BitKey Product Manager

Everybody has something in their life that's more important to them than bitcoin. As soon as that thing is threatened with coercive violence, all of self custody breaks down. If you never make a mistake and you set it up perfectly, you have an amazingly secure system. But if you make a mistake, you lose everything. Fixing the wrench attack problem needs to be one of the top priorities of. How do you do that? There's been this idea of conflating self reliance as a value virtue to cover the lack of products that do it for you. I need to believe in permissionless money. I need to use permissionless money. I need to do what I can to make everyone in the world have access to permissionless money. And I think if that takes the form of safer and easier solutions, that's a win all the way around.

Bitcoin Podcast Host

Have you seen how many people are getting wrench tagged right now?

BitKey Product Manager

Yes, yes.

Bitcoin Podcast Host

Like in France, I think it's something like this could be wrong. It's like 50 a week or something insane like that.

BitKey Product Manager

I had no idea.

Bitcoin Podcast Host

I could be over. I could be over exaggerating there. Someone told me a stat recently. It kind of blew my mind. But like the number of attacks are happening for whatever reason. France seems to be like the epicenter of this moment.

BitKey Product Manager

Yeah.

Bitcoin Podcast Host

But I have a friend. I won't dox him too much, but he was in London recently and he was out with some people. He's like a bit of a shitcoiner. And he was out with some people that are known in like the crypto space and went out for drinks, left the bar and got held at knifepoint.

BitKey Product Manager

Oh my God.

Bitcoin Podcast Host

Unlocked his phone. He had terrible security setup. And so they managed to steal a significant amount of money from him.

BitKey Product Manager

That's terrifying.

Bitcoin Podcast Host

At knifepoint, along with his watch. And do you know one of the crazy parts of that story is that some of it was taken from an exchange.

BitKey Product Manager

Yeah.

Bitcoin Podcast Host

And he spoke to the exchange, obviously, like filed police reports, all this sort of stuff, and then followed that, like, follow the transaction. And I believe. Don't quote me on this, I don't want to get in trouble. I believe that they found that it went to Binance and Binance didn't refuse to do anything about it really. Which is. But regardless of that, which is insane in its own way, like the physical threat on bitcoiners feels pretty high right now.

BitKey Product Manager

Yeah.

Bitcoin Podcast Host

Like, how do you view that?

BitKey Product Manager

Yes. Okay. So I think the wrench attack problem is like a structural issue with bitcoin and self custody in the sense that Even though the numbers are small, I mean, they're very troubling. You read these reports and they're scary and gruesome sometimes. I think the reason it's so important is that it kind of gets at the core of self custody, which is if you have full control of your keys, then you can be coerced to do something with them. And so as soon as something more important than Bitcoin is threatened and everybody has something in their life that's more important to them than Bitcoin, as soon as that thing is threatened with coercive violence, all of self custody breaks down. And so that's a really structural problem. And so looking at it less from like, well, how often does it happen? And all of this just from a systems point of view, fixing the wrench attack problem, I think is. Needs to be one of the top priorities of. How do you do that? The one thing that I really don't like about the current wrench attack mitigations is they're all based on either deception or coercion. Sorry, deception or avoidance.

Bitcoin Podcast Host

So you talk about things like duress pins on wallets and stuff like that. And I'm with you on that because they're cool.

Podcast Advertiser/Guest

They're really cool products.

Bitcoin Podcast Host

I like that they exist. But the question always has to be, would you actually use it in that situation?

BitKey Product Manager

Exactly. That's exactly right, yes.

Bitcoin Podcast Host

Using a duress pin or whatever, does that just make the potential attacker more angry? What's the physical threat that you. Or the physical action they take if you kind of trick them into basically bricking your hardware wallet?

BitKey Product Manager

So, yeah, so this is the thing that I really don't like about duress pins and decoy wallets is that I don't think the, like, almost the game theory, the mechanics of it play out that well, because if you, you obviously have a way to get back into your wallet, right? Or you. Or you burned all your bitcoin in that moment. But if you have a way to get back into your wallet, you haven't really changed much about the situation. You've just made it harder. So like, maybe you've gotten rid of the access in your home, but now you've got some backup somewhere else. And so the attacker's still there. The attacker's still, you know, you haven't ended the attack. And then. But the other version I think is even more scary is if you don't have a decoy wallet, but the attacker thinks you have a decoy wallet. And how does that play out? And so the whole Mechanism of decoy wallets feels like it doesn't really solve the problem. And so putting self custody users into the situation of am I going to resist the attacker, I am going to try to trick the attacker, how am I going to navigate the situation? And some of these solutions are like put your backup key in a bank lockbox because then you have to go there or whatever. But all of these really put a lot of the onus on the self custody owner in a violent situation. And so I think to really solve the problem, what we need to do kind of as an industry is take on the assumptions of if an attacker has full knowledge of your wallet setup and the victim is fully compliant, can you still protect the bitcoin? And if we can develop solutions that meet that test, I think we'll have something that's like actually can mitigate wrench attacks and start to solve the problem.

Bitcoin Podcast Host

Yeah, because like if you go through the. Someone breaks into your house.

BitKey Product Manager

Yes.

Bitcoin Podcast Host

The different setups you can have with your bitcoin is either like from the very basic. You might have bitcoin on an exchange. Well, that can be taken if they've got you at knife point. If you have it on a single Sig hardware wallet, they can potentially take that as long as you kind of actually sign the. Sign the transaction. If you have multisig, you can have it with keys distributed. Like you may not physically be able to move Bitcoin, but. But the threat is that they can chop off your finger until you do something.

BitKey Product Manager

Yeah.

Bitcoin Podcast Host

And then one that's very interesting is like the anchor watch model where they basically say, give them the bitcoin, that's fine, we've got you insured.

Podcast Advertiser/Guest

What other solutions do you think there

Bitcoin Podcast Host

can be in that stack?

BitKey Product Manager

Yeah, yeah, that's a good question. So this is, this kind of gets into the seedless architecture of BitKey because I think the. One of the downsides of seeds, and I don't want to bad talk seeds too much because seeds have very good uses, but one of their challenges is that they're an instant compromise of the wallet. So as soon as you have the seeds of the wallet is.

Bitcoin Podcast Host

I mean that is the bitcoin that is the point.

BitKey Product Manager

And so when you have seed artifacts, what you essentially have are the private keys kind of unprotected somewhere. And so one way to get the bitcoin is to just take over the keys. When you use a seedless architecture, the way you exit the wallet is not through private key transfer, it's through a transaction. So you Take your two keys and you make a transaction, then you send that transaction to a new wallet. What's really nice about using transactions as an escape mechanism, as opposed to seeds as an escape mechanism, is transactions can be restricted in a way that could give you more protection. And so people have talked a lot about this in the covenants realm, which is like, okay, if the, the blockchain itself had primitives that could restrict how bitcoin was used, you could do all sorts of cool stuff. We don't have covenants yet just for

Bitcoin Podcast Host

anyone who's not technically on this show. So covenants, they basically allow you to almost like whitelist addresses where you can send bitcoin to.

BitKey Product Manager

Yes, yeah. So they're basically an additional layer. So it doesn't exist yet. There's a bunch of ideas, there's a bunch of proposals, but the core idea is restricting how the bitcoin moves, not just who can move it, because that's what keys do. Keys already figure out who can move it, but restricting where it can move, when it can move is that destination. Whitelisting is that, time delays is that. And this is where all the different proposals, but just this idea of having an additional layer of restriction on movement. And so what you can do today is you can take your bitcoin and encumber it by multiple signatures, one of them that you control, one of them that is controlled by say, another party. And this starts to get into different, different collaborative custody models. But you can put restrictions on, hey, there needs to be a time delay and there needs to be a biometric scan and there needs to be all of these additional restrictions. And once you enter that world, I think there are a lot of solutions here. And this is actually something that we're working on on bitkey and we're going to. After we announce our new product at Vegas, the next big thing we're working on is the wrench attack problem. And so we actually have some designs that we've been working through that we want to take to the community and get some feedback because it's a really hard problem and there's like a lot of different trade offs. But the general shape of it is to restrict the way how bitcoin moves out of the wallet so that you can add in time delays and biometrics checks and all of these things that could mitigate wrench attacks.

Podcast Advertiser/Guest

Do you wish you could access cash without selling your Bitcoin? Well, LEDA makes that possible. They're the global leader in bitcoin backed lending. And since 2018 they've issued over $9 billion in loans with a perfect record of protecting client assets. With ledn, you get full custody loans with no credit checks or monthly repayments, just easy access to dollars without selling a single sat LEEDN exclusively. Offer Bitcoin backed loans with all collateral held by LEDN directly or their funding partners. Your Bitcoin is never lent out to generate interest. I recently took out a loan with ledn. The whole process was super easy. The application took me less than 15 minutes and in a few hours I had the dollars in my account. It was super smooth. So if you need cash but you don't want to sell bitcoin, head over to Leden IO WBD and you'll get 0.25% off your first loan. That's Ledn IO WBD. If you hold Bitcoin, your phone number is one of your biggest vulnerabilities. Simswap attacks are one of the most common attack vectors targeting bitcoiners. Somebody socially engineers an employee at your carrier, moves your number to a new device and they're into your account. It happens because traditional carriers put a human in control of your phone number, someone who can be bribed or tricked. But Kape is a US mobile carrier built from the ground up, with privacy and security at the core. They don't ask for your name or Social Security number when you sign up. They collect the minimum data required, delete it as fast as possible and never sell it. When you sign up, you receive a 24 word passphrase, just like a bitcoin wallet. That's the only way to move your number. Not a customer service rep, not even Kape's own staff can do it. You're the only person who controls your number. If you hold your own keys, you should hold your own phone number too. So head over to Cape Co WBD and use code WBD at checkout for 33% off your first six months. That's Cape Co WBD and use code wbd. Bitcoiners. As you know, with fiat money constantly debasing, wealth preservation isn't optional. That's why I recommend Swan Bitcoin, a team of dedicated bitcoiners who work with families and businesses to build and secure generational wealth. With Bitcoin, strong relationships with clients are at the center of everything Swan does. A dedicated Swan private wealth representative, which is a real person that you can text and call, will help you build a bitcoin wealth strategy using Swan's comprehensive platform of bitcoin services, including tax advantaged Retirement accounts, advanced Bitcoin, cold storage using collaborative self custody, inheritance planning with both trust and entity accounts, tax loss harvesting, asset backed loans, and more. Swan have helped over 100,000 clients since 2020. And if you're serious about acquiring and securing Bitcoin, I recommend Swann meet the team@swan.com wbd which is s W-A-N.com wbd

Bitcoin Podcast Host

so the new product, can I see it? Yes, here, let's have a go. So I'm going to come at you

Podcast Advertiser/Guest

with some of the criticisms that the

Bitcoin Podcast Host

original bitkey got and let's see if they're fixed. So the big one was obviously the screen or the lack of a screen.

BitKey Product Manager

There is.

Bitcoin Podcast Host

I can see that that's fixed.

BitKey Product Manager

There is a screen, yes.

Bitcoin Podcast Host

So what are the new features in this?

BitKey Product Manager

Yeah, so the key thing we wanted to address is we really wanted to address verification writ large. And so it's bigger. It is bigger. We, you know, bigger screen or a screen and a battery. It's slightly larger. I don't have the original one on me.

Bitcoin Podcast Host

But

BitKey Product Manager

one of the things we wanted to do with the screen is typically hardware wallets verify transactions. Because hardware wallets are typically signing devices. They're not full recovery systems and inheritance and all of that stuff. Bitkey is a full system and so because it has recovery mechanisms, recovery contacts, inheritance, all of these security settings, the screen is used to verify all of that. And so the screen protects not just your transactions, but where your notifications go, what your email is, what your recovery contacts and your inheritance stuff. We really wanted to look at verification writ large, not just transaction signing.

Bitcoin Podcast Host

So one of the cool things about the bitkey, I've always thought, is that it's like the hardware wallet that anyone could use.

BitKey Product Manager

Yes.

Bitcoin Podcast Host

So if my mom and dad wanted to set up self custody, this is where I send them. Does the screen add complexity?

BitKey Product Manager

It certainly adds more steps. The point of the screen is really to say, make sure that anything that the app ever asks me to do, I can double check first.

Bitcoin Podcast Host

Yeah, that's awesome.

BitKey Product Manager

So what will happen is when the app wants something from the hardware, whether it's changing a security setting or doing a transaction, the screen will show it and you have to approve it. So it adds that extra step. We did a lot of work to make it as easy as possible. You'll see the screen is really beautiful. It's like easy to read, it's touch and swipe. And I think your parents will still be able to use it. They'll be able to use it and

Bitcoin Podcast Host

so let's go through the sort of criticisms of BitKey, sort of the original BitKey, the screen was obviously one of the big ones. Another one was that you can't export a seed phrase. Is that still the same? Yes, that is the same. And that's intentional.

BitKey Product Manager

Yes.

Bitcoin Podcast Host

So what's the thinking there?

BitKey Product Manager

Yeah, so the, the first place where I would start is like what a seed phrase is, because I think this is one of the questions we get at the booth a lot is how is this self custody if you don't have a seed phrase? And I think that's the right place to start because it is a misunderstanding of what a seed phrase is. And so a seed phrase, it's a way to regenerate your key, it's not a private key. And so Bitcoin existed for years before seed phrases exist. Seed phrases were an invention to make managing private keys easier. And so with bitkey, you have private keys. So it's self custody. You have two of the private keys fully in your control. You can always move your Bitcoin. You never need block or bitkey or our servers or our apps or anything. And so what we wanted to do is we wanted to look at, when we were thinking about self custody, we wanted to design not just like a hardware wallet which generates keys and then does signing. Then what most hardware wallets do is they'll generate a seed phrase and give it to you and say, okay, backups, go figure it out. Inheritance, go figure it out. So now you're left with a seed phrase and you have to figure out, how many copies do I make, where do I store the copies, do I need a descriptor? And you have your own treasure map and all that stuff. So what we felt was that once you introduce a seed phrase, what you've done is you've said the hardware is now allowed to export its secrets, and then you give the user the challenge of protecting those secrets. And so that's just like a system design decision. And that's a really big thing to put on customers. And frankly, it's really hard. Like doing it well is hard. Keeping it up to date is hard. Checking that the backups are still there, like all of that is hard. And so you've basically given the recovery system as a DIY project to customers. And so that's essentially what seed phrases do. And for some people, that's very empowering and they're very good at it, and so great use seed phrases. For most people, it's a product they didn't want and so what we said is, okay, what if we started from a different point of view? What if we said the hardware never exports its secret? Not as a seed phrase, not as a raw key. What we know then is that there is exactly one copy of your key on one physical piece of hardware gated by your fingerprint. And now let's build a security and recovery system around it. And so we say, well, what happens if you lose your hardware? And we've got a recovery system to solve that. What if you lose your phone? Recovery recovery system to solve that. What if you lose both? We can do that. What if you die? You can do both. And so we went sort of case by case to figure out what it would take to build a self custody system, not just a hardware signer.

Bitcoin Podcast Host

So do you think that users, especially the more technical hardcore bitcoin users, lose anything from using a bit key? Who is it designed for? Is this a mass market product or, or is this a bitcoiner product?

BitKey Product Manager

No, it's a bitcoiner product for sure. Yeah. And I mean the people that build it are bitcoiners. And the idea here is full control and to make it very strong. And here's I think, where maybe our approach differs a little slightly from others and makes it seem like more of a normie product when really we are trying to attack very, the very, very core of self custody, which is, I think most self custody products focus on security as like the one dimension to optimize. And we like to use the word safety instead of security and say that safety has a couple of different dimensions. And so one is security. And security is really protection from adversaries. There's also recovery, which is protection from loss or natural disaster. Then there's privacy, which is really the first line of defense against wrench attacks. And then there's ease of use which is like protection from mistakes. And I think this is one that's really undervalued in our products. I agree.

Bitcoin Podcast Host

Because this is like everyone always sets up their bitcoin as if like the state is going to come after them and try and steal Bitcoin, when in reality I think the biggest threat to your bitcoin is always you.

BitKey Product Manager

100%. Yes. And like, yeah, the security model of Bitcoin, of most Bitcoin self custody products is don't make a mistake and you're fine. And you know that's true. If you never make a mistake and you set it up perfectly, you have an amazingly secure system. But if you make a mistake, you lose everything. And so what we did is we said, okay, well if we look across those four dimensions and we say, well, what makes a good self custody product? It's you can't compromise on any of those four. And so like how do you build products that raise the bar? And one of the challenges we had is when you go the seed phrase route. There's the issue with it is you've put a burden onto the user to figure out the recovery system, the inheritance system, and once they have to do that themselves, the quality of that solution depends on how perfect they are and how well they can not make mistakes and set it up properly. What we wanted to do was bundle it all together into a cohesive system. If you have the technical know how and the operational discipline to DIY a system that's better than BitKey like you should. But I think it's an incredibly high bar because it's exactly what like we do internally, like how do we, how do we raise the bar of the system overall? And so it is designed for hardcore bitcoiners and there's, you know, there's all sorts of like advanced things you can do with it, like exporting the descriptor and checking it on Sparrow. If you want to make sure the wallet's set up the way you want it to, that's cool. You can take the private key material, you can create backups of your app key and make it decryptable by hardware and store those on your own in other places. And there's all sorts of things you can do to kind of extend it. But yeah, it's a bitcoiner product.

Bitcoin Podcast Host

Can I play devil's advocate and ask you another question that people have always sort of raised about bitkey is are you reliant on block servers and what does that mean for the user?

BitKey Product Manager

Yes. So you are not reliant on block servers. And so the core definition of self custody is the wallet owner can move their money unilaterally and no one can move the money without them. And that is true for BitKey. And so the way that it works in BitKey is when you set up your wallet, there is a PDF that's uploaded to your cloud and that PDF has one of the keys in it. So BitKey has three keys. It's a two of three multisig setup. One key is on the hardware, one key is on the phone, one key is on the server. So the app key, the one on your phone, is encrypted by the hardware key and then uploaded to your cloud account. As a PDF, and we call it the Emergency Exit Kit. And what that allows you to do, you can then download it, make copies, do whatever you want. If your cloud provider, let's say Apple or Google, get access to it, or somebody hacks your cloud, what they have is an encrypted file. They can't use it unless they can decrypt it. And the only way to decrypt it is with your hardware and your thumbprint to unlock the phone. And so they basically haven't compromised any keys just from gaining access to it. You can always take that PDF. You can take your hardware, decrypt the PDF. So now you have two keys. And then with two keys you can move Bitcoin. And so you can. It's all open source, so you can write your own software if you don't care. If you really want to go tinfoil hat to create a transaction, sign it with your two keys and broadcast it to the network. We provide a open source. I mean, BitKey's open source. We provide another piece of software that does exactly that, hosted on GitHub, that anyone can use, but you don't have to use it. You can write your own. And so with no BitKey app, no BitKey servers, no block company, nothing, you can move your Bitcoin. Cool.

Bitcoin Podcast Host

Because between the screen and that, they're probably the two biggest criticisms I've seen thrown at Block. So with adding the screen, I guess you've removed that. It's very cool.

BitKey Product Manager

Thank you.

Bitcoin Podcast Host

And it's interesting to see how Bitcoin security, hardware, wallets have kind of adapted over the last few years. Because one of the most interesting things to me is when I got into Bitcoin, the path to self custody was really clear for me. I first bought Bitcoin on Coinbase, and then if you want to actually have real Bitcoin, the path to move that self custody is very simple. It's literally one transaction to a hardware wallet and you then own your Bitcoin. And that has changed so much in the last few years in the sense that I think if you're coming into Bitcoin now, where are you getting your Bitcoin? There's still a good chance you're using a River or Swan or a Coinbase or whatever, but there's now a greater chance that maybe you're buying it through like an ETF in a retirement account, or maybe you're going straight to a Treasury company. How do you see that kind of institutionalization of Bitcoin affecting self custody?

BitKey Product Manager

Yeah, it's a great question. So I think where I would start is that why self custody is important. And I think there's a couple of different layers to that. The first is just like, why is it important to Bitcoin in general? And I think that, like, you know, that's something along the lines of permissionless money is incredibly important and is like a huge unlock for civilization writ large. And in order for permissionless money to work, you need to have decentralization. In order to have decentralization, you need to have decentralized mining and decentralized ownership. And so self custody is really that pillar of decentralized ownership. And so you, you need self custody for Bitcoin to work. So I think that's kind of. But that doesn't quite answer the question, which I'll get to, which is like, okay, I'm getting into Bitcoin, which should I buy? But to kind of like walk it down from sort of first principles. I think the other reason self custody is still super important is that access to ETFs and all of these things is not equal. Like, you know, of all the people in the world, very few people have access to these ETFs. And so, you know, very few people even have access to bank accounts or a reliable currency. And so being able to have Bitcoin, if you have Internet, you can have Bitcoin, you can have a bank account, you can have all of these great things. Self custody is still tremendously important. But if you then kind of sort of narrow it down to, all right, I have access to both, which one should I buy? When you buy the etf, you're not buying permissionless money. You're buying price exposure. And even worse than that, you're buying permissioned price exposure. And so what you're giving up when you're doing that is Bitcoin has a lot of utility beyond just price. And that's everything from being able to take out a loan against it as collateral, to spend it, to purchase things. And so you're sort of giving that up in the ETF world. But even still, to kind of walk it down even more, what if you say, like, look, I really don't care about the utility of bitcoin, I just care about price exposure. Should I do ETF or self custody? I think even then it's not super clear because in the ETF world, you have all these additional restrictions on your Bitcoin, which is, when can you trade it? Well, when the market is open, if you don't like an ETF and you want to move to another etf, do you have to sell and take a tax gain and then buy in again? You can't just move it from exchange to exchange the way you can with Bitcoin.

Bitcoin Podcast Host

And same problem with even if you want to sell your ETF to buy real Bitcoin and move it to a hardware wallet, there's still going to be a tax hit at that point.

BitKey Product Manager

Yeah. And I think maybe one or two ETFs do in kind redemption, but most don't. But that's kind of the point which is it depends on the provider. And so you're definitely in the permissioned world. And so I think you're definitely taking on more restrictions. But one of the things about how the question is typically framed, I think embeds in it some priors which I think have been true but may not be true anymore, which is like self custody is harder and self custody is less safe. And I don't.

Bitcoin Podcast Host

Than the etf.

BitKey Product Manager

Than the etf. Yeah. And I think that those maybe if they were true, require another look. I think self custody has come a long way in the past two, three years.

Bitcoin Podcast Host

It's probably harder for people that maybe already have like a brokerage account, they can just buy the ETF on their phone. Like self custody is harder than that.

BitKey Product Manager

Yes.

Bitcoin Podcast Host

But it's like what's the trade off? Is it worth the work?

BitKey Product Manager

Is it worth it? And I think one of the things that people undervalue is what are the risks of the etf. And these are like, while they are kind of long tail, tin foily hat risks, they have all happened before. So the idea of like maybe the government decides you can't own Bitcoin anymore so you get forced, converted back into USD at a semi unfair price. I mean like that happened with gold. Or maybe the exchange is negligent and can't fulfill it. Take a Lehman Brothers or maybe it's full on fraud, like more of an Enron or an ftx and there's a small percentage happens. But if you hold Bitcoin over a decade and you stack up all of these catastrophic events, you're not taking on no risk, it's not zero. I think what it comes down to at the end of the day is would you rather your risk take the form of political, governmental, business risk so like the people who make the rules or would you rather your risks take on the private key risks which is like can I manage it safely? Is it safe from natural disaster? And so you're either taking on self Custody risks or politician business government risk. And I think that when weighing those two, it's not clear to me that there's the ETFs are the obvious answer.

Bitcoin Podcast Host

No, I know which side of that I fall on. I want to take the risk on myself. I want to be in control of my destiny.

BitKey Product Manager

Yes. And I think what's been great about self custody over the last forever, but I think a lot in the last few years is that risk has been getting smaller and smaller as the tools have been getting better and better. The risk of self sabotage I think has decreased dramatically in the last two years as you start to get these collaborative custody solutions, these seedless solutions, things that make it harder to make a mistake and make it easier for you to have recovery, to have inheritance, to have safe keys without having to deal with all of the details of setting it up.

Bitcoin Podcast Host

Do you think there's any argument to say that with the move away from the sort of more hardcore bitcoin solutions, making things easy, like the seedless idea, does that take a step away from the core values of bitcoin in any way?

BitKey Product Manager

Okay, I don't think so. And I might not be reflective of sort of the most OG hardcore bitcoiners, but I've been a product manager for a long time, 20 years. And really for me it all comes down to what problem are you solving for who? And I think that one of the places where I think there's been a big gap in the products in the bitcoin industry is there's been this idea of conflating self reliance as a virtue to cover the lack of products that do it for you. Which is to say, hey, take your seed phrase, protect it yourself, put it in metal plates, bury it in the ground, distribute it. Self reliance is a virtue in and of itself. You are now practicing this higher form of Renaissance man. And I kind of look at that and say like, that's not what people want to do. They want permissionless money they can own easily and safely. And that's like. And this using the ideal to cover the gap in good products has always, never has really sat right with me. And so I don't see the ethos personally. I guess it's more of a personal statement than a statement about the industry. But I don't see the ethos as, as I need to DIY it myself to be a real bitcoiner. I need to believe in permissionless money. I need to use permissionless money. I need to do what I can to make everyone in the world have Access to permissionless money. And I think if that takes the form of safer and easier solutions, that's a win all the way around.

Bitcoin Podcast Host

Yeah. So if you think with the bitkey, obviously in terms of seed phrases, they're gone. Yeah, it's collaborative. There's two or three where you have a key, one here, one on my phone, it has inheritance. What's missing? Like, what's the piece that you want to build next? What do you think the hardware market needs?

BitKey Product Manager

Yes,

Bitcoin Podcast Host

because we were talking before about wrench tags. How do you look at that? Do you have something in mind?

BitKey Product Manager

We do, yes.

Bitcoin Podcast Host

Yeah.

BitKey Product Manager

So let me just kind of take the trajectory there because this is exactly how we developed BitQ, which is we sort of looked at the self custody markets. Okay, what is the. What are the biggest problems to solve? And so the first one was people's recovery systems are really uneven in their effectiveness and their thoroughness and how well they resist different types of scenarios. Let's build a wallet with a recovery system built in. And that led us down the seedless route. And then when we got there we said, okay, well inheritance is the next biggest one. That's one of the hardest things to do because right now inheritance is like treasure maps or KYC solutions. Even if they're self custody, they're kyc. So then we said, okay, let's tackle inheritance. And then we looked at our solution and said, well, because this is collaborative custody, we have one of the keys and one of the things we don't like about having the keys is we had visibility into the wallet because when you have the keys you can see all the transactions. And so we were very uncomfortable with having that sort of visibility because we don't want that data. So then we invented chaincode delegation, which is a bit proposal.

Bitcoin Podcast Host

Posner and Jervis. Yeah, that's right.

BitKey Product Manager

Yeah.

Bitcoin Podcast Host

So the two of them, that's really cool. And that's something that's just good for bitcoin as a whole.

Podcast Advertiser/Guest

That's awesome.

BitKey Product Manager

It is so cool. I like, I'm such, I love both of them so much and they're like,

Bitcoin Podcast Host

yeah, I'm a big Jesse Stan.

BitKey Product Manager

Yeah, yeah, yeah, for sure.

Podcast Advertiser/Guest

Yeah.

BitKey Product Manager

No, they did such a great job with that. So basically what they did is they invented a way for multisig, which typically every key has both signing ability and visibility of the wallet to say even if a key can sign for the wallet, it cannot see all the transactions of the wallet. Fancy cryptography. And it's applicable to any multisig wallet. We implemented it in ours. And so the key that block holds cannot look at the transactions.

Bitcoin Podcast Host

And that's on by default now, right?

BitKey Product Manager

Yeah, this is how the wallet works. Yeah, it's not an option. It's just we don't want the data, like we don't want it in our systems. And so it's just, it's just the way how the wallet works. And so privacy was the next big one, then the next big one after that was verification. And so we say, hey, we have all this infrastructure now to do like recovery and inheritance and all of this stuff. How do you make sure that you can verify everything that's doing all of that stuff is telling the truth? And so we put a screen on the hardware not only to just do transaction signing, which every hardware screen has done forever, but to validate all of the steps of all of the other components.

Bitcoin Podcast Host

Was it partially to shut the bitcoiners up as well?

BitKey Product Manager

Well, not to shut them up, to get them as customers. I mean, we want to build, we want to build a product that bitcoiners love.

Podcast Advertiser/Guest

The thing that keeps me up at night is the idea of a critical era with my bitcoin cold storage. And this is where Anchor Watch comes in. With AnchorWatch, your Bitcoin is insured with your own a rated Lloyds of London insurance policy. And all bitcoin is held in their time locked multisig vaults. So you have the peace of mind knowing your bitcoin is insured while not giving up custody. So whether you're worried about inheritance, planning, wrench attacks, natural disasters, or just your own silly mistakes, you're protected by AnchorWatch. Rates for fully insured custody start as low as 0.55% and are available for individual and commercial customers located in the U.S. speak to AnchorWatch for a quote. And for more details about your security options and coverage, visit anchorwatch.com today. That's anchorwatch.com do you want to pay less in taxes and stack more bitcoin? Of course you do. Well, by mining bitcoin with blockware, you can, under section 168k of the US tax code, Bitcoin mining servers qualify for 100% bonus depreciation. This means every dollar you spend on miners can directly offset your income in a single year. And that's true for both business owners and W2 earners. If you have $100,000 in ordinary income, you can purchase $100,000 in miners and potentially offset your tax liability entirely. Blockware's mining as a service does all the heavy lifting. They Secure the rigs, they source the low cost power and handle all the day to day maintenance. So you get to stack bitcoin every single day while drastically shrinking your tax bill. Get started today@blockwaresolutions.com wbd and use code wbd for $100 off your first miner. That's blockwaresolutions.com wbd if you already self custody Bitcoin, you know the deal with hardware wallets, Complex setups, clumsy interfaces and a seed phrase that can be lost, stolen or forgotten. Well, BitKey fixes that. BitKey is a multi sig hardware wallet built by the team behind Square and Cash app. It packs a cryptographic recovery system and built in inheritance feature into an intuitive, easy to use wallet with no seed phrase to sweat over. It's simple, secure self custody without the stress and time. Named BitKey. One of the best inventions of 2024. Get 20% off at BitKey World when you use the code wbd. That's B I T k e Y world and use the code wbd.

BitKey Product Manager

Okay, so that takes us to sort of where we are right now. So now we think the next big thing to solve is this wrench attack. Yeah, solution. So we do have a solution in mind and it's almost there. And so we'll be publishing this in probably a couple of weeks to sort of solicit feedback from the community and get people to poke holes in it and do all that. But this is the basic idea which is you put your bitcoin into a vault and the vault has essentially two doors and both are important. But we'll talk about the first one first, which is the normal door is just it requires a signature from both you and bitkey and block. And what block will do is block will withhold the signature until certain conditions are met.

Podcast Advertiser/Guest

So this becomes like a two of two.

BitKey Product Manager

It's a two of two. The first door is a two of two. And the block will say, okay, in order for me to sign, you need to first pass a biometric scan. Second wait a certain amount of time that's configurable by you. So this could be days, weeks, months, and then third pass another biometric scan on the other side of it. And so what this is meant to protect against is any sort of smash and grab wrench attack. Like because you need to pass that biometrics check at the end, end of the period, it forces the attacker to force compliance throughout the entire length of that period. And that could be days, weeks, months. And one of the things that we Used to frame this was we looked through James Lopp's GitHub where he lists out all the wrench attacks and there's hundreds of them there. And looking at if you make the attack last longer than one week, you're already down to 1% of the attacks on that page. If you make it last longer than a month, there's not a single attack on that page that lasted longer than a month.

Bitcoin Podcast Host

Very few people are going to kidnap

BitKey Product Manager

you for a month to get your thing. So that's the first store. So that I think mitigates the sort of first problem of rent or tax. The new problem you introduce with that is that it's not self custody anymore, it's joint custody. And so now what you need to do is put self custody back into the solution. So this is where the second door comes in. So the second door is controlled entirely by your own keys, but it's time locked to when the vault ends. So when you put it into the vault, you say, hey, I want this vault to last for two years. Over the course of those two years, you can use the first door as much as you want. That's the normal door to withdraw bitcoin. You just go through whatever settings that you've configured and the vault just works. If for some reason you wake up one day and you're like, I don't trust block anymore. I don't want to work with them. I don't want them co signing my transactions or block goes out of business or the BitKey app gets pulled from the app store. Anything that you can imagine that second spend path with your own keys can now get the money back out of the vault. And so now you've fixed the self custody problem.

Bitcoin Podcast Host

Wait, I don't know if I understand that. So how would the second door of the vault know that block's gone out of business?

BitKey Product Manager

So it wouldn't know that block's gone out of business. The door just becomes usable at a certain point. Time.

Bitcoin Podcast Host

Okay, okay, okay.

BitKey Product Manager

And so you would.

Bitcoin Podcast Host

So you still have to wait the two years.

BitKey Product Manager

You still have to wait. Yeah, yeah. So you have self custody inevitably. And you can unilaterally decide you're not signing anything until the second door opens, then use the second door yourself. And so it's just like if you were to like a really kind of crude example is you take a bitcoin, you time lock it for a year, it's still your bitcoin.

Bitcoin Podcast Host

Is this using miniscript?

BitKey Product Manager

There's a couple ways to implement it. I think we're depending on the shape of the solution. We're not sure exactly how we're going to do it, but yes, we're using. You can also do it with just some time locks, just basic time locks on the second spend path. Then there's one more piece of the solution. This is the thing with self custody, it's all trade offs. What happens. First door, you solve the attack problem, but you break self custody. Second door, you fix self custody, but you've actually reintroduced a new attack, which is I'll just take your keys and hold on to them for two years. For two years and then get your bitcoin. Yeah, so we have to fix. So that's the last thing to fix. And so our idea here is that we would restrict where that bitcoin can be sent to. So this is back in kind of a covenant pattern. And so, okay, this bitcoin can only be sent to a predetermined address. And so that way even if the attacker steals your keys, they, they can only send that bitcoin to a predetermined address that you may still control, assuming

Bitcoin Podcast Host

they didn't steal that as well.

BitKey Product Manager

So here's. Yes, no, yeah, this is exactly right. So 100%. And so the way that would be enforced, because Bitcoin doesn't have covenants yet, is you can do it on the hardware's firmware. And so you can say, hey, the firmware will only sign transactions of a certain shape. And that shape is going to be the shape we decided when we set up the vault. And so you can configure what that shape is and then it's locked forever. And this is sort of another reason why the seedless architecture gets you there. Because if the key is inside the hardware, then the hardware can determine how the key is used. If the key is exported out of the hardware, which is what seed phrases are, then no system can make any decisions about how the key is used. So anyway, okay, so the last piece of this, which you've already sort of started poking holes in, and this is, this is the piece we need help with, is like, what should that final destination be?

Bitcoin Podcast Host

Yeah.

BitKey Product Manager

Because if it's just another wallet, then they could steal that too.

Bitcoin Podcast Host

Can I tell you my really non bitcoiner perspective on this? Like, people are going to hate me for saying this, but I wonder if the best place is like a bitcoin exchange address.

BitKey Product Manager

That's where we ended up to. That's where we ended up to. And I love that you got there. We didn't get There maybe quite as fast, but yes, I think so. And it's weird to say being such a self custody maxi, but one of the things an institution and custodial bitcoin does really well is it's not susceptible to physical violence the way private keys are. Institutions cannot be physically coerced the way private keys can be physically coerced. And so even though I would pick self custody over custodial Bitcoin 100% of the time, actually not 100%, if there is a violent attacker trying to steal my Bitcoin, where do I want my bitcoin at that moment? In a KYC based exchange. And so one of the nice things about a solution like this is it says, okay, you can basically put it there in that moment that you need it there. And then it's identity based.

Bitcoin Podcast Host

And it's like, don't let perfect be the enemy of good in this, this situation. I agree that I don't hold bitcoin on any exchanges, but in that situation I can't think of a better place

Podcast Advertiser/Guest

for it to go.

Bitcoin Podcast Host

But I guess the best solution would probably be allowing users to decide it

BitKey Product Manager

would be put an address in it. That's how we would implement it. You put, you want it to be. The other things we thought about is could it be another bit key and how do those start chaining together? Could it be someone else's bitkey?

Bitcoin Podcast Host

The problem is then you get into this situation where you have to educate users on how to keep the second bit key and all this stuff. I'm sure you don't want the headache of that because if something goes wrong, they're going to be like, this is what you told me to do.

BitKey Product Manager

Yep. And so the other one is like, could it be inheritance? Like, should we plug out the inheritance solution into that?

Bitcoin Podcast Host

So that's kind of a cool idea.

BitKey Product Manager

Escape route. And so this is really where we're looking to solicit feedback, which is like, because we only want to build things that people want to use. And so if people look at this and they're like, you know what, I do want it in an exchange in this one moment, in this one case, I want it in an exchange, great. If everyone's like, no, that's the worst idea ever, I don't want to do that.

Bitcoin Podcast Host

But I mean, truthfully, like apart from the fact that obviously it's going to a KYC exchange, like if that did happen, you could just withdraw it again, like it's.

BitKey Product Manager

Yeah, exactly. And that's the other thinking too, is almost Everybody, everybody, unless you're a miner, has an exchange they're registered to, that's where they got their bitcoin from. And so like you already have an account set up, you already have a relationship there and most likely your bitcoin came from there in the first place. Do you want to be able to teleport it? It's not actually how it works. But do you want it to be able to go there in a wrench attack? Yeah.

Bitcoin Podcast Host

The thing that doesn't fix, and I actually think is potentially impossible to fix, is you're still the attacker that comes into your home who wants your bitcoin, can't get it and it never stops the physical side of that attack. And this is where, because they still might chop your finger off. But I do think this is where things like ankorwatch are really interesting where you can just send them the bitcoin, just have it and go away and then you've got the insurance claim.

BitKey Product Manager

Yeah.

Bitcoin Podcast Host

Would you ever look into doing insurance type stuff within BitKey?

BitKey Product Manager

Oh, I don't know. I thought you were going to ask me what my thoughts on it and I was going to say yeah, I think the insurance angle is very powerful. Would we put it on our roadmap? I don't know to be honest. So the BitKey product in and of itself, very narrowly it's a non KYC product. So I don't know if you can do insurance without kyc.

Bitcoin Podcast Host

I seriously doubt it.

BitKey Product Manager

I don't know, maybe someone figures that out. Sure. Would it be a better Block product? So like Block does a lot for bitcoin. They've got Cash app for buying bitcoin, Square for spending it, Bitkey for storing it and Proto for powering it, Spiral for developing it. Spiral for developing it. Would one of those other brands like could we do some ecosystem play where like you can get insurance through like cash or something? Maybe it's not on the roadmap. But I think looking at the synergies between the different bitcoin solutions is really where we turn bitcoin into true permissionless money, where it has all the features of traditional finance in its own ecosystem. So yeah, it's a great idea. And I do agree with this piece of Even when you take on the assumption of the attacker has full knowledge and the victim is fully compliant, will they be pissed if they can't get bitcoin? You can't really design away that piece. And so yeah, I think there are interesting insurance angles here.

Bitcoin Podcast Host

Yeah, you've obviously thought about this a Load. And you said you've been a product manager for 20 years. Can we take a step back? Why are you in bitcoin? What happened? How did you get here?

BitKey Product Manager

Oh, so my career up until about 2020 was all in big tech, Internet firms and AI. And then right around 2020 I kind of caught the, I want to say bitcoin bug, but honestly it was the blockchain bug. And I really believed in this idea of decentralization and permissionless. And then I kind of sort of came to realize that bitcoin was really the only truly decentralized permissionless protocol. And it had real product market fit with permissionless money. And that's what I wanted to work on. And that I found my way to block. And Jack Dorsey's bitcoin ethos was really refreshing after sort of the defi degen tour. So I joined the bitking team about a year before we launched the first version of hardware and have been there ever since.

Bitcoin Podcast Host

Nice. And so you obviously spent a load of time looking into the hardware wallet side. Is there anything else you look into in bitcoin? Deeply?

BitKey Product Manager

No, not as deeply as self custody hardware wallets. I mean that's like my full time job and I love it. But just being like a nerd and liking the bitcoin space.

Bitcoin Podcast Host

So you're not getting into the quantum debate.

BitKey Product Manager

I mean I've listened to so many people on it that know a lot more than I do. My take is probably naive, but it's. I think, I don't think we can freeze coins. I think that's just, that's just theft. It's just another version of theft. And so, okay, and this, this is, this is my current thoughts, but like, I don't know, I change my mind sometimes on this. But are stolen coins that big a deal? And so like the one. So let's say whatever. The million coins get broken by quantum computers. So there's a ton of. There's a huge supply shock, the price crashes. All the real believers pick up a ton of super cheap sats. Is it an existential threat to the bitcoin network? And I've seen people argue, yes, that like, okay, if that happens, then miners do this and then once the miners do this, then this thing happens and now bitcoin's gone. I don't know that I buy that. What to me feels like if we confiscate people's coins, that's an existential threat to bitcoin. If the supply instantly increases by 5 million, like not increase to 26 million. But obviously all these coins just flood the market. Is that existential to Bitcoin? I don't think so. And so I think it would suck. But anyway, I feel like my take is that the quantum resistant algorithms exist. Bitcoin will upgrade the protocol in time. Most people will upgrade their coins in time. And then would I rather be in a world where Bitcoin broke the promise of property rights or in a world where the price crashed tremendously? I take the price crash.

Bitcoin Podcast Host

So there's nothing else to say because

Podcast Advertiser/Guest

I agree with everything you just said.

BitKey Product Manager

I passed the test.

Bitcoin Podcast Host

Do you think there's anything that we've missed on the hardware wallet conversation that you pay a lot of attention to?

BitKey Product Manager

Yeah, well, the one thing I think a lot about is this idea of what is a hardware wallet, which seems like kind of a trivial question, but if you think about hardware, it is an air gapped hardware piece of technology that does signing. And necessarily you don't want it on the Internet because it keeps your key super safe. If you think about a wallet, it has to be connected to the Internet because its job is to scan the blockchain, tell your balance, construct transactions and broadcast them to the, to the network. So the idea of like a hardware wallet is a little bit ambiguous. And it doesn't mean like a wallet that has a hardware signer is usually

Bitcoin Podcast Host

what, there's no Bitcoin in there.

BitKey Product Manager

Right. And so like is this a hardware wallet? Like this, this by itself? Well, biky's a little special, but if you take a hardware wallet, usually a better name would be a hardware signer.

Bitcoin Podcast Host

A signing device.

BitKey Product Manager

Right, it's a signing device. And the reason I think that's important is because wallets should have not only transaction capabilities, but recovery capabilities. Where do you put these idea of recovery and inheritance and all of the things you might want from your BitKey self custody system? And we don't really have a good phrase to talk about self custody as a system. And that's how we think about BitKey, it's how we build BitKey. And so are we a hardware wallet? Well, we have a hardware signer. Are we a collaborative custody solution? Well, we have a collaborative key. And so what category are we in? And I think of it personally of self custody as an overall solution. Self custody solutions, self custody system. And so this idea of hardware wallets, I think unless you're ready to go really deep with someone about it, can give people a misconception about the different components that are being put together, especially when you get into Multisig, it's like if you have multiple keys and some of them are hot keys and some of them are cold keys, how do you refer to that? And so I just think of thinking of self custody as an overall system and how it hands handles security, recoverability, privacy and ease of use is like the framework to bring to it. And then looking at the system as

Bitcoin Podcast Host

a whole, it's just, it's not as marketable to call it a signing device as a wallet. So one of the like shade that gets thrown at things like Trezor and Ledger and like these, these hardware wallets, signing devices that like have multiple coins on is that like complexity is the enemy of security in a lot of ways.

BitKey Product Manager

Yeah.

Bitcoin Podcast Host

And so like comparing you to like I'm sure one of your bigger competitors being like ColdCard, this is far more complex in its design. Like in the sense that it's collaborative custody, it has inheritance, it has like potentially wrench protection in the future. Like does that add any issues with security? Whereas like, you know, like if you buy a cold card, it's just, it has your keys, like that's kind of it. It's just a plain signing device.

BitKey Product Manager

Yeah, no, it's a good question and I think the way I would answer it is if you compare just the hardware signer to the hardware signer, then there's no extra complexity. When you start comparing a hardware signer to a full self custody solution, then there's all of this extra complexity on the recovery system and inheritance like you mentioned. But what I would sort of urge you to do in that comparison is to say, well, what's your recovery solution? And so you need to compare. If you're taking let's say the cold card approach, you're not just comparing the cold card hardware to the BitKey system, you need to compare the cold card hardware plus whatever multisig you've set up, plus whatever recovery you set up, plus whatever inheritance you set up. And is that system, the complexity of that system compared to the complexity of the BitKey system? I would expect the BitKey system to be far more elegant in its design because it's, you know, it's. You're not doing a DIY project yourself.

Bitcoin Podcast Host

Yeah, that makes sense. Like I am. I think there'll be a lot of bitcoiners out there that think they have a really secure setup and if push came to shove, maybe that wouldn't be the case. And it's one of the things that like really scares me in terms of pushing people who I know who are getting into Bitcoin into self custody is. It's like there's a really steep learning curve there into doing it. Not just like buying a hardware wallet and sending bitcoin to it, but then actually protecting those keys is a big step if you're doing it the seed phrase way.

BitKey Product Manager

Yeah. So one of my when I was doing some product research for designing bitkey, I was at, I think it was the Op Next conference because I wanted to talk to the hardcore bitcoiners and what I was going around asking folks and I thought it was really illuminating. This is a little bit technical, but I think it's really helpful is that a lot of them had multisig setups. Let's say you have a two of three multisig setup and you've done all of the things. These are people who are really good at it. You've put them in geo separated locations and you've got your descriptor backup. You've done all those things. Okay. So then a scenario happens where one of your keys gets compromised and it's just like it's gone missing. You go to check on it, it's gone, whatever, or your device is dead or something. One of your keys is in bad shape. So now what you need to do is you need to move to a new wallet. You need to sort of fix your setup. So the question I ask them is kind of given this scenario, do you a take your two existing keys, get a new third key and create a new two of three with those keys? So you have instead of abc which is the original, you have AB or the alternative is do you get three new keys? Whatever. D, E, F. Okay. And the reason it's not like a philosophical question, it's more of an operational question because it's how many signing devices do you need to do a migration like that? Do you have one key on each device or are you loading different descriptors onto it and have one hardware wallet that's actually or one hardware signing device that has multiple wallets loaded onto it. And so my question is like which one have, when you did your testing, which approach did you use? And for most people, they've never tried it before and they could do it like they have the know how to do it. But the fact that you haven't tested your recovery system or even sort of done it to me is a signal of just how complex this stuff is. And so even the like hardcore folks who haven't done a multi sig recovery and thought through the number of devices they want to use and how they're going to micromanage those devices. To me says bitkey is for you. Because we have tested it, we know how to do it. I can give you the BitKey answer. I can tell you the BitKey answer takes 10 seconds of a loading animation in the background and it's done. And that I think is really the strength of bitkey. And so it says like, it's doing the thing that you would probably choose. And so when I tell people this is exactly how bitkey does it, it's like, oh, this isn't a normie wallet. Like, this is the solution I would do that I haven't tested yet, but I could test it in a few minutes on BitKey.

Bitcoin Podcast Host

Yeah. The problem in that scenario as well is it's probably the most high stress scenario when you're trying to figure this stuff out. Like, you're not going to be thinking straight when you're worried that like your life savings in bitcoin is gone.

BitKey Product Manager

Right? Yeah, it's a wild. Yeah. Being. Being in that situation for real is like. I mean, I get nervous when I'm like. Because when we do all these testing is like, I don't want to lose the like 20, 20 bucks on my wallet that I took out of the treasury for testing. And I was like, oh, but like, to do it with your life savings is stressful.

Bitcoin Podcast Host

Yeah. I think the big key thing is awesome and I think the screen is a huge addition.

BitKey Product Manager

Thank you.

Bitcoin Podcast Host

It's very cool. Is there anything else you want to talk about before we close out?

BitKey Product Manager

Oh, no, I don't think so.

Bitcoin Podcast Host

Well, I'm excited to see how this goes. Vegas starts tomorrow. Man, it's going to be a wild few days.

BitKey Product Manager

Yeah. I always love these conferences.

Bitcoin Podcast Host

Already lost generational wealth at the tables again. This is two years.

BitKey Product Manager

There's still time. There's still time to win it back.

Bitcoin Podcast Host

Exactly. It never works that way, though. But thank you, man. This has been really cool. I appreciate you doing this and let's go have fun in Vegas.

BitKey Product Manager

Yeah, let's do it.