1 00:00:00,000 --> 00:00:06,660 I think it's important to think of security as a journey and not a destination. 2 00:00:07,200 --> 00:00:10,640 With hardware wallets, there's this, because they've created the easy button, 3 00:00:11,440 --> 00:00:18,220 you don't really understand what is going on behind the curtain, so to speak. 4 00:00:18,220 --> 00:00:23,740 Be skeptical and go into that with your eyes open and think around the corner as to the 5 00:00:23,740 --> 00:00:28,000 implications of some of the information you're sharing or the trust you're putting in a firmware 6 00:00:28,000 --> 00:00:33,400 update. The nature of security seems to be the sort of cat and mouse thing. I wanted to put my 7 00:00:33,400 --> 00:00:41,660 trust into the math that underlies the Bitcoin protocol rather than a third-party device. 8 00:00:44,520 --> 00:00:48,320 It's just not quite the same. It's nice looking into your glasses. 9 00:00:48,320 --> 00:00:52,200 How are you doing, Mr. Seatiner? 10 00:00:53,060 --> 00:00:54,200 I am well today. 11 00:00:56,520 --> 00:00:59,060 Bitcoin's teasing all-time highs. 12 00:00:59,500 --> 00:01:00,520 I know. What are we at right now? 13 00:01:00,520 --> 00:01:02,140 Above 125, barely. 14 00:01:02,600 --> 00:01:08,060 And I'm here talking to you, so if I'm nervous as shit, it's still a good day. 15 00:01:08,200 --> 00:01:09,220 There's no need to be nervous. 16 00:01:09,420 --> 00:01:10,980 This is a safe space. 17 00:01:12,220 --> 00:01:13,880 But yeah, Bitcoin's absolutely flying. 18 00:01:13,960 --> 00:01:14,540 It's great to see. 19 00:01:14,700 --> 00:01:15,040 It is. 20 00:01:15,100 --> 00:01:16,740 I think we're in for a good end of the year. 21 00:01:16,740 --> 00:01:22,680 It's all the stars are aligning with the usual kind of, well, you probably follow this stuff 22 00:01:22,680 --> 00:01:27,320 more than me, but November and December are typically, October, November, and December 23 00:01:27,320 --> 00:01:32,040 are typically pretty bullish. So even the shutdown, I guess, is bullish at this point. 24 00:01:32,380 --> 00:01:37,420 100%. Bitcoin doesn't shut down, even if the US government does. No, I'm excited. October is real. 25 00:01:38,880 --> 00:01:43,400 I think cycles are broken, maybe. Maybe. But we don't need to talk about price. That's not why 26 00:01:43,400 --> 00:01:49,160 you're here. I mean, we can talk about price. The views will be better if we talk about price. 27 00:01:50,640 --> 00:01:57,380 I'll never turn down some, yeah, bull child. But no, I think October is definitely a thing. I'm 28 00:01:57,380 --> 00:02:02,960 excited to see where it goes. But anyhow. So let's start off by introducing you. You've not 29 00:02:02,960 --> 00:02:09,680 been on the show before, new or old. Who are you? So I am a NIM on the internet. I go by, 30 00:02:09,680 --> 00:02:15,240 Initially, I went by the NIMS SeedSigner. Now, a lot of people just refer to me as Seed when they see me in public. 31 00:02:16,520 --> 00:02:21,820 But I was, let's see, been a Bitcoiner for about 12 years. 32 00:02:22,540 --> 00:02:32,600 I was a police officer for 15 years, and I created this little open source software project called SeedSigner that's kind of been my introduction as a public Bitcoiner. 33 00:02:32,960 --> 00:02:34,300 So that's me. 34 00:02:34,480 --> 00:02:38,720 So we're going to get into the SeedSigner stuff today, but I do want to talk about your background because it's pretty interesting. 35 00:02:39,680 --> 00:02:44,440 You were a police officer, but not just a normal police officer by the end of your career, at least. 36 00:02:44,940 --> 00:02:47,580 So why don't we start with that whole journey? 37 00:02:47,840 --> 00:02:50,560 How did you go from being a police officer to working in forensics? 38 00:02:50,560 --> 00:02:58,560 Yeah, so my background, you know, bachelor's degree in English literature, minor in philosophy. 39 00:02:58,960 --> 00:03:07,320 Then I studied management information systems some during my undergraduate career and kind of bounced around between a lot of jobs when I was younger. 40 00:03:07,320 --> 00:03:10,340 I was actually a flight attendant for a year in 2001. 41 00:03:10,500 --> 00:03:12,480 So I was in the air on 9-11. 42 00:03:12,880 --> 00:03:14,620 And after that was laid off. 43 00:03:14,780 --> 00:03:18,020 I worked for an airline called TWA that no longer exists. 44 00:03:19,280 --> 00:03:20,680 What was it like being in the air in 9-11? 45 00:03:21,460 --> 00:03:24,900 So we were, it was as crazy as you would think it'd be. 46 00:03:24,980 --> 00:03:26,800 We were close enough to St. Louis, 47 00:03:26,920 --> 00:03:29,060 which was where I'm domiciled out of, 48 00:03:29,120 --> 00:03:30,420 that we got to land in St. Louis. 49 00:03:30,500 --> 00:03:33,920 So I didn't end up stranded in another city, 50 00:03:33,940 --> 00:03:35,580 but I flew out of Atlanta that morning 51 00:03:35,580 --> 00:03:37,380 on the busiest airport in the country. 52 00:03:37,780 --> 00:03:40,520 And then, you know, once we landed, 53 00:03:41,300 --> 00:03:44,920 I think one of the towers had been hit by the time we landed. 54 00:03:45,200 --> 00:03:48,840 And it was just more confusion after we got on the ground. 55 00:03:49,340 --> 00:03:52,000 You know, at first they wouldn't taxi to the gateway, 56 00:03:52,200 --> 00:03:53,560 and then we did taxi to the gateway, 57 00:03:53,720 --> 00:03:55,460 but you weren't permitted to leave the plane. 58 00:03:55,520 --> 00:03:56,760 And then you had to leave the plane, 59 00:03:56,840 --> 00:03:57,920 but you couldn't leave the terminal. 60 00:03:58,440 --> 00:04:00,100 And it was, you know, the same confusion 61 00:04:00,100 --> 00:04:02,120 that everyone else, I'm sure, experienced. 62 00:04:02,400 --> 00:04:04,420 That's insane. That must have been pretty wild. 63 00:04:04,420 --> 00:04:07,040 Where were you meant to be going or were you meant to be going to St. Louis? 64 00:04:07,300 --> 00:04:08,280 No, it was back to St. Louis. 65 00:04:08,520 --> 00:04:13,160 I probably had a turn to go somewhere else too that day, but yeah, it wasn't meant to be. 66 00:04:13,400 --> 00:04:14,080 That's pretty scary. 67 00:04:14,300 --> 00:04:14,460 Yeah. 68 00:04:14,660 --> 00:04:15,780 What a scary time to be in the air. 69 00:04:15,900 --> 00:04:17,120 I'm sorry, I interrupted you there though. 70 00:04:17,220 --> 00:04:17,920 No, not at all. 71 00:04:19,060 --> 00:04:26,380 So after laid off from TWA, I had worked some private security jobs when I was younger and 72 00:04:26,380 --> 00:04:31,800 ended up working at a university in St. Louis as a basically a campus security officer. 73 00:04:31,800 --> 00:04:37,040 and it occurred to me that it wasn't in a great neighborhood. It occurred to me I could make more 74 00:04:37,040 --> 00:04:41,680 money and have a safer working environment if I just went to the police academy. So I figured out 75 00:04:41,680 --> 00:04:48,640 how to do that and got admitted to the academy and got hired on by a local, I'm from St. Louis, 76 00:04:48,800 --> 00:04:54,720 so a small municipality in the county around St. Louis. And for the first three years, I was just 77 00:04:54,720 --> 00:05:00,620 a road cop, like writing tickets, answering calls, domestic fight in progress, that kind of stuff. 78 00:05:00,620 --> 00:05:04,780 and by virtue of my background in information systems, 79 00:05:05,400 --> 00:05:07,320 the chief of the department where I worked 80 00:05:07,320 --> 00:05:09,120 knew that I was a little bit of a geek 81 00:05:09,120 --> 00:05:13,520 and this would have been in what, like 2006, 2007? 82 00:05:14,520 --> 00:05:16,960 So digital forensics was still a young 83 00:05:16,960 --> 00:05:20,620 and growing part of law enforcement 84 00:05:20,620 --> 00:05:24,180 and there was a task force or a working group 85 00:05:24,180 --> 00:05:25,820 in the area that was looking to add people 86 00:05:25,820 --> 00:05:27,920 and they asked me if this is something 87 00:05:27,920 --> 00:05:33,700 that I would be interested in and looking into or potentially joining at the Digital Forensic Lab. 88 00:05:33,780 --> 00:05:40,120 So I worked over there part-time for a few months, just kind of learning the super basics about 89 00:05:40,120 --> 00:05:44,660 digital forensics and I guess perform well enough that they offered me a full-time, 90 00:05:45,100 --> 00:05:49,560 you know, a full-time assignment, I should say. I stayed with the same police department the whole 91 00:05:49,560 --> 00:05:54,840 time, but was assigned, you know, every day from nine to five during business hours. Instead of 92 00:05:54,840 --> 00:06:00,060 driving a police car, I'd go to the forensic lab and was assigned casework where I'd take apart 93 00:06:00,060 --> 00:06:07,360 computers or try to obtain data acquisitions from cell phones and data recovery from thumb drives 94 00:06:07,360 --> 00:06:12,640 and all sorts of digital media type stuff. Okay. So you're basically looking for information on a 95 00:06:12,640 --> 00:06:19,100 crime. What year was this? This would have been 2007. Okay. So you would have been working there. 96 00:06:19,240 --> 00:06:23,780 You did that for a few years, I assume. The next 12 years. So until 2019. So you would have been 97 00:06:23,780 --> 00:06:28,620 working there during like the Silk Road days where people were sending drugs around. Did you ever 98 00:06:28,620 --> 00:06:35,680 encounter any of those cases? So that was actually my introduction to Bitcoin was a case that I guess 99 00:06:35,680 --> 00:06:40,940 more than tangentially touched on the Silk Road. It wasn't actually my investigation. It was another 100 00:06:40,940 --> 00:06:46,680 examiner at the lab who I was talking to, I don't know, in the break room or water cooler talk or 101 00:06:46,680 --> 00:06:52,460 whatever. And he had been assigned a case that involved a local high school kid who had been 102 00:06:52,460 --> 00:06:56,360 given a nice gaming computer for Christmas 103 00:06:56,360 --> 00:06:58,620 that had two decent GPUs on it. 104 00:06:59,080 --> 00:07:01,960 And this, I don't remember if it was late 2012, early 2013, 105 00:07:01,960 --> 00:07:06,920 but you could still competitively mine Bitcoin with GPUs at that point. 106 00:07:08,240 --> 00:07:12,520 FPGAs were probably in play and ASICs were coming soon. 107 00:07:13,180 --> 00:07:15,580 But anyhow, this kid was mining a decent amount of Bitcoin 108 00:07:15,580 --> 00:07:18,020 and he would buy marijuana on the Silk Road. 109 00:07:18,140 --> 00:07:20,900 It'd be shipped to his house and then he'd break it down into dime bags 110 00:07:20,900 --> 00:07:22,020 or whatever smaller divisions. 111 00:07:22,460 --> 00:07:29,660 He'd take it to school and was making a nice little hustle as an entrepreneur selling weed at school. 112 00:07:30,780 --> 00:07:33,720 Of course, a teacher or somebody found out, and they called the police, 113 00:07:33,800 --> 00:07:36,520 and that's how his computer ended up at the forensic lab. 114 00:07:36,560 --> 00:07:41,600 But I had never heard of Bitcoin before talking to this coworker about it. 115 00:07:41,640 --> 00:07:47,680 So that's what sent me to Google and down the rabbit hole of just trying to figure out what was this thing, 116 00:07:48,100 --> 00:07:51,820 what did all the compute that was associated with it, what was that good for? 117 00:07:51,820 --> 00:08:00,100 Why did it need that? And, you know, the white paper. And I joined Bitcoin Talk and, yeah, just started learning about it. 118 00:08:00,400 --> 00:08:06,020 You know, when you have cases like that, it's like a young kid selling weed at school, like kids shouldn't do that because they're going to get in trouble. 119 00:08:06,160 --> 00:08:08,680 But do you also think like, kind of cool, he's a bit of an entrepreneur. 120 00:08:09,260 --> 00:08:16,460 Yeah, I mean, I definitely didn't have that kind of sense of opportunity when I was, you know, a kid mowing lawns at his age. 121 00:08:16,460 --> 00:08:21,820 Mo lawns is a better option, kids. No kids listen to this, but if you do, don't sell weed, 122 00:08:21,900 --> 00:08:28,160 mo lawns. So that's the first time you found Bitcoin. I think given the context, if I was you 123 00:08:28,160 --> 00:08:32,700 in that situation, police officer, find this through a guy who's selling weed at school, 124 00:08:33,060 --> 00:08:37,200 I would probably, especially back in 2012, whenever it was, I would jump to the assumption 125 00:08:37,200 --> 00:08:42,320 that this was just money for criminals. Like many people are even still falling into this pit trap. 126 00:08:42,320 --> 00:08:44,240 What did you think of it? 127 00:08:44,240 --> 00:08:48,920 No, that was probably becoming the predominant narrative at the time. 128 00:08:48,920 --> 00:08:56,280 I think Bitcoin was probably transitioning from quirky nerd money to a tool for money 129 00:08:56,280 --> 00:09:01,480 launderers and drug sellers on the darknet. 130 00:09:01,480 --> 00:09:07,720 But they say, I don't know if it was D++ or somebody else, I think it was her who said, 131 00:09:07,720 --> 00:09:11,200 Bitcoin kind of hits you where you're at at a given stage in your life. 132 00:09:11,200 --> 00:09:16,880 And at that point, I was a young father with a big mortgage. 133 00:09:17,320 --> 00:09:21,860 And I was trying to pick stocks and make investments in different things. 134 00:09:21,880 --> 00:09:27,060 And I was looking for a way to make the money that I earned through my employment work harder for me. 135 00:09:27,220 --> 00:09:30,780 And so I tended in the beginning to see Bitcoin as an investment. 136 00:09:30,920 --> 00:09:33,980 I saw the permissionlessness of it. 137 00:09:34,120 --> 00:09:39,600 And what really resonated with me was the scarcity of it, the hard cap on supply. 138 00:09:39,600 --> 00:09:48,720 And so as I started to think about the market cap of Bitcoin, it really seemed like it could potentially be significantly undervalued. 139 00:09:48,860 --> 00:09:53,880 So that was probably, you know, number go up in that day and age is what drew me into it. 140 00:09:53,960 --> 00:10:00,180 But at the same time, that was, you know, the original generation of altcoins, you know, Litecoin, Feathercoin, all that kind of stuff. 141 00:10:00,760 --> 00:10:06,340 And so it wasn't, Bitcoin was the top dog, but it wasn't, Bitcoin only wasn't a thing back then. 142 00:10:06,340 --> 00:10:11,440 And so it was this opportunity to speculate and make money that probably first brought me in. 143 00:10:12,040 --> 00:10:16,000 This episode is brought to you by River, and they've just launched a very cool new product 144 00:10:16,000 --> 00:10:18,620 where you can automatically buy every price dip. 145 00:10:19,200 --> 00:10:22,720 Their zero fee recurring buys are a proven way to build wealth with Bitcoin, 146 00:10:22,920 --> 00:10:26,200 and you can now supercharge them and buy up to 100% more Bitcoin 147 00:10:26,200 --> 00:10:28,440 if the price is dipping at the time of your order. 148 00:10:29,060 --> 00:10:32,000 It's a great tool to buy more Bitcoin at lower prices, 149 00:10:32,000 --> 00:10:36,220 and while your cash is waiting to be deployed, you earn 3.75% interest on it, 150 00:10:36,340 --> 00:10:41,360 paid in Bitcoin. River is built to last with security at its core and is the only Bitcoin 151 00:10:41,360 --> 00:10:47,440 exchange in the US with proof of reserves. To open an account go to river.com forward slash wbd 152 00:10:47,440 --> 00:10:52,980 and earn up to $100 in Bitcoin when you buy. That's river.com forward slash wbd. 153 00:10:53,460 --> 00:10:57,060 What if you could lower your tax bill and stack Bitcoin at the same time? 154 00:10:57,520 --> 00:11:02,760 Well by mining Bitcoin with blockware you can. New tax guidelines from the big beautiful bill 155 00:11:02,760 --> 00:11:07,800 allow American miners to write off 100% of the cost of their mining hardware in a single tax year. 156 00:11:07,800 --> 00:11:13,080 That's right, 100% write off. So if you have $100,000 in capital gains or income, 157 00:11:13,080 --> 00:11:16,520 you can purchase $100,000 of miners and offset it entirely. 158 00:11:17,080 --> 00:11:21,320 Blockware's mining as a service enables you to start mining Bitcoin right now without lifting 159 00:11:21,320 --> 00:11:25,880 a finger. Blockware handles everything from securing the miners to sourcing low-cost power 160 00:11:25,880 --> 00:11:31,160 to configuring the pool, they do it all. You get to stack Bitcoin at a discount every single day 161 00:11:31,160 --> 00:11:37,520 while also saving big come tax season. Get started today by going to mining.blockwaresolutions.com 162 00:11:37,520 --> 00:11:42,860 forward slash WBD. Of course, none of this is tax advice. Speak to your accountant or tax advisor 163 00:11:42,860 --> 00:11:47,960 to understand how these rules apply to you and then head over to mining.blockwaresolutions.com 164 00:11:47,960 --> 00:11:53,220 forward slash WBD and you'll get one week of free hosting and electricity with each hosted miner 165 00:11:53,220 --> 00:11:58,760 purchased. What Bitcoin did is brought to you by the massive legends, Iron, the largest Nasdaq 166 00:11:58,760 --> 00:12:04,200 listed Bitcoin miner using 100% renewable energy. IREN are not just powering the Bitcoin network, 167 00:12:04,360 --> 00:12:08,940 they're also providing cutting-edge computing resources for AI, all backed by renewable energy. 168 00:12:09,700 --> 00:12:13,100 We've been working with their founders Dan and Will for quite some time now and have been really 169 00:12:13,100 --> 00:12:17,060 impressed with their values, especially their commitment to local communities and sustainable 170 00:12:17,060 --> 00:12:21,820 computing power. So whether you're interested in mining Bitcoin or harnessing AI compute power, 171 00:12:21,820 --> 00:12:27,400 IREN is setting the standard. Visit iren.com to learn more, which is I-R-E-N.com. 172 00:12:27,400 --> 00:12:31,540 I mean, I think that gets everyone, right? It's number go up first. Everyone thinks it's a get 173 00:12:31,540 --> 00:12:34,480 rich quick scheme, and then you learn it's a don't get poor slowly scheme. 174 00:12:35,000 --> 00:12:41,620 Right. But I also had those misgivings given my role in law enforcement and stuff. And somebody, 175 00:12:42,100 --> 00:12:48,740 the majority of my work in forensics dealt with crimes against children. And so the possibility 176 00:12:48,740 --> 00:12:54,840 of Bitcoin being used to sell illicit material online and that sort of thing, like that was 177 00:12:54,840 --> 00:13:01,480 a part of how I viewed it. And there were like, I remember being a bit conflicted about it. There 178 00:13:01,480 --> 00:13:09,000 was a Bitcoin podcast at the time called Let's Talk Bitcoin. And it was, I think Adam B. Levine 179 00:13:09,000 --> 00:13:14,060 was the host. And it turned into like a network of podcasts, right? I think. It grew into a network, 180 00:13:14,060 --> 00:13:21,220 but originally it was that Adam B. Levine, Andreas Antonopoulos, and another person, 181 00:13:21,220 --> 00:13:27,900 Stephanie Murphy. And they were actually a daily Bitcoin podcast for a while. And I remember 182 00:13:27,900 --> 00:13:36,320 Andreas bringing up the whole boogeyman factor of child sexual assault material being sold for 183 00:13:36,320 --> 00:13:41,620 Bitcoin. And I really wrestled with that a lot early on because Bitcoin is permissionless and 184 00:13:41,620 --> 00:13:49,540 to a degree, depending on how you use it, private. And so it was something that you eventually 185 00:13:49,540 --> 00:13:55,260 realize cars are dangerous too, and cars kill a lot of people around the world. But the value we 186 00:13:55,260 --> 00:14:02,380 get from cars above people dying in car crashes dramatically exceeds the number of sad deaths 187 00:14:02,380 --> 00:14:08,640 that occur. So the possibility of it is just so much bigger than the people who misuse it or, 188 00:14:09,420 --> 00:14:15,440 you know. I think I actually saw this stat recently. I think it's 40,000 Americans die 189 00:14:15,440 --> 00:14:16,900 every year through traffic accidents. 190 00:14:17,460 --> 00:14:19,180 And as society, we've decided to accept 191 00:14:19,180 --> 00:14:20,500 that that's a worthwhile trade-off. 192 00:14:20,980 --> 00:14:22,560 Obviously, people are doing everything they can 193 00:14:22,560 --> 00:14:24,100 to bring that number down as much as possible. 194 00:14:24,660 --> 00:14:26,560 But it is a harsh reality that you have to face 195 00:14:26,560 --> 00:14:28,840 when you actually understand what Bitcoin is. 196 00:14:28,960 --> 00:14:30,220 Bitcoin is freedom money. 197 00:14:30,280 --> 00:14:30,800 It's permissionless. 198 00:14:30,860 --> 00:14:31,520 It's money for enemies. 199 00:14:32,260 --> 00:14:33,960 People are going to use it in ways you don't like, 200 00:14:34,080 --> 00:14:36,200 and you have no ability to stop that. 201 00:14:36,260 --> 00:14:37,700 You just have to come to terms with it. 202 00:14:37,840 --> 00:14:41,400 And again, weigh up the benefits against the negatives 203 00:14:41,400 --> 00:14:43,660 and realize that it's a worthwhile trade-off. 204 00:14:43,660 --> 00:14:46,220 Yeah, same story with firearms. 205 00:14:46,460 --> 00:14:49,200 Obviously, that's an analogy that people make a lot of the time. 206 00:14:49,420 --> 00:14:53,340 But yeah, guns are dangerous and they kill a lot of people, 207 00:14:53,340 --> 00:14:57,580 but they also protect a lot of people's homes and serve as a deterrent 208 00:14:57,580 --> 00:14:58,940 and help people defend themselves. 209 00:14:59,280 --> 00:15:04,940 So when you discovered Bitcoin, you saw it as an investment first. 210 00:15:05,060 --> 00:15:06,940 Obviously, I'm sure that's changed since then. 211 00:15:07,280 --> 00:15:10,760 Well, it is still an investment, but it means certainly more to me 212 00:15:10,760 --> 00:15:11,820 and I think more to you than that. 213 00:15:11,820 --> 00:15:18,280 Did you manage to hold on through all the hype mania phases? 214 00:15:18,280 --> 00:15:23,860 Yeah, I alluded to this briefly when we were talking the other day in preparation for this. 215 00:15:24,080 --> 00:15:27,900 So I had a severe weak hands incident in 2017. 216 00:15:28,580 --> 00:15:36,320 Not that I was a Bitcoin baron or anything by any means, but I had in early 2017, 217 00:15:36,760 --> 00:15:41,460 so the majority of the Bitcoin I acquired early on were like in 2013 and 2014. 218 00:15:41,460 --> 00:15:51,980 I remember buying Bitcoin for as little as like $65 on Coinbase in the summer of 2013 as they were kind of crashing before the run-up in the end of that year. 219 00:15:52,700 --> 00:16:05,520 But after the peak in 2013, the Mt. Gox incident happened, and there was just a long, brutal bear market through 2014 and 2015. 220 00:16:05,520 --> 00:16:10,580 and that was, I think everybody's first bear market 221 00:16:10,580 --> 00:16:11,680 is like the worst one. 222 00:16:12,120 --> 00:16:12,800 And that was a bad one. 223 00:16:13,000 --> 00:16:16,420 Yeah, and you don't have the experience 224 00:16:16,420 --> 00:16:20,520 of Bitcoin resurrecting itself after it falls. 225 00:16:20,800 --> 00:16:21,660 You know, it comes back up. 226 00:16:21,700 --> 00:16:23,780 So you think like maybe I'm the idiot 227 00:16:23,780 --> 00:16:25,500 and I bought close to the top 228 00:16:25,500 --> 00:16:27,740 and, you know, I'm the greater fool. 229 00:16:28,880 --> 00:16:31,860 So I'm dealing with all this kind of uncertainty 230 00:16:31,860 --> 00:16:34,280 through 2014, 2015, 2016. 231 00:16:34,280 --> 00:16:40,500 And in late 2016, I don't remember the timeline exactly, but the price started to perk up. 232 00:16:41,140 --> 00:16:46,040 And it got past the peak of $1,200 or in that neighborhood. 233 00:16:46,540 --> 00:16:51,180 And then the Bitcoin price is approaching like $2,000, between $2,000 and $2,500. 234 00:16:53,140 --> 00:17:01,040 And with the mortgage we had on our house, if at that particular moment, I sold all of 235 00:17:01,040 --> 00:17:08,660 the Bitcoin and legitimately paid the taxes, which were a gut punch, I was at a point where 236 00:17:08,660 --> 00:17:14,040 we could pay off the mortgage of our house and be completely out of debt and kind of have a fresh 237 00:17:14,040 --> 00:17:20,460 start financially in life. And at the same time, you know, in early 2017, what's going on is 238 00:17:20,460 --> 00:17:25,360 actually reminiscent of what we're going through now. There was the four cores were kind of in full 239 00:17:25,360 --> 00:17:31,540 swinger coming to it at that time. And I had this anxiety or worry or whatever you want to call it 240 00:17:31,540 --> 00:17:37,280 that, you know, the conventional wisdom is if Bitcoin forks, no big deal. You just hold all 241 00:17:37,280 --> 00:17:46,140 the forks. And eventually when everything sorts itself out, you know, you're not hurt. 242 00:17:46,640 --> 00:17:51,760 But I was concerned with the number of forks that were happening, that if the network fragmented too 243 00:17:51,760 --> 00:17:58,100 much, the whole concept would lose its perceived value. 244 00:17:58,700 --> 00:18:02,000 So people might actually not remember the history of that, but would that have been things 245 00:18:02,000 --> 00:18:03,520 like Bitcoin Unlimited and- 246 00:18:03,520 --> 00:18:04,320 Bitcoin Gold. 247 00:18:04,460 --> 00:18:05,200 Bitcoin Gold, yeah. 248 00:18:05,200 --> 00:18:06,080 And Bitcoin Cash. 249 00:18:06,380 --> 00:18:06,600 Yeah. 250 00:18:06,680 --> 00:18:08,420 And all those at the time. 251 00:18:09,580 --> 00:18:15,300 And another factor of it is like, I'm a modest means coming from the middle class kind of 252 00:18:15,300 --> 00:18:15,540 guy. 253 00:18:16,240 --> 00:18:20,880 And when you've put, I don't know what I put into my initial investment of Bitcoin, whether 254 00:18:20,880 --> 00:18:26,860 It was like probably between $10,000 and $20,000 of money that we had saved up when we were bringing in as revenue. 255 00:18:27,200 --> 00:18:32,060 My wife, God bless her, was very understanding about buying Bitcoin. 256 00:18:32,620 --> 00:18:39,160 And some of the, like, I was on the, like, early on when ASICs were just becoming available, 257 00:18:39,580 --> 00:18:43,060 if you wanted to buy one, it was never just like buy it off the shelf and they ship it to you. 258 00:18:43,140 --> 00:18:48,520 It was always some kind of like pre-release or funding campaign where you send in money 259 00:18:48,520 --> 00:18:51,520 and it was a pre-order for something that would hopefully come through a few months later. 260 00:18:51,700 --> 00:18:52,800 And then when you got it, it wasn't efficient. 261 00:18:53,200 --> 00:18:56,360 Yeah. And because so much new hash is coming online, 262 00:18:56,420 --> 00:19:00,640 it didn't produce maybe what you'd expected it to when you'd initially ordered it. 263 00:19:00,760 --> 00:19:03,040 So at one point I went to my wife and I was like, 264 00:19:03,060 --> 00:19:09,020 I'd like to buy this magic machine that makes Bitcoin for $3,000 or something like that. 265 00:19:09,080 --> 00:19:10,380 And she's like, oh, okay. 266 00:19:10,380 --> 00:19:26,740 So anyhow, so in 2017, given what the Bitcoin I was holding, what it was worth, and what it started from, I think people who are from modest financial means are just not mentally equipped for that kind of financial gain. 267 00:19:26,940 --> 00:19:29,900 In your mind, you start to second guess whether it's real. 268 00:19:30,160 --> 00:19:35,240 And there's this huge temptation to very binary thinking where you don't sell a little bit. 269 00:19:35,580 --> 00:19:37,580 If you're going to sell, you just get out and sell it all. 270 00:19:37,580 --> 00:19:44,040 And there's, I was, I guess the best way to say it is I was very financially unsophisticated at that point in my life. 271 00:19:44,100 --> 00:19:46,900 Not that I'm super sophisticated now, but even more so back then. 272 00:19:48,000 --> 00:19:58,620 And so one day I remember being in the forensic lab and it always seemed like I had on my computer that was connected to the internet, which was a separate computer. 273 00:19:58,700 --> 00:20:02,740 I always had like a price ticker or a exchange chart or something up. 274 00:20:02,740 --> 00:20:07,840 And I see the number kind of like fluttering around my magic number of like get out of debt. 275 00:20:08,500 --> 00:20:10,980 And I remember that day very clearly. 276 00:20:11,180 --> 00:20:14,220 Like I just got up, told my boss I was going home for the day. 277 00:20:14,320 --> 00:20:16,180 It was still like mid-morning. 278 00:20:16,520 --> 00:20:20,000 And I went home and I just started pulling out. 279 00:20:21,380 --> 00:20:23,160 I didn't have a hardware wallet at that point. 280 00:20:23,860 --> 00:20:25,160 We can talk more about that. 281 00:20:25,320 --> 00:20:26,400 Was that paper wallet era? 282 00:20:26,680 --> 00:20:28,160 It was still paper wallet. 283 00:20:28,520 --> 00:20:43,930 When I set it up initially it was definitely still the paper wallet era but Harder Wallets had subsequently come out but it was um yeah Trezor must been around then and Ledger probably wasn its early form I don know when um Trezor I think was like late 2013 early 2014 if 284 00:20:43,930 --> 00:20:53,270 my timeline's right. Um, but, uh, when I had set things up initially, um, uh, hopefully 285 00:20:53,270 --> 00:20:58,290 I don't blank on the, I had used a web wallet, but it wasn't, it was like a web paper wallet. 286 00:20:58,290 --> 00:21:00,010 So it was an open source project. 287 00:21:00,950 --> 00:21:02,870 And I'll think of the name of it. 288 00:21:02,990 --> 00:21:04,530 It wasn't like Electrum Wallet or something like that, was it? 289 00:21:04,550 --> 00:21:05,170 No, no, no. 290 00:21:05,250 --> 00:21:06,910 So it was basically a website. 291 00:21:08,710 --> 00:21:10,370 And it was a GitHub repo. 292 00:21:10,630 --> 00:21:13,490 All of the code that underlied the website was published in the repo. 293 00:21:14,070 --> 00:21:20,690 And what you would do is basically download the HTML associated code that makes up the website from the repo. 294 00:21:21,010 --> 00:21:23,010 And they provided an authentication hash. 295 00:21:23,010 --> 00:21:28,770 So if you're trusting the person who publishes that website, what the hash was supposed to be. 296 00:21:28,870 --> 00:21:32,010 And this was actually a forensically sound process. 297 00:21:32,230 --> 00:21:38,210 You would boot up a separate computer offline, not connected to the internet, with a fresh Linux installation. 298 00:21:38,690 --> 00:21:41,450 And you would use that to generate new private keys. 299 00:21:42,210 --> 00:21:44,150 And it's called bidaddress.org. 300 00:21:44,370 --> 00:21:47,610 People who have been around in Bitcoin, I'm sure, recognize it. 301 00:21:47,650 --> 00:21:50,710 The guy who created it, his first name is Peter. 302 00:21:50,710 --> 00:21:55,670 I won't say his last name because he's kind of private, but super great Bitcoiner. 303 00:21:56,410 --> 00:22:02,210 He's actually known as BTC Curacao, who's promoting Bitcoin adoption there. 304 00:22:02,270 --> 00:22:08,690 But anyhow, went through this very methodical process using an offline computer that was 305 00:22:08,690 --> 00:22:14,590 completely in line with my forensic training and bought an inkjet printer that I used to 306 00:22:14,590 --> 00:22:16,950 print out the private keys for the paper wallets. 307 00:22:17,210 --> 00:22:20,010 Never used that inkjet printer again for anything else. 308 00:22:20,010 --> 00:22:22,510 It was a USB connected one, so it never touched the internet. 309 00:22:22,990 --> 00:22:25,130 Went through this very carefully thought out process. 310 00:22:25,270 --> 00:22:27,330 But in the end, what am I doing? 311 00:22:27,410 --> 00:22:34,030 I have a list of private keys printed on eight and a half by 11 computer paper, you know, that's in my underwear drawer at home. 312 00:22:34,030 --> 00:22:34,210 Yeah. 313 00:22:34,470 --> 00:22:39,290 Because when I first put it in there, it was worth like a few thousand dollars, you know. 314 00:22:39,290 --> 00:23:02,910 And over time, as Bitcoin started to appreciate more, my security setup, I think, is eventually what was part of the genesis of SeedSigner because of all of the contributing factors to this weak hand experience, which I'm not in the league of Laszlo, the guy who bought pizza for Bitcoin way back when. 315 00:23:02,910 --> 00:23:08,530 But when you think about the amount of Bitcoin you previously owned before you sold everything, it's not an easy memory. 316 00:23:08,530 --> 00:23:16,650 and so to tell the story in 2017 like i and i awkwardly sold the bitcoin it wasn't even like 317 00:23:16,650 --> 00:23:21,730 set a sell order like it there's probably i was i was i had an account on gemini that day and 318 00:23:21,730 --> 00:23:26,850 there's probably this awkward like blip on the chart of gemini that day from me just market 319 00:23:26,850 --> 00:23:32,130 selling a bunch of bitcoin i didn't even know gemini was around by then uh 2017 yeah they were 320 00:23:32,130 --> 00:23:43,030 still pretty small. But yeah, it was on Gemini. And so went home, you know, started sweeping all 321 00:23:43,030 --> 00:23:49,230 of these paper wallets, awkwardly dumped everything on Gemini, and then had this big dollar balance, 322 00:23:49,350 --> 00:23:54,750 which I didn't really believe it was real until I'd moved it, you know, did the wire transfer into 323 00:23:54,750 --> 00:23:59,130 my personal bank account, and was making preparations to pay off the mortgage loan. 324 00:23:59,130 --> 00:24:03,570 But boy, did I not want to hear about Bitcoin for the rest of the year. 325 00:24:03,690 --> 00:24:04,070 I bet. 326 00:24:04,130 --> 00:24:05,110 Like in 2017. 327 00:24:05,730 --> 00:24:14,430 Because the price rise was pretty dramatic from $2,200 or whatever that I sold that up until $18,000 or $20,000. 328 00:24:14,730 --> 00:24:17,550 I mean, even in that year alone, you could have basically 10X'd it. 329 00:24:17,790 --> 00:24:18,010 Yeah. 330 00:24:18,270 --> 00:24:26,670 And it's like, even if I hadn't held on to the Bitcoin, if I had had better timing when I sold, it would have meant a much bigger. 331 00:24:26,670 --> 00:24:30,230 Well, like I said, I wasn't very financially sophisticated, so it is what it is. 332 00:24:31,350 --> 00:24:33,470 And for the rest of the year, I didn't want to hear about Bitcoin. 333 00:24:33,650 --> 00:24:43,510 Like, I decided me being able to pay off our mortgage was kind of the first step to me thinking about stepping away from my career in law enforcement. 334 00:24:43,990 --> 00:24:45,810 And so I started focusing on that. 335 00:24:46,690 --> 00:24:51,350 My wife has always been better at bringing money home than I had been as a cop. 336 00:24:51,750 --> 00:24:55,690 So we started to talk more about me being a stay-at-home dad with our kids. 337 00:24:55,690 --> 00:25:01,550 And I kind of went on this self-improvement spree. 338 00:25:01,690 --> 00:25:08,290 I started reading a lot of self-help books and trying to improve things about myself that I thought were suboptimal. 339 00:25:08,430 --> 00:25:10,370 So I deleted Twitter. 340 00:25:10,530 --> 00:25:15,190 I got off of Bitcoin Reddit and all the other ways I'd been following Bitcoin at the time. 341 00:25:15,190 --> 00:25:28,830 And I just started to focus on making sure that I was a good enough person to retire early from my job and not end up like Mr. Mom where I'm sitting on the couch, like watching TV and drinking wine at 2 p.m. 342 00:25:28,930 --> 00:25:30,190 Yeah, exactly. 343 00:25:30,970 --> 00:25:40,370 So for the rest of 2017, like I'm reading my self-help books, getting up in the morning and, you know, going through my miracle morning routine and stuff like that. 344 00:25:40,370 --> 00:25:44,370 And in 2018, I don't remember what the catalyst was, 345 00:25:44,370 --> 00:25:47,370 but as painful as it was sometimes, 346 00:25:47,370 --> 00:25:49,370 I started peeking at the Bitcoin price. 347 00:25:49,370 --> 00:25:51,370 And in 2018, it started to come down. 348 00:25:51,370 --> 00:25:53,370 I bet you were the only person happy to see it come down. 349 00:25:53,370 --> 00:25:55,370 One of the few. 350 00:25:55,370 --> 00:25:58,370 And Bitcoin gets its hooks in you. 351 00:25:58,370 --> 00:26:01,370 It's like the meme from The Godfather. 352 00:26:01,370 --> 00:26:04,370 Like, once you think you're out, they pull you back in. 353 00:26:04,370 --> 00:26:07,370 I don't know if that's Goodfellas or The Godfather. 354 00:26:07,370 --> 00:26:10,790 And so I started paying attention to the price again. 355 00:26:11,590 --> 00:26:14,770 I probably created a new Twitter account because I deleted the old one. 356 00:26:15,650 --> 00:26:23,150 And as the Bitcoin price got to like, I didn't catch the absolute bottom, but I was like kind of good. 357 00:26:23,730 --> 00:26:27,910 I started buying more around $4,000 as it had come down from 20. 358 00:26:27,950 --> 00:26:30,570 And this is like in 2018 and in 2019. 359 00:26:30,890 --> 00:26:32,850 So I started accumulating more Bitcoin. 360 00:26:34,250 --> 00:26:36,970 And this is like Bitcoin is different for me now. 361 00:26:36,970 --> 00:26:39,330 It's still an investment to some degree. 362 00:26:39,790 --> 00:26:47,730 But if you think about 2017, 2018, 2019, that is really the time when the U.S. national debt starts to ramp up. 363 00:26:48,050 --> 00:26:49,710 And my kids are getting a little bit older. 364 00:26:50,250 --> 00:26:51,790 And maybe I'm maturing a little bit. 365 00:26:51,830 --> 00:26:55,790 But I'm starting to think about, like, what world am I leaving for them? 366 00:26:56,330 --> 00:26:57,650 Where is this debt going? 367 00:26:57,830 --> 00:27:01,710 What kind of country are my kids going to be left with? 368 00:27:01,710 --> 00:27:09,490 And so Bitcoin took on additional significance beyond just being an investment for me as I was starting to rebuy it. 369 00:27:09,610 --> 00:27:15,870 Again, still love number go up, especially relative today to where it was then. 370 00:27:16,310 --> 00:27:18,910 But my Bitcoin journey was different at that time. 371 00:27:19,630 --> 00:27:23,670 And after I'd started buying more Bitcoin, I started to think about cold storage. 372 00:27:24,590 --> 00:27:27,090 And I was still at work in the forensic lab. 373 00:27:27,090 --> 00:27:31,190 and I started to think about the reasons 374 00:27:31,190 --> 00:27:35,390 why I just so awkwardly had the lettuce hands experience. 375 00:27:36,270 --> 00:27:37,610 Well, I understand it though. 376 00:27:38,570 --> 00:27:41,050 I think one thing that's probably true 377 00:27:41,050 --> 00:27:42,090 for almost all Bitcoin is, 378 00:27:42,310 --> 00:27:43,850 well, there's a few things in what you said that's true. 379 00:27:44,070 --> 00:27:45,350 One, that it gets its hooks in you. 380 00:27:45,970 --> 00:27:48,050 Probably from the first day I ever read about Bitcoin, 381 00:27:48,370 --> 00:27:50,390 there's likely not been a single day since 382 00:27:50,390 --> 00:27:51,910 that I've not read more about Bitcoin. 383 00:27:53,450 --> 00:27:56,030 But the thing that I think people aren't prepared for 384 00:27:56,030 --> 00:27:57,970 and never can be when you first buy Bitcoin 385 00:27:57,970 --> 00:28:00,050 is the fact that you have to consider 386 00:28:00,050 --> 00:28:02,470 what you will do when it 10Xs 387 00:28:02,470 --> 00:28:04,010 because at some point it's going to 10X on you. 388 00:28:04,550 --> 00:28:07,070 And that comes down to both psychologically 389 00:28:07,070 --> 00:28:09,810 what you do with getting that much wealthier, 390 00:28:10,450 --> 00:28:13,370 but also when you're thinking about 391 00:28:13,370 --> 00:28:14,490 how you secure your Bitcoin, 392 00:28:14,890 --> 00:28:17,650 you need to think about securing 10X the value of today. 393 00:28:18,870 --> 00:28:21,910 And luckily I've had no mistakes 394 00:28:21,910 --> 00:28:23,190 that have meant I've lost Bitcoin in that way, 395 00:28:23,270 --> 00:28:25,210 but I've had very janky setups 396 00:28:25,210 --> 00:28:26,310 compared to what I should have had. 397 00:28:26,750 --> 00:28:28,450 So I guess for you, 398 00:28:28,530 --> 00:28:30,190 going from using paper wallets back then, 399 00:28:30,270 --> 00:28:31,390 like it's interesting just to hear, 400 00:28:32,130 --> 00:28:36,130 it's easy to think since 2017 to now, 401 00:28:36,590 --> 00:28:37,850 not that much has changed. 402 00:28:37,850 --> 00:28:39,190 But when you actually think about 403 00:28:39,190 --> 00:28:40,890 the infrastructure side of Bitcoin, 404 00:28:41,070 --> 00:28:41,930 the hardware that's available, 405 00:28:42,710 --> 00:28:45,850 it's a world apart. 406 00:28:46,190 --> 00:28:47,870 So when you were thinking of like 407 00:28:47,870 --> 00:28:49,730 your initial paper wallet setup 408 00:28:49,730 --> 00:28:51,650 and you came back to Bitcoin, 409 00:28:51,650 --> 00:28:56,790 how did you view sort of the hardware wallet market at that time? 410 00:28:57,170 --> 00:29:01,490 Right. So I consciously avoided the hardware wallet market. 411 00:29:02,490 --> 00:29:05,410 And part of it, you know, to be candid, 412 00:29:05,530 --> 00:29:08,350 was that I already had a setup that I was reasonably comfortable with. 413 00:29:10,230 --> 00:29:15,590 It turned out, like, I think as I bought Bitcoin 414 00:29:15,590 --> 00:29:17,970 and started to think about what I could, 415 00:29:17,970 --> 00:29:21,130 what my preferred setup for long-term cold storage was, 416 00:29:21,650 --> 00:29:34,250 I started to think about my background in forensics and what about my background might inform an approach or a strategy that would make sense for me and kind of calm my unique sort of anxieties. 417 00:29:35,170 --> 00:29:50,690 One thing I can say about my time in forensics is I grew up in forensics during a very unique period in time where, you know, initially when I started doing forensics, it was all what's called dead box forensics, 418 00:29:50,690 --> 00:29:53,310 where you take a computer that's been powered down, 419 00:29:53,650 --> 00:29:55,390 you basically remove the hard drive from it, 420 00:29:55,450 --> 00:29:56,330 and that's your primary, 421 00:29:56,790 --> 00:29:58,950 almost your only exclusive source of information 422 00:29:58,950 --> 00:30:00,750 about that computer and what it was used for. 423 00:30:02,010 --> 00:30:03,830 But early on in my career, 424 00:30:04,750 --> 00:30:06,770 at first we started seeing flip phones, 425 00:30:07,370 --> 00:30:10,170 and then the rise of cell phones occurred. 426 00:30:10,670 --> 00:30:13,110 The iPhone, I think, came out in 2006 or 2007. 427 00:30:13,650 --> 00:30:15,130 Maybe it was a little bit before that. 428 00:30:15,130 --> 00:30:43,450 And so I got to watch mobile phones start from these awkward devices that you flip open and press the number three eight times to get a lowercase e or whatever it is, grow into these supercomputers that we all carry in our pocket and we rely on for not just being able to call people and not just browsing the internet, but personal authentication and accessing our bank accounts and all sorts of payments and other things. 429 00:30:43,450 --> 00:30:45,870 I mean, they've replaced computers for a massive amount of the population. 430 00:30:46,030 --> 00:30:52,450 Yeah, and over that time, like forensics, in terms of the workload that the average digital forensic examiner sees, 431 00:30:52,770 --> 00:30:59,110 it was actively transitioning from desktop computer to laptop and then to phones and tablets. 432 00:30:59,450 --> 00:31:01,370 Mostly phones, but you still see some tablets. 433 00:31:03,150 --> 00:31:11,370 And so the mobile phone industry, you know, the first kind of smartphone you can think of is a Blackberry. 434 00:31:11,370 --> 00:31:24,870 You can remember when President Obama took office, it was like he kind of said something effective, you can pry this BlackBerry out of my cold dead hands because iPhones were becoming more popular, but we're all creatures that have it. 435 00:31:25,030 --> 00:31:25,670 People like the buttons. 436 00:31:25,950 --> 00:31:27,090 He really liked his BlackBerry. 437 00:31:27,730 --> 00:31:37,790 And BlackBerry had some pretty crude security measures in terms of what's baked into the device. 438 00:31:37,790 --> 00:31:45,810 And so some of the earliest forensic challenges that we had in the forensic lab were getting a device like a BlackBerry and trying to figure out if it was pin enabled. 439 00:31:46,110 --> 00:31:48,250 How do we get into this to observe? 440 00:31:48,770 --> 00:31:50,950 At that point, there weren't apps per se. 441 00:31:51,130 --> 00:31:53,130 You're just trying to get into somebody's call history. 442 00:31:53,290 --> 00:31:55,750 In BlackBerry, you could get some emails off of it potentially. 443 00:31:56,930 --> 00:32:02,810 But shortly after BlackBerry came the iPhone and then Android not too long after that. 444 00:32:02,810 --> 00:32:12,770 And as the smartphones grew up, you know, Apple and Samsung and the other companies, they want to sell more smartphones. 445 00:32:12,770 --> 00:32:18,910 And they really wanted to get access to government and corporate markets. 446 00:32:18,910 --> 00:32:24,970 and government and corporate markets had a certain threshold of security requirement 447 00:32:24,970 --> 00:32:29,490 that they needed Apple to be at before Apple could, you know, before they would buy, 448 00:32:29,570 --> 00:32:34,090 you know, 5,000 iPhones for distribution to government employees or whatever it was. 449 00:32:34,610 --> 00:32:40,130 So Apple started adding security features that were basic and clumsy at first, 450 00:32:40,130 --> 00:32:42,250 but that got increasingly sophisticated. 451 00:32:43,090 --> 00:32:46,990 And what I observed as someone doing forensics over that time period 452 00:32:46,990 --> 00:32:50,230 was this ongoing cat and mouse game 453 00:32:50,230 --> 00:32:53,430 between Apple trying to up its security game 454 00:32:53,430 --> 00:32:57,170 and then an increasing number of researchers 455 00:32:57,170 --> 00:33:01,230 and then startups who would examine, you know, 456 00:33:01,270 --> 00:33:03,710 the underpinnings of iOS and Android 457 00:33:03,710 --> 00:33:06,690 and come up with security exploits that could be used 458 00:33:06,690 --> 00:33:10,070 to get around the gold standard, 459 00:33:10,250 --> 00:33:13,050 or what you really try for is being able to authenticate 460 00:33:13,050 --> 00:33:15,330 to log into the device, you know, whether that's, 461 00:33:15,330 --> 00:33:20,070 Now it's face ID, but at the time, you know, it was a lock pattern or a pin code or whatever 462 00:33:20,070 --> 00:33:20,450 it was. 463 00:33:20,970 --> 00:33:23,610 And so Apple would implement a new security feature. 464 00:33:24,410 --> 00:33:32,710 Six months later, an individual who's doing research or as it became more likely a company 465 00:33:32,710 --> 00:33:36,450 that contracts with the federal government and other local governments would develop 466 00:33:36,450 --> 00:33:38,310 an exploit to get around what Apple had done. 467 00:33:38,830 --> 00:33:43,050 Apple would do something new six or nine months later, you know, and it's this cat and mouse 468 00:33:43,050 --> 00:33:43,250 game. 469 00:33:43,250 --> 00:33:55,050 So with my experience with mobile phones, I got a lot of phones that were locked when they arrived to me at the forensic lab. 470 00:33:55,410 --> 00:34:10,590 And as a rule of thumb, if you could either turn the phone off or keep it powered and offline, for a lot of phones within 12 to 18 months, if you just waited it out, and court cases take a long time anyway. 471 00:34:10,590 --> 00:34:14,990 the criminal justice system isn't fast. So if you were willing to wait it out, a lot of times 472 00:34:16,510 --> 00:34:22,110 an exploit would be developed that could defeat a given security mechanism that was in place 473 00:34:22,110 --> 00:34:26,510 on a phone that you were starting to work with. So to circle back around to Bitcoin, 474 00:34:27,470 --> 00:34:32,910 harder wallets, as I saw them emerging with the mobile phone industry and then harder wallets, 475 00:34:32,910 --> 00:34:36,270 when I saw harder wallets, I thought I've seen this movie before. I kind of understand how this 476 00:34:36,270 --> 00:34:43,670 is going to work. And when you consider, you know, the Apple has, you know, it's a, I don't know, 477 00:34:43,730 --> 00:34:48,650 it's a trillion dollar company or whatever the market cap of Apple is, the amount of money that 478 00:34:48,650 --> 00:34:54,970 they spend on these security exploits, and they're still not practically able to keep government 479 00:34:54,970 --> 00:35:00,250 contractors out of their phones. I don't know if that's contrived, if that's a real thing or if it's, 480 00:35:00,250 --> 00:35:04,090 But the nature of security seems to be the sort of cat and mouse thing. 481 00:35:04,990 --> 00:35:13,810 And so, number one, I just had ambivalence about hardware wallets because of that cat and mouse game that I observed with mobile phone security. 482 00:35:14,290 --> 00:35:16,250 And then at the time, it's changed since then. 483 00:35:16,310 --> 00:35:21,430 But at the time, most hardware wallets required that you connect them to your laptop. 484 00:35:21,730 --> 00:35:21,930 Yeah. 485 00:35:22,390 --> 00:35:26,410 And those USB connections, I just never felt comfortable with that. 486 00:35:26,410 --> 00:35:30,390 because if you have the wrong software conditions in place, 487 00:35:30,730 --> 00:35:33,110 like, you know, bad things can happen over that wire. 488 00:35:33,290 --> 00:35:35,030 So never trusted USB. 489 00:35:36,090 --> 00:35:40,150 And so I just, during that period of my time as a Bitcoin 490 00:35:40,150 --> 00:35:41,690 and that's why I stuck with the paper wallets. 491 00:35:42,190 --> 00:35:43,870 If you're already self-custody of Bitcoin, 492 00:35:44,130 --> 00:35:45,630 you know the deal with hardware wallets. 493 00:35:45,890 --> 00:35:47,710 Complex setups, clumsy interfaces, 494 00:35:48,070 --> 00:35:50,610 and a seed phrase that can be lost, stolen, or forgotten. 495 00:35:51,230 --> 00:35:52,370 Well, BitKey fixes that. 496 00:35:52,910 --> 00:35:54,470 BitKey is a multi-sig hardware wallet 497 00:35:54,470 --> 00:35:56,690 built by the team behind Square and Cash App. 498 00:35:57,070 --> 00:35:58,930 It packs a cryptographic recovery system 499 00:35:58,930 --> 00:36:00,430 and built-in inheritance feature 500 00:36:00,430 --> 00:36:02,610 into an intuitive, easy-to-use wallet 501 00:36:02,610 --> 00:36:04,330 with no seed phrase to sweat over. 502 00:36:04,990 --> 00:36:07,990 It's simple, secure self-custody without the stress. 503 00:36:08,550 --> 00:36:11,550 And Time named BitKey one of the best inventions of 2024. 504 00:36:12,510 --> 00:36:16,210 Get 20% off at bitkey.world when you use the code WBD. 505 00:36:16,750 --> 00:36:21,550 That's B-I-T-K-E-Y dot world and use the code WBD. 506 00:36:21,930 --> 00:36:23,810 This episode is brought to you by Anchor Watch. 507 00:36:23,810 --> 00:36:28,470 The thing that keeps me up at night is the idea of a critical error with my Bitcoin cold storage 508 00:36:28,470 --> 00:36:32,830 and this is where Anchor Watch comes in. With Anchor Watch your Bitcoin is insured with your 509 00:36:32,830 --> 00:36:38,110 own A-plus rated Lloyds of London insurance policy and all Bitcoin is held in their time-locked 510 00:36:38,110 --> 00:36:42,410 multi-sig vaults. So you have the peace of mind knowing your Bitcoin is insured while not giving 511 00:36:42,410 --> 00:36:46,750 up custody. So whether you're worried about inheritance planning, wrench attacks, natural 512 00:36:46,750 --> 00:36:52,010 disasters or just your own silly mistakes you're protected by Anchor Watch. Rates for fully insured 513 00:36:52,010 --> 00:36:57,290 custody start as low as 0.55% and are available for individual and commercial customers located 514 00:36:57,290 --> 00:37:02,370 in the US. Speak to AnchorWatch for a quote and for more details about your security options and 515 00:37:02,370 --> 00:37:08,730 coverage. Visit anchorwatch.com today. That is anchorwatch.com. Do you wish you could access cash 516 00:37:08,730 --> 00:37:13,490 without selling your Bitcoin? Well, Ledin makes that possible. They're the global leader in Bitcoin 517 00:37:13,490 --> 00:37:18,610 backed lending and since 2018 they've issued over $9 billion in loans with a perfect record of 518 00:37:18,610 --> 00:37:23,750 protecting client assets. With Ledin you get full costly loans with no credit checks or monthly 519 00:37:23,750 --> 00:37:30,050 repayments, just easy access to dollars without selling a single sat. As of July 1st, Ledin is 520 00:37:30,050 --> 00:37:34,890 Bitcoin only meaning they exclusively offer Bitcoin backed loans with all collateral held by 521 00:37:34,890 --> 00:37:39,950 Ledin directly or their funding partners. Your Bitcoin is never lent out to generate interest. 522 00:37:40,350 --> 00:37:45,070 I recently took out a loan with Ledin, the whole process was super easy. The application took me 523 00:37:45,070 --> 00:37:49,650 less than 15 minutes and in a few hours I had the dollars in my account. It was really smooth. 524 00:37:50,290 --> 00:37:54,950 So if you need cash but you don't want to sell Bitcoin, head over to leaden.io forward slash 525 00:37:54,950 --> 00:38:01,710 WBD and you'll get 0.25% off your first loan. That's leaden.io forward slash WBD. 526 00:38:02,050 --> 00:38:06,950 This episode is brought to you by Bitcoin Mina. On December 8th and 9th, I'll be in Abu Dhabi for 527 00:38:06,950 --> 00:38:12,170 Bitcoin Mina along with 10,000 other Bitcoiners. There's an amazing lineup of over 200 speakers 528 00:38:12,170 --> 00:38:15,470 sharing Bitcoin insights and innovation from all over the world. 529 00:38:16,070 --> 00:38:18,250 And if you're looking for the ultimate VIP experience 530 00:38:18,250 --> 00:38:21,210 with exclusive networking plus premium food and drink, 531 00:38:21,550 --> 00:38:23,890 then grab the Whale Pass and the Whale Night Party 532 00:38:23,890 --> 00:38:26,050 even include surfing, so you know I'm going to be there. 533 00:38:26,310 --> 00:38:27,310 Tickets are on sale now. 534 00:38:27,470 --> 00:38:30,930 Use code WBD to get 10% off at checkout on all pass types. 535 00:38:31,350 --> 00:38:33,950 The website is mina.b.tc 536 00:38:33,950 --> 00:38:36,290 and use code WBD for 10% off. 537 00:38:36,770 --> 00:38:39,930 So what do you think then of the hardware wallet industry now? 538 00:38:39,930 --> 00:38:46,030 Because as far as I know, all the major companies don't require you to plug your hardware wallet into a device physically. 539 00:38:46,930 --> 00:38:50,410 And I wish I had someone who was more technical on this than me. 540 00:38:50,470 --> 00:38:51,250 Maybe you can explain. 541 00:38:51,350 --> 00:38:57,350 But I don't know the implications of the secure elements on all of these devices and what that means in terms of the cat and mouse's security. 542 00:38:57,970 --> 00:39:00,350 So this is, for me, this is disclaimer time. 543 00:39:01,650 --> 00:39:03,790 Yes, I was a forensic examiner for 15 years. 544 00:39:03,790 --> 00:39:14,490 But I am not super deep into security research where I'm the person who's evaluating secure platforms and a secure element platform in terms of being able to develop exploits for it. 545 00:39:14,830 --> 00:39:18,350 I was someone who learned and executed exploits that other people did. 546 00:39:18,570 --> 00:39:27,230 So in terms of the hardware wallet industry right now, I can't comment on specific modules that one company is using versus another one. 547 00:39:27,230 --> 00:39:31,190 It's more kind of the general adversarial landscape 548 00:39:31,190 --> 00:39:32,890 and my experience with mobile phones 549 00:39:32,890 --> 00:39:35,110 who are able to spend, even at this point, 550 00:39:35,110 --> 00:39:38,890 a lot more money on security audits and stuff 551 00:39:38,890 --> 00:39:43,610 than the hardware wallet makers are. 552 00:39:43,610 --> 00:39:46,770 So maybe then, just for context, 553 00:39:46,770 --> 00:39:49,470 I've used basically all the major hardware wallets. 554 00:39:49,470 --> 00:39:54,270 I feel very secure in my setup using them. 555 00:39:54,270 --> 00:39:59,770 Do you necessarily have an issue with the hardware wallets today? 556 00:39:59,850 --> 00:40:02,490 Because I can believe that this is going to be a cat and mouse game. 557 00:40:03,150 --> 00:40:05,790 There's no way that people aren't going to be trying to exploit these. 558 00:40:06,150 --> 00:40:10,670 And Ledger, for example, have their dungeon where they continually test all the devices, 559 00:40:10,790 --> 00:40:12,910 trying to find exploits and then disclose them. 560 00:40:13,150 --> 00:40:14,670 And they found a number of them. 561 00:40:15,550 --> 00:40:19,990 But even still, even with the cat and mouse game that will happen with this, 562 00:40:19,990 --> 00:40:22,130 that's the place that I feel comfortable storing my Bitcoin. 563 00:40:22,130 --> 00:40:24,130 Why do you not? 564 00:40:24,130 --> 00:40:27,130 Because you can assume that maybe you have to update 565 00:40:27,130 --> 00:40:28,130 your hardware every few years. 566 00:40:28,130 --> 00:40:30,130 There is going to be improvements and changes 567 00:40:30,130 --> 00:40:32,130 and things that need addressing. 568 00:40:32,130 --> 00:40:34,130 And when you say update, you mean refresh the hardware. 569 00:40:34,130 --> 00:40:35,130 It's not just a firmware. 570 00:40:35,130 --> 00:40:37,130 Yeah, maybe both. 571 00:40:37,130 --> 00:40:38,130 I mean, definitely the firmware. 572 00:40:38,130 --> 00:40:40,130 And I think at some point, hardware is going to get better, 573 00:40:40,130 --> 00:40:43,130 and you might want to upgrade to superior security. 574 00:40:43,130 --> 00:40:49,130 So part of it for me is, well, to tell a little bit 575 00:40:49,130 --> 00:40:51,130 about my time in forensics. 576 00:40:51,130 --> 00:41:00,130 So very frequently when you're dealing with people who are storing and accessing contraband information 577 00:41:00,130 --> 00:41:16,180 and they know that there is some possibility of them being caught by law enforcement their computers being seized like people take countermeasures whether it be you know activating BitLocker on their computer or using some kind of software encryption or whatever 578 00:41:16,400 --> 00:41:28,500 So when I think about the two sort of avenues you can go down, one is trusting a hardware 579 00:41:28,500 --> 00:41:35,100 device and physically some sort of access controls that are on a hardware device, like 580 00:41:35,100 --> 00:41:37,620 a pin code or like facial recognition or fingerprint or whatnot. 581 00:41:38,000 --> 00:41:40,940 I would call that you're putting more of your trust in the hardware. 582 00:41:41,980 --> 00:41:46,700 And in my experience in forensics, if I let that hardware sit there for 18 months, there's 583 00:41:46,700 --> 00:41:48,240 a good chance I may be able to get into it. 584 00:41:48,240 --> 00:41:57,040 However, I also had a number of cases where people, in an attempt to secure information 585 00:41:57,040 --> 00:42:03,420 that could have led to their indictment and prosecution, 586 00:42:04,140 --> 00:42:05,260 read child porn into that, 587 00:42:05,780 --> 00:42:09,380 they would use encryption, 588 00:42:09,380 --> 00:42:17,460 like some of the kind of gold standard encryption tools 589 00:42:17,460 --> 00:42:19,380 that are out there that are software encryption, 590 00:42:19,560 --> 00:42:20,060 but still. 591 00:42:20,660 --> 00:42:26,520 So I had certain cases that someone used TrueCrypt, say, 592 00:42:26,520 --> 00:42:32,640 just to throw one out. Someone using a good version of TrueCrypt with a sufficiently complicated 593 00:42:32,640 --> 00:42:44,140 password, unless something happens with quantum computing, it's going to be the heat death of 594 00:42:44,140 --> 00:42:49,680 the universe before I'll be able to guess the password that they set up with their particular 595 00:42:49,680 --> 00:42:55,680 version of TrueCrypt and the encryption algorithm they used, versus this iPhone that's totally 596 00:42:55,680 --> 00:43:00,120 you know, supposedly secure that if I wait 24 months, I'll probably be able to get into. 597 00:43:00,620 --> 00:43:05,240 So I can appreciate what you're saying about the harder wallet industry. I think a lot of that 598 00:43:05,240 --> 00:43:09,680 comes through as marketing. And I think there are absolutely, I don't want to be a complete 599 00:43:09,680 --> 00:43:14,640 naysayer. I think there are absolutely use cases and places where harder wallets can deliver value. 600 00:43:14,940 --> 00:43:22,640 But for me, I wanted to put my trust into the math that underlies the Bitcoin protocol rather than 601 00:43:22,640 --> 00:43:25,260 a third-party device. 602 00:43:25,620 --> 00:43:27,340 Okay. I do want to get into that 603 00:43:27,340 --> 00:43:28,620 because I have questions around that as well. 604 00:43:28,740 --> 00:43:31,180 But just to be fair here, 605 00:43:31,300 --> 00:43:34,620 you're talking about the most adversarial environment possible. 606 00:43:34,820 --> 00:43:38,120 This is like law enforcement having access to your devices. 607 00:43:38,720 --> 00:43:41,740 And you also, this is assuming there's a reason they want access. 608 00:43:41,740 --> 00:43:44,400 If you have just lawful Bitcoin on a hardware wallet, 609 00:43:44,740 --> 00:43:46,420 your risk isn't really that. 610 00:43:46,720 --> 00:43:47,780 It's a different risk. 611 00:43:48,300 --> 00:43:50,500 Well, to me, the number one risk 612 00:43:50,500 --> 00:43:52,380 is always you screwing yourself in terms of... 613 00:43:52,380 --> 00:43:54,020 Yes, I totally agree. 614 00:43:54,120 --> 00:43:56,660 I think I would imagine that's the most likely way 615 00:43:56,660 --> 00:43:58,060 that anyone ever loses their Bitcoin. 616 00:43:58,240 --> 00:43:59,580 So there's one part of it, 617 00:43:59,620 --> 00:44:01,140 which is you want to keep these things 618 00:44:01,140 --> 00:44:01,940 as simple as possible 619 00:44:01,940 --> 00:44:03,980 while retaining as much security as possible. 620 00:44:04,560 --> 00:44:07,620 But also like what's the real risk? 621 00:44:07,700 --> 00:44:09,020 It's that someone breaks into your house 622 00:44:09,020 --> 00:44:09,720 and steals a device 623 00:44:09,720 --> 00:44:11,000 if the device is at your house 624 00:44:11,000 --> 00:44:13,320 or breaks into wherever the device is and steals it. 625 00:44:13,840 --> 00:44:17,480 And it's not necessarily thinking about law enforcement 626 00:44:17,480 --> 00:44:18,340 having access to it. 627 00:44:18,420 --> 00:44:19,160 No, not law enforcement. 628 00:44:20,080 --> 00:44:21,120 Akin to law enforcement, 629 00:44:21,120 --> 00:44:29,940 We could also think of a dedicated adversary who knows how much Bitcoin you own and has some amount of resources to spend on that. 630 00:44:31,160 --> 00:44:33,700 Someone breaking into your house is definitely a concern. 631 00:44:33,700 --> 00:44:48,580 But what I worry more about is, let's say I set up a hardware wallet and I set it up using a private key that wasn't generated with sufficient entropy that was somehow guessable or predictable by someone else. 632 00:44:48,580 --> 00:44:51,940 and you think you've got X number of sats in your wallet, 633 00:44:52,060 --> 00:44:55,180 and then one day you wake up and go to check your balance, 634 00:44:55,300 --> 00:44:58,680 and because someone else owned your key before you did 635 00:44:58,680 --> 00:45:02,420 or was able to guess it somehow, your Bitcoin's gone. 636 00:45:02,420 --> 00:45:07,300 That is a nightmare scenario and something that some people have experienced. 637 00:45:07,820 --> 00:45:10,840 This is escaping me right now, but you may know. 638 00:45:10,980 --> 00:45:13,240 Isn't there a case of that happening right now with a wallet, 639 00:45:13,560 --> 00:45:17,100 like an old Bitcoin wallet that was generating stuff 640 00:45:17,100 --> 00:45:19,660 with poor entropy in Bitcoins being taken. 641 00:45:20,100 --> 00:45:25,700 Was it something bleed is the name of the exploit? 642 00:45:26,160 --> 00:45:28,620 I don't know if it was key bleed or something similar. 643 00:45:30,140 --> 00:45:31,160 I can't think of the name, 644 00:45:31,220 --> 00:45:33,480 but it was some sort of online software wallet 645 00:45:33,480 --> 00:45:36,860 where it wasn't anything malicious, 646 00:45:36,860 --> 00:45:38,900 just technically there was not enough entropy. 647 00:45:39,200 --> 00:45:41,020 It was using like a poor random number generator. 648 00:45:41,400 --> 00:45:44,360 The RNG was insufficient or who knows what, 649 00:45:44,860 --> 00:45:46,360 but that sort of thing. 650 00:45:46,360 --> 00:45:54,540 But it also, for someone who's not sophisticated, that problem can manifest itself with harder wallets. 651 00:45:54,660 --> 00:46:00,720 Like with some harder wallets, you can roll dice a number of times to create a private key. 652 00:46:00,920 --> 00:46:08,160 And there have been, sadly, instances where some of the platforms did not require enough dice rolls. 653 00:46:08,480 --> 00:46:16,200 And people not really understanding what they're doing, they might roll the dice, you know, a half dozen times and think that's great for a private key. 654 00:46:16,360 --> 00:46:18,720 only as soon as they make a deposit, 655 00:46:18,880 --> 00:46:21,040 there's some bot out there looking to sweep 656 00:46:21,040 --> 00:46:23,260 a particular number of known addresses, 657 00:46:23,560 --> 00:46:24,680 and poof, the money goes. 658 00:46:24,920 --> 00:46:27,280 I mean, this is one of the things that I think is really important 659 00:46:27,280 --> 00:46:29,860 for everyone to have a good understanding of. 660 00:46:30,860 --> 00:46:33,820 I love that these devices have products like that, 661 00:46:33,880 --> 00:46:36,220 and you can do 100 dice rolls to create your entropy, 662 00:46:36,640 --> 00:46:39,480 but done poorly, it's more dangerous than just not doing it at all. 663 00:46:39,720 --> 00:46:42,700 And I think people sometimes overcomplicate their setup 664 00:46:42,700 --> 00:46:44,000 when they don't really have to. 665 00:46:44,800 --> 00:46:46,660 And I know Odell's on this all the time, 666 00:46:46,720 --> 00:46:49,800 but the idea of multi-sig is great for people, 667 00:46:49,900 --> 00:46:52,880 especially if you're maybe a public figure in Bitcoin 668 00:46:52,880 --> 00:46:54,460 or you're a corporation or whatever. 669 00:46:54,600 --> 00:46:55,640 But for a lot of people, 670 00:46:55,780 --> 00:46:58,100 just a simple single-sig setup is okay. 671 00:46:58,920 --> 00:46:59,780 It's okay. 672 00:47:01,240 --> 00:47:03,740 But I think it's important to think of security 673 00:47:03,740 --> 00:47:05,660 as a journey and not a destination. 674 00:47:06,580 --> 00:47:08,040 So maybe we were talking before 675 00:47:08,040 --> 00:47:11,060 about your Bitcoin 10xing from where it is now. 676 00:47:11,060 --> 00:47:13,940 So maybe right now you're comfortable a single-sig 677 00:47:13,940 --> 00:47:23,300 but after a 3 or a 4x, it's like that meme where multi-sig is walking down the street looking pretty hot 678 00:47:23,300 --> 00:47:27,400 and single-sig's like, where are you checking him out? 679 00:47:29,980 --> 00:47:40,540 Yeah, I think of security as a journey, and I also think we need to be careful about addressing those nagging concerns 680 00:47:40,540 --> 00:47:43,620 in the back of our minds. 681 00:47:43,740 --> 00:47:46,960 Things that, you know, when you're laying in bed at night, 682 00:47:47,020 --> 00:47:50,060 you think about your sats and what you hope they're going to be worth 683 00:47:50,060 --> 00:47:51,160 and how you're storing them. 684 00:47:51,740 --> 00:47:54,680 What are the little things, if any, that make you a little uncomfortable 685 00:47:54,680 --> 00:47:56,600 that maybe you haven't thought through 686 00:47:56,600 --> 00:47:59,140 or maybe you don't understand completely about your setup? 687 00:47:59,520 --> 00:48:01,220 I think it's important to pay attention to those. 688 00:48:02,300 --> 00:48:05,940 And multi-sig, for me, so admittedly, my vantage point is a little bit different. 689 00:48:06,160 --> 00:48:09,820 Having been someone who's actually helped execute search warrants 690 00:48:09,820 --> 00:48:15,000 and gone into people's houses and businesses looking for things on behalf of government, 691 00:48:15,620 --> 00:48:19,680 I just naturally have a more adversarial take on things. 692 00:48:20,080 --> 00:48:23,880 But Multisig was like a through-the-looking-glass moment for me 693 00:48:23,880 --> 00:48:27,620 when it finally started to be available to everyday Bitcoin. 694 00:48:27,740 --> 00:48:30,960 Originally, it was like BitGo and some institutional service providers. 695 00:48:31,700 --> 00:48:34,960 But when SpecterWallet came out, it was really, to my knowledge, 696 00:48:34,960 --> 00:48:39,060 the first average Bitcoiner-facing tool that made Multisig possible. 697 00:48:39,060 --> 00:48:45,200 Because if you have a single say wallet, like you got to keep that wallet at your house. 698 00:48:45,460 --> 00:48:49,480 And then, of course, you have to, you know, back up your seed phrase, right? 699 00:48:49,920 --> 00:48:52,180 So you it wouldn't make sense to keep that with a wallet. 700 00:48:52,300 --> 00:48:59,440 So you got to find a second hiding place, whether that's a bank deposit box or your best friend's gun safe or under a tree in your grandma's backyard or wherever it is. 701 00:49:01,020 --> 00:49:06,520 And if someone finds the seed phrase, you know, if they know what it is, game over. 702 00:49:06,520 --> 00:49:12,100 If they find your harder wallet, like there's also the issue of people are really bad at choosing pins. 703 00:49:12,260 --> 00:49:22,260 Like I've gotten more mobile phones than I think I should have just by, you know, there's like five or 10 things that you go through. 704 00:49:22,340 --> 00:49:30,700 Last four of social security number, birthday, spouse's birthday, you know, the numerics of the street they live on and all this kind of stuff. 705 00:49:31,340 --> 00:49:33,300 People are just bad at choosing pin numbers. 706 00:49:33,300 --> 00:49:41,600 So if you can get into that person's house and either find their backup or their hardware wallet, I mean, they could be cooked. 707 00:49:42,420 --> 00:49:59,980 But with multi-sig, like even if you have a nation state level adversary who has significant resources and it turns it from just going to your house and finding that one thing and potentially trying to exploit that one thing to maybe. 708 00:49:59,980 --> 00:50:05,060 first of all, you don't know, is it a two of three? Is it a three of five? Is it a, 709 00:50:05,060 --> 00:50:09,680 you know, six of seven? Who knows? And then it becomes this 710 00:50:09,680 --> 00:50:14,900 treasure hunt of figuring out where the pieces to the puzzle are hidden 711 00:50:14,900 --> 00:50:19,660 and how many of them you need to be able to get access. So multi-stake was really 712 00:50:19,660 --> 00:50:25,740 when I was, had reaccumulated some Bitcoin, I was looking for that level up for my cold storage. 713 00:50:25,740 --> 00:50:32,080 multi-stake for me was where it was at. And that is a big part of the journey that I took 714 00:50:32,080 --> 00:50:37,520 eventually to SeedSigner, but just my initial journey in trying to re-secure the Bitcoin that 715 00:50:37,520 --> 00:50:42,440 I bought. Yeah. The thing that I would reiterate there is, we kind of touched on it already, 716 00:50:42,560 --> 00:50:47,300 is the fact that you're most likely to lose your Bitcoin, not have it stolen from you. And the 717 00:50:47,300 --> 00:50:52,940 thing that people need to be fully, fully confident in is that they can access that Bitcoin if 718 00:50:52,940 --> 00:50:57,400 anything goes wrong. And sometimes I think multi-sig maybe is a step too far for right now 719 00:50:57,400 --> 00:51:02,200 for some people. But like you say, this is a journey, not a destination. It's one of those, 720 00:51:02,440 --> 00:51:09,200 for me, with great power comes great responsibility. And it's the same with even 721 00:51:09,200 --> 00:51:15,800 with your single-sig hardware wallet, if you choose to add a BIP39 passphrase to it. 722 00:51:16,200 --> 00:51:20,700 So you're effectively, with that, creating a two of two multi-sig, because if you lose either the 723 00:51:20,700 --> 00:51:27,680 passphrase or the seed phrase, without the both of them, you don't have access to your funds. 724 00:51:28,060 --> 00:51:35,600 So same with multi-sig. And we talked about this a little bit beforehand as we were discussing 725 00:51:35,600 --> 00:51:45,560 this conversation, that there are tools like cars and firearms and knives that if you're going to 726 00:51:45,560 --> 00:51:51,700 use and you're not going to cut yourself or shoot yourself, you have to invest a basic level of 727 00:51:51,700 --> 00:51:58,140 training into understanding what is powerful about that tool and what's dangerous about that tool 728 00:51:58,140 --> 00:52:04,820 and how to properly use it. And multi-sig is definitely a level up from single-sig in terms of 729 00:52:05,740 --> 00:52:12,100 the information storage requirement because you have to, I don't want to get too technical, but 730 00:52:12,100 --> 00:52:17,260 you have to keep versions of all of the public versions of the private keys. You have to have 731 00:52:17,260 --> 00:52:21,860 those on hand to be able to make the threshold spend, unless you have all the private keys. 732 00:52:22,580 --> 00:52:27,760 But to dumb it down a little, there's some additional information you have to keep. 733 00:52:28,580 --> 00:52:33,080 That information, I think, can be classified as private but not secret, which is confusing 734 00:52:33,080 --> 00:52:39,400 because we say private keys and not secret keys. But if someone gets the information about your 735 00:52:39,400 --> 00:52:43,540 your wallet setup. They can see your money. They can see your balance in the transactions you made, 736 00:52:43,700 --> 00:52:49,080 but without the private keys, they can't steal your money. So enhanced information storage 737 00:52:49,080 --> 00:52:54,200 threshold, but it's a diminished requirement in terms of the private versus secret thing. So you 738 00:52:54,200 --> 00:52:58,580 can secure that a little differently. Like I think for a wallet descriptor, maybe we're getting a 739 00:52:58,580 --> 00:53:03,880 little technical here, but for a wallet descriptor, you know, encrypted and cloud storage is potentially 740 00:53:03,880 --> 00:53:09,560 okay if you're comfortable with the trade-offs or keeping multiple copies of it. But anyhow. 741 00:53:09,860 --> 00:53:13,240 But I think it obviously is getting a little technical there. I think the important thing 742 00:53:13,240 --> 00:53:18,260 for people to know, though, is that there are different products out there for people who have 743 00:53:18,260 --> 00:53:23,220 different needs. And so Bitkey responds to the show. But I think that's a perfect entry-level 744 00:53:23,220 --> 00:53:28,120 thing for people to be using who may not... This might all be going over their heads. But something 745 00:53:28,120 --> 00:53:31,860 like that is a great option. And then if you want to do multi-sig, you might... There's a ton of 746 00:53:31,860 --> 00:53:36,540 hardware out there, and obviously the SeedSigner, which we can talk about now. So when did you 747 00:53:36,540 --> 00:53:41,720 first come up with SeedSigner? Can I take a step back? Absolutely. 748 00:53:42,660 --> 00:53:47,820 So in terms of, I do think BitKey is potentially a great solution. And I think what people, 749 00:53:48,320 --> 00:53:55,400 kind of the paradigm is how much of the easy button do you want? If you, I keep going back 750 00:53:55,400 --> 00:54:01,680 to this knives metaphor, but if you want to dice an onion, you can use one of these auto dicing 751 00:54:01,680 --> 00:54:07,460 things that you just tap on it a few times, but you may not like the way it dices your onion. So 752 00:54:07,460 --> 00:54:11,560 you may want to invest in learning how to use a knife properly and how to dice an onion properly. 753 00:54:12,020 --> 00:54:17,240 And it's always this trade-off in security of, we'll probably keep coming back to this, 754 00:54:17,300 --> 00:54:22,520 but in security, it's always a trade-off. And so that easy button means that you're giving up a 755 00:54:22,520 --> 00:54:27,840 certain amount of trust with the people that create the easy button. So for people, yeah, 756 00:54:27,900 --> 00:54:34,060 or privacy. So for people who are comfortable with the increased trust or privacy threshold, 757 00:54:34,300 --> 00:54:40,100 those kinds of solutions may be, are great for them. But for people who aren't comfortable with 758 00:54:40,100 --> 00:54:47,120 the trade-off, there are other options for them as well. But to jump back to your question about 759 00:54:47,120 --> 00:54:51,260 SeedSigner. And just one, sorry, just one thing on that. It's like, I think the important thing as 760 00:54:51,260 --> 00:54:55,220 well is that like, in my opinion, at least everything's a step in the right direction, 761 00:54:55,220 --> 00:54:58,880 as opposed to just keeping it on an exchange or with an ETF or anything like that. At least, 762 00:54:58,920 --> 00:55:03,520 at least you're making a step in the chain. Yeah, no, a hundred, even, even, you know, 763 00:55:03,900 --> 00:55:07,200 you wouldn't want to put a huge amount of money on a hot wall, but even a hot wall is better than 764 00:55:07,200 --> 00:55:12,640 Coinbase or, uh, you know, BlackRock. Yeah. A hundred percent. Okay. Let's get on to SeedSigner. 765 00:55:12,640 --> 00:55:21,640 So SeedSigner came about as I was reestablishing my new cold storage setup. 766 00:55:22,380 --> 00:55:28,340 And like I said before, I became aware of a wallet called Spectra Desktop. 767 00:55:28,640 --> 00:55:30,860 And I don't know if you're familiar, if people listening would be familiar. 768 00:55:32,520 --> 00:55:36,460 It was very similar to what Sparrow is right now, if people are familiar with Sparrow. 769 00:55:36,460 --> 00:55:43,760 Sparrow is kind of the gold standard of wallet coordinators that you can use on a laptop or desktop computer. 770 00:55:43,760 --> 00:55:43,960 It's brilliant. 771 00:55:44,740 --> 00:55:53,500 So I discovered Spectre Desktop, and Spectre had kind of a companion project that is called the Spectre DIY, 772 00:55:53,900 --> 00:55:57,460 which is kind of a single board computer device. 773 00:55:58,220 --> 00:56:03,960 It's a handheld computer that's microcontroller based that you build from off-the-shelf parts. 774 00:56:03,960 --> 00:56:08,000 and with this one device, 775 00:56:08,000 --> 00:56:11,160 you can actually use it to create and manage multiple private keys. 776 00:56:11,940 --> 00:56:17,740 And so I was really enthusiastic about Spectre Desktop 777 00:56:17,740 --> 00:56:20,500 and Spectre Desktop supports multiple hardware wallets, 778 00:56:20,620 --> 00:56:23,220 even not at the very beginning, but after on. 779 00:56:23,780 --> 00:56:26,060 Keith McKay did a bunch of work to implement hardware wallets 780 00:56:26,060 --> 00:56:27,140 on Spectre Desktop. 781 00:56:27,140 --> 00:56:38,280 out. This Spectre DIY was this super powerful tool that resonated with me because it applied 782 00:56:38,280 --> 00:56:44,020 some of the foundational concepts that I'd learned about while using digital forensics. Like it was 783 00:56:44,020 --> 00:56:50,660 completely offline, you know, didn't connect to Wi-Fi, didn't connect to Bluetooth. And you could 784 00:56:50,660 --> 00:56:55,200 use it in such a fashion that it didn't store your private keys after you'd use it to create 785 00:56:55,200 --> 00:57:00,540 one or more private keys. It didn't persistently store them, which is a technique that we often 786 00:57:00,540 --> 00:57:09,140 use in forensics to conduct an examination of a computer. And so I'm enchanted with Spectre 787 00:57:09,140 --> 00:57:14,120 Desktop. I build one of these Spectre DIYs, and I'm getting my new multi-sig setup, and it's so 788 00:57:14,120 --> 00:57:22,060 awesome. I started interacting with the, his name's Stepan Snigarev, who was the primary architect 789 00:57:22,060 --> 00:57:28,560 of Spectre. And I also dabbled in 3D printing. And at the time, they didn't even have, like, 790 00:57:28,560 --> 00:57:32,400 it was just a circuit board that you bought and you held in your hands kind of awkwardly 791 00:57:32,400 --> 00:57:37,500 with a scanning module attached to it. So I had done a little bit of stuff with 3D printing. So 792 00:57:37,500 --> 00:57:42,500 I designed a very simple rudimentary enclosure for this thing and offered to send them one. And I 793 00:57:42,500 --> 00:57:47,340 started interacting with some of the people who were behind that project. And that also put me in 794 00:57:47,340 --> 00:57:55,020 touch with a Bitcoiner called Michael Flaxman, who's, I guess he would call himself a cryptographer. 795 00:57:55,460 --> 00:58:02,380 But he wrote this guide for Bitcoin cold storage called the, I believe it's called the 10x Bitcoin 796 00:58:02,380 --> 00:58:08,040 security guide. It's actually, it's hosted on GitHub. You can just Google that and it's evergreen. 797 00:58:08,140 --> 00:58:12,640 It's still completely applicable, but it's about making upgrades to your security posture in 798 00:58:12,640 --> 00:58:17,260 different ways where you get the most bang for your buck. And I started interacting with him and 799 00:58:17,260 --> 00:58:23,700 And he was telling me about an idea he had to use a Raspberry Pi, a specific version 800 00:58:23,700 --> 00:58:29,180 of a Raspberry Pi that didn't have Wi-Fi, didn't have Bluetooth, as basically a private 801 00:58:29,180 --> 00:58:30,180 key generator. 802 00:58:30,180 --> 00:58:36,140 It's this naturally very isolated environment where you could create private keys and then 803 00:58:36,140 --> 00:58:42,460 you'd write down the seed words and you wouldn't have concerns that the key was leaked or had 804 00:58:42,460 --> 00:58:44,460 a chance to be on any other device. 805 00:58:44,460 --> 00:58:47,100 So it's a very secure way to create private keys. 806 00:58:47,640 --> 00:58:50,300 And I stepped away from work. 807 00:58:50,360 --> 00:58:52,860 I don't have a background as a programmer, but I like projects. 808 00:58:52,980 --> 00:58:56,320 And so I bought this hardware that he had told me about, the Raspberry Pi, 809 00:58:56,520 --> 00:58:58,940 and just a simple screen and controls to put on it. 810 00:58:59,600 --> 00:59:03,840 And this was before AI or ChatGPT or anything. 811 00:59:03,960 --> 00:59:10,600 So I had Udemy Python videos for a week just to relearn enough programming to be able to do it. 812 00:59:10,600 --> 00:59:15,260 but I wrote this very simple proof of concept that showed with this Raspberry Pi setup, 813 00:59:15,360 --> 00:59:18,900 you could do basically what the Spectre DIY thing could do, 814 00:59:19,000 --> 00:59:22,000 but at a fifth of the cost or something. 815 00:59:22,080 --> 00:59:24,240 It was a super cheap thing, like less than 30 bucks. 816 00:59:25,020 --> 00:59:26,820 And I started sharing that on Twitter, 817 00:59:27,220 --> 00:59:30,120 and I realized if I attached a $5 camera to it, 818 00:59:30,360 --> 00:59:34,900 I could fully replicate all of the functionality, again, from the Spectre DIY. 819 00:59:35,860 --> 00:59:38,160 And so being a cheapskate, that was satisfying to me. 820 00:59:38,300 --> 00:59:40,060 And I started posting about it on Twitter, 821 00:59:40,060 --> 00:59:41,860 and people seem interested. 822 00:59:42,880 --> 00:59:49,540 And it was in, let's say, April or May, I guess, 823 00:59:49,660 --> 00:59:53,480 of 2021, Bitcoin conference in Miami. 824 00:59:55,420 --> 00:59:56,820 Not sure if that was the first year they had it. 825 00:59:56,940 --> 00:59:59,600 Anyhow, they had this Fostome in the tent 826 00:59:59,600 --> 01:00:02,380 that Matt Odell had done a great job of organizing. 827 01:00:03,120 --> 01:00:05,740 And I contacted them ahead of time 828 01:00:05,740 --> 01:00:07,300 and asked if I could have 20 or 30 minutes 829 01:00:07,300 --> 01:00:08,240 to talk about SeedsNider. 830 01:00:08,240 --> 01:00:14,560 and just as serendipity kind of happened um there were a few people in the audience that day 831 01:00:14,560 --> 01:00:21,720 who uh listened to my kind of high level explanation what seed center was and subsequently 832 01:00:21,720 --> 01:00:28,080 been began contributing to it so in the beginning it was just me with this horrible spaghetti code 833 01:00:28,080 --> 01:00:32,800 proof of concept thing um and then shortly thereafter other people started discovering 834 01:00:32,800 --> 01:00:40,640 the project, people who are much better programmers than me. And it just kind of started to take on a 835 01:00:40,640 --> 01:00:45,880 life of its own. It really started to improve rapidly, both in terms of the security assurances 836 01:00:45,880 --> 01:00:53,720 and the user interface and the usability of it. And so that was kind of, that's how SeedSigner 837 01:00:53,720 --> 01:00:58,820 came to be. So I've never actually used a SeedSigner. I was given one about six months ago, 838 01:00:58,820 --> 01:01:00,860 but I've never used it. 839 01:01:01,200 --> 01:01:03,240 So maybe it's worth explaining how they actually work. 840 01:01:03,580 --> 01:01:06,540 Because you're creating your private keys on there 841 01:01:06,540 --> 01:01:09,180 and then presumably incentivizing people 842 01:01:09,180 --> 01:01:11,440 or asking people to put them on steel 843 01:01:11,440 --> 01:01:14,180 and then you put them away safely somewhere. 844 01:01:14,480 --> 01:01:14,960 Right, right. 845 01:01:15,440 --> 01:01:19,780 And you can differentiate a seed signer as, 846 01:01:19,900 --> 01:01:21,420 I refer to it as a signing device 847 01:01:21,420 --> 01:01:23,580 rather than a wallet or a hardware wallet 848 01:01:23,580 --> 01:01:26,300 because it doesn't persistently store the private keys. 849 01:01:26,420 --> 01:01:27,680 You can use it to create keys. 850 01:01:27,680 --> 01:01:30,440 Once it's powered on, you can load keys onto it. 851 01:01:30,440 --> 01:01:32,220 But when you remove power from it, 852 01:01:32,220 --> 01:01:34,220 all of the software is running in RAM. 853 01:01:34,220 --> 01:01:36,220 And the nature of computer memory, 854 01:01:36,220 --> 01:01:37,640 at least random access memory, 855 01:01:37,640 --> 01:01:48,810 is that when you remove power from it it loses its state That where the term stateless comes from So it loses its state and it resets to its natural beginning point 856 01:01:49,450 --> 01:01:53,350 So that's kind of the basis of seed signers. 857 01:01:53,490 --> 01:02:01,310 Instead of obtaining a device that is used as kind of this mini digital Fort Knox 858 01:02:01,310 --> 01:02:04,450 that puts access restrictions around your private key 859 01:02:04,450 --> 01:02:08,010 and tries to keep it stored persistently over time, 860 01:02:08,050 --> 01:02:10,350 as well as tries to keep prying eyes away from it, 861 01:02:10,730 --> 01:02:12,810 we kind of flip that on its head with SeedSigner 862 01:02:12,810 --> 01:02:15,970 and intentionally operate the device in such a fashion 863 01:02:15,970 --> 01:02:18,090 that it doesn't store the keys at all. 864 01:02:18,270 --> 01:02:21,150 So that, as you allude, puts onus on the user 865 01:02:21,150 --> 01:02:24,870 to really take ownership of the analog copies of their keys 866 01:02:24,870 --> 01:02:27,230 and think very carefully about, 867 01:02:27,810 --> 01:02:33,830 do I use this in the context of a multi-sig? 868 01:02:34,250 --> 01:02:36,370 Is this a wallet that I'm going to be spending 869 01:02:36,370 --> 01:02:41,550 from multiple times a month or maybe a long-term savings wallet that I'm only going to visit 870 01:02:41,550 --> 01:02:43,610 once or twice a year, if that. 871 01:02:44,490 --> 01:02:47,670 Am I storing my keys in paper or metal? 872 01:02:47,870 --> 01:02:48,650 And am I keeping them? 873 01:02:49,330 --> 01:02:51,930 Where am I keeping them in terms of who has access to them? 874 01:02:52,250 --> 01:02:54,170 Am I going to use a Bit39 passphrase? 875 01:02:54,670 --> 01:03:00,370 And so it encourages you because you're not relying on the security assurances of the 876 01:03:00,370 --> 01:03:00,970 device. 877 01:03:00,970 --> 01:03:04,510 It really encourages you to lean into the game theory 878 01:03:04,510 --> 01:03:06,610 around your cold storage setup, 879 01:03:06,790 --> 01:03:08,530 especially, I can't say this enough, 880 01:03:08,610 --> 01:03:09,470 with multi-sig in mind, 881 01:03:09,550 --> 01:03:13,810 because that's a key part of the whole project. 882 01:03:14,190 --> 01:03:17,030 But so where my hesitation from that would come from 883 01:03:17,030 --> 01:03:19,310 and where a lot of the criticism at SeedSigner comes from 884 01:03:19,310 --> 01:03:20,990 is the fact that you do have to be able to 885 01:03:20,990 --> 01:03:23,290 constantly access your private keys if you want to spend. 886 01:03:24,410 --> 01:03:26,250 Like with a normal hardware wallet, 887 01:03:26,330 --> 01:03:29,570 you can put your backup in a safe in a different location 888 01:03:29,570 --> 01:03:32,290 in a safety deposit box, wherever it might be. 889 01:03:32,690 --> 01:03:34,150 And you don't have to access that 890 01:03:34,150 --> 01:03:36,110 unless you lose access to the wallet. 891 01:03:36,270 --> 01:03:36,470 Right. 892 01:03:36,850 --> 01:03:38,770 With this, you need to have them on hand to spend. 893 01:03:39,090 --> 01:03:39,270 Right. 894 01:03:39,370 --> 01:03:41,850 So why is that trade-off worthwhile to you? 895 01:03:42,310 --> 01:03:44,150 Because it allows you to forego 896 01:03:44,150 --> 01:03:46,090 all of the trust that's wrapped up 897 01:03:46,090 --> 01:03:48,670 in the commercial hardware wallet sort of space. 898 01:03:49,170 --> 01:03:51,690 Do you sell these devices whole built like this? 899 01:03:51,810 --> 01:03:52,130 I do. 900 01:03:52,510 --> 01:03:54,750 So how do people who buy it 901 01:03:54,750 --> 01:03:57,550 not know that you've not tampered with it? 902 01:03:57,550 --> 01:04:03,010 So there's this, again, we talked about trade-offs all the way down, and that's another trade-off. 903 01:04:03,390 --> 01:04:09,590 So all of the information to build a seed signer is published in the repo, all the software, even the designs for the 3D printable enclosures. 904 01:04:10,210 --> 01:04:15,070 If someone is going to purchase a seed signer, I always encourage them to buy it as a kit. 905 01:04:15,530 --> 01:04:20,310 And when they receive the devices, just compare them with photos online. 906 01:04:20,310 --> 01:04:26,470 A Raspberry Pi 1.3 has a small amount of firmware that's permanently etched into the board of the factory. 907 01:04:27,550 --> 01:04:40,010 But if you compare the device that I or someone else who resells seed signers has sent you with what you've seen online, you can get a pretty good degree of assurance that, you know, the device hasn't been tampered with. 908 01:04:40,110 --> 01:04:48,510 Because as we've yet to discover, anyone who has or can describe a way to change the firmware that's burned in at the factory on those Raspberry Pis. 909 01:04:49,070 --> 01:04:54,870 Now, what I think is in terms of we're kind of jumping forward to what if you bought a seed signer from somebody else. 910 01:04:54,870 --> 01:05:14,070 But what I think is more of a risk when you buy a seed signer, particularly from another person, is them steering you in a direction that would cause you to allow them to exploit your wallet in terms of pointing you to an unofficial software repo. 911 01:05:14,330 --> 01:05:18,910 Because that's another thing with the seed signer that is dangerous like a knife is dangerous. 912 01:05:18,910 --> 01:05:28,850 It's off-the-shelf hardware that does not have software authenticity assurance built into it so that you can run any code you want to on there. 913 01:05:28,850 --> 01:05:47,710 And so if someone tricks you into going to a counterfeit software repository that doesn't contain our sanctioned version of a given release that contains something potentially with malicious code in it, you can get hurt that way. 914 01:05:48,910 --> 01:06:03,610 And that's why this constant process of people who are interested in seed signers has to come with a good degree of education in terms of the risks and the parts of the process that you absolutely have to pay attention to. 915 01:06:03,710 --> 01:06:15,130 So I think somebody who buys a seed signer or buys a seed signer kit is more likely to be tricked via the documentation into doing something stupid rather than I'm sending you malicious hardware kind of a thing. 916 01:06:15,130 --> 01:06:18,390 obviously if someone's selling seed signers 917 01:06:18,390 --> 01:06:21,770 we never recommend that the software 918 01:06:21,770 --> 01:06:23,850 that gets loaded onto the micro SD card 919 01:06:23,850 --> 01:06:24,970 is shipped with the device 920 01:06:24,970 --> 01:06:28,090 people need to be absolutely comfortable 921 01:06:28,090 --> 01:06:30,590 sourcing software from the right place 922 01:06:30,590 --> 01:06:32,610 and then verifying cryptographically 923 01:06:32,610 --> 01:06:34,370 that it's a sanctioned release 924 01:06:34,370 --> 01:06:36,490 so they need to be going to your GitHub 925 01:06:36,490 --> 01:06:38,890 and getting the official open source release 926 01:06:38,890 --> 01:06:41,270 they either go to the seed signer GitHub repo 927 01:06:41,270 --> 01:06:45,210 or this is drifting into technical, 928 01:06:45,430 --> 01:06:49,330 but the seed center releases are what's referred to 929 01:06:49,330 --> 01:06:50,730 as reproducible software. 930 01:06:51,470 --> 01:06:53,050 So if you don't download it from us, 931 01:06:53,810 --> 01:06:57,730 it's actually a more simple process than you'd think. 932 01:06:57,830 --> 01:07:00,350 But you can build the software release yourself 933 01:07:00,350 --> 01:07:04,050 from source code and open source repositories 934 01:07:04,050 --> 01:07:06,870 within a few hours with a laptop computer. 935 01:07:07,550 --> 01:07:11,030 But again, because it will run any code 936 01:07:11,030 --> 01:07:15,390 that you load onto it, you just have to make sure that you're loading good code. And once you learn 937 01:07:15,390 --> 01:07:20,950 that process, you realize it's not that big of a deal. And anytime you want to deploy new software 938 01:07:20,950 --> 01:07:26,910 to it, you can, but it all comes back to that educational process. Okay. So that makes sense. 939 01:07:26,990 --> 01:07:33,290 And like you say, security in any capacity like this is trade-offs. But I kind of interrupted you 940 01:07:33,290 --> 01:07:40,490 on your point there about having the private keys in an easily accessible place and what the trade-off 941 01:07:40,490 --> 01:07:47,410 there is. So we know that there's going to be a backup with harder wallets. I won't say no matter 942 01:07:47,410 --> 01:07:51,170 what, but with most people with a harder wallet, either whether they're using it as single SIG 943 01:07:51,170 --> 01:07:56,870 or a multi-SIG, they're going to want to do a backup. CASA, I think, gets around this a little 944 01:07:56,870 --> 01:08:01,890 bit by doing health checks to make sure that the devices that are storing keys still have them. 945 01:08:02,210 --> 01:08:07,390 But most people are going to want to absolutely put their seed phrase, which for people who aren't 946 01:08:07,390 --> 01:08:10,390 where your seed phrase is just a human readable version of your private key. 947 01:08:10,790 --> 01:08:12,990 You're going to want to keep those in paper or metal. 948 01:08:14,070 --> 01:08:14,510 Metal. 949 01:08:15,170 --> 01:08:16,730 Yeah, metal. 950 01:08:16,930 --> 01:08:19,810 Although with multi-sig, you can make an argument for paper storage 951 01:08:19,810 --> 01:08:23,230 because they're in different geographically distributed locations, 952 01:08:23,430 --> 01:08:26,090 but we won't go too far down that road. 953 01:08:26,290 --> 01:08:28,890 So with a hardware wallet, you're going to be storing your key 954 01:08:28,890 --> 01:08:31,110 in an analog format somewhere else. 955 01:08:31,590 --> 01:08:35,030 So if this is a long-term cold storage use case, 956 01:08:35,030 --> 01:08:37,850 like this is the money I'm setting aside for my kids' tuition 957 01:08:37,850 --> 01:08:42,130 or to buy a house in 10 years or just to leave to my heirs. 958 01:08:42,890 --> 01:08:45,050 You're not going to be touching those private keys very often. 959 01:08:45,790 --> 01:08:49,710 You can get around the trust that's tied up in hardware wallets 960 01:08:49,710 --> 01:08:53,430 and all those copies of private keys that you have to keep around 961 01:08:53,430 --> 01:09:01,630 with instead of, so if you have a hardware wallet with a backup, 962 01:09:01,750 --> 01:09:03,350 you have two copies of your private keys. 963 01:09:03,350 --> 01:09:06,850 You have the analog version that's stored at the safe deposit box, we'll say. 964 01:09:06,950 --> 01:09:12,450 And then you have a digital version that is on the hardware wallet that's in your desk drawer or your gun safe at home or wherever it is. 965 01:09:12,590 --> 01:09:14,430 But you still have two copies of the private keys. 966 01:09:14,730 --> 01:09:21,070 So even with a simple two of three setup, you kind of have to come up with six hiding places, right? 967 01:09:21,630 --> 01:09:28,150 Because you have for each member of the quorum, you have the digital copy that's on the hardware wallet, and then you have the analog copy. 968 01:09:28,150 --> 01:09:34,150 For long-term cold storage, we're not going to be accessing the keys, especially in multi-sig. 969 01:09:34,150 --> 01:09:51,810 I think it makes sense to just forego the digital copy of the keys and just focus on those analog copies of the keys and keeping them private, safe, redundant, tamper-evident, protected in whatever ways you think are appropriate. 970 01:09:51,890 --> 01:09:55,850 Because you're going to have to store the backups anyway for your long-term savings. 971 01:09:55,850 --> 01:10:00,450 I think that got to your original question, did it not? 972 01:10:00,510 --> 01:10:01,410 Yeah, yeah. No, that makes sense. 973 01:10:01,430 --> 01:10:05,290 Because if you are putting Bitcoin away for 10, 20, 30, 40 years, 974 01:10:05,390 --> 01:10:07,570 who knows if the device is even going to turn on in that time? 975 01:10:08,250 --> 01:10:09,550 So that does make sense. 976 01:10:09,630 --> 01:10:14,070 But you do still have the additional redundancy, 977 01:10:14,110 --> 01:10:14,950 I don't know if that's the right word, 978 01:10:15,010 --> 01:10:17,450 of the actual physical hardware wallet. 979 01:10:17,790 --> 01:10:20,830 So if you're thinking of this as a multi-sig solution, 980 01:10:20,830 --> 01:10:23,550 do you still need six hiding places, essentially? 981 01:10:23,630 --> 01:10:24,650 You want a backup of a backup? 982 01:10:24,650 --> 01:10:30,770 up? Well, I mean, the alternative is, and like a lot of, this is another whole avenue that we can 983 01:10:30,770 --> 01:10:34,310 talk about, but a lot of people don't even understand what those seed words represent. 984 01:10:35,230 --> 01:10:40,810 Like when I do talks or, you know, individual walkthroughs of seed signer, I'll say, 985 01:10:41,050 --> 01:10:47,430 you know, most, not most people, but a lot of people end up keeping their, because when you 986 01:10:47,430 --> 01:10:51,070 set the device up, write down these 12 words, write down these 24 words or whatever it is, 987 01:10:51,070 --> 01:10:58,730 And most people end up writing them on the card and then storing that card with the hardware wallet, not even understanding that that's the holy grail. 988 01:10:58,930 --> 01:11:01,490 That's what the whole device exists to protect. 989 01:11:01,650 --> 01:11:04,030 So a lot of people don't even understand that anyway. 990 01:11:04,150 --> 01:11:16,930 But with what you allude to, so if we're going to store the analog version of the private keys, the seed words, with the device, and the devices over the long term, let's say, you know, two, five, ten years, 991 01:11:16,930 --> 01:11:22,470 the device, just by virtue of it being a digital storage medium, is more prone to failure anyway. 992 01:11:22,750 --> 01:11:24,090 Why are we even messing with it? 993 01:11:26,230 --> 01:11:33,830 There are some trade-offs that I'd like to talk about that a lot of people sign up for 994 01:11:33,830 --> 01:11:39,630 that maybe they don't realize they're signing up for when they decide to use a retail hardware wallet. 995 01:11:39,630 --> 01:11:52,510 So I'd probably break those down into three broad categories, like supply chain risk, trust, and then privacy. 996 01:11:53,610 --> 01:12:08,010 So when you use a retail hardware wallet, there's this issue of supply chain risk, meaning that from the earliest time that the subcomponents that are going to go into that thing, it becomes known that they're going to be used in a Bitcoin product. 997 01:12:08,010 --> 01:12:09,690 That is where risk begins. 998 01:12:10,050 --> 01:12:14,050 And risk lasts the entire time until that device is delivered to you in your home or 999 01:12:14,050 --> 01:12:17,470 you buy it from the store, wherever you take delivery of that device. 1000 01:12:17,950 --> 01:12:22,470 At each point in the journey, there's the potential for exploits to happen. 1001 01:12:23,070 --> 01:12:31,510 And I think exploits at the hardware level, they require a sophisticated actor. 1002 01:12:31,870 --> 01:12:35,970 But as Bitcoin 10Xs, I think we're going to see some wild stuff. 1003 01:12:35,970 --> 01:13:03,610 If presumably the Mossad can get into the supply chain of Hamas and make a bunch of pagers explode in someone's pocket all at once, all over different geographic locations, I think infiltrating the hardware wallet supply chain is well within the bounds of reason, given how much money that the hardware wallet ecosystem is intended to safeguard. 1004 01:13:03,610 --> 01:13:05,370 So there's this issue of supply chain risk. 1005 01:13:05,450 --> 01:13:08,610 There are ways that some hardware wallet companies have got, 1006 01:13:08,690 --> 01:13:10,210 at least in my knowledge, around that. 1007 01:13:10,290 --> 01:13:13,010 So with Coldcard, for example, it comes in a tamper-proof bag 1008 01:13:13,090 --> 01:13:16,690 which has a string of numbers and letters 1009 01:13:16,770 --> 01:13:17,930 that has to match the hardware wallet. 1010 01:13:18,010 --> 01:13:19,530 So you know that it's not been interfered with 1011 01:13:19,610 --> 01:13:21,010 between Coldcard and you. 1012 01:13:21,090 --> 01:13:24,090 Right. And what you're describing is 1013 01:13:24,170 --> 01:13:26,410 what some people refer to as the fake Rolex 1014 01:13:26,490 --> 01:13:29,610 sort of challenge with hardware wallets. 1015 01:13:29,610 --> 01:13:34,770 And there are some ways that you can authenticate the hardware. 1016 01:13:35,670 --> 01:13:47,190 But I would argue that if you've taken delivery of a box in the mail and you've opened this up and you're following the documentation that's come with the device, like the opportunity to capture you has already happened. 1017 01:13:47,410 --> 01:13:59,090 Because if you're reading the instructions that are packaged with a cold card, they can say, scan this QR and go to this website and now enter these digits and we'll help you determine that this is truly a genuine device. 1018 01:13:59,610 --> 01:14:06,090 um it that's obviously a social engineering attack but that's frankly like probably a more 1019 01:14:06,090 --> 01:14:12,430 likely attack than someone you know being able to infiltrate the supply chain i mean yeah you've 1020 01:14:12,430 --> 01:14:18,170 probably seen them on twitter the the trezor um devices that show up and they're completely fake 1021 01:14:18,170 --> 01:14:22,710 on the inside like they crack them open and compare them to a standard trezor and it's very obvious 1022 01:14:22,710 --> 01:14:26,790 that it's just different hardware components that's like the classic fake Rolex thing but i think 1023 01:14:26,790 --> 01:14:35,150 there are also nuanced exploits that like there are harder wallets that show up with a seed phrase, 1024 01:14:35,290 --> 01:14:39,530 you know, printed on a card and people don't understand what they're doing. And it says, 1025 01:14:39,530 --> 01:14:44,710 enter the seed phrase during the initiation process to set up your card. And of course, 1026 01:14:44,750 --> 01:14:48,850 someone else already owns that seed phrase. Yeah. I think though with things like that, 1027 01:14:48,930 --> 01:14:55,810 I don't mean to minimize it like, cause that is a risk, but people who are, as you said earlier, 1028 01:14:55,810 --> 01:14:59,590 an example, putting their seed words with the hardware wallet, or are going to fall for a trick 1029 01:14:59,590 --> 01:15:03,830 like there being a card in there with your 24 words ready for you. They're the people that should 1030 01:15:03,830 --> 01:15:09,110 be using Bitkey. And I don't mean this as a shill, but they've obviously pushed this seedless version 1031 01:15:09,110 --> 01:15:14,090 of their hardware. They don't want you to know your seed word. And I think for people who are that 1032 01:15:14,090 --> 01:15:19,130 early in their journey of learning about this, it's just a better option 1033 01:15:19,130 --> 01:15:24,070 than trying to overcomplicate it too quickly if you don't already understand the very basics like 1034 01:15:24,070 --> 01:15:29,970 that. It's a better option, but when you're just starting out, I would tend to agree with you it's 1035 01:15:29,970 --> 01:15:37,970 a better option. If you're that desirous or needing the easy button and the trust issues 1036 01:15:37,970 --> 01:15:45,210 aren't as important to you and you just want to get it done, that's fair. But Bitcoin works on you 1037 01:15:45,210 --> 01:15:52,470 as you own it. You probably experienced this too. There's a certain amount of cypherpunk ethos that's 1038 01:15:52,470 --> 01:15:57,310 embedded in Bitcoin. And so as you buy some Bitcoin, you put it on your BitKey, 1039 01:15:57,910 --> 01:16:03,250 you start to think about like, who has access to these different shards of my private key? 1040 01:16:04,070 --> 01:16:08,930 What if, or you see something online about what if the BitKey app no longer becomes available? 1041 01:16:09,410 --> 01:16:15,870 Am I going to be able to recover my funds? And I don't remember the circumstances exactly. I'm not 1042 01:16:15,870 --> 01:16:21,750 super versed in BitKey, but BitKey has acknowledged that at some point, the recovery process may 1043 01:16:21,750 --> 01:16:27,650 require an on-chain transaction. So for somebody like me, if the recovery process of me taking 1044 01:16:27,650 --> 01:16:32,470 custody of the coins requires an on-chain transaction, that's already a deal breaker. 1045 01:16:32,970 --> 01:16:41,370 But I'm someone who has a more advanced view of the environment, I guess. I won't argue with you 1046 01:16:41,370 --> 01:16:46,630 that for a beginner, it's a great onboarding tool and it's a first step, but I hope that it's a 1047 01:16:46,630 --> 01:16:54,130 first step in a larger journey. I don't want to get too far because of the three things I initially 1048 01:16:54,130 --> 01:17:00,630 brought up, there's the supply chain risk that Seed Center helps you get away from. Then there's 1049 01:17:00,630 --> 01:17:06,470 the overarching issue of trust. So when you purchase a retail hardware wallet, you're putting 1050 01:17:06,470 --> 01:17:13,010 a fair amount of trust that, say, BitKey has implemented their system in such a way that 1051 01:17:13,010 --> 01:17:19,470 sophisticated attackers won't be able to, when you get into keys being stored online 1052 01:17:19,470 --> 01:17:26,990 or remotely accessible, which as I understand it, they are with BitKey, that opens the doors up to 1053 01:17:26,990 --> 01:17:31,590 larger scale exploits where not just somebody coming into your house and stealing your hardware 1054 01:17:31,590 --> 01:17:38,690 wallet, but like lots of private keys could be potentially stolen all at once. Now the BitKey 1055 01:17:38,690 --> 01:17:43,410 people would argue that they have a belt and suspenders model and that this is not possible. 1056 01:17:43,410 --> 01:17:51,030 But I mean, unless you're super versed in the underlying mechanisms and have a thorough 1057 01:17:51,030 --> 01:17:55,070 understanding of them, we've heard that story before that it's just not possible until it 1058 01:17:55,070 --> 01:18:00,450 becomes possible. Yeah. I think this all comes down to like, it's come up over and over again, 1059 01:18:00,490 --> 01:18:06,570 but it's trade-offs. Because I think the, don't get me wrong. I'm not, I'm not trying to have a 1060 01:18:06,570 --> 01:18:07,810 Gerox E-Sign or Hero in the slightest. 1061 01:18:08,010 --> 01:18:09,710 But I think it's where you put your trust. 1062 01:18:09,770 --> 01:18:12,510 And do you trust Ledger and Trezor and CoinKite 1063 01:18:12,510 --> 01:18:16,390 or BitKey or whoever to build this in a more secure way 1064 01:18:16,390 --> 01:18:17,610 than you could yourself? 1065 01:18:17,930 --> 01:18:18,910 And there'll be a lot of people, 1066 01:18:19,050 --> 01:18:20,850 and I'd include myself in that, that would say, yeah. 1067 01:18:21,590 --> 01:18:25,370 But if you feel confident in yourself to go out, 1068 01:18:25,650 --> 01:18:27,090 verify everything, build this yourself, 1069 01:18:27,090 --> 01:18:30,810 then it seems like a worthwhile trade-off. 1070 01:18:30,930 --> 01:18:33,990 It's just the access to private keys, 1071 01:18:34,070 --> 01:18:36,070 it obviously can't be a spending wallet in that way. 1072 01:18:36,070 --> 01:18:36,870 I wouldn't imagine. 1073 01:18:37,550 --> 01:18:38,130 What do you mean? 1074 01:18:38,290 --> 01:18:40,650 You know, so I have a hardware wallet 1075 01:18:40,650 --> 01:18:42,050 that I use multiple times a month. 1076 01:18:42,130 --> 01:18:43,910 Like, I wouldn't want my private keys lying around 1077 01:18:43,910 --> 01:18:45,290 in the sense that I could access them 1078 01:18:45,290 --> 01:18:46,750 to send Bitcoin, you know, 1079 01:18:46,930 --> 01:18:48,150 10 times a month or whatever it is. 1080 01:18:48,190 --> 01:18:49,510 And in that particular use case, 1081 01:18:49,550 --> 01:18:51,490 I would argue that it's a fabulous use case 1082 01:18:51,490 --> 01:18:54,570 for a conventional retail hardware wallet 1083 01:18:54,570 --> 01:18:57,170 because you want the accessibility of the keys nearby. 1084 01:18:58,250 --> 01:19:00,250 You're not going to be storing your life savings on there. 1085 01:19:00,390 --> 01:19:03,570 So the trust trade-off makes sense 1086 01:19:03,570 --> 01:19:05,970 and you have the convenience of the access controls 1087 01:19:05,970 --> 01:19:10,490 in place on the device that are going to restrict, you know, if it does fall into someone's hands at 1088 01:19:10,490 --> 01:19:15,330 home, regardless of where you're keeping it, unless, you know, they have a knowledge of the 1089 01:19:15,330 --> 01:19:20,370 credentials that you put in place. I'm not going to argue with you that that's a perfectly valid 1090 01:19:20,370 --> 01:19:26,450 use case. Again, which is why we frame SeedSigner as this is for your long-term life savings, 1091 01:19:26,550 --> 01:19:31,510 the money you're going to hand down to your kids or that you're saving for something on the horizon. 1092 01:19:31,850 --> 01:19:34,530 That makes sense. Okay. So I interrupted you before you got to your third point there. 1093 01:19:34,530 --> 01:19:53,770 Yeah, yeah. So supply chain risk, trust. And I do want to say a little bit more about trust. You're trusting that they've implemented the secure modules or whatever's baked into their particular hardware device. You're trusting they've implemented that in a secure way, that there are no low-hanging fruit kind of exploits to it. 1094 01:19:53,770 --> 01:19:59,070 you're trusting that whatever firmware updates that they deliver are going to be authentic and 1095 01:19:59,070 --> 01:20:05,630 that no one has gotten access to the firmware signing keys that are associated with that company 1096 01:20:05,630 --> 01:20:11,230 because malicious firmware could be released and properly signed and it would still run on the 1097 01:20:11,230 --> 01:20:16,550 device and it could be released in such a way that no one knew it was compromised until months or 1098 01:20:16,550 --> 01:20:21,190 years later. Which is, I mean, then there's another reason to not necessarily rush to upgrade firmware 1099 01:20:21,190 --> 01:20:31,670 on any device. Yeah, 100%. And that's a good segue in terms of the trust that's baked into, 1100 01:20:35,090 --> 01:20:40,650 this trust is linked in with the third reason, privacy. So let's just say offhand, 1101 01:20:41,210 --> 01:20:45,130 most people who purchase a hard wallet probably do it the exact wrong way. 1102 01:20:45,450 --> 01:20:50,170 So they go to the manufacturer website or some sort of authorized reseller, 1103 01:20:50,170 --> 01:20:51,590 There's not a big problem with that. 1104 01:20:51,950 --> 01:20:56,190 But then when they order the device, they typically will enter. 1105 01:20:56,810 --> 01:20:57,930 A lot of people aren't sophisticated. 1106 01:20:58,170 --> 01:20:59,210 They'll use their real name. 1107 01:20:59,570 --> 01:21:00,950 They'll have it shipped to their home. 1108 01:21:01,510 --> 01:21:03,330 They'll enter payment information. 1109 01:21:04,450 --> 01:21:09,370 And they'll enter some sort of email address that's their regular email address. 1110 01:21:09,610 --> 01:21:20,150 And then when you give that information to the company, you're trusting that they'll behave responsibly with it and safeguard it, which we found not always the case. 1111 01:21:20,170 --> 01:21:25,430 especially with Ledger, but some of the other, not just hard to wallet companies, 1112 01:21:25,570 --> 01:21:28,590 but service providers have gotten themselves into trouble with this 1113 01:21:28,590 --> 01:21:33,690 because then the motivations of that company are to sell you as many devices 1114 01:21:33,690 --> 01:21:35,150 as they can sell you. 1115 01:21:35,290 --> 01:21:38,890 They're a for-profit company and that's just their natural inherent motivation. 1116 01:21:39,630 --> 01:21:41,970 So they're going to email you about firmware updates, 1117 01:21:42,150 --> 01:21:45,290 but they're also going to send you marketing emails about their latest products 1118 01:21:45,290 --> 01:21:51,830 and new features that they've implemented in the latest versions of their software 1119 01:21:51,830 --> 01:21:55,310 or trying to potentially point you to partners that they work with and this kind of stuff. 1120 01:21:55,710 --> 01:21:58,390 So you just don't know who that information is going to get handed off to. 1121 01:21:58,810 --> 01:22:04,890 And especially with the ledger disclosure that myself and a lot of others, 1122 01:22:05,490 --> 01:22:08,130 I mean, like people's real home addresses got out in there. 1123 01:22:08,130 --> 01:22:13,710 And there was trust in that company to keep your private details private. 1124 01:22:13,710 --> 01:22:17,390 So if you do buy a harder wallet, and I can acknowledge there are absolutely 1125 01:22:17,430 --> 01:22:20,130 some legitimate use cases for them, do it the right way. 1126 01:22:21,430 --> 01:22:26,870 Best case scenario is go to a Bitcoin conference or some other event and buy it from the vendor's booth. 1127 01:22:27,070 --> 01:22:33,850 So you can, in the easiest possible way, just hand cash over, buy it with Lightning and not have to provide any personal details whatsoever. 1128 01:22:34,210 --> 01:22:39,990 But if you do have to buy it through the mail, you know, consider using a disposal email address. 1129 01:22:40,670 --> 01:22:41,030 PO box. 1130 01:22:41,030 --> 01:22:48,370 right use a p.o box to have it shipped to buy with lightning or use some other enhanced you know 1131 01:22:48,370 --> 01:22:56,790 privacy with your wallet and um yeah do it in a more a more secure private way so 1132 01:22:56,790 --> 01:23:03,350 that's one element of the privacy issue the other aspect of harder wallets that i have 1133 01:23:03,350 --> 01:23:10,510 a challenge with is um a lot of them try to as the default if you get that device and you start 1134 01:23:10,510 --> 01:23:17,090 to set it up, a lot of them try to channel you into their companion app. So with Ledger, it's 1135 01:23:17,090 --> 01:23:24,150 Ledger Live. With Passport, I think it's Envoy. With Trezor, it's Trezor Suite. They all kind of 1136 01:23:24,150 --> 01:23:31,650 have their own thing. And first, from just a theoretical security perspective, that's just 1137 01:23:31,650 --> 01:23:36,170 bad practice because the company that makes the device and software that's interacting with your 1138 01:23:36,170 --> 01:23:40,510 private keys really shouldn't be the company that's also making the software that interacts 1139 01:23:40,510 --> 01:23:47,010 with the larger Bitcoin network and the internet itself. It's theoretical, but there is this 1140 01:23:47,010 --> 01:23:52,750 opportunity for collusion. If someone who has fingers in both of those different aspects of 1141 01:23:52,750 --> 01:23:58,930 the tech stack wanted to exploit something, enough said about that. But the other thing is, 1142 01:23:59,010 --> 01:24:02,430 and we've especially seen this with Ledger. The important thing to point out there, though, 1143 01:24:02,430 --> 01:24:05,090 is that you don't have to use Ledger Live or Trezor Suite 1144 01:24:05,090 --> 01:24:05,810 or any of these things. 1145 01:24:05,930 --> 01:24:07,890 You can go and use Wasabi Wallet or Sparrow 1146 01:24:07,890 --> 01:24:10,610 or any of the other completely separate desktop apps. 1147 01:24:10,690 --> 01:24:12,390 You don't have to, but as you've pointed out, 1148 01:24:12,430 --> 01:24:14,150 a lot of people are looking for that easy button. 1149 01:24:14,150 --> 01:24:16,890 They're going to do what the recommended workflow is. 1150 01:24:16,890 --> 01:24:19,610 I have no idea what the percentages would look like, 1151 01:24:19,670 --> 01:24:21,270 but I wouldn't be surprised if it was 90 plus percent. 1152 01:24:21,270 --> 01:24:25,250 Yeah, which is, you know, we as Bitcoiner should rail against that. 1153 01:24:25,890 --> 01:24:29,010 And then the other thing is, when you use something like Ledger Live, 1154 01:24:29,390 --> 01:24:30,870 and this is something that's been documented, 1155 01:24:30,870 --> 01:24:40,810 There's ways in which Ledger has sought to surveil balances and transactions, and they do the sharding thing with the private keys. 1156 01:24:42,050 --> 01:24:43,650 They don't do that by default, I don't think. 1157 01:24:44,510 --> 01:24:46,530 So I don't own a Ledger, so I can't. 1158 01:24:46,550 --> 01:24:56,810 But I have been told by multiple people that if you were using your Ledger with Ledger Live, you got to a point where you could not use the device anymore unless you updated the firmware. 1159 01:24:56,810 --> 01:25:02,830 and the update of the firmware included the new sharding feature. 1160 01:25:03,390 --> 01:25:05,830 Oh, interesting. I didn't think that was the case, but I actually don't know. 1161 01:25:05,830 --> 01:25:06,530 I apologize if I'm wrong. 1162 01:25:06,690 --> 01:25:08,250 I'll put something on screen if that's not correct. 1163 01:25:09,390 --> 01:25:09,990 Right, right, right. 1164 01:25:11,510 --> 01:25:18,290 But anyhow, I have to give props to CoinKite 1165 01:25:18,290 --> 01:25:21,870 in that they claim to delete customer information 1166 01:25:21,870 --> 01:25:26,030 even if people buy it the wrong way and give them personal information. 1167 01:25:26,030 --> 01:25:29,490 they claim to delete it. You're still trusting them to delete it, but at least they're- 1168 01:25:29,490 --> 01:25:33,390 You get the email saying it's been deleted, provably deleted things hard, but if you trust 1169 01:25:33,390 --> 01:25:37,410 the company, you can trust that. I don't hear any other companies making that noise. So I have to 1170 01:25:37,410 --> 01:25:42,110 give them props for that. And I also have to give CoinCut honestly props for they haven't to date 1171 01:25:42,110 --> 01:25:49,590 produced a companion app. Whereas all of the other big wallet companies appear to have. So 1172 01:25:49,590 --> 01:25:55,710 I always said for a long time, if I had to use a harder wallet, if SeedCenter wasn't a thing, 1173 01:25:56,030 --> 01:26:04,990 it would be a cold card or a CoinKite product. So yeah, props to them for those decisions. 1174 01:26:04,990 --> 01:26:10,510 Yeah, they, I mean, MBK is great. I know you guys don't necessarily get along, but 1175 01:26:10,510 --> 01:26:15,310 he's built some cool stuff. They've actually, they've just brought in a couple of new features. 1176 01:26:15,310 --> 01:26:21,150 I don't know if you've seen this, but you now can use like a traditional authenticator with your 1177 01:26:21,150 --> 01:26:25,790 cold card. Oh, like a YubiKey or something? Or yeah, or like an authenticator on your phone. 1178 01:26:25,790 --> 01:26:27,290 which I think is quite cool. 1179 01:26:28,110 --> 01:26:30,290 And as far as I know, 1180 01:26:30,350 --> 01:26:31,930 I actually don't 100% know how this works, 1181 01:26:32,010 --> 01:26:36,070 but I can only assume that if you lose access 1182 01:26:36,070 --> 01:26:36,770 to that authenticator, 1183 01:26:36,810 --> 01:26:38,550 you can just restore the wallet from the seed 1184 01:26:38,550 --> 01:26:39,770 and that won't be the case. 1185 01:26:39,850 --> 01:26:41,190 But I think that's kind of an interesting 1186 01:26:41,190 --> 01:26:42,730 additional security feature. 1187 01:26:43,830 --> 01:26:45,990 Yeah, I wouldn't argue with that. 1188 01:26:46,090 --> 01:26:49,930 I think if I'm going to critique Coldcard 1189 01:26:49,930 --> 01:26:51,170 where they get themselves into trouble 1190 01:26:51,170 --> 01:26:53,190 is sometimes that feature creep 1191 01:26:53,190 --> 01:26:56,410 that unless you're a sophisticated Bitcoin 1192 01:26:56,410 --> 01:27:00,210 and you truly understand the features that you're using. 1193 01:27:01,450 --> 01:27:05,130 Like there's a guy in our Telegram chat for SeedSigner 1194 01:27:05,130 --> 01:27:10,390 who was using, I think BIP85 is the one I'm thinking of 1195 01:27:10,390 --> 01:27:13,230 where you can create child keys from a parent key. 1196 01:27:13,810 --> 01:27:16,390 And they, you know, one night they were setting some, 1197 01:27:16,590 --> 01:27:18,390 working on their Bitcoin setup 1198 01:27:18,390 --> 01:27:25,150 and got two generations deep into BIP85 derivation 1199 01:27:25,150 --> 01:27:31,030 and they were doing not just the first child, 1200 01:27:31,190 --> 01:27:34,850 but some subsequent child derivation 1201 01:27:34,850 --> 01:27:37,130 and somehow locked themselves out of their Bitcoin. 1202 01:27:37,450 --> 01:27:42,130 So I think keeping it simple, yeah, there's... 1203 01:27:42,810 --> 01:27:43,750 I agree with that. 1204 01:27:43,830 --> 01:27:45,210 I don't think that's CoinKite's fault. 1205 01:27:45,210 --> 01:27:47,450 I think it's cool that they give you access 1206 01:27:47,450 --> 01:27:49,310 to as many advanced features as possible. 1207 01:27:50,110 --> 01:27:52,410 People just need to be aware of what they're actually doing. 1208 01:27:52,530 --> 01:27:53,790 And they do hide a lot of those features 1209 01:27:53,790 --> 01:27:54,850 in the advanced settings. 1210 01:27:55,090 --> 01:27:59,010 I think there's, like, you have to be careful with guardrails. 1211 01:27:59,250 --> 01:28:00,790 Like, where I was talking about before, 1212 01:28:01,330 --> 01:28:03,630 where someone, you know, rolled the dice five times 1213 01:28:03,630 --> 01:28:07,270 and set up a wallet with that, that was on a cold card. 1214 01:28:07,430 --> 01:28:07,590 Yeah. 1215 01:28:07,870 --> 01:28:10,130 And so you can give people a lot of power, 1216 01:28:10,190 --> 01:28:12,410 but I also think there's, you know, it would be, 1217 01:28:12,410 --> 01:28:15,250 It's very simple to require a minimum number of roles 1218 01:28:15,250 --> 01:28:16,670 that would prevent that from happening. 1219 01:28:17,210 --> 01:28:20,470 And you can say, the person has to know what they're doing. 1220 01:28:20,550 --> 01:28:25,110 But at the same time, as someone who is architecting that device, 1221 01:28:25,370 --> 01:28:28,590 you also can put some reasonable guardrails in place 1222 01:28:28,590 --> 01:28:32,370 to help people out if they come to own themselves. 1223 01:28:32,370 --> 01:28:33,590 I obviously can't speak for MVK, 1224 01:28:33,690 --> 01:28:36,910 but I'm pretty sure he's said numerous times 1225 01:28:36,910 --> 01:28:38,630 that these features aren't for everyone. 1226 01:28:38,990 --> 01:28:41,390 Maybe don't use them unless you absolutely know 1227 01:28:41,390 --> 01:28:42,310 what you're getting yourself into. 1228 01:28:43,470 --> 01:28:46,070 I mean, this is cypherpunk technology, right? 1229 01:28:46,070 --> 01:28:48,430 I think people should be able to do everything possible 1230 01:28:48,430 --> 01:28:49,230 if they want to. 1231 01:28:50,430 --> 01:28:53,630 And understand that, in general, for most people, 1232 01:28:53,730 --> 01:28:55,750 just keeping things simple is the best way of doing it. 1233 01:28:57,130 --> 01:29:12,528 Simple well we have different versions of simple Like simple in bitkey or simple in terms of I personally think I mean like if you using a cold card like just understand where your technical limits are You should know the consequence of every action you take on it And sometimes 1234 01:29:12,528 --> 01:29:16,688 like things like creating your own entropy with dice rolls might be to advance some people and 1235 01:29:16,688 --> 01:29:22,708 just know what you're getting yourself into. Right. Yeah. It's, there's a balance, I think. 1236 01:29:22,708 --> 01:29:33,728 there's a balance. Yeah, there's a balance. I don't want to get into too much nanny stuff 1237 01:29:33,728 --> 01:29:39,428 because I do believe that people should have the freedom to burn their hand on the stove. 1238 01:29:39,848 --> 01:29:43,148 Yeah. I mean, it's the best way of learning, that's for sure. 1239 01:29:43,148 --> 01:29:50,648 Yeah. Painful as it is sometimes. Okay. So with Seed Siner, what do you want people to know about 1240 01:29:50,648 --> 01:30:03,288 it. So SeedSigner, again, DIY cold storage. The kind of secret sauce of SeedSigner is that we take 1241 01:30:03,288 --> 01:30:11,608 a very careful selection of hardware components and then a very kind of thoughtful selection of 1242 01:30:11,608 --> 01:30:20,828 software features to create a highly secure system using very inexpensive off-the-shelf 1243 01:30:20,828 --> 01:30:21,828 components. 1244 01:30:21,828 --> 01:30:24,048 Do you have the components? 1245 01:30:24,048 --> 01:30:25,048 Can I see them? 1246 01:30:25,048 --> 01:30:26,048 I do. 1247 01:30:26,048 --> 01:30:33,848 So I have some assembled here and then I have the components I can kind of just show you. 1248 01:30:33,848 --> 01:30:36,548 The version I got looked nothing like the ones you have here. 1249 01:30:36,548 --> 01:30:49,308 Well, that's another part of the beauty of open source is that they're all kind of the same skin or the same core components with different skin around them. 1250 01:30:50,448 --> 01:30:53,968 So that is just the simple display screen and buttons. 1251 01:30:56,188 --> 01:30:56,808 It's funny. 1252 01:30:56,888 --> 01:30:59,668 The guy who gave me, I mean, first of all, shout out. 1253 01:30:59,948 --> 01:31:01,108 I don't know if he's private. 1254 01:31:01,108 --> 01:31:04,048 I'm curious to know who gifted you a seed sign. 1255 01:31:04,048 --> 01:31:06,848 I don't know if he's private, so I wouldn't want to necessarily say. 1256 01:31:07,468 --> 01:31:10,348 But the reason that I wouldn't use it, though, 1257 01:31:10,348 --> 01:31:12,448 is because it was the first time I'd met him. 1258 01:31:12,548 --> 01:31:13,608 I'm sure he's a lovely person. 1259 01:31:13,688 --> 01:31:16,128 I have no malintent, but it makes me a little bit nervous 1260 01:31:16,128 --> 01:31:17,148 to use anything like that. 1261 01:31:17,888 --> 01:31:19,588 Maybe I should just play around with it with a little bit. 1262 01:31:19,848 --> 01:31:22,648 I mean, just as a matter of, like, I'm curious 1263 01:31:22,648 --> 01:31:24,288 and open to learning about this. 1264 01:31:24,528 --> 01:31:25,208 It would be a good test. 1265 01:31:25,208 --> 01:31:26,928 I'll put some Bitcoin on there and see if he robs me. 1266 01:31:29,148 --> 01:31:31,468 But anyhow, the components you have there are, 1267 01:31:31,468 --> 01:31:35,428 That's just a simple Raspberry Pi compatible camera. 1268 01:31:36,228 --> 01:31:43,668 There's the Raspberry Pi, the green board that you're holding in your hands, which is a very specific version of Raspberry Pi called a 1.3. 1269 01:31:43,888 --> 01:31:49,008 And all that designation means is that it doesn't have wireless communication capability baked into it. 1270 01:31:49,188 --> 01:31:51,828 So no Wi-Fi, no Bluetooth, no NFC. 1271 01:31:52,308 --> 01:31:56,928 And then the display hat on it is just how you interact with the device. 1272 01:31:56,928 --> 01:32:03,288 the usb ports on there one of those ports which with most of the enclosures is the port that we 1273 01:32:03,288 --> 01:32:09,968 leave exposed is hardwired for power only so you could even plug it into your laptop and have 1274 01:32:09,968 --> 01:32:15,068 assurance that it's not leaking any information because data can't even travel through that port 1275 01:32:15,068 --> 01:32:24,048 um but so it's this very simple very isolated private little environment where the only way 1276 01:32:24,048 --> 01:32:27,928 that it can receive input from the outside world 1277 01:32:27,928 --> 01:32:31,088 is through the camera and then the buttons on the front of it. 1278 01:32:31,168 --> 01:32:33,888 And the only way it can output data to the world 1279 01:32:33,888 --> 01:32:34,688 is through the screen. 1280 01:32:35,168 --> 01:32:40,348 So it creates this very naturally constrained protocol 1281 01:32:40,348 --> 01:32:43,008 by which you can move data in and out of it, 1282 01:32:43,368 --> 01:32:44,968 which is intentionally so, 1283 01:32:45,288 --> 01:32:48,368 because it would be really challenging 1284 01:32:48,368 --> 01:32:52,088 to move enough data to execute some sort of exploit 1285 01:32:52,088 --> 01:32:53,388 if you're doing it with QR codes. 1286 01:32:53,388 --> 01:32:55,588 You just can't pack a lot of binary data into them. 1287 01:32:56,008 --> 01:33:00,088 So that's a natural part of the kind of almost friction of the device. 1288 01:33:00,528 --> 01:33:03,368 It forces you to slow down and think about what you're doing. 1289 01:33:04,848 --> 01:33:06,388 And if I received... 1290 01:33:06,388 --> 01:33:07,648 Okay, cool. 1291 01:33:07,788 --> 01:33:09,288 If I received this from you, 1292 01:33:09,488 --> 01:33:13,788 like looking at it, apart from comparing it to another one, 1293 01:33:14,208 --> 01:33:18,708 like the only way to know this hasn't been tampered with 1294 01:33:18,708 --> 01:33:19,728 is by comparing it to another one. 1295 01:33:19,768 --> 01:33:20,268 Is that correct? 1296 01:33:20,428 --> 01:33:20,748 Right. 1297 01:33:21,168 --> 01:33:22,028 For me, that's... 1298 01:33:22,028 --> 01:33:22,608 At least physically. 1299 01:33:22,608 --> 01:33:40,228 The bar is pretty high to add some sort of hidden or undesirable functionality on that device without changing the way it looks in some way, like adding an additional module or something would be out of place. And it's a very simple board with a minimal amount of firmware on it. 1300 01:33:40,708 --> 01:33:42,848 So that's relatively trivial. 1301 01:33:43,188 --> 01:33:43,368 Right. 1302 01:33:44,048 --> 01:33:47,648 And then this, I assume here, the SD card runs the firmware. 1303 01:33:47,968 --> 01:33:49,228 The SD card runs the firmware. 1304 01:33:49,368 --> 01:33:50,128 Which you load yourself. 1305 01:33:50,128 --> 01:33:57,048 To be precise with the language, it's a combination of firmware and software. 1306 01:33:57,248 --> 01:34:01,728 So running on that device, it's basically a small handheld single board computer. 1307 01:34:02,308 --> 01:34:12,008 You've heard how some core developers have talked about, people are initially going to think of Luke, of course, 1308 01:34:12,168 --> 01:34:14,888 but people talk about, I wouldn't use a hardware wallet. 1309 01:34:14,888 --> 01:34:23,628 I would just have a Linux laptop that I have removed the communications, the wireless communications capability from, and I would just keep that in a safe. 1310 01:34:24,208 --> 01:34:31,028 This is kind of a version of that because it's a simple handheld computer that we're using it in such a way that it doesn't remember anything. 1311 01:34:31,228 --> 01:34:34,448 So there's high-level firmware and software on the memory card. 1312 01:34:34,668 --> 01:34:39,228 When you apply power to it, you turn it on. 1313 01:34:39,228 --> 01:34:41,608 and then as soon as the user interface comes up, 1314 01:34:41,648 --> 01:34:43,808 you can actually remove the micro SD card 1315 01:34:43,808 --> 01:34:45,048 because as I said before, 1316 01:34:45,608 --> 01:34:47,488 all the software and firmware is running in RAM. 1317 01:34:48,108 --> 01:34:49,848 Okay, so everything's loaded as soon as you turn it on 1318 01:34:49,848 --> 01:34:50,488 and then you can take that out. 1319 01:34:50,528 --> 01:34:51,648 You remove the memory card 1320 01:34:51,648 --> 01:34:53,128 so you can have that additional assurance. 1321 01:34:53,728 --> 01:34:55,508 Of course, our software doesn't run anything 1322 01:34:55,508 --> 01:34:57,568 but settings information to the memory card. 1323 01:34:57,868 --> 01:34:59,268 But because you're physically removing it, 1324 01:34:59,288 --> 01:35:00,248 you're going to have that assurance 1325 01:35:00,248 --> 01:35:03,788 that my seeds aren't somehow being leaked onto this thing. 1326 01:35:05,388 --> 01:35:07,608 And at some point, I should probably talk about like, 1327 01:35:07,608 --> 01:35:14,688 there's probably four target audiences for seed signer in terms of the type of bitcoiners 1328 01:35:14,688 --> 01:35:21,268 who it makes sense for because i i'll grant you like it's not for everybody um and it's probably 1329 01:35:21,268 --> 01:35:28,868 not even for most people but um one group is just geeks like me people who like to build and tinker 1330 01:35:28,868 --> 01:35:34,628 with things people who might want to experiment with a new feature or a new you know aspect of 1331 01:35:34,628 --> 01:35:37,128 the protocol and they're savvy enough to be able, 1332 01:35:37,128 --> 01:35:39,708 our code is highly, 1333 01:35:41,248 --> 01:35:43,628 most of our app level code is written in Python 1334 01:35:43,628 --> 01:35:45,448 and it's a very simple language to work with. 1335 01:35:45,448 --> 01:36:00,945 So you can prototype things and there are there are other forks of our project that implement different features that we choose not to implement So it a device that you can play with if you a technologist kind of person 1336 01:36:02,705 --> 01:36:08,105 Second would be people who live in parts of the world that are less free. 1337 01:36:08,845 --> 01:36:14,065 And that for whatever reason, like in Russia right now because of the Ukraine war, 1338 01:36:14,065 --> 01:36:20,345 because most of the hardware wallets come from countries that are associated with the West 1339 01:36:20,345 --> 01:36:25,945 that are, you know, manufacture and ship them. It's really hard to get a hardware wallet in Russia 1340 01:36:25,945 --> 01:36:31,185 right now. But I'm in contact with people there who can get the parts to build a seed signer. 1341 01:36:31,685 --> 01:36:37,605 And there are some number of Bitcoiners who really like seed signer and use it because they 1342 01:36:37,605 --> 01:36:41,605 don't have access to commercial hardware wallets. In other parts of the world, 1343 01:36:43,245 --> 01:36:45,925 let's say, and I've been in contact 1344 01:36:45,925 --> 01:36:49,645 with Bitcoiners in Iran. There's a Bitcoiner called Zia Sadir, 1345 01:36:49,765 --> 01:36:53,645 who is in the custody of the Iranian regime, and he's, I think, 1346 01:36:53,685 --> 01:36:57,285 in exile now. Bitcoiners in that part of the world 1347 01:36:57,285 --> 01:37:01,565 may not even have access just because of commercial restrictions to hardware wallets. Or 1348 01:37:01,565 --> 01:37:04,705 if you wanted to get a hardware wallet, you'd have to buy it from a black market source. 1349 01:37:04,705 --> 01:37:06,985 And you really can't verify what you're getting. 1350 01:37:06,985 --> 01:37:10,745 Which is really not the way you want to buy a security-critical piece of hardware. 1351 01:37:11,405 --> 01:37:16,345 And then in some place like China, where hardware wallets are legal, you can get them. 1352 01:37:17,065 --> 01:37:21,705 But if you're going to buy one through the mail, it's like... 1353 01:37:22,925 --> 01:37:25,825 Mail is routinely searched, as I understand it, in China. 1354 01:37:25,965 --> 01:37:31,045 And you're not worried about the Chinese Communist Party coming and taking you to the gulag because you're using Bitcoin. 1355 01:37:31,045 --> 01:37:37,685 there you're more worried about um so i've been told local police departments that are 1356 01:37:37,685 --> 01:37:42,585 to some degrees corrupt yeah and might know that you're using bitcoin because you ordered 1357 01:37:42,585 --> 01:37:47,765 a trezor in the in the mail or something and with that information they would come to you and try to 1358 01:37:47,765 --> 01:37:52,205 invent some sort of crime that you committed to try and shake you down to seizure bitcoin so 1359 01:37:52,205 --> 01:37:58,925 seed center allows you to have you know secure bitcoin cold storage with parts that are not you 1360 01:37:58,925 --> 01:38:08,165 If you order these parts, you could be building a mini retro gaming console, or you could be doing any one of other sort of DIY software projects. 1361 01:38:08,965 --> 01:38:14,765 So it helps people who can't get access to hardware wallets or who, for whatever reason, are trying to fly under the radar. 1362 01:38:16,005 --> 01:38:17,545 So that's like group two. 1363 01:38:17,545 --> 01:38:33,145 And then group three, I would say, are people who are really concerned with, as I've already talked about, the amount of trust that goes into using a retail hardware wallet. 1364 01:38:33,705 --> 01:38:35,405 Maybe we're wired a little bit differently. 1365 01:38:35,565 --> 01:38:40,545 Maybe we're freedom and sovereignty maximalists or whatever, tinfoil hat types or whatever. 1366 01:38:40,545 --> 01:38:47,005 whatever, but the model of using a seed signer, the mental model of understanding what the 1367 01:38:47,005 --> 01:38:53,685 components do is something that once you've learned it, for whatever reason, it's very 1368 01:38:53,685 --> 01:38:59,065 grokkable for people. With hardware wallets, there's this, because they've created the easy 1369 01:38:59,065 --> 01:39:07,765 button, you don't really understand what is going on behind the curtain, so to speak. So I've heard 1370 01:39:07,765 --> 01:39:11,845 this from multiple people to where when they're looking to make a spend using their hardware wallet 1371 01:39:11,845 --> 01:39:16,945 and they set the transaction up, they've entered the recipient address in and the fee and the amount 1372 01:39:16,945 --> 01:39:21,505 they're going to send and everything. Right before they click the send button, there's this 1373 01:39:21,505 --> 01:39:25,445 apprehension because they don't know what they're going to do if it doesn't work. 1374 01:39:26,485 --> 01:39:30,185 Because they don't have confidence that they understand what's happening under the hood 1375 01:39:30,185 --> 01:39:35,745 or that they would be able to reconstitute their wallet and get access to their funds if they were 1376 01:39:35,745 --> 01:39:39,485 just had the source material, the seed words in their hands. 1377 01:39:40,065 --> 01:39:46,885 With SeedCenter, the way we take you through the process of setting up a Bitcoin wallet, 1378 01:39:47,605 --> 01:39:51,745 and because every time you make a spend, you are dealing with the seed material, 1379 01:39:52,105 --> 01:39:56,725 you have a much higher understanding of what the process looks like. 1380 01:39:56,725 --> 01:40:00,585 And if something were to go wrong with your laptop where you had Sparrow, 1381 01:40:01,145 --> 01:40:04,485 or if you're using Nunchuck or Blue Wallet on your phone, 1382 01:40:04,485 --> 01:40:06,805 and your phone, you dropped it in the pool 1383 01:40:06,805 --> 01:40:08,765 or it got stolen from you on the street or whatever, 1384 01:40:09,325 --> 01:40:11,245 you have just a higher degree of confidence 1385 01:40:11,245 --> 01:40:14,745 that with the key material and your wallet backup, 1386 01:40:15,425 --> 01:40:18,285 you'd have access to your funds much more quickly. 1387 01:40:18,985 --> 01:40:20,085 That makes sense. 1388 01:40:20,565 --> 01:40:21,245 I think this is cool. 1389 01:40:21,825 --> 01:40:23,965 I need to have a play around with the one I've got 1390 01:40:23,965 --> 01:40:26,265 and see what I think of it. 1391 01:40:26,945 --> 01:40:29,605 Like I say, what I don't want this to sound like 1392 01:40:29,605 --> 01:40:32,985 is an attack on hard all this. 1393 01:40:33,045 --> 01:40:34,445 Because I think, like you say, 1394 01:40:34,485 --> 01:40:36,525 I can understand why someone would want to use this. 1395 01:40:36,625 --> 01:40:37,485 I can understand the reasoning. 1396 01:40:38,045 --> 01:40:41,925 I think the audience is not everyone. 1397 01:40:42,085 --> 01:40:42,945 It's not every Bitcoiner. 1398 01:40:43,045 --> 01:40:44,725 And I think people should still feel confident 1399 01:40:44,725 --> 01:40:45,665 in using hardware wallets. 1400 01:40:45,725 --> 01:40:46,985 So I don't want anyone to go away from this, 1401 01:40:47,045 --> 01:40:48,785 like freaking out that their hardware wallet's compromised. 1402 01:40:50,085 --> 01:40:51,625 But it's a cool project. 1403 01:40:52,185 --> 01:40:54,965 And I would, just to push back on that a little bit, 1404 01:40:56,165 --> 01:40:59,405 because I don't want to deter people from solutions 1405 01:40:59,405 --> 01:41:01,085 that could potentially do them good. 1406 01:41:01,085 --> 01:41:08,405 But I would encourage people just to go into that relationship of purchasing a hardware wallet and using it because that's what it is. 1407 01:41:08,425 --> 01:41:09,065 It's a relationship. 1408 01:41:09,865 --> 01:41:21,725 Be skeptical and go into that with your eyes open and think around the corner as to the implications of some of the information you're sharing or the trust you're putting in a firmware update or any of that kind of stuff. 1409 01:41:23,005 --> 01:41:25,805 Just trust, don't verify. 1410 01:41:26,025 --> 01:41:27,665 We talk about that in Bitcoin, I think, right? 1411 01:41:28,205 --> 01:41:28,645 Absolutely. 1412 01:41:29,165 --> 01:41:29,725 Trust, don't. 1413 01:41:29,725 --> 01:41:29,905 No. 1414 01:41:29,905 --> 01:41:30,905 Don't trust, verify. 1415 01:41:31,085 --> 01:41:34,145 We do talk about that in Bitcoin. 1416 01:41:35,365 --> 01:41:39,305 I think the key theme of this interview is probably it's just all trade-offs. 1417 01:41:39,405 --> 01:41:40,565 Figure out what works for you best. 1418 01:41:40,925 --> 01:41:45,805 You should think adversarially and make your own decision on this stuff. 1419 01:41:46,065 --> 01:41:47,345 But this has been cool. 1420 01:41:47,405 --> 01:41:49,585 Anything we didn't talk about that you want to? 1421 01:41:49,585 --> 01:42:02,465 um i i one kind of aspect that's sort of squishy is uh just my experience with seed signer and 1422 01:42:02,465 --> 01:42:07,725 being the lead and the facilitator of an open source software project and experiencing 1423 01:42:07,725 --> 01:42:16,105 kind of this as a community driven uh project of how i referenced before as i started out 1424 01:42:16,105 --> 01:42:22,885 early on, not being a coder and writing this horrible code, but producing enough of a proof 1425 01:42:22,885 --> 01:42:29,825 of concept that other people stepped in and built it, it has just been, for me, super 1426 01:42:29,825 --> 01:42:45,763 satisfying to interact with Bitcoiners in that kind of way building something together that provides real value and something that because we have to have different strokes for different folks We have to have tools for 1427 01:42:45,763 --> 01:42:53,723 everybody. And we don't want to have a Bitcoin ecosystem where we only have just one thing, 1428 01:42:53,783 --> 01:42:57,883 not the other. We don't want everything to be a DIY. And we don't want everything to be just, 1429 01:42:57,883 --> 01:43:01,663 you know, commercial and retail solutions that are available. So we serve, 1430 01:43:01,663 --> 01:43:08,223 Seed Center serves as this ideological counterbalance to some of the other things, not just 1431 01:43:08,223 --> 01:43:12,623 hardware wallet boogeyman, but just in terms of what if there was some sort of 1432 01:43:13,503 --> 01:43:21,383 aggressive nation state maneuver to co-opt Bitcoiners and attempt to maybe not go full 1433 01:43:21,383 --> 01:43:27,203 out 6102 and seize Bitcoin, but to try to just start to encourage people to register 1434 01:43:27,203 --> 01:43:30,323 and declare whatever amount of Bitcoin that they own. 1435 01:43:31,163 --> 01:43:33,903 It's been important to me to be involved in something 1436 01:43:33,903 --> 01:43:38,023 that kind of is a bulwark to tyranny 1437 01:43:38,023 --> 01:43:39,843 and pushes back at all of that. 1438 01:43:39,923 --> 01:43:43,903 And just the camaraderie of, I would be remiss 1439 01:43:43,903 --> 01:43:46,023 if I did not give shout-outs to some of the people 1440 01:43:46,023 --> 01:43:49,303 that have helped build SeedSigner to what it is. 1441 01:43:49,623 --> 01:43:50,983 Like our lead maintainer, 1442 01:43:51,243 --> 01:43:54,283 who was the first external contributor to SeedSigner, 1443 01:43:54,403 --> 01:43:55,423 and I love how he found it. 1444 01:43:55,423 --> 01:44:08,983 Like I, when I made this proof of concept and I'm all on Twitter, like posting videos of how it works and, you know, the richness of the concept or whatever, like he just goes on to GitHub and searches Bitcoin wallet and is not active on social media. 1445 01:44:08,983 --> 01:44:24,343 And that's how he found our project and started contributing to it, to our lead software developer who's called Keith Mukai, who's a good friend of mine as well, who I mentioned before is the one who his initial open source. 1446 01:44:25,423 --> 01:44:29,783 contributions were to Spectre Desktop and integrating harder wallet support into Spectre 1447 01:44:29,783 --> 01:44:34,623 Desktop because it didn't exist. And he was a technical guy and wanted to have it there. And 1448 01:44:34,623 --> 01:44:43,503 so he just stepped up and built it. And then I mentioned people who saw that initial presentation 1449 01:44:43,503 --> 01:44:51,963 I made at Bitcoin Miami. There's an amazing UI UX designer. He's a NIMH who goes by Easy or Easy 1450 01:44:51,963 --> 01:44:57,863 UXD. And he was one of the people that saw that first presentation and then circled around 1451 01:44:57,863 --> 01:45:08,283 and contacted me. And his daytime job is a UI UX designer for, I don't want to give the field he 1452 01:45:08,283 --> 01:45:14,103 works in, but he works on a national level with products that millions of people have their hands 1453 01:45:14,103 --> 01:45:20,863 on. And in his spare time, with no expectation of financial reward, has leaned into Seed Signer 1454 01:45:20,863 --> 01:45:26,283 and really turned it from this clunky thing that feels like an almost DOS-like interface 1455 01:45:26,283 --> 01:45:31,203 to once you build it, it's kind of one of those, the sum is greater than the parts kind of thing 1456 01:45:31,203 --> 01:45:33,063 because of the magic and the software and the UI. 1457 01:45:33,203 --> 01:45:37,063 We really have a first-class UI if you haven't worked with a seed signer. 1458 01:45:37,123 --> 01:45:41,523 After you've built one, it feels more like something you've bought than what you've built. 1459 01:45:41,523 --> 01:45:50,143 And that's feedback that I consistently get from people all the time is just the beauty of the UI, 1460 01:45:50,143 --> 01:45:55,303 the simplicity of it, the graphic-driven nature of it. And we've really put a lot of thought into 1461 01:45:55,303 --> 01:46:02,023 the decision tree of using a seed signer in terms of what we give access to and what we, 1462 01:46:02,283 --> 01:46:08,263 as you talked about with CoinKite, what you kind of hide and make available under advanced settings. 1463 01:46:08,343 --> 01:46:15,803 But we really try to pare down the decision tree and make it to where using the device is as much 1464 01:46:15,803 --> 01:46:19,963 of a process of securing your Bitcoin is, you know, when you're initially using it, it's also 1465 01:46:19,963 --> 01:46:26,583 an education process because it teaches you how to, you know, how you collect entropy to create a 1466 01:46:26,583 --> 01:46:31,723 private key and then how you create the public version of that private key that you need to set 1467 01:46:31,723 --> 01:46:37,423 up a wallet. And then when you import a partially signed Bitcoin transaction, what the elements of 1468 01:46:37,423 --> 01:46:42,243 that are and what you need to pay attention to to verify that your coordinator's not trying to 1469 01:46:42,243 --> 01:46:48,003 tricky when you're doing something you don't want to do. So I'd just encourage anybody who hasn't 1470 01:46:48,003 --> 01:46:56,683 used one, SeatSigners is a grassroots thing. And that's okay, because it's generally passed along 1471 01:46:56,683 --> 01:47:01,723 from one Bitcoin or to another, primarily at meetups. And it's like you, people who build one 1472 01:47:01,723 --> 01:47:06,963 and use it get so excited about it, that they want to build one and give it to a random podcaster 1473 01:47:06,963 --> 01:47:12,163 that they've never met before. Like it's just, it's one of those very Bitcoin-y Bitcoin things 1474 01:47:12,163 --> 01:47:13,883 that you get excited about. 1475 01:47:14,583 --> 01:47:16,623 So I'd encourage people to, 1476 01:47:17,163 --> 01:47:18,823 maybe it doesn't end up being 1477 01:47:18,823 --> 01:47:20,763 your go-to cold storage device. 1478 01:47:20,903 --> 01:47:22,143 Maybe you keep using harder wallets 1479 01:47:22,143 --> 01:47:23,303 and that's totally fine. 1480 01:47:24,823 --> 01:47:26,163 But if one day you wake up 1481 01:47:26,163 --> 01:47:27,743 and you plug in your harder wallet 1482 01:47:27,743 --> 01:47:28,463 and it says Bricked, 1483 01:47:29,123 --> 01:47:30,143 you're going to be super glad 1484 01:47:30,143 --> 01:47:31,203 you have that seed tower around 1485 01:47:31,203 --> 01:47:32,583 that you can type your seed words into 1486 01:47:32,583 --> 01:47:34,143 and prove you have access to your funds. 1487 01:47:35,603 --> 01:47:36,283 So yeah. 1488 01:47:36,823 --> 01:47:37,203 Very cool. 1489 01:47:37,343 --> 01:47:38,763 I mean, Bitcoin is building things 1490 01:47:38,763 --> 01:47:39,563 is always good. 1491 01:47:39,963 --> 01:47:41,403 So where do you want to send anyone 1492 01:47:41,403 --> 01:47:44,163 to find you on Twitter or find out more about SeedSigner, 1493 01:47:44,283 --> 01:47:45,503 contribute to the project, anything? 1494 01:47:45,843 --> 01:47:49,503 Yeah. No, just at SeedSigner on Twitter 1495 01:47:49,503 --> 01:47:52,283 is kind of our marquee social media presence. 1496 01:47:52,463 --> 01:47:53,463 We're on Noster as well. 1497 01:47:53,963 --> 01:47:57,163 And you can find a verified SeedSigner account on Noster. 1498 01:47:58,623 --> 01:47:59,743 SeedSigner.com. 1499 01:47:59,843 --> 01:48:04,963 Please don't go to ne.edu.variance, just SeedSigner.com. 1500 01:48:05,683 --> 01:48:08,123 And from there, you can find a link to the GitHub repo, 1501 01:48:08,123 --> 01:48:10,563 which is where we provide documentation. 1502 01:48:11,303 --> 01:48:22,743 We've also, within the GitHub repo, I've written an independent custody guide that kind of explains in probably a much better well-thought-out format some of the issues that we've been talking about throughout this conversation. 1503 01:48:22,743 --> 01:48:27,223 It lays it all out in terms of making a case for our vision of cold storage. 1504 01:48:27,223 --> 01:48:35,303 yeah through the and we also have on the dot com website a link to all sorts of explainer videos 1505 01:48:35,303 --> 01:48:42,863 made from everyone from bcc sessions to all sorts of other people who do educational bitcoin content 1506 01:48:42,863 --> 01:48:49,803 in a variety of languages that feature seed signer and explain the value of one and how to use it how 1507 01:48:49,803 --> 01:48:53,723 to build one how to set it up and all that kind of stuff yeah i can i've not seen it but i can be 1508 01:48:53,723 --> 01:48:57,703 almost positive that sessions setup video is probably the best one out there. 1509 01:48:57,703 --> 01:49:01,363 He just did a refreshed one within the last couple of months. 1510 01:49:01,883 --> 01:49:02,363 So, yeah. 1511 01:49:02,463 --> 01:49:02,643 Nice. 1512 01:49:02,903 --> 01:49:03,863 Well, thank you for this. 1513 01:49:03,883 --> 01:49:04,423 It's been great. 1514 01:49:04,823 --> 01:49:05,583 Appreciate the time. 1515 01:49:06,543 --> 01:49:06,663 Yeah. 1516 01:49:07,243 --> 01:49:07,943 Appreciate the invite. 1517 01:49:08,083 --> 01:49:08,483 Thanks so much. 1518 01:49:08,543 --> 01:49:09,183 No, thank you. 1519 01:49:23,723 --> 01:49:53,703 Thank you.