contract that says, well yeah, there's some company, hopefully they, they even have the Bitcoin that they claim they have, considering they are not heavily leverage or anything like that. But you don't really get the actual ownership now as opposed to gold. Bitcoin solves this beautifully because it's a digital product, right? It's a digital solution. You don't need to have 2 kilos of gold hidden somewhere in your place. So, so the fact that it's digital, the fact that you can own it yourself is obviously beautiful. And where I stand, of course I would recommend people to consider the proper self custody, the proper ownership, which they can start with software wallet. That's fine. The security is not there, as robust as with a dedicated hardware device, but it's definitely superior over the ETS or any other solution like that.

A

So we agree with that, right? We've been here a long time. Self custody is exceptionally important. It's partially the reason we're here. Right? You know, don't trust, verify, be your own bank, not your keys, not your coins. We've been saying these things for years. How do in your mind you continue to deliver that message and spread it further as these other competitive products and custody solutions, these solutions come into play.

B

I'm a huge believer in free markets and I believe that the superior products and superior experiences will win in terms of security, privacy, but also usability. Right? So that's basically actually these three boards are, are the kind of the pillars of our company. Specifically that's you know, in our mission statement is really privacy, security, usability. And so I think we, we need to compete and we are competing by introducing new products that are really super easy to use but also that has sort of proven that that really are unhackable or that are really, really secure and that also the company behind it such as us really protects, you know, user privacy by not for example storing the private data on self custody of a hardware wallet. You don't have to do any kyc. So us as a company, we don't really know who the users are, we sell the hardware but there are no customer accounts that will be connected to whatever you own. Right? Whereas in ETF or your exchange you always need to provide your id, you need to verify all those things which simply in self custody you don't have to do. Therefore you have much more anonymity and protection sort of by nature or as a nature of how the product is built. So yeah, that's probably maybe what I would add to this topic.

A

I think we've had a push across the world in some places to more KYC and more AML and less privacy. Obviously even the genius act itself is basically the bank secrecy act built into stablecoins. Right. There's full visibility into our transactions. China building a cbdc. It seems that things are trending towards less privacy. Do you have any fears as a company or do you come against any contentious legislators or regulators in certain jurisdictions that really might ban or attempt to limit the use of self custody in general? I mean it feels like it should be a basic freedom that you can buy Bitcoin and hold it yourself. But I've got to imagine that you have some navigating of governments to do when figuring out where and how you can sell your products and what your users can do with them.

B

Yeah, we are ultimately a freedom technology company. So the main reason why we do those things and these things, these products is to really provide users with the option to freely transact and for the governments and companies etc. Not to mess with, with what you should own and what you like truly own. So do we see sort of the regulation getting a bit tougher around the industry in general? Yes, I think that's the case, but we haven't seen any. There is no strong regulation on the self custody of hardware world specifically yet though obviously there is a ton of regulation in the ecosystem. So if you want to buy, sell, you know, of course taxation is another story of that in that whole journey. So luckily there is no like strong regulation on self custody in its own in a way that for example you would need to KYC or hardware Wallet. As I said, this is not the case. So that's why it's also superior way of owning Bitcoin and crypto. But does it worry me for future? Yes, it does. It's. I think it's like a real threat to the freedoms of the individual users and that's why we are here. We will try to build products that really like I said as an example, we don't really collect any data and that's a feature, it's not a bug. It makes our job somewhat more difficult from product management point of view because you don't really know what to build exactly next because you don't really cannot rely on that ton of data as other companies can. But that's actually. Yeah, it's the feature. It's a feature of the whole ecosystem.

A

So privacy, security, usability. Right, those are the three pillars that we discussed. So I think everybody's in consensus that privacy and security are superior with self custody. I think a lot of people in the past, at least historically have struggled with the usability. Right. We kind of go back to the idea of grandma being able to do Anything in crypto, like, that's the joke. Like, can grandma do it? You know, like, is the UX UI simple enough that she can do these tasks the same way she would with systems that she's familiar with in the past? How far has usability come? Are there major challenges that you see to getting to the point where it's literally can be used by anyone? Like, do seed phrases need to go? I mean, Trezor, didn't you guys invent the seed phrase?

B

Yes, we did. We did. And I'd say actually maybe coming back to the history, I think that was the first or maybe one of the most significant usability improvements of the whole industry. Actually, I digged up some numbers in the past, and if you think about it, the seed phrase is probably used by hundreds of millions of users. I think I looked up the number because if you look, the seed phrase is not used only by the hardware wallet companies, but also the software wallets, Right? So the big software wallet and those have. Yeah, yeah, of course. But also when I check the sort of numbers of the actual users, it's probably somewhere like 300 million or something like this, right? Like a crazy, crazy amount. And these people are using seed phrases that were invented by the founders of, of Trezor. And that was one of the biggest, I think, historically impacts on the usability of private keys. Because private keys are, I like to say, I like to explain it as a super long WI fi password where if you miss one character or make a mistake in one character, you get a different private key and therefore you don't get access to your assets on the blockchain. So that's where seed phrase came in as a solution to, okay, let's make this super hard WI FI password into something that's human readable. And now really hundreds of millions of people are using it, which is pretty cool. But I mean, that's been many years ago. So I think there's much more that we are doing collectively as a whole industry at the hardware level as well. So we launched some new products actually just last year that our most premium and most advanced hardware wallet, that is like sort of the testament to the usability because it has a bigger display, you know, it has very like premium feel. And to your question, whether grandpa can use it and anybody, I really think these days, yes, I think the argument is no longer there that crypto or hardware would be too difficult to use because it's simply like super intuitive, you know, I mean, if you can use smartphone, then you can use hardware like that's simply as easy as that.

A

And so is the seed fridge still the future? You know, we've obviously seen a lot of self custody companies and wallet manufacturers start to use either biometric ID or completely other systems. Or is the future, I guess, giving the user the option as to which one they want to use? I mean, how do you view that when you look 10 years down the road and say how are people going to want to use these things?

B

Actually, I like the second thing you said. I think people should have option. I think there should be also interoperability as an option to move between different providers. So also the cool thing about The Bitcoin Improvement Proposal 39, which is the seed phrase, it's cool because it's used by not just us, but basically, like I said, our direct and indirect competitors. And if for example, you buy Cheszer and set it up, you can toss the chesrel and you can move directly to some other solution you would like and it's perfectly fine. Right? So the interoperability part is like really important. So the user choice as you mentioned I think is really important part of the story and therefore my answer would be yes in 10 years. I still believe seed phrases could and will be probably around because mind you, most of us are also Hodlers, right? So it's like a long term product. It's not like your iPhone that you would flip it every year or two. It's like you want to think like a long term because of a nature of bitcoin, et cetera. I think seed phrases will be around. But I also believe there are some new formats that are coming like NFC tags, et cetera, where you can basically digitally store these phrases. And that also has some advantages such as protection against phishing, etc. So yeah, I think these new formats are good, are important, they have some benefits. They also have some negatives because whenever you have something that is not purely, let's say, analog as a piece of paper, it also brings some, let's say, risk of the failing stack, the chip inside of the card could go wrong or whatever. There are some pros and cons and therefore I believe the user should have options to basically do both.

A

It seems incredibly difficult to create a product and then go through the amount of time that it takes to see that product come to fruition and still be ahead of all the threat actors. Like there's gotta be hackers out there that are just working on this 24, 7, 365, trying to find ways to do these. I Want to get into Quantum in a minute and whether that is worth discussing. But how do you create a product that is going to be viable and relevant by the time that product actually comes out and then for the foreseeable future from there where people will continue using it?

B

Yeah, that's super relevant question for a hardware company because there is this saying the hardware is hard and it's very much true because. Exactly you need to plan ahead in the software and especially AI we see how fast it is now these days you can really within minutes or hours maximum build software. It's incredible. So, so even the software development that like the Agile software development, you will think of shipping a feature, you know, in a couple of weeks. Now AI this speeding this up even faster, you know, to maybe hours and hardware, it's the complete opposite. It's like it's years of planning, it's like super waterfall. Meaning, you know, you just like build like a huge project together in a, in a very sort of predictive way and if something goes wrong at the beginning, then the whole timeline gets postponed, you know, so it's like kind of nerve wracking to a certain degree. And then therefore you need to like rely on really good partners, you know, like the suppliers, etc. It's like really, really big sort of project. But I think big part to what you're sort of asking is how you stay like security wise on top of the game. Well, there's this also saying that security is moving target. So I totally agree with when you say like there's hackers that are, once you release something, they are instantly trying to get in and that's perfectly fine because it is really a moving target and we need to stay sort of vigilant and always check for when we can improve. But a huge part of this story is the fact that we are open source and therefore what this enables us to do is basically the thousands of security experts, engineers, people that know how to break things, that they will try to break things that will try to break our software and hardware. And by sort of us knowing this because we built in the open and we actually incentivize, you know, these like sort of ethical hackers to tell us when there's vulnerabilities. We even have like a bounty program where we pay these people if they find some problem that basically help us to stay on top of the game and to always be sort of more secure as we move on. Right. So, and it's a huge advantage over some of maybe our closed source competitors or other Companies that are in the space because, because you really never know what's happening under the hood. And it's actually called security by obscurity. Almost like that. By hiding away the information you are basically introducing some risk because the bad guys maybe know about this. But you as a company would not allow to spread this information about the certain attacks and therefore you actually make the products that are less secure. So open source from this perspective, it's awesome. And that's where we try to be very like sort of bullish on open source and it's our DNA basically.

A

So I want to talk about quantum because it seems to be one of the big narratives that's not only driving FUD about the future of Bitcoin in general, but certainly that's been driving FUD about the price of bitcoin. Right now you have kind of big name media personalities, some who are bitcoiners going online and saying this is over, Bitcoin's going to get hacked. Personally I think I'm worried about them hacking the nuclear codes before the bitcoin network. And I think it's a bit of an echo chamber argument. But I would imagine that now one of the big things you have to be concerned about is being quantum proof in the future, at least from a self custody perspective. Because whether quantum is a existential threat to Bitcoin or not, it could definitely be an, a threat to a wallet. Right. So how do you I guess start to consider the evolution of quantum and quantum proofing your hardware in the future?

B

You know, exactly as you said with the, with the codes. So you know, if quantum comes, the whole world has a problem and you know, like your bank accounts, your. Yeah. Credit card, like, you know, like you would basically though the security of the, of the digital space would be kind of at risk. Your email, like whatever, on the online Internet, whatever, digital, like all these things would have a problem because you would have so much computing power to break through the current cryptography that would just. Yeah, the whole world would basically collapse. But that being said, well there is also post quantum cryptography where you basically these sort of security measures are much more harder to break even with the computing power that quantum would bring and therefore the network. I mean bitcoin and other cryptocurrencies basically need to get an update. And whether I believe they will get an update in time. Well I do, I really do believe that they will because there is already so much money and so much market capitalization that there is so much interest from all parties, not just like individuals not just like engineers, not just like retail, not just companies, not governments, everybody, basically everybody. It's in everybody's interest who is in the market to get this fixed or improve, strengthened. And I simply believe it will happen as it will with the rest of the world and with the rest of the Internet. AI of course, is a huge part of this as well. Actually, as we said, security is a moving target. Quantum computing is just yet another one of these possible, how to say, challenges and we will fix the security. I'm pretty sure about this. Specifically in Chessor, with the new model that we released, we added some post quantum signatures in, in the device on some hardware level, which basically means that if these quantum threats would come in coming years, again we are talking about the product that is like a very long term, like a huddle type of customer life cycle. Let's put it this way. And therefore, in future, if you own PS7, Trezor C7, we could actually update this with some post quantum security measures. So it would not be, you would not be able to extract any, any secrets from the device, even with the quantum computer.

A

Yeah, the Trezor 7 Save 7 is really cool. Maybe I guess talk about the evolution of that device specifically. And what, I mean, obviously you just talked about it being effectively quantum proof or quantum proof signatures down the road. What other huge leaps would you say that this wallet has made from previous iterations that you had before?

B

So probably the biggest one is that we added as open source as possible. I would say we call it auditable secure element, which secure elements are secure chips that are on your hardware wallet and they protect the device from any kind of physical attack. So even if some bad guys would get a hold of the device and they would try to extract the private keys from the device, these secure elements are sort of specialized chips that make it really hard for anybody to extract anything from any data from the device. And historically these secure elements, they are closed source. So the way it works is basically you reach out to this big manufacturer and you say, okay, give us the documentation. We want to check on our own whether the security of the chip is good or not. And they will tell you, well, we are not going to send you the documentation unless you sign an NDA for many years. And by the way, if you find some problem with this chip, you cannot tell anybody, you cannot tell your competitors, you cannot tell anybody. That's basically what happened to us. For many years in the past, we didn't have secure elements in our hardware vaults and our direct competitors were using them. And we realized because we signed the NDA, we just want to try whether maybe one of those securities would be viable for us. And we realized there's some sort of like a bug and you can extract the secrets from it that were used again by the direct competitors. But we couldn't tell anybody because we signed the NDA already and the company told us, well if you tell them or if you tell anybody, people will sue you. Right, right. And this is like a huge company that gives chips to, or sell chips to one of the rich companies of the world like Microsoft. And you can think of companies like this. So we were like, well this is kind of shitty, right? So what are we going to do about it? And then the idea came basically to try to build a open source secure element, like in a very innovative way. So that's what happened. And, and it's part of the Trezor State 7 so it's kind of cool. It actually features two secure elements. One is sort of NDA free, so we didn't have to sign in NDA with this one. But still it's not open source. And the secure element from Tropicsquare, the company that built this is actually a auditable secure element that you can check the GitHub basically through the code and the way the chip is designed on GitHub which is, is pretty cool for the security.

A

Would you say at this point that people, the tech is a bigger threat or the network or the tech are a bigger threat to somebody's custody or do you think that their own human behavior is a bigger threat to self custody at this point? Right. We've had this debate by the way, all the time and we had, I remember, I think CZ in the past got a lot of heat for saying hey, you know, people are going to lose their keys, they're going to make a mistake, they're going to fall on their head. You're better off having your coins on binance than on a wallet. Right? A hardware wallet.

B

Yeah. So obviously I didn't like the way he put it. I remember that while ago now. I remember it, yeah, it's been a while. It might be like a few years but yeah, I do remember it is. I mean of course it's like a bit of a thought creation from his side to basically say come to come to our big, big centralized exchange. But like I said like you know, like 15 years old industry and then still the biggest hag happened last year. Right. So, so I, I don't think the, the exchanges are off the hook. It's like security wise. Not at all. But yes, people are still at a certain degree threat to themselves. I think you really need to understand what you are doing. But the product will lead you. Right. Like you don't have to worry about that. You would need like a PhD in engineering and to be able to manage Bitcoin and hard robot. Not at all. The product is really super intuitive. So as long as you care for some basic principles that are like, such as that you would not make a digital copy of your seed phrase. As long as you stick to the principles that the product will tell you to obey, then you're fine, you're completely safe. So yes, and of course then there is still what obviously I don't like. There is ton of phishing as we know. So yeah, that kind of sucks that people are threats to people as well by basically scamming behavior.

A

Yeah, I mean very smart and sophisticated people that I know personally have been not necessarily on hardware, wallets actually. I mean I see that going around, but more on the exchanges. Like a fake email from the security at the exchange and a very plausible phone number when you call and here send us your keys so we can add a security layer. I mean that stuff seems unstoppable.

B

Yeah, yeah, absolutely. And I recently heard again like AI also plays like it's a sort of an accelerating like a factor here. Just recently actually somebody I know personally got phished by. I think it was like a zoom call where they actually talked with somebody who they thought was like a real person. It was just like an AI and they prompted them to download some malicious malware on their computer and blah, blah. So yeah, it's pretty. It gets very, very sophisticated. And yeah, you need to stay vigilant.

A

Yeah, that's the new big one is the actual zoom call that looks like you're talking to a person. And I've known some very early bitcoiners. My friend Adan Iago, who's like a very early bitcoiner, he almost got scammed by one of those. He signed on and then he thought it was fishy and signed off. But it was not only a zoom call, it was like with a zoom call with somebody he knows who is a fake version of the person he knows that had contacted him from a telegram, you know, like. And it's every layer, right? It's the layer of contact where they get you seems real from a familiar person all the way up to the zoom call. People have to be so incredibly careful. So I guess that said it's probably a good time to sort of refresh people's memory on those principles that the wallet might walk you through. I don't want to take for granted that every person who listens to this has tried self custody or even remembers what it was like when they did it 10 years ago or whether that has changed. So where do you write down your seed phrase? Where do you store your seed phrase? Should you have multiple copies that are geographically dispersed? Where do you put your wallet after you do all of this? Because if someone walks in your house and you're standing there next to your wallet, it's sitting on your desk, you might be in trouble. So maybe just give us the beginner's guide to the basic practices of security with a hardware wallet.

B

Yeah, of course. Number one, buy the device from like a verified site, right? So for example, in the Trezor, we always tell you, ideally, go to Trezor IO, which is our official domain. Don't buy it anywhere else. Go there. Like we ship globally. Wherever you are in the world, we will ship to. It's not a problem. You can also buy.

A

You might be buying a hacked device or something, right? Somebody already had their hands on the device, did something to it and.

B

Okay, yeah, just exactly. You can also use some actually, like a trusted network of resellers that we have. You will find it on our website as well. Trezor IO is the place to go. And then if you want to buy locally from some reseller, it's okay, you know, even like big brands like Amazon, et cetera, start Best Buy. So you can go there as well. But like always check whether those are actually supported by us, whether they are official resellers. Because there were cases in the past where there are some like fake resellers that will try to scam you. So that's number one. Number two, when you receive the device, the packaging is built in a way and created in a way that it will really make sure that the device has not been messed with. Like it's not as some kind of counterfeit. So like check that the packaging is unbroken. There is some seals on the devices as well that kind of will guide you in a way like, yeah, nobody could really mess with this device. So that's basically the hardware, let's say security measures. And then once you plug it in into your computer or phone and you start creating the onboarding, then the device checks for some out in the city, it checks whether it's never been used before. You need to confirm those things on your display and the whole onboarding process will basically guide you through the way that it makes sure it's secure for you. Just follow the screen and it will check for the device authenticity, etc. Then you download the firmware and then that's where the whole journey starts. It will prompt you to create a backup. As we discussed before. You can write the backup on piece of paper which has some analog qualities to it. As I said, it's not digital, so never take a photo of it, never store it digitally, don't write it to your computer, don't write it to your phone. Because whenever it's digital and somewhere on your hardware, let's say like a device, it can get hacked by because it's connected to the Internet. So. So that's what you don't want. So you actually want to keep it completely offline

A

and.

B

Yeah, and we also sell solutions such as Treasure Keep Metal, which is not paper, it's actually a piece of metal. Well, as the name suggests. And you can actually sort of punch the seed phrase into this metal solution which is like really indestructible. Like even if you burn it in like thousand degrees Celsius or whatever, it will not melt down and et cetera. So. So we have even these robust solutions and then hide the backup away, don't show it to anybody. And yeah, that's where your journey starts and you're safe there. As for the device, yes, I think it's not good to boast about how much Bitcoin you have or something. That's something you should not do online, obviously. So. So self custody is like a privacy game. So yeah, don't do those things and then you're completely safe.

A

Wasn't there a time when competitors were marketing like a necklace with your hardware wallet on it or something?

B

Yes. And to this day we make jokes about decentral, to be honest, and sometimes presentations. And we would joke about this because obviously we don't. We didn't think this was a good idea. I understand, like, they probably wanted to like lure some new audiences, new sort of target Personas that would be into this. But yeah, I don't think it's a good idea.

A

Yeah, I guess. How much does that factor into security if you're a person who owns bitcoin still? It's become so mainstream obviously to own bitcoin, but there's still a lot of people out there targeting bitcoin holders. I know specifically in France, obviously we've seen this massive increase in threats and kidnappings, cutting people's fingers off and Sending them to their loved ones. I mean, really crazy stuff from movies. And it seems there's actually been an uptick in that rather than a reduction.

B

So.

A

Really crazy stuff.

B

Yeah, I think people need to be really careful. Again, that's the reason why not to go public about these things like that. You would be boasting about how much Bitcoin you have or something like this. That's something that should not be recommended. Of course, these stories specifically from France are very sad. I also read that in general, the friends sort of the kidnapping rate, or what you would call it in English is quite high in general as a country. So it's not just specific to crypto, but obviously the people in crypto are more sensitive to hearing that was crypto related, obviously. Just please stick to your sort of privacy measures. And that's all I can sort of recommend. And yeah, and it's sad, it's regrettable. Of course, it sucks.

A

Should people have multiple hardware wallets or is it effectively safe to put everything on one? I mean, how do you kind of think about people with significant amount of assets and how they should disperse their assets to some degree?

B

Yeah, I think it's a fair sort of choice for somebody to consider maybe like diversifying the risk that they would even like. Well, it's important to say that like if you lose the hardware wallet, it's still fine as long as you have the backup. And by the way, the backup, again, like the BIP 39, which is the seed phrase based on the protocol or the standard is you can actually recover your wallet, even not just with Trezor, but with our direct competitors, which is quite cool with this. So we can actually even lose the hardware vault as long as your backup is. Is safe and as long as you know where it is. But yeah, you can definitely disperse this risk. But interestingly enough, I cannot really give like a very, like a hyper specific solution because that would basically already lead maybe or indicate where the attackers could look. You know, like if. Now like if I told you, okay, put the hardware wallet underneath your pillow, that would actually not work. It's a security measure because everybody would do it.

A

The question more is like, should that be something that's in your house or a safety deposit box or somewhere completely random that nobody would even think, like, should it be? You know, a lot of people use multisig and they geographically disperse them. I mean, there's all these different ways that you can do it, but it seems like if someone comes in your house and you're there, then you Might actually want your wallet somewhere else besides your house that's secure so that you can literally just say I can't do it. Right.

B

Yeah, I think it's actually one of the ways how to approach this as well. And then also depends on the usage because then you also need the device to sign transactions and interact with. So if it's like for you, the use cases may be like super long term and just a huddle and you don't have to touch it then. Exactly. It doesn't even have to be in your place. But if you want to interact with it more often, then you can have the device close to you. But then also you can really diversify by having maybe smaller amounts on you. Even like you can carry around the device all the time actually. Because JR State 7 now is, you know, it has Bluetooth, you can connect it to your iPhone or Android so you can actually carry it in your pocket. But then you don't maybe need to have all the savings that you, that you own on there. Right. Like so you can diversify really depending on your specific use case.

A

Yeah. It seems like the mental model is that you have one that's your savings account that's very hard to access even for you to make it secure. And then you have one that's kind of like your checking account or your credit card that you can walk around with and actually use and trade with a small amount or whatever activities you're going to actually use crypto for. I think that's always been sort of a push and pull of self custody is that as we go more mainstream and people actually want to use these things which we want them to be able to do like use crypto every day. Well, there's a challenge to being secure and using it all the time.

B

Yeah, of course, exactly, exactly. But I can tell that from like Trezor perspective, even if you have it on your own sort of more often, it's still very, very secure because there's multiple layers or how we would need to break into the device and there is a pin you can use passphrase which is not even recorded anywhere. So nobody can really get there. Unless like if you are the only person that knows this, then of course the backup itself can be stored in multiple places because we also support something called multishare. So you can actually split the backup into multiple shares, let's say five, and only three of any of those shares will actually be able to recover the wallet. So as you said, if it's like dispersed in space and locations, then it's like really hard to wait.

A

I wasn't aware of that. That's effectively like having multisig with one device.

B

True. It is not multisig in its nature because this doesn't happen.

A

3 of 5. Like the idea of.

B

The idea is very similar. Yes, yes. The idea is that basically you make this split on the backup level. Right. So you basically can. Can disperse sort of the wallet into five shares. I think good example is like I don't know how much are familiar with the Harry Potter story. Like it's something how we explain it where the Voldemort he has like these. I don't know what was it called in English, but like these part of his souls basically. And that's exactly a similar concept where you have these parts of the wallets and only certain number of them can actually recreate on the wallet for you.

A

Yeah, I want to talk about the Safe 7 specifically a bit or at least the thesis when you're building it. Do you make a new project thinking about the next billion people that are inevitably coming into crypto or do you really think about the very security conscious people who already believe in self custody or are likely to believe in self custody and focus in on those and can that be the same thing?

B

That's a good question because it's something that we obviously is quite important for us as a company to tackle and we've had. We've been having these discussions for forever. But I think what we are seeing now is that we are moving more from the like absolutely. For everybody billion people use case or target audience into more. Yeah, let's target a small. Some specific groups of people more and more targeted Personas because. Well first like practical reasons, you mentioned the ETFs. There's exchanges. You can just go to app store, click a button, download some whatever exchange and you can create the wallet or the software wallet. You can download the software wallet and start very easily. Which is perfectly fine. I would not even as a user I would say there's no problem with this as long as you understand that you should probably not store much value in these wallets because they are simply not secure enough because there is so much competition from this side. This substitute offers that are cheaper, more accessible, more scalable to a certain way. We need to compete obviously we are security company so we compete on the premise that we are more secure than any of these solutions. But we will never be as competitive in terms of we cannot be for free. Right. Because some of these software basically the Dex they're Free. And the business model is based on maybe some fees if you make some swaps and staking, whatever. So we're going to do that because the hardware is not cheap, like it's not for free. Right. And because it's secure, we really need the hardware part of it with actual display because there are also competitors that are, that they call themselves hardware Vault, but they don't even have display, which is very problematic because again, the blind signing was part of the story of last year where the biggest hack on Dubai would happen. So you need the hardware wallet, you need the display. And we are now targeting maybe not everybody, but more people that are actually with, specifically with Treasure Safe 7, we targeted sort of the more, I would say advanced users in a way that they already know the space, they know what they are doing a little bit more. They interact with all kind of blockchains more often as well. So more like more frequent use case. So yeah, that's how we, how we think about it these days.

A

So I think a lot of it's sort of along the lines of the same question. So you're obviously going to get a lot of new users, but when you come out with a new product, you also want to have your existing users or users of other wallets upgrade to yours, right? So like if somebody has a Trezor from 10 years ago, seven years ago, eight years ago, I don't know, you know, as what's the pitch for them to upgrade to the new one And I guess what risk are they reducing that they probably don't even realize that they had, you know, like, what if I'm sitting on a wallet and I'm lazy and you know, listen, I've been through with every wallet personally, terrifying firmware updates where I thought things were gone or like a light heart attack when I'm sitting at dinner, if I remember where my seed phrases are, even though I know they should be there. Right. I mean, we've all had these human moments. So I guess what benefit are you getting by upgrading? What risk are you reducing and why should you get the new one

B

specifically? Trezor State 7 is a great example. It is really the most secure hardware wallet that we have built. It has two secure elements. Those specialized chips that I mentioned, for example, Model one, like at the first, every hardware wallet that we have ever built, well, the first ever hardware world in the world didn't have secure elements. You can still protect it cryptographically by using passphrase as a concept of the additional word that only you remember and that cannot be recovered from anywhere. So that's still safe if you know how to use it. But objectively, Trezor 37 is the most secure way from the hardware perspective. So that's one. Number two, the usability, as I mentioned, it's simply Chesro Model 1 is like this big. It has two buttons, tiny display that is like black and white. Exactly.

A

Maybe I didn't have the first one, but I definitely was the two little buttons. 1, 2, 3, 4, 5. Yeah, it's brutal. Yeah.

B

So that was the first one. That's actually the first one. The usability is definitely like the experience is worse. That's simply the reality then Trezor67, it's like really beautiful consumer electronics piece of hardware. It's like a nice, very nice device. I think most people appreciate that as well. I mean look at the success of iPhones because I mean they are very usable. They were a beautiful piece of hardware always. So. So it's the same case here. So I think those are the reasons to upgrade additionally ecosystem. So some of the older models don't support all the networks or all the functionalities staking, et cetera. So yeah, those are another reasons where the newer hardware wallets will support more use cases for you as well.

A

Are there any threats that keep you up at night that the rest of us haven't even thought of yet? Everybody seems onto Quantum now. Is there something out there that's a big secret in the industry that we're all missing?

B

I don't think it's a secret, but besides Quantum, I'm worried about AI and I think sophistication of the phishing attacks, I think it's quite crazy. I think exactly. The zoom calls that we mentioned are crazy. The KYC being part of these companies, you know, like having tons of your data, you know, when you combine like this sort of shitty soup, pardon my language, of like, you know, like a scale sophistication of AI, the speed of these attacks that can happen. So that I think scares me, you know, and honestly, I think hardware wallet will play a role in this as well as like a user verification and where you can really rely on a device that is like purely built for a very few use cases. Like it just like it creates the wallet and it signs a transaction, that's it. Like it doesn't do anything else. And that's the beauty of it.

A

I've been thinking about this a lot, I think, and what you just said aligns with it. I think we're actually very ironically going back to a world of hardware again and, and of in person and all these things. Like I think you're going to have to have meetings with people in person to know that they're human. And I think that people are going to be very skeptical of the cloud or anything that's not contained in a system that they can look at. We see obviously with openclaw everybody's buying the Mac Mini and they're putting up a firewall and now running AI instead of in the cloud on an LLM in their, you know, actual device in a secure place. And now you see these pictures of basically server farms of like Mac Minis running AI, but they're secure hardware setups that the world has completely abandoned until now again. So maybe the hardware device actually becomes the secure intermediary for other transactions as well. It just seems like we're going back to a hardware based future just to make sure that things are real.

B

Yeah, exactly. It's exactly. It reads my mind and you know, maybe even, even in my personal sort of life, I mean I used to be like my background like way before I started in tech. Like I was a musician, I studied music actually. And now these days I'm thinking, you know, like, like people are now scared like the, in the, in the out world in general. Like you know, now you can create music online also like through, through AI that is just like getting really incredible quality, you know, like it's, it's. But I'm kind of believer in that it will only strengthen also the pure human connection where people will actually want to go to gigs, they will want to see live shows, they will want to do all those things which you know, it's like some pros and cons of course, like yeah, maybe as, I don't know, Spotify or whoever, whoever killed the recorded music industry many years ago. It will probably happen similarly with AI as well that like these sort of creators will be heard by this. But then I also believe the live shows will get away much more. So it's exactly as you say. People want to meet, will want to probably meet in person more. And on the tech side, yeah, hardware probably will have a big story to play here.

A

My background is music as well. I grew up playing music. I went and got an Ivy League degree and then chose to be a DJ after that. You know, after playing competitive classical piano as a kid and stuff. And funny, when DJing became less analog, I got pissed off and was like, the technology, I don't want to be there anymore. I was like one of those Bible guys, you know, so it's. That resonates very well with kind of, kind of my thoughts. I know we only got a couple minutes here, I guess from a very big, big picture picture like your company and you as the CEO, you obviously have a major responsibility to the crypto ecosystem to secure their assets. But when we look at the AI future and these things, all these things we've discussed, how much responsibility do you think you have for the future of financial sovereignty and human sovereignty and all of these things? Because it seems like that's becoming more important than ever.

B

Absolutely. I think the responsibility is huge here, not just for me personally, but also for the whole company. Like I mentioned before, we like to say we are freedom technology company. That's the main reason why we do it, quite frankly. It's not that we would be obsessed with just the crypto on its own. I think we do it mainly because we give some power and rights to the individual as they should have them. Right. So when we launched Azure Safe7, we built this big event in Prague and invited guests from all over the world. And I kind of asked myself question because as a CEO I had to introduce the product, right, like on this keynote. And I asked myself the question like, okay, so what am I even going to tell these people? And then I'm thinking, well, they might be wondering how come that the first hardware world company ever is actually from Prague and why are there so many bitcoin companies in Prague in like a tiny country, 10 million people, you know, in the middle of Europe. And honestly I think it's based on the history because long story short, I don't have to maybe tell you the whole story, we might not have time for this but like basically in 50s there was some communism and there was some so called monetary reform and people lost all their savings because the government basically came and said, well, what was valued now like 100 bucks, now you only own like 5 bucks or 2 bucks. It was this drastic. People really lost more than 90% of their savings just because of this sort of devaluation of money. And honestly it's like just a few generations in my family, my grandparents still remember these times. And I think we build so much distrust with the establishment and with the governments, etc. So I think that's why there are this many freedom tech companies and Czech Republic in general. And now looking in the world you would think, okay, so, well those things maybe happened in the past and they are not going to repeat. But the reality is it's happening, right? It's happening in the Ukrainian Russian war. It's happening even in Europe for the last four or five years. So yeah, it's all over the world. We can, I think all feel it. Right. So what's happening in Latin America, Middle east, all around the world? Basically we have issues like this. Therefore the self custody really is important part of this. And we will fight by giving great products and creating great products. That's the way we want to address these issues in the world, globally.

A

I know we're at the end of time here, but is there anything I missed? Anything you want to make sure that my audience hears about?

B

If you haven't tried self custody, please do that. You can start with software wallets. Just make sure that you understand they are not secure and that they get hacked all the time. You don't have to trust me. You can verify it yourself. You can go on your favorite chatbot or Google and just search this information. And then once you're ready. Yeah, try Hardware Wallet. It doesn't even have to be us though. Of course, I'm biased here. I believe Trezor is great, but there are other competitors that are doing a fantastic job as well. So. So, yeah, please get into Hardware Wallets.

A

Thank you so much. That was really an enlightening conversation and I don't think we talk about security enough anymore. I think it's one of those things that people were so passionate about in the early days and now we just talk about like what Donald Trump is doing or whether we're going to get legislation.

B

Yeah, I guess there was something to change.

A

Yeah. I think it's important to go back to first principles. So I really appreciate you doing that with me.

B

Absolutely. Thanks for having me, Scott. I really appreciate it.

A

Thanks so much.