NVK and I are joined by Ledger CTO, Charles Guillemet, independent security researcher, Lazy Ninja, and Sparrow maintainer, Craig Raw to discuss bitcoin wallets.
- 45:22 Support requests
- 01:03:12 Noob vs advanced user features
- 01:06:42 Most common attack vectors
- 01:11:32 Backup and seeds
- 01:12:29 Seedless multisig setups
- 01:21:49 Single sig passphrases
- 01:26:30 Security tradeoffs and considerations
- 01:31:41 Air gapped PC vs hardware wallets
- 01:40:28 SD card vs USB connection
- 01:48:26 BIPs and standards
- 01:49:16 BIP Proposal: Wallet Labels Export Format
- 01:58:146 The BIP process
- 02:03:42 TAPSGINER design and security tradeoffs
- 02:19:25 Squares new hardware wallet
- 02:40:00 Defending against government attacks
------
support dispatch: https://citadeldispatch.com/contribute
twitch: https://twitch.tv/citadeldispatch
youtube: https://www.youtube.com/channel/UCoA72saVAuQ8hYCnBO0Lymw
bitcointv: https://bitcointv.com/video-channels/citadeldispatch/videos
podcast: https://www.podpage.com/citadeldispatch
telegram: https://t.me/citadeldispatch
stream sats to the show: https://www.fountain.fm/
join the chat: https://matrix.to/#/#citadel:bitcoin.kyoto
[00:00:04]
Unknown:
Hello, and welcome to The Bitcoin Review Podcast. We're trying something different today. This is a Bitcoin review conversation in which we talk to people working on the Bitcoin projects that we often talk about. So we have a great panel today to talk about wallets. And these guys are all actual industry people, not LARPers. I'm really looking forward to this. We have Craig Raw, who builds Sparrow Wallet. Craig, thanks for coming.
[00:00:43] Unknown:
Yeah. Great to be here. Looking forward to our discussion today.
[00:00:49] Unknown:
We have Lazy Ninja, who is a a security researcher for actual hardware, which is very very cool and is not somebody you normally have in this, kinds of discussions. So, thanks for coming, Lazy. Hey, Yeah. Thanks for having me, Rodolfo. Yeah. I just,
[00:01:06] Unknown:
love embedded security and specifically wallet security.
[00:01:10] Unknown:
We have Charles from, Ledger. He is the CTO, but previously, pencil before he was a pencil pusher there, He was an actual, security researcher and ran the Don John. They broke pretty much all the wallets, which is a lot of fun. Thanks for coming, Charles.
[00:01:30] Unknown:
Yeah. Thanks for having me, Rodolfo. Yes. I'm CTO at Ledger, and my background is cryptography and security. And, as a lazy ninja, I spent a lot of time studying hardware security in general and also wallet in in particular. But, yeah, this is my background. Thanks for having me, and I'm looking forward to discussing with all these great people.
[00:01:56] Unknown:
And now we have our guest, Matt O'Dell, who is an all star podcaster, privacy advocate, and an educator for Bitcoin, somebody who tends to have opinions about wallets, and, oftentimes, they are good opinions. So, thanks for coming, Matt.
[00:02:19] Unknown:
Looking forward to this conversation, boys.
[00:02:22] Unknown:
So we're we're trying this new thing, you know, in between the list episodes, because the the list do take 2, 3 weeks to have meeting them. And I figured I'd bring the people who actually work on the projects that we often talk about on the list. So why don't we start talking maybe a bit the the UX challenges that like a lot of the the Bitcoin client software has. We often hear the memes about Bitcoin is hard to use, harder wallets are hard to use, harder wallets are not hard to use. It's a big messy topic out there because, you know, being your own bank is not exactly, the cup of tea for everyone.
So, you know, Charles, you guys make a wallet that's more noob friendly. You know, what kind of stuff do you guys encounter in in UX challenges?
[00:03:19] Unknown:
Yes. Definitely, I think UX challenges is one of the biggest challenge we have, for, mass adoption. And often we, we take the Bitcoin revolution and we compare it to, the Internet revolution. And if we if you do this comparison, we are very early. And, in terms of adoption, you can compare, Bitcoin adoption to, like, 1998. And if you remember, Internet at this time, that was quite creepy. The UX was, horrible. And It was great. Yeah. Because you're like terminal UX. That's why. And, yeah, I think we are we have plenty of things to, to improve. And the mass adoption of Bitcoin and cryptocurrency in general, I'm trying to be a little bit more general even if I know we're talking about Bitcoin here.
Today, it's very complex for someone who is not tech savvy. It's not usable. When I think about that I think about my mother. My mother can't use Bitcoin. She can't use, how how we're at it because it's simply too complex. And for me, first of all, there is a paradigm shift. You have to understand what is cryptocurrency, what is Bitcoin, where it lives, then what is self custody. This is something very different from, having an account, to to to bank. So this is something to understand. And second, for me, my top of mind UX challenges, the the the best 2 are seeds. Like, what what what are these 24 words? Like, my mother, if I if I had to explain her Bitcoin and I start, okay, you would generate a secret and then you will you will have 24 words. You will you will have to secure them.
This is something complex to understand. And for me, this is one of the challenge we have today. Like, see how can we hide this complexity, to people. And the second thing is addresses. Like, what is just one of them, exact decimal string for a normal user? This is something weird. When you have exadecimal, usually this is because you have an error. And we we need to, we need to manage the those issues. And there was nothing,
[00:05:49] Unknown:
easy. How are you guys actually, like, attacking those problems at Ledger?
[00:05:55] Unknown:
If if there was an easy solution, like, we already would have implemented it or some someone else, we have ideas. We are researching for both. Unfortunately, this is made a matter of trade off. How do you trade off security with convenience? How do you trade off, convenience, with, decentralization and the security? These are these are the the kind of discussion we have. We we have some IDs. There are there was a couple of ID, which, I hope we'll implement. But, there was for now, we didn't find the perfect solution, with, without Drift. I I have to to admit that.
[00:06:41] Unknown:
I mean, I don't think there's a perfect solution. Right? It's unfortunately everything is gonna have trade offs. You know, we have the cold card crowd, right, that sort of like we try to give all the tools and everything you could possibly need in the most high security environment that we can possibly come up with. Right? And then with the TapCigner, we sort of try to make the trade offs where, you know, you don't have a screen, it's very cheap, and there is no seeds. It's just a blind signer, right? So, you know, the way, like, when you initialize it with a phone, he asked, do you want to store the encrypted private queue on your phone? Right? So that your mother would have a backup of that, but then again, right, like, I cannot recommend people putting their life savings on a top signer, unless they're doing it in a multisig. Right? So now if they're doing multisig with Nunchuck, for example, you know, what are the other keys being held with, right?
We still like started so early on this, and that sort of, like, brings Craig in because Craig did did a very incredible, in my view, upgrade in UX, from a similar model to Electrum. Right? It's an SPV wallet, it's a desktop wallet, and and it's sort of like it does multi sig, it does a lot of the advanced features, but like it's a much more sane UI and UX. So Craig, like what brought you to develop, Sparrow and and, like, some of the reasons why you made those UX decisions?
[00:08:18] Unknown:
Yeah. You know, if we zoom out a little bit here, and we look at, you know, kind of where we have come from and where we're going and what people kind of view as important in the space, I think that most of the the the kind of opinions and the views that you see all, you know, have a a very natural and human flaw is that they fail to kind of take into account the the kind of span of time. They all have quite a recency bias to them. And, you know, for me, designing Sparrow, it's it's not dissimilar. Really, I was just trying to improve and take, you know, what I think is ultimately going to be seen as a fairly small incremental step in terms of the UX of wallets. You know, taking at least the UX of sort of more more advanced, more, capable wallets, perhaps more, more difficult for noobs, but certainly, you know, you're able to do more with them. You know, my intent was to really take what Electrum was offering at the the time, which I thought was a good concept and a good kind of model, this idea of a light client, which they really pioneered, and really just put it into a a different package with better UX, with with a a more sane kind of data model and UI model.
You know, that was really my intent. Where we are going next, it's hard to say. Right? If I knew the answer to that, I would be trying to build it perhaps, but, you know, it's really hard hard to say. And that's, I guess, one of the great things we all get to experience on this journey is the ability to see whatever's next, and kinda be part of that. But, yeah, I mean, that that's really what I was trying to do. I kind of built Sparo for myself. It's still really the case. Whenever I come to a decision point and I don't know what to do, I kind of have to go back and say, well, what would I like to use use here? And that kind of defines it for me.
I have the advantage that I didn't set this thing up to be a business like you guys.
[00:10:34] Unknown:
We didn't start it as a business for a cold card either. It's just kinda funny. We we did it because there was no alternative that we were, like, sorta happy with.
[00:10:45] Unknown:
Yeah. Yeah. I mean, sure. So, you know, often it begins there, but now it's become some some something else. Right? And, you know, I think that that's that's always a challenge. Right? That's the that that kind of trying to maintain the balance of, you know, who are you building this thing thing for? Because if you're building it for somebody that isn't you, that immediately creates a bit more of a challenge. Right? Now you're trying to imagine yourself as someone else, and what would this person need?
[00:11:11] Unknown:
I have a couple questions for you, Craig. So, one is, like, do you see yourself porting Spiro to the phone so that, you know, like, you wouldn't, of course, be all the functionality and everything that's in there, but, I I failed to find a reasonable phone wallet that that is not like, you know, like, so Moon is fantastic for, you know, a total noob that has $50. Right? But it would be nice to have a phone wallet where you can live a couple $1,000 as your sort of like checking account. Right? And and and go about your life without having to pull out the computer. Because funny enough, if the opponent is not a state actor, the phone is fairly secure.
So I, you know, anyways, I was just curious if you intend to port that that wallet at some point, to the to the phone.
[00:12:11] Unknown:
The answer is no. I've got no no plans to do it at this time, mainly because it would just stretch me too far. You know, taking care of Sparrow across all of the desktop platforms is enough work as it is, and, it would materially affect, you know, the product that I offer now to try and put it onto a phone as well. It would be a completely different UI, a different environment for it to run-in. That that said, I I completely recognize, the need for better, better access to, you know, phone wallet apps, and I hope we get more of them. You know, that's that's absolutely some something. In fact, I actually feel, you know, somewhat guilty at times that I live here in Africa where most people don't own desktop computers and here I have built a desktop app. So, there is a degree to which I recognize the irony of that situation. But, in any case, to for me to stretch Sparo to a phone, is I think just a complete reimagining of the UI.
You know, why did I choose a desktop in the first place was really because, as I said previously, I wanted to build it for me. And if I'm gonna manage my funds, I'm gonna use the most capable device that I have, which is my PC. So that's what led me to make that call.
[00:13:26] Unknown:
But that that doesn't mean that I don't, have the need for phone wallets as well. On that note, Craig, I just wanna jump in here real quick and touch on something we had a personal conversation with, about in Miami, when I also met your lovely lady. I said to you, how can, you know, how can I help? Do you do you need more contributors? Do you need more eyes on the code? And usually in an in open source land, you know, projects are always in demand, for more contributors, They're open source project. And you said something interesting to me. You said that in a lot of ways, when you have all these different moving parts, bringing in additional contributors makes your life more difficult, and you like being in total control. You wanna touch on that a little bit?
[00:14:13] Unknown:
Yeah. Sure. I mean, I completely support, and, I did say that. That that that is very, very much the case. You know, I'm experiencing right now, and I imagine we'll get to it late later, but I'm experiencing right now the joy of of kind of trying to find agreement with with others via the BIP process. And it's really, for me anyway, not a lot of fun. It's not something I particularly enjoy doing, and I didn't start Sparrow, as I said previously, at commercial intent. So I'm I started it because I enjoy what I do. I enjoy the creative process, and I primarily enjoy the creative process, or at least my creative pros press process is one that I do on my own.
You know, I like to imagine things. I like to design sign things. And that's not to say that I haven't enjoyed working in teams before, but, you know, if you look at the great, you know, the the if if you're sort of inspired by great works of art or whatever, usually those are created by solo individuals.
[00:15:16] Unknown:
Yeah. It's it's it's fascinating you bring that up because, you know, in our sort of open source saga with CodeCard, what a lot of people fail to to see is that, you know, it was open source but it was single source. It was mostly Peter's design, for the software and if anything, every time somebody makes a contribution, the effort to review the contribution because this is security software, right? And oftentimes just have to politely disagree that we don't want that contribution is an immense time sink and that's not to say that it's a nice, I mean like we have received contributions that were amazing. HODAwave I think did some con I can't remember right now, but he had some interesting contributions that were accepted. It was the address explorer. Right?
No. He he did a the multisig explorer which we had to turn down because there was no secure way of doing that. But there were a few other contributions. And and a lot of people sort of like fail to see the toll that it takes on open source to receive these contributions and sort of disagree and say kind of like very politely fork off. So, I find, and I've been following your, your, CSV request And and I find that there is sort of like 2 kinds of open source people. There is the people who are sort of like working on base layers, OSes, the very the larger picture that everybody builds on top, and those folks tend to be more academic like workers where they are very good at sort of like being polite and doing the back and forth and working through that and they also have the patience to deal with outside ideas and outside contributions while the people who build client software that runs on top of this sort of like base layers or assets, they tend to be more opinionated and they tend to want to build their vision, and that's sort of like the goal, right? I hope that people like my vision but it's still my vision.
And and I I find the the sort of like the the dynamic between these two, the tension between these two to be a very interesting place where a lot of cool stuff gets built. But, yeah. The the other question I had for you was the maintainability that Matt did bring up, which is, you know, there is a point in which, especially with security software, where you have to have enough either time, budget, or something to get appropriate amount of reviews, especially as the project grows, it becomes more complex. So, I mean, I don't wanna put you on the spot and you feel free to sort of like move on from this if you don't want to, but I'm just very curious, as to like, do you have plans, ideas on on sort of, like, you know, further monetizing it, in in a way to to keep the project healthily, sort of, like, maintain and and get more help under your terms?
[00:18:41] Unknown:
Yeah. I mean, you know, to be honest, Sparrow is is, you know, not exclusively I'm not gonna rule anything out, but it's kind of an attempt to see what one man can do. And if it doesn't work, then fine. It doesn't work, but so far, it seems seems to work. I don't see the pace of development in terms of new features happening at anything like the rate in which it has happened. And I sort of, you know, was rolling out features really intensely at the start because I realized that my user base is small and the the cost of making a mistake is less. That has now changed. I don't view it that way anymore. I think Sparrow is probably managing 1,000,000,000 of dollars.
I don't say that as a any kind of credit. It's quite a burden, but it is probably true. And as a result, I have to be really careful with anything that I do. So, you know, it's it's it's really time now to, you know, to kind of review code, to go over things, to check algorithms, to and and that's the one of the reasons that you see, you know, a much slower release cycle now is because I'm really, you know, taking the time to really just go back over over over things. I try to stay very involved in the user support because that's where you get most of your feed feed feedback and staying close to your users, I found, is the best way to really understand what's going on and to see see things coming down the pipe. So, yeah, I mean, you know, that's not to say that I I'm not I'm I'm certainly keen to find good people in the space who can review things that I'm maybe less qualified to do, you know, cryptographic algorithms and and the and the like.
But I don't see that as something that's gonna cost a huge amount because, you know, most of the time, the algorithms, using the libraries that I use are very well reviewed anyway. So, yeah, I'm just gonna see how how far I can go and try and think about it in a in a sane way and approach it in that way.
[00:20:48] Unknown:
I would just add here, I mean, on the monetization aspect, I mean, I think Sparrow has already found a a pretty stable monetization method for a one man shop because he is collecting coin joint fees right now. So as far as open source wallets go, that seems to be, one of the most obvious, sustain sustainability models.
[00:21:10] Unknown:
Lazy, do you want to, to give your 2¢?
[00:21:13] Unknown:
Yeah. It's it's sort of an interesting time we're in right now because, you know, so it's hard to design UX when you don't know exactly how people are gonna be using things in the long term. Because right now in Bitcoin, we're sort of using Bitcoin in a different way than I think it will maybe ultimately be used. Like, I'll just sort of take myself, like, people would look at me as, like, maybe a wallet power user or just a Bitcoin power user because I've been around a long time. And I I so in reality, I probably only use a hardware wallet to sign transactions and really use it once or twice a year.
So when I get that hardware wallet out again, it's actually been a long time, and I sort of need to go slow and be careful with stuff just because it's been a long time because I'm just sort of in HODL mode. Like, I, you know, I just accumulate Bitcoin. I don't I'm never spending it, so there's just very little I have to do with my hardware wallet. And it just sort of if I'm sort of somewhat a noob sometimes, I can't even imagine how newbie real newbie people are. Right? So it sort of creates this falsely reinforcing thing that everybody's just really dumb and doesn't know how to do stuff on hardware wallets. I think maybe in a future where Bitcoin is used differently I guess your model was sort of the tap signer and things like that somewhat address address that.
You know, maybe people will be using hardware wallets much more often, and it will be easier to understand you and they'll be more capable of understanding complex UX. So maybe we may be oversimplifying
[00:22:47] Unknown:
things in the in the long term. I I think another thing that's gonna inform us what's gonna happen is, you know, we all know all the phones are owned. Right? Like, they they're fully backdoor devices, by state actors. Right? Now, they're fairly walled garden and nice in regards to other attack surfaces. Right? Like, say, your average bad guy. Right? Now, what's interesting to me is, as exploits sort of start to become known on phones, is that will inform us which direction we have to go. Right? Can we still have private keys on phones or do we need TapCigner or some other solution like the Ledger, with the with the Bluetooth?
Like, do we need to offload those keys from the phone or we don't? Or or where is the happy medium? Right? Is it multisig? Is it multisig with a server with a server? Right? The Nunchuck guys are releasing, hopefully, like, a service soon that that does some of that. So, I I don't think there's gonna be, 1, an answer that sort of fits everybody, and 2, I don't think we we are capable now of of just knowing the the environment, the security environment we're in in 5 years from now. Right? Because you know imagine you are you know, a quality dictator.
Right? Like, very nice guy, but still a dictator, you know, all the phones are sharing their their memory with the carrier that's state owned. And then, you know, the the dictator is in a in a pickle because he ran out of money, he bought too much lobster, and then, you know, like he sees that there's this massive, install base in his country where everybody's using a phone wallet, the private keys in their phone, and then he goes like I need money, I'm gonna just sweep everybody's phone. Right? Like we are not far from that technically speaking, that is already possible. If the wallets have x y's. Go ahead. I mean, is the Chivo model?
Yeah. I mean, I don't know. Right? But the Chivo is worse than that. Right? Because the Chivo is custodial. So people are already accepting that they are owned. So go ahead, Charles. Sorry. We cut you off. Yeah. In in your analysis,
[00:25:11] Unknown:
when you say that the your main opponent, for stealing your keys in your phone is a state actor, I would tend to disagree. Like, the secure security vulnerability market, because there is a market, is, mostly there there are plenty of actors. You have, on one side, security researcher who find vulnerabilities. In this researcher, some, some of them are more, like, responsible disclosure like like what WhiteHat. Some other are more, like, with BlackHat. They are using the ability for for them, directly, trying to monetize them, in a way or another. And in between, you have a gray hat, and these these people are, mostly selling their vulnerability to the one who who gives them the most money. And people who are buying this vulnerability, of course, you have state actors, but you also have a criminal organization. Right? This is, this is something widely known. You have, brokers.
Like, if you go to xerojam.com, this is a broker for Vulnerability, and they buy Vulnerability and they sell Vulnerability. And, this market has been huge. Like, 25 years ago, when I started in in this area, when when you found when you found the critical vulnerability, if you've got 100 bugs bugs, you you were very happy. Now, if you find, like, a zero click persistent vulnerability on, on Android, it's 2,000,000. This is this is the price for, this kind of. You have state actors buying those, but also criminal organization. And today, this kind of vulnerability is mostly exploited to spy on people or, like, doing, like, doing intelligence and this kind of thing. But tomorrow, if the opportunity cost of, like, draining all the software wallet on, a given device is higher than the price of the vulnerability, and this will come very fast, these vulnerabilities will be bought for draining, software wallet.
And it's even worse than that because when I when I say, like, 2,000,000 for vulnerability allowing me to drain your software wallet without you doing anything, this is the this is the worst worst situation. But this is for an up to date phone. Like, if if you use, an old phone, like, this will cost nothing. They are known already. They have been patched, and, unfortunately, your vendor do not provide upgrades. So your your phone is vulnerable or you didn't click on upgrade my my phone. And in this kind of situation, you're not protected at all. You know, so people know, like, when you are on an airport,
[00:28:10] Unknown:
if they take your phone, it doesn't matter how latest the model is, they'll stick it in a little machine that will, like, take all the data out of the phone even if they can't break it right now. They'll wait until they have a vulnerability to break it later. It's it's so hopeless.
[00:28:27] Unknown:
Yeah. There is a famous vendor, which is called CelebLight. Yes. And they they have this, like, some kind of mallet and, a bunch of wires. You plug in your your phone phone and then they they can extract everything. But you also have another vendor, which is called NSO. And NSO is the company which develops, Pegasus Pegasus Software. And this software is quite simple. I put your phone number on the software. I click on hack and I am root on your phone. And there's nothing you can do. You you you don't even have to do anything. This is Artrix. And to build this software, what they what they did was to, search for VINR which is all by them. This is Yeah. This is the this is the market. But for now, these VINROGs are not used for draining words,
[00:29:17] Unknown:
but more for, like, just spying on people. But they they will, of course. Imagine we are in a in an environment where, you know, it's hyperinflation or something. Bitcoin is worth, you know, $1,000,000 a coin. And now you have, you know, maybe not in a major Western country, but say like a developing country, like Brazil, Russia, India, China, something like that, and they're experiencing a high volume of capital flight, right maybe they start draining people's wallets you know it's it's a lot cheaper and easier than go and hit somebody with a club in the head
[00:29:50] Unknown:
What Charles mentioned was really interesting about the older phones because where we're gonna see most mobile wallet penetration is gonna be in markets where people are using old Android phones. And, this threat of Pegasus is is very real. When we were in Oslo, there was a partner there that was was doing Pegasus checking. And me being paranoid, I would never plug my phone into the Pegasus checker, but, apparently, there was 7 7 different attendees had Pegasus on their phone.
[00:30:19] Unknown:
Yeah. I know. It's expected. Right? And and remember, phones were not designed to have a a a a supply chain security between the manufacturer, the carrier, and yourself. So one is, especially with Android. Right? With Android, you're buying something that the carrier already rooted. Right? Like, it comes pre rooted. If you buy your Android directly, you know, maybe a better chance, but still somebody can intercept in the middle of the way. IPhones, it's my opinion that you are a little bit more secure against the, you know, the average scumbag, but, but, you know, you're still sort of at the mercy of state actors, or old exploits or old hardware.
But it is pretty bleak and and that's why I highly discourage people doing large transactions on phones. It's it's not not a good idea. If anything, you could just be losing your privacy. Right? Maybe they're just capturing, you know, transactions on you just so they can attack you later.
[00:31:20] Unknown:
Right? Yeah. Just just a tiny detail about iPhone Exploit versus Android Exploit. For now, the market is saying the opposite. Like, iPhone, iPhone Xplots are a little bit cheaper than Android Xplots, but just a detail.
[00:31:37] Unknown:
No. I I wonder why. I I know that the volume of exploits is different there too. My understanding of the reasoning, correct me if I'm wrong, Charles, is because,
[00:31:47] Unknown:
if like iPhone is a very, homogenic ecosystem, like all the phones are pretty much standardized because they still get updates. But with Android, it's very fragmented. So if you get an if you get an iOS vulnerability, you pretty much get access to to all the iPhones. But with Android, there's a bunch of different ones.
[00:32:08] Unknown:
You know, the difference is BSD versus Linux. You know? What can you do?
[00:32:12] Unknown:
Yeah. There are plenty of, of reasons, but, again, it's a it's a matter of market and it's not really a matter of demand, but of offer. Like, when when some researcher, start to find many vulnerabilities, the price of vulnerabilities drop. This is this is more of this mechanism.
[00:32:31] Unknown:
So another problem too is that the install base for iPhone is much smaller than Android. Right? Android is what? Three times now the market than iPhones. So you just have more suckers to steal stuff from if you buy an exploit for Android. Okay.
[00:32:47] Unknown:
Before we move on on the UX on the UX topic, I just have a quick question for Charles. I mean, Charles, obviously, Ledger supports, you know, all these alt coins and NFTs, and there's all these other complexities that you guys have to deal with because of that. You know, you have to think about staking. You have to think about NFTs. How does that how does that factor into your UX equation? Has there been any thought to having a Bitcoin only product?
[00:33:13] Unknown:
Oh, this is an this is an old debate that we have. So in terms of security, in order to segregate your asset and mitigate the the risk, what what we did is the is the following. We have developed an operating system, which is quite simple, and this is on purpose. And this operating system is mostly a big cryptographic toolbox, and you have different API where you can, ask for a request for a hash, a signature, encryption, whatever. And on top of this operating system, you can load application and this application are isolated from one to another.
And to do so, we are leveraging the, hardware feature, which is which is MPU. We are we are using a hardware feature so that even if your application is trying to, access to, to some data which is not, in its in its world, you will have a hardware failure. This is this is what what we are using. So we are using the MPU hardware to, isolate application from one to another. This is how we avoid that even if there is an, even if there is a vulnerability in your, Ethereum app, your Bitcoin keys, if everything is is is well done. This is a yeah. There was always a question about that, of course. If everything is well done, if there is a vulnerability in the Ethereum app, it cannot be leveraged to access to your Bitcoin keys. So this is how we we mitigate that.
If you want to tell me that more complexity complexity is the enemy of security, I really agree with that. There was no no debate, but this is a trade off for you. I can't even imagine the amount of work that it is to review
[00:35:09] Unknown:
the signing, like, capacity, for all the Shecoins. It must be, like, an absolute, like, hell. Like, you know, it's a good business. Right? I mean, people want a single solution that supports all the stuff. Right? Yeah. But like just speaking as as like somebody who builds software is is is just I I can't even imagine what it is in terms of like just the amount of people and teams and stuff you need to just support the stuff because,
[00:35:38] Unknown:
you know, Bitcoin is simple. That's what people don't understand. Bitcoin is so so simple. And more more simple than than other protocol. I agree. So we we have a dedicated team for that. This is, this is the dungeon. But we also use third party security evaluation lab because there was no absolutes in security. And the more eyes you have, the better it is. Also, we we have improved our SDK. We are providing more tools, some static analysis tools and so on. So, yeah, this is this is not absolute, but this is, we we are putting a lot of effort to improve the security of everything we do, especially when it comes to to signing. You know, it's funny.
[00:36:19] Unknown:
We also use Don John. For free. We for free. We send, we send code cards to Don John, for them to try to break. So, thank you very much, for that work. I I seriously, like, I I mean that for real. I I think it's fantastic that you guys are willing to spend so much money, trying to break you know, I know you get the PR from it and all that stuff too, which is great for your brand, but, it's just nice that there is enough market and enough economies of scale now that there can be an actor like you that sort of goes out of your way to try to break other devices. It's surprising. I mean like we gained a lot in security from you guys breaking, all the all the microchip, secure elements. Right?
They're working even a new version now. Right? So, which is which is great. And and, you know, as much as there will be, of course, vulnerabilities in the next one, the next one, the next one, they start to become more expensive, and and we start to understand where the limitations of that technology is and try to build around it. Right? So you get a secure element like a secondary secure element and and sort of try to navigate that way. It's better to know from a friendly actor than, than to find out from, you know, exploits in the wild, which we would never know. It's part of the reason why we we advocate so much for for air gapping and and that kind of stuff is because, you know, what a lot of people sort of, you know, on Bitcoin Twitter don't understand is that the biggest challenge with security is the unknown unknown.
Like most exploits will be overused before they become known. It's not that like, you know, like most guys that are friendly are gonna send you an email, hey, I found a bug, do you wanna pay me? No. Most guys are gonna go try to go in the market and steal people's money. Hey Charles, I have a question sort of extending Matt's question.
[00:38:13] Unknown:
So when Ledger is receiving I just want to sort of think about the economic incentive alignment. Right, so when Ledger is receiving $1 for selling a hardware wallet, some portion of that is is is put into supporting new tokens and feet and things like, you know, that we'll call shit coins. Not not to disparage the business model, but it's it's it's a good it's an interesting business model. And then some portion of that is put into hardware and hardware security. And where I get a little concerned is when that ratio of new money coming in where the incentive becomes more to support more and more tokens and alternate altcoins rather than to improve and increase security. I mean, is sort of DanJon just sort of the a fixed security spend, like, you allocate this much money to DanJon and then increase you don't maybe maybe that's too much detail for you to give away, but I'm just curious your thinking on that as how as new money revenue comes into Ledger, how are you divvying deciding how to divvy that up to security, new hardware security, and just new software altcoins?
[00:39:32] Unknown:
Yeah. It's it's it's a it's a good question. So recently, we have grown a lot. And when we when we grow, of course, we are allocating some resources to support new features and so on, but also to security. Frankly, to to be honest, I I I would have difficulty to to to tell you, x amount of percent and so on. First of all, what I can say is, last year especially, we invested a lot on platformizing our products in order to so that this is the community which invests in supporting new features and new coin. So this is there, you have a great alignment in in incentives because the community is happy to have its new application, its new coin within, a ledger environment.
And, on our side, we can continue investing in security. And about these very parts, like security, like, is about it's also when you are a security vendor, it's mostly about trust. And if you do a big mistake, your clients, the ecosystem, the trust can fade away very quickly. So and and investing in security is is probably a good idea, short term, but long term, it's a very bad idea. Long term, you lose. And at leisure, I can say that this is this is really true. We are playing the long tech long term game. And I agree it's always a matter of trade off. So how can you make sure that, this amount of investment is enough on the long on the long run and so on? It's always difficult to to say. But what I can say is security is always our top priority, and we we we can't do a big mistake in this area because, otherwise, we lose we lose the game, and that's it. So, yeah, this would be my my answer.
[00:41:35] Unknown:
Let me let me just jump in here real quick to pull it back. Charles, first of all, I appreciate your answers. Look, I think I think, you know, you and the rest of the ledger team have, you know, a very strong, security reputation, very good track record. Don John, as MBK said, is absolutely, fantastic to have in the space. My question with the alt coins and the staking and the NFT was more on the UX side. So it's, you know, I, I, I wonder that there's been a recent move that I've I've really enjoyed in the in the Bitcoin industry of of trying to simplify to simplify the UX.
But on the ledger side, you know, you guys have a, a, a pretty great mobile app and a mobile experience with, with the ledger device. But ultimately, it's it's it's a feature packed, like, software suite. Is there any thoughts about offering maybe some kind of simplified experience that doesn't give you all the things that Ledger Live gives you, or is that not a priority?
[00:42:44] Unknown:
To be to be honest, this is a regular discussion we we have, again and again. And for now, the I think the consensus at ledger after, like, doing user research and so on is that the market is more expecting what we built at Ledger, I think, a one stop shop software rather than adding something very, minimal and very, and very simple. So this is this is where we are in terms of user or research, but things change. Like, user change. We have new and new users. The users we had, like, 5 years ago are very different from the one we have today. So this is something we we we have to think about. And when when when we talk about UX and ease of use and when I think about my mother using, using crypto, frankly, digital life is too complex for her.
So probably this answer will evolve in the future and probably we will need, like, something more simple for for my model.
[00:43:45] Unknown:
I think there's a comparison here with NVK. I mean, obviously, CoinKite is Bitcoin only, but the cold card is a very feature full device. There's a lot of things you could do on a cold card. And the moved the move with the tap signer to me signifies, you know, oh, this is a a more simple straightforward device that does one thing, does it does it well, and takes a different trade off balance. Right?
[00:44:12] Unknown:
Yeah. So as the pie grows, right, in this whole industry, I I I think shitcoins are only gonna grow. Right? And and they're gonna grow a million x still until they go to 0. So I I think it's gonna be hard for a more mass market product, like Ledger to sort of cut that off. I mean, like, you know, you guys are gonna have to sort of get rid of, like, what? Like, a 5th of your like, 5 sorry. 4 5ths of your team because it's like, you know, you have the exchange services, you have all that stuff, and and it's extremely lucrative, and, you know, and, I believe in the free market, and there seems to be a very strong market demand for providing a secure solution for the Shecoins, And then that opens space for people like us who want to do Bitcoin only, don't want to sort of address that specific market.
If anything, I find Ledger to be a great funnel, sales funnel for us because a lot of their users graduate and come to us to be Bitcoin only. Some leave us to go to them because they wanna have Shecoins now. I mean, you know, it it it that's that's how a market works.
[00:45:22] Unknown:
I sort of have a question for all you guys because I this is something I don't see is what is sort of the number one support question you get? Because you guys all you Craig too. Right? You guys all see support stuff, and I only have sort of micro interactions where I I either had a problem or I know somebody that had a problem. I'm just sort of curious if if you guys all see the same things or different things.
[00:45:44] Unknown:
I I love this question so much because support is, one of those things that that direct and inform us on almost every decision we make. So we make almost all decisions based on diminishing or extincting any support question. So, you know, our rate of support is abysmal tiny, right, because we've been making decisions, design decisions that further that goal through years, and even pre in our previous iterations of CoinKite and services that offered before even Cold Guard or OpenDine. So when people on Twitter like to go and sort of like bitch about, you know, UX, Bitcoin's difficult, Coldcard is difficult, You know, they're speaking from their asses, they don't understand that like the people who get into Bitcoin, they find a way, they learn, and they actually don't have support problems. I mean, we only get support questions when there is a bug. Right?
A bug is found. It's like these users keep on hitting something that, like, we're like, hang on a second, like, it's not supposed to, like, you're not supposed to have this question. Oh, wait, you found a bug. Right? Really, the support questions are where is my order? Or why do customs have my order? Right? Like, this is the support that we get, and and I assume that for Ledger, it's probably going in that direction too because the market is evolving and becoming a lot more, knowledgeable or or find other means of finding that that knowledge. But, you know, I remember when we designed the OpenDime, we're like, how can I make a device that doesn't doesn't require software?
Right? Like, there's no app, there's nothing, you just stick the thing in, and it's very sort of easy. And I find that generally speaking, the majority of the people who also buy our product are very self selecting too. Right? These are people who want to be Bitcoiners, so they will try to find answers by themselves too, which, you know, it's kinda sad because it prevents us from knowing questions they may have. So, yeah, so that's sort of like from our end. I'm curious, on on Craig and Charles, like, what are the support questions they have? And, Matt might have some great, unquote, gym questions there too.
[00:48:12] Unknown:
Well, I just wanna say, first of all, in in, Vk, a lot of the time you don't get support questions because I get your support questions.
[00:48:20] Unknown:
Nice.
[00:48:21] Unknown:
So, you know, obviously, when people are using a Bitcoin wallet application, you know, that's what they're thinking about, right? The wallet application is giving them the error. It's saying I can't do x or y. In fact, often, even if the hardware wallet is showing them in their error, they still contact Sparrow support group and still kind of like, you know, my cold card won't sign the transaction. You know, what should I do? And I frequently then jump onto, you know, cold card's code and kind of look through and try and see, well, why is it throwing an error on this line, which it often quite helpfully provides the line number. So, you know, that is something that I didn't fully appreciate when I started this whole thing off is that kind of, you know, kind of all, not all, but certainly I think most of it gravitates towards the wallet application that's being used. You know, so there's there's a whole whole lot of lot of that. But to go back to the original question, you know, the the major, you know, recurring support, you know, issues that I have, I actually made a note of them before this.
They are, you know, perhaps in order or the the the the major one, at least for Sparrow is how do I connect to my node? I'm having issues connecting to my node. Obviously, we could have taken the sort of ledger approach, the blue wallet approach of by default, you know, you connect to the the sort of company server if you will or the provided one. I really didn't wanna do that. I still don't wanna wanna do it. One of my aims with Sparrow is to get more people running nodes. And, you know, so that's kind of one way to do it is just not to ever run the server yourself. So I'm kind of But you have a curated list, right, of,
[00:50:02] Unknown:
yeah, which is fantastic.
[00:50:04] Unknown:
Yeah. I kind of got to the point where I was I was helping sort of neighbors and friends work with Spud Sparrow, and it just kind of realized there's a whole bunch of people out there who, you know, can use the soft soft software if they could just connect to a node. Like, it's not too difficult to use if they can just, get their wallets, to load. So, you know, providing those was really and remains a jumping off point. But, you know, the UI, the support, everyone kind of pushes people towards getting their own node. And so if you're a Sparrow user, and, you know, you're having issues with, you know, public nodes, the the general advice that anybody on the support group will give you is really consider getting your own node at this point. You know? So, definitely, there's a strong push towards towards that even though the public nodes are provided for people who just kind of getting into it. So that's support issue number 1 and will probably always remain support issue numb number number number 1. Then I would say Tor is the next issue. Tor, as as we know, is, often down, often has issues.
No one really knows knows why an issue occurs. You know, it's just one of those things. Hopefully, at some point, it gets better, but I I suspect it won't. Maybe we need to look more closely at, I2P, but, you know, TOR is is one of those major things that never really goes away. And then just, for you guys, I I do get a fair number of of USB kernel kinda issues, which are just, you know, random issues where the USB kernel is just giving errors. And very unclear why. But often the best advice there is just to ask the user to re reboot, which almost always clears it up. So, you know, that's just one of those those things. I wouldn't say it's super common, but, it is kind of one of those, queries that you you get, and there's no real way to solve it or to reset set things that I'm aware of.
But it it does pop up from time to time.
[00:52:16] Unknown:
You know, Craig, so I I'm actually curious. What kind of signing difficulty do you see? Is it because the user so the the main issue with Coldcard, which is kind of by design is that it doesn't sign stuff that it shouldn't sign. Right? So it wants to make sure that it's sending change addresses back, you know, so essentially trying to not just YOLO. Right? It's trying to have some sanity check on what's signing to prevent the users from either being grifted or accidentally sort of sending to, you know, proof of burn. So I'm actually curious, like what kind of signing difficulty do they have?
[00:52:57] Unknown:
So I I would say, you know, usually the the first response I would give if I had that kind of support query is, have you upgraded your firm firmware? Because that's often the case. Right? We often have some old firm firmware there, and as soon as the user up upgrades, the issue goes away. So that's kind of the major one. I would say that cold card doesn't actually give a lot of issues. I'm actually getting more issues with the Trezza these these days because they are very restrictive on their derivation parts. And as a result, you kind of you often get these kind of errors where it just won't sign this path, and the error is not always super clear. And I think they've actually done quite a bit of work in the last few months, but people's firmware is not always up to date with that work. So they get a quite an odd error, and then you're not quite sure sure why. I think the more recent firm firm firmwares tend to make it a lot more more sort of clear.
[00:53:54] Unknown:
Have you thought about because it sounds that, like, one major thread on on how you end up having to spend your time doing support is because the hardware all the hardware is not up to date or the or the or the OS is not up to date. I know like USB on Linux is an absolute disaster. So that's a whole different problem, right? Like the majority of the people using Linux shouldn't be using Linux. They should be using a Mac or a PC and they would actually be safer doing that because they wouldn't be able to muck around and break things, but that's like a whole different thread. Now have you thought about, like, on the UI of Sparrow when they set up a new hardware wallet? Maybe you pull from, our GitHub repos, right, the latest version, not the software, just like, say maybe a model saying, hey, oh, I see that you are setting up a code card or a ledger.
Are you running this latest software version xxx? You know, like maybe maybe them reading that or having to press okay to that might incentivize them to maybe upgrade, that's just an idea, that that could maybe help you have less support tickets.
[00:55:09] Unknown:
Yeah. Look I I I do get that idea. It kind of runs contrary to my general design philosophy of like, don't build Nag Ware. You know, I really don't want to nag anyone. I kind of want to treat everyone as an adult who's kind of thinking about this. That may often not be the case, and maybe I'm I'm, misguided in in in that that that approach. But again, you know, I built Sparrow for me, and I don't want to have a little pop up that I have to dismiss saying, have you upgraded to the latest firm firmware? So that's why it isn't that kind of thing isn't isn't there.
It may very well, you know, if I did that kind of thing, reduce the number of support tickets and, well, you know, queries. But, it's gonna, in my opinion, diminish the quality of the soft software. So, you know, I'm always gonna tend towards, inequality rather than trying to diminish support, I guess.
[00:56:02] Unknown:
I I think, I mean, at least to me, like, the end goal of the stuff that we make is to make sure users don't lose their money. Like, it's sort of like that's always sort of like priority number 1 in my head. I mean, Coldcard was designed in our image. We wanted to have all the features and all the things that Bitcoin does, but I find myself also as a normal user who is just sitting trying to do core, you know, corporate treasury operations, and I don't wanna have to think about all this stuff. So I try to build sort of, like, things that that sort of I can offload some of that thinking to the device in a pinch. Right? So, or like, you know, I just have to go sign a transaction. I don't wanna have to, like, check the signature and all the stack and doing all these things. So that that balance and and the the the friction in that balance, it really is sort of like where you try to find good software.
Charles, you must get a, you know, you're probably like a 1000000 x bigger than all of us in terms of like install base. Very curious, aside from where is my ledger, tickets, like where do people fail? Maybe not the super normie people because, you know, that's the obvious stuff, but like where is that middle ground of people who are at least trying to understand what they're doing? Where do they fail and they need to ask for help?
[00:57:33] Unknown:
So in terms of customer support, Jess, we are receiving a lot of tickets. And as you said, most of tickets are, like, very, very simple. Like, clients, customers don't really understand what's going on, what to do, how to initialize their wallet. We we have a lot of, this this kind of stuff. Also, something which, which comes quite often is, like, connection issue. When you have, like, Bluetooth, BLE, with the NanoX. If you have, like, an old phone or, some some very, very weird BLE implementation, it can it can be difficult. USB on Linux, can be can be an issue as well. So, So, yeah, we we have this kind of stuff. And I I don't have, like, precise numbers, but I think that this is 90 90% of, of the of the volume of of tickets.
And, and sometimes you have very tech savvy users who are, like, asking, like, very, very precise question. And when this question come to, the technical team, we are like, woah. How? How how to deliver that? I I I don't have a precise example, but you have people, like, playing with complex, with with a complex dApp on Polygon chain and so on. There's a stuff we we don't even know. So we have to, research in order to to help them. So various thing, but mostly mostly simple stuff, of course.
[00:59:05] Unknown:
So, our resident uncle Jim here, like, Matt has had the privilege and and the the amount of work that it is to try to sort of like educate people on Bitcoin, deal with activists, deal with, you know, like different categories of people who are not necessarily, you know, the the proverbial mother, but, like, the the the next people, right, the the the people who are actually trying to understand what they're doing, like, where do people fail, and where do they hit up you or or you tell them to sort of go talk to support and try to figure out what's going on? I will say,
[00:59:48] Unknown:
that, you know, I'm not a, I'm a relatively pragmatic person. So with a lot of people, they, they do want to hold altcoins. And because they want to hold altcoins, I do send them to Ledger a lot. Particularly the mobile app, I feel like has made it a lot easier. It's a lot lower lift. Most people do not have phones, and do not have computers. So the fact that that you can just do everything from the phone from the get go is a is a massive win. The single biggest thing, I mean, I see is people trying to move from Ledger Live to Sparrow Wallet or something like that where they wanna use their own node.
And most of that, like, we've made it easier, but Craig Craig has touched on it already about Tor issues. I mean, most of the time, people are connecting to their own node via Tor. With Ledger specifically, there's, like, always, like, the issue of, like, okay. So I gotta initialize the device. I have to set it up. I have to update the firmware. What information am I leaking to Ledger? There's a lot there's a little bit of nuance there, in terms of of trying to set that up where you're not leaking data before you're connecting it to your own node. But, specifically, that pairing process with your own node or with the trusted friend's node, uncle Jim node. Right? When we say uncle Jim, we mean, you know, a friend or family member that you trust using their node.
I we see a lot of difficulties with that. I will give Craig a huge shout out that because he has Tor directly built into Sparrow, you literally just need to just need to copy and paste, the Tor Electrum address directly in there and boom, done.
[01:01:28] Unknown:
So, Craig, that actually brings me to something here. It's a 2 minds on this. One is I don't think any client should have 4 in them because users end up with 2, 3, 4 services running at the same time in their computers that can cause problems, or if anything just slows down further. So I mean I have never looked into it but have you looked into maybe helping users sort of like set up Tor natively on their computer, as just a, like, know, every time you boot your computer, you'll have a Tor proxy running. Right? I I do this. Right? You go brew, services, start Tor.
Matt, this this is this is a You're wrong on this one. Yeah. So you don't want it to tour in each app. You you definitely don't. It does help the noobs. I'm I'm not denying that. It really does help the noobs, but I I really don't want my client's software choosing which store to run and and have that being the default. Yeah. I think you're wrong in this one, MBK.
[01:02:39] Unknown:
I I mean, the perfect example was the move from Electrum to Sparrow because with Electrum, you had to have your own tour separate. Yes. That's a good thing. And you wanna talk you wanna talk about time and support tickets was getting people set up using Tor with their Electrum serve with their Electrum client. Meanwhile, with with Sparrow, all I have to do is tell them install Sparrow, then go to the setup guide and either press ledger or or cold card, and then follow the steps and paste the tour address into the thing. It's, like, well, it's way simpler.
[01:03:08] Unknown:
We've have had this discussion internally for as long as this company exists. I almost feel like in Bitcoin, when you when you turn on any Bitcoin device or software, there should be a a pop up that asks, noob, not noob. And and and it's like, and he presents completely different sets of defaults, completely sets different sets of like features and everything because I I find it so frustrating, when people obviously make different design decisions based on the expectation of how new or not new I am, and we are all always gonna disagree on that. Right? Like I mean, it is the very nature of advanced people.
We're all gonna have opinions and and it's such a a huge, huge challenge to to find that balance and and anyways, it's just more like a rant than like anything actionable. Noob or not noob? And sort of like change the UX after that. But then, you know, we go through the struggle of trying to create the the UX that serves both. But because it does expose the noobs to more stuff, right, and sort of like people learn. But, yeah, that's, that's an interesting thing there.
[01:04:33] Unknown:
Just getting back to the Tor thing quickly, you know, I'm always like, my my heart often sinks a bit when people, like, are saying, well, I'm trying to connect via via tour. Because now I just think think to myself, well, now there's just a whole lot of other issues that it could be. You know, tour is is this thing that we all love and love to hate at the same same same time. Right? So, you know, for me, I always you know, if I'm talking to somebody over support, I always say, listen. The best way you can connect if you're running your own node and you're sitting in the same house as that node is con is connect to the local IP, get the best speed that you can, and then configure an external Tor proxy, which is exactly what you're saying, MBK, you know, that is that is it makes complete sense. Then all of your external communications are going out over tour, and you're connecting over your local private network to your your your node to sync your wallet. So, you know, that's that's kind of the way that I do it.
Obviously, if you leave your your home, then you might need a different way to do things, but then I tend to opt for a VPN. So, you know and I kind of VPN into that private network that I have at at home. So there's there's kind of, I try to avoid using Tor to download, you know, the data for the for the wallet. Because if you have a large wallet, you can imagine there's a lot of data that you have to now transmit over Tor. And it's just a very slow transport mechanism to use. So, you know, I very much support for a more advanced user is don't use the tool built into Sparrow. You know? Rather go out there and set up your own tool, which starts whenever the computer could've starts. But to Matt's point, you know, trying to explain to a user that they need to run brew services, tour, or, you know, whatever it is, that's a challenge. That's a real challenge.
[01:06:27] Unknown:
I mean, particularly on the Uncle Jim side. Right? Because I just all I had to do is put my my Tor address into a signal message and be, like, paste this into the field on Sparrow. Boom. Done.
[01:06:37] Unknown:
And then please type your seed here. See, that that's actually another, like, small rant on the UX part. Right? One of the biggest problems with, like, creating experiences that are too easy, right, is that the users rightfully being lazy and busier with the other parts of their lives, don't put any effort into learning what the seed is or what it does. So there is this very easy social engineering attacks where they'll go to a user and they'll say, like, you know, to the mom, right? The mom has a hardware wallet, set it up, whatever, and then it goes to her, you know, on a DM saying, hey, I've heard that you have a problem with your wallet, send me your seed, and people do, right? Because they were not forced into understanding how dangerous that is,
[01:07:30] Unknown:
right from the beginning. Right? So again, it's just a matter of Just one thing I tell people when I onboard them. I'm like, never put this seed into anything unless you call me first. That's just what I say to them. I just say never never take this into anything unless you call me. So what do you do what he did is you're essentially the personal firewall for, for family and friends. That's right. That's right. I mean, we we talk about all this advanced security stuff, and then 99%
[01:07:57] Unknown:
of users that lose funds, it's from phishing. Right? They just get an email or a text message, and they fall for it. Yeah. This is a low hanging fruit. And for now, scams work. So scammers will will will go through, this methodology to to steal people. But this is this is a little bit like at the beginning of the Internet when, people didn't know, that they they they have to be careful about their credit card number and so on. Now, people have gained experience and understand better. And, but for for crypto, for Bitcoin, we are at the very beginning. People do not understand, and phishing them is the easiest way to steal them. But I think it it won't last. At some point, people will be educated and will be will understand
[01:08:46] Unknown:
how it works and phishing won't won't work anymore. At least it will be a class. I completely agree. I think it's there there are just a few wallet designs out there where they're trying to get rid of seeds because they're too easy for people to get phished on and things like that, which I I sort of completely disagree with. I think the the c is the best way for self custody and robust backup. And I think that you just that is the preemptive thing, and then you just need reinforced training that you don't enter this into things. Because even with, you know, sort of binary type x string type of things, people still can cut and paste those into things. Right? You can get phished on those things almost as easy.
[01:09:27] Unknown:
It's funny you went there. That was exactly, like, where I was going. What what a lot of people don't understand is that most people will screw themselves out of their coins before they're ever robbed or phished even by anybody. Right? So, you know, asking a user who might put real money into a wallet to not have a non digital backup that's human legible, it's it's an absolute disaster waiting to happen. Right? Because statistically speaking, I mean, the chances of your house catching on fire, your phone catching on fire with the house, or you losing the phone, and maybe not having access to your cloud or something are much higher, sorry, sorry, much much lower than, you know, your house catching on sorry, your house catching on fire has a much higher capacity of happening than somebody stealing the money from you. So having that seed, that human legible seed, right, on a piece of metal, it's like in my view, it's like this just, it's almost like another huge advancement just like Bitcoin was. This idea that it can have, you know, this this cryptographic secret
[01:10:42] Unknown:
written in plain words. I actually think it's easier to understand for noobs. Like, my I just onboarded my brother-in-law, and I I really hadn't been priming him very much. I mean, he was sort of aware of Bitcoin and dabbling and looking at this or that, but I really hadn't been pushing him at all. And he was sort of ready at one point, and we sort of went into it. And when I sort of told him about the metal backup and I sort of showed him what to do, I showed him, you know, stamping washers and stuff. That made perfect he's not a technical guy. I mean, that made perfect sense to him, and we went through it, and he he took it really seriously. And and and I I thought it was a really great success, and he he understands. I'm like, if somebody finds this, they have your money. Right? I mean, this is like a bar of gold. You know, wherever you put this, you're putting a bar of gold.
And that that's just a really easy concept for him to get, I think. Yeah. No. That's exactly it. I mean, humans have been doing physical custody
[01:11:36] Unknown:
forever since humans were around. Right? Like, I was there screaming in the forest, running after animals to eat, and I was probably custodying whatever I killed, right? So like it is it is a very natural thing for people to do which is really cool. People understand that natively. They don't have to sort of like get schooled on how to keep something secret physically, So that's like a nice first step, so that when they go to the next round and sort of like the next upgrade in security and do, I don't know, multi sig or pass phrase or whatever, they will instinctively understand that now maybe they have 2 secrets as opposed to 1, and they should put it in 2 separate places, right?
Yeah, I am not a fan of the seedless designs, and I think will will lead to a lot of grief.
[01:12:29] Unknown:
MBK, what are your thoughts on seedless multisig setups?
[01:12:35] Unknown:
So, like, top signer is seedless. Right? That essentially, like, negates all my rants that I just had. Because, you know, really, like, we have to try stuff to see if we can come up with the next thing. Right? Because seeds are not perfect. They're amazing, but they're not perfect. So how do we go to the next thing? And there is also Taproot, which does change the the security trade offs as well when it comes to multisig and and each signer sort of derisking them and stuff. So TapSigner is our attempt at doing seedless by still making the user ideally back up on their phone an encrypted key where the encryption of the key is laser etched on the card.
So the phone cannot see that private key. Now we're very clear that the trade offs that we made on that product are not for you to put your life savings in single sig, right? But they could work for you to have your life savings in multi sig because see, you can use you can have a tap signer as just one of your signers, one that is high availability to you so the keys are not on the phone. And the other signer could be a cold card that's deep buried somewhere where you do have a backup and maybe the third one is a service or is another cold card or something. Right? So you could derisk the lack of that seedless signer of that multisig.
We essentially get back to seeds even though you're functioning on your daily base seedless. I think it's an interesting proposition, and as Charles and Lazy would would be very familiar with this is Java cards are a very old and resilient technology. Right? So the the chances of that device breaking beyond recoverability are very low. So that also gives me a bit more comfort. And these devices are essentially fully sealed, right, because they are, NFC sort of essentially baked into plastic. And on Charles case, I think you guys put epoxy over the the SE, right, or no? I can't remember. But but, you know, but the package is resilient enough and and and you should be able to at least recover in a lab in case you need to, provided that you have the PIN and all the good stuff on your case. But anyways, I I think 2 things are important. 1 is we need to recognize that seeds are an incredible achievement.
We should push people towards them, but we should not stop attempting to come up with alternatives that may resolve some of the UX challenges, at least for the daily operational, part of your life. That that's sort of, like, my my view on this. I'm kinda curious on Lazy's view on this.
[01:15:44] Unknown:
So I'm a single sig maximalist. I will so well, for say for personal savings, like, I think there may be a c list multi sig for an intermediate value of spending or something like that, like, your normal bank account, not your life savings account might work. But I I've just been really against I I mean, what bothers me with multisig is when you have sort of the 2 of 3. Like, a 2 of 2 multisig, I'm much more comfortable with, but when you start having 2 of 3, I think it starts really leaving room for people to mess up because they they don't realize that they need 3 of 3 public keys backed up, and the redundancy in their their backup setup of all those. So I I I'm really 2 of 2 may be multisig, but I'm I'm really just a single sig passphrase guy. I that's all I ever recommend right now. I I am a 100% with you there. I don't think people appreciate
[01:16:43] Unknown:
the complexity and the room to screw yourself out of your c out of your money by using multisig. It it it's a ginormous
[01:16:51] Unknown:
complexity increase. Right? It's literally exponential. People think it's small though. Like, it it seems like it doesn't seem like a lot, but there's just there's so many things that just go like, I look at some of the dumb thing, like, I I so I well, I I don't wanna describe what I did specifically, but I I did something with, my backup so I could have it sort of more available. So there was some superficial protection not superficial. Some strong protection against somebody just casually finding it, outside the passphrase. And I had I had sort of done it a couple times and tested it, and then I tested it one time and I realized I had duplicated one of the things on there in a way that I could figure it out, but I'm, like, I did this, like, 3 times and I didn't catch this simple mistake, and this is just sort of a simple single sig type of thing. I'm like, holy cow.
Adding small things just create a lot more additional complexity than people appreciate.
[01:17:43] Unknown:
It's a and and, you know, going back to that support question way, earlier in the conversation, husbands and then the husband dies and then, like, he left a super complex multisig setup that is incredible. It's so secure that the wife can't figure out. Nobody can. You know, I I I am a staunch believer that multisig should be done managed. Right? So you're gonna have a wallet like Nunchuk that will sort of, like, help you set up the multisig in very specific use case or, you know, Craig's solution is gonna use a similar solution. Ideally, like on Sparrow, like, you know, I understand you wanna let people be grown ups and set up all the stuff however they want, but like people make mistakes and they don't back up things the right way, so they do end up screwing themselves over. And I think a lot of the hate for single sig come from people doing, FUD ing, harder wallets really.
There is some actors in the space, they're like, the paranoia that they have against hardware wallets is completely uncalled for because it's provably wrong. Right? You can be provably wrong, right, if you do your diets, if you do all the stuff, and you could resolve that that paranoia instead of pushing noobs to do multisig with 50 CDs.
[01:19:06] Unknown:
There there's an interesting aspect that I just wanna touch on there, which is essentially inheritance planning, which is what you just mentioned. If you have a if you have a really complicated multisig and you pass away and whoever you want to receive your Bitcoin, isn't able to access it. That, and that is not unique to multisig. I have had, I've gotten messages at, you know, midnight from a friend. I'm going into surgery tomorrow. You know, my wife knows where my seed and my pass raises, but I told her to call you if something bad happens, it's free to recover it. And like, obviously that's not a great situation because she has, you know, whoever, whoever your air is, has the whole, the whole kit and caboodle. Now, if you have, a well oiled, you know, multisig UX, then if you're already trusting me for the recovery process, I could have one of those keys.
She could, she could still call me in that situation. I could still walk her through the setup, but I can't spend it on my own. She can't spend it on her own. Maybe you involve some other third party in there so that I'm not trusted. Right? So, like, all of a sudden, that inheritance issue could be mitigated to a degree and made more safer
[01:20:18] Unknown:
in a multisig setup. Multisig does offer some advantages in that inheritance situation. You know, the challenge now is that if you have access to the quorum set up information, right, the script and the xpubs, you can find out the the amount. Right, and you don't wanna share that amount with friends or family, right, you want to be blinded but you want them to be part of the recovery setup later. I think that's where Taproot is gonna really shine later on once we have like a proper MOSIG spec and sort of because then you can you can lower the threshold of those keys and you can come up with much more clever ways of blinding that that, those amounts to essentially the saving grace keys that are out there, the emergency keys.
Until then, you know, every time you do multisig with a third party, you're essentially doxing your your coins to that third party, which is a much worse attack surface than the security of the single sig, right? Because say we're friends now or or say, for example, you're a non Bitcoiner, you know, and let's say some bad guys assume that you do have knowledge over other people's money, you're now at risk and they could try to coerce you even though you don't have that to try to get that information on other Bitcoiners. Right?
This this attack surface is terrible. Yeah.
[01:21:44] Unknown:
I pressed up I pressed up by accident, to be honest.
[01:21:48] Unknown:
I've got a, just a bit of a counterpoint to the single sig pass pass passphrase argument. You know, getting back to the support queries thing, I get a lot of support queries. Well, when I say a lot, I mean there there's there's been a few people who have forgotten their passphrase and can no longer access their funds. And that's a really sad situation. You know? I mean, as we all know, people, lose access to their funds far more often than they get stolen. And, unfortunately, past phrase phrase phrases are generally considered something you need to keep in your your head.
And as we know, humans are really bad at keeping things in their head. So people, you know, forget them, and then you kind of have to say that, you know, they're they're just panicking and freaking out in the support chats, and and, you know, you just gotta say, just calm down, Try the all the different options. Take your time, it's gonna take many hours, but you know, you'll eventually get the right one. I gotta gotta say, I don't love passphrases for that reason. I I really do find that they have a major UX challenge there.
[01:22:58] Unknown:
You know, what I normally recommend people, especially sort of noobs with a lot of money is to pick, essentially 12 words, out of the BIP 39, namespace, and back use those as the passphrase and bake those into a metal plate as well. So you put one metal plate to the seed somewhere, and then you put the passphrase seed plates elsewhere. Right? So now you diminish the risk of 1, you don't have to remember anymore, right, except for operation, but also, you know, you don't have a challenge with people having complex passphrases using, you know, like a larger character set that could also be not supported by a different hardware, and and they do have a nice backup for that. Hey, Rodolfo. I I agree with that strategy,
[01:23:54] Unknown:
but actually hardware wallets present a problem there because I I I actually agree 100%. You're I I think a passphrase should actually be a part of the word list. I think that's just a seamless way to help support backup, and it it just makes sense. But it's really hard to enter that many characters on a hardware wallet, so people just aren't gonna do that because the UI and hardware wallets is just painful to enter a large number of characters for a passphrase.
[01:24:23] Unknown:
Yeah. I don't disagree with that. You know, I'm of 2 minds on that. One is that's a good thing and the real money should not be easily accessible, should not be fastly typable. You know, like for money you need to actually transfer, like all the time, then just use a phone wallet, use something else, use, you know, non passphrase, wallet, hardware wallet, whatever. Like, there's a million ways for you to do that. But then for the the real money, you want to be in a position where not even you can transfer that money in less than, you know, like, 10, 15 minutes typing.
[01:24:59] Unknown:
I I think that's actually a security feature. But then you have a separate issue, right, which is you have an issue where people, they don't touch their savings for, you know, a certain amount of time. We go through a bear cycle, then it's like 5 years later and they're not comfortable at all of using their using their funds. Maybe the funds are up 10 x, 20 x at that point, and they have no idea what they're doing. Like, they just like, there there needs to be some level of familiarity there. And, obviously, it gets solved if you have a separate wallet that is easier to access. It's not your savings wallet, and you're using and spending Bitcoin all the time or you're getting comfortable with it, but most people don't. And I do feel like there's a bit of a disconnect. I think Ledger does a pretty good job with this, but there's a bit of a disconnect between pragmatic options, versus overly secure options. I think SeedXor is a good example of a pragmatic option that you've implemented on cold card. But for just for an easy example here, you know, when it comes to really close friends, when it comes to people I went to high school with or college with that are that are not, you know, very proficient with using Bitcoin, but they've heard me just harp about it all the time, so they end up doing it. There's been so many situations where I just have their full seed in front of me, you know, where they just put it in front of my face because they won't recover their funds unless I have that that thing. Like, I, like, I can completely own them, And and there are probably little pragmatic things we can do to prevent that from being the end result. Right? From that being end result in reality.
[01:26:31] Unknown:
My overall recommendation, like, would be to keep it simple and stupid. Because when when you have a look to the numbers, I think we have plenty of people who just lose the access to defense because they, they set up a too complex methodology. Either that was something with with, with multisig. Either they they lost their passphrase. And, again, you you don't really you don't really improve security if you if at the end, you lose your fence because, because your your setup is not is not usable anymore. So I remember a couple of years ago, there there was some debate on, Twitter with Michael Flaxman, for for instance, like, that hardware was not were not secure enough, and you you had to, to use a multisix setup and so on. I think we are we there are plenty of people who just lost money because they've listened in.
Yeah. I think this is this is a mistake. We we we need to have, like, a simple setup. After that, it depends if you are a financial institution and so on and you need governance and so on, then it's different. Then you need some some some rules. Using a multisig can make sense. And, and and, by the way, there's are some steps which are often requested to to us. But again, there are very few people, who who use them. We we are working in, in implementing a mini script, by the way. We will release it in a couple of months. I think it's, it it will be ready in on October. So if you want to implement some, like, enhanced governance, this is the tool you need. But for, like, 99% of the users, don't choose MiniScript, don't choose, Multisig.
And even passphrase, think about that. If you lose your passphrase, you lose your friends for forever. So you have to, to think about your threat model, but also to think about what happens if you lose your, passphrase. So this is a there's a there's a lot of stuff, to to be, to be taken into into consideration.
[01:28:42] Unknown:
Yeah. You know, one of one of the biggest issues I have with the with the conversations about wallet, on Twitter and and some of the other sort of, like, chat systems where Bitcoiners sort of, like, bitch and and also cheer for things that they like personally, is that there's this sort of, like, all or nothing, sort of like view of of of of security. Right? And and a lot of times, most of the people giving opinions on these things are not people who are capable of giving an opinion about these things. And you know they're very sort of like a strong opinion about security where they don't fully understand what's going on under the hood. And you know, I I really think that as as an industry, like, one of the best one of the best things we can do is push people to have more than one setup.
You know, like, is for them to have a spending wallet on their phone, a very easy moon wallet or something like that. Right? And then have a middle ground place where, you know, they have their sort of like more money but not all the money. Where maybe maybe is a passphrase wallet, maybe is not. And then they have their deep cold stuff where it's like really is the money under the mattress. Right? Where where they do have a different a different they need to have a different view on this as as, like, don't don't put all your eggs in one basket and and and don't don't listen to people who tell you to put all your eggs in one basket either. Right?
And and also don't listen to overly, like, expert opinion. Right? Because, you know, like, I absolutely love the questions that that Flaxman open up. Like, it was actually a lot of advancements that happened in Multisig because of the questions that he did open up. But the problem is Flaxman is a wallet developer. Like, you know, if he screws up his system, he can go and code his own wallet to redeem those coins, right? That's true. And the challenge is with his design choices, like the average person would be completely screwed. And we had conversations about this publicly too and I find it's like you as an expert is very easy for you to see all the flaws and everything, but you're not necessarily measuring, what are the chances of stuff happening for 1, and and 2 is how people are gonna screw themselves up because you wouldn't screw yourself up. Right?
So so that's sort of like just how I view that that that specific time in Bitcoin space, when, when multisig was sort of like coming forefront because of the was a 10 x improvement security paper that, Flexman wrote.
[01:31:42] Unknown:
It's sort of funny. There's the reverse of that almost with the air gapped PC where the layperson it looks so easy and simple. I'll just you know, where the the opposite is with multisig, but yeah. So people just I know this is one of the topics, and I
[01:31:55] Unknown:
I just No. Bring it up. This is a perfect time for it. I just shake my head
[01:32:01] Unknown:
at people with the air gap PCs. They they just think that it's something magical and easy. Oh, I don't need a hardware wallet. I just plop this PC down and turn it off turn the network, card off and I'm done. It's just I I just and they're like, well, how could this possibly be hacked? Like, one guy just asked me that recently. It's like, please explain this to me. I just don't understand, and I I almost don't even know where to start. I'm like, you clicked download Ubuntu, right? But there was 3,000 other things developed downloaded from from repositories that other people were maintaining and developing. I mean, it's just there's so much happening and people just don't appreciate it. I mean, you know, computers were designed for you to answer email and go watch porn.
[01:32:45] Unknown:
You know what I mean? They're not designed to hold secrets. They can't hold secrets, especially modern OSes. We're talking about tens of millions of lines of code that are not like, you cannot audit that And that's not even getting to the hardware. Right? Like so so let's say you use Tinfoil OS. Right? Like and and Tinfoilos was like, you know, reviewed line by line by Max, by, g Max. Right? Like, you have a team reviewing line by line of every single thing that the computer does. However, now you have another problem which is the hardware. Every single little subsystem in that computer has closed source hardware stuff running on it, and it's all remote upgradable.
[01:33:34] Unknown:
Well, like, let's take the Trezor, like, example. Right? So we pick on Trezor because they, you know, don't have a dedicated secure chip and it's sort of easy to fault the ST chip to get it to do bad things. Right? Well, in a PC there's 50 of those chips in the PC, all of which can be faulted in the same way, if not easier than than the Trezor, we'll click on Trezor, but the STM 32 just generically. I mean, people just, you know, because all the chips are wrapped up in this box, they don't realize how much is going on inside that box.
[01:34:09] Unknown:
Yeah. A traditional device is, like, 100 times more, secure than, your gapped computer. There was there was no debate about that. Like, the attack surface of a computer, even if it's a gapped, is wide. Like, you you have to to think about that. It's a Swiss cheese. Yeah. Definitely. Definitely. And, if you want to to take an example, like, Al Iranian sent refuge, like, 15 years ago, I think. They were they were completely gapped in, secure, premises and so on. And then the American with, Israeli secure, secure services, they developed TextNet and TextNet broke the Iranian centrifuge even if they they were a air gapped. I I just want to say that there was no magic, with, with air gapped thing. So, yeah, Stuxnet was this thing.
[01:35:04] Unknown:
So, guys, with this going on, why do you think we are not seeing more software wallets getting hacked and people's funds getting taken. Because, presumably, you know, it should be happening every day. Right? We should be hearing about this every day. People should be jumping on Twitter saying, I lost all my funds. I don't know what's going on. And then someone says, oh, you have a virus.
[01:35:25] Unknown:
Why is that not going on? It does happen. You won't hear it. It does happen every day. And and for now, I think it's also a matter of opportunity cost. When if you are an attacker, it's, like, far more easier to fish people, to scam them. Just you you just tell them just give me your 24 words and it works one times over 10, and then it's easy. You don't have anything complex to do. So for now, this is mostly a matter of opportunity cost cost of very, like, advanced attack versus,
[01:36:01] Unknown:
versus a scam or fish. Well, remember. Right? Like, this is also an install base problem. Sorry, Matt. This is also an install install base size problem too. Right? So the amount of people putting their seeds in a computer is tiny. Right? Majority of people who do who do use their own self custody solution do use hardware wallets, but the great, great, great majority of users have their coins on Coinbase. Like so, you know, like, you just don't have a lot of people doing these stupid solutions that get sort of, like, recommended on on on Twitter, for for people to do the air gaps sorry, the the air gap laptop.
Sorry. One more thing is is the same for the Raspberry Pi based hardware wallets. It's like it's idiotic, that that, like, you cannot protect that OS. So you cannot protect that firmware, and and, you know, you may not see attacks while this this install base is tiny, but as it grows, you will, and people won't know what happened. And most of them may not be even on Twitter, so they won't go complain there.
[01:37:12] Unknown:
I just wanna add here that to me, it seems like most people get compromised through phishing. And from a newcomer perspective, the single biggest advantage that a dedicated hardware wallet or hardware signer does is I'm able to tell them when they get into it, that they should only enter their secret backup words. That's what I call the seed to them into the device, that one single piece of advice. And that one part of the UX flow that you you enter it directly into the device rather than entering into your phone or into an email or to a computer saves a shit ton of people.
[01:37:49] Unknown:
Yeah. It's good hygiene. Right? Like, having single purpose devices forces users to have good hygiene and including advanced users. Right? Because you can be the most advanced person, but when you're dealing with your accounting and dealing with your, like, other stuff of your business, you might have your programmer brain turn off and make a mistake as well. Right? It is surprisingly easy to make a mistake with this stuff.
[01:38:16] Unknown:
Yeah. And it it makes me think about, like, a large scale attack that we we that we saw a little bit in the past. Some people are just taking pictures of this of their seed and with their phone. And, yeah, it's, unfortunately, this happens. Yeah. This happens a lot. And in the past, there were some some random, application on Android, which, just request, the right to access to to your your photos, and that's it. They scan them. And as soon as they they they, they find seed, they just send them to the other cars. So this happens every day, Craig.
[01:38:53] Unknown:
Well, another one on that is, like, remember when they were preloading hardware wallets on Amazon with a seed? Remember they were ledgers and Trezors. Right? You know, you guys have a bigger install base, so they were just putting them for sale on Amazon for cheap. First was eBay, but then it was Amazon for cheap repackaged, and users just don't know. I mean, even even us going through the extent that we go with the security, I mean, the the user is still sort of like the biggest, security hole.
[01:39:23] Unknown:
Yeah. It's it's it's a big challenge. As a new user, you don't know what to expect. So you receive a scratching card, like, with a prefilled, seed, and you don't know what to expect. And you think it's normal, and then you just load your Bitcoin on it and that's
[01:39:38] Unknown:
it. You know, one note on the on the air gap stuff. You know, one thing that I love about the air gap stuff is that it sort of essentially saves you from unknown unknown. Right? Like, we were talking about, we just don't know if the device has a bug that's exploitable or, you know, or the the manufacturer is malicious or something has a backdoor on it. And if you're not connected, you remove the synchrony, synchronous of the attack capacity. Right? So the attacker would have a much, harder time to to remotely access it. And, you know, USB is a shitcoin.
But, yeah. Sorry. So so Charles needs to step out, in was it 10 minutes or so? If you guys wanna keep on going, there is other things for us to talk about, but, you know, it's all up to you guys.
[01:40:28] Unknown:
Do you guys wanna do the air gap a little bit more? I I do have I wanna get you and Charles in a in a fight here because I I do I do have a Go for it. Some thoughts on SD card and versus USB connection, which I think is sort of interesting. I'll give you sort of my you've heard this before Rodolfo, but, the benefit of the cold card, right, is you can do USB less. Right? You can just do SD cards to physically transport the the PSPTs across the air gap. Right? But and then you mentioned this, you know, the attacker's synchronicity. Right? He he can't he maybe can modify the PSBT and but it's physically transported over that barrier by a human.
Now, I I do have one thing there that I brought up before is SD cards aren't just physical media, they are actually microcontrollers. So the hacker can actually insert software on the SD card and when you plug the software when you plug that SD card into the cold card, it can do stuff, Right? It could do things like you could maybe drop a file on it on the computer, but when it gets plugged into the cold card, it shows the cold card different files. Now, obviously, the user can, you know, verify addresses and catch it there, but there's other things it could do. It could try to exploit protocol errors in the SD card interface with the thing. Right? So there's the attacker has a small microcontroller that he can attack with. Yeah. No. I I completely agree with you there.
[01:41:56] Unknown:
I think that because, like, essentially, like, nothing is fail proof given enough resources, enough time. Right? That's that's code card reads a drive. Right? Like, the way Coldcard is looking at that micro SD, it is a substantially smaller, surface and purpose. Right? So we can audit that, we can look at that, and try to find paths in which, you know, attacker could try to exploit that. The amount of people out there that can insert, you know, malicious firmware on a micro SD is much smaller than the people who can do malicious things with USB. Right? I mean, USB is an absolute clusterfuck.
It's huge attack surface. What's nice about what Ledger does is that Ledger is using a secure element that is designed to handle things in a very narrow way too. Right? You guys are probably using CBOR or something like that to talk back. So the thing is, you but you're still connected, and that connection matters because if you are trying to do a remote attack, you want feedback. Right? Like, is this working? Try this other thing. Is this working? Try this other thing. Oh, did you get something? Oh, you need to go there to get it now. You need this other bug to happen in order to extract. Right? So there is this very long list of things you're gonna probably need to do to pen test it. Now if you're not USB, technically, you could have the software trying to do that, and and then there is the bugs. Right? You could have a bug that has a hole on it, and then boom, gone. Yeah. I I'm really curious to hear Charles' thoughts on this before he goes because so I'm really interested.
[01:43:39] Unknown:
Yes. Yeah. Sure. When when when you have to sign a transaction, at some point, you need to communicate with the blockchain. There was, there was nothing like those worlds are completely separated. You need to bring some data from, like, the blockchain to your signer, sign it, and then bring back this sign paid up to the blockchain. So when we say a gap or something, this is just a matter of channel. What what does your your channel look like? Is it complete? Is it SD card? Is it USB? And then we can discuss. Then this is about, like attack surface.
So your thesis is to say, like, the SD card attack surface is simpler than USB. It can be debated. I don't know. USB is large standard. You you agree I agree with you, Enrique. This is large standard and if you try to implement the the standard overall, there is some area to to to do mistakes. So what we do is to implement a very small subset of this tunnel. And when we implement USB, it's implemented on another microchip. It's not implemented in, the secure element so that you have, like, another layer of of another layer to to to to do this this communication. And the attack surface of the secure element itself is, is less, is is is not bigger because of because of USB.
But, Adrian, what what I want to say, there was no perfect solution. There there's plenty of trade off. And when you choose SD cards versus USB, you in terms of UX, it's clearly, less for less convenient and it's it's yeah. The the UX is is, is better with with USB. Does USB have a lot larger, larger surface? Maybe. Maybe you're you're correct with that. But I think the trade off is, is better in terms of UX, and this is, this is the one we, we choose. But, yeah, I I I will review. When when you implement USB, you have you have to be very careful. You have, you have to limit, what kind of USB standards you you you implement, and then you have to to to do penetration testing, verify,
[01:46:10] Unknown:
how it works and so on. You know, what's nice about, like, this new standard for PSVT is that we no longer need to take arbitrary data in or arbitrary formats in to, to to operate with. Right? So you can be very, very picky about which data bytes really you are you are picking in and you're letting in to sign. Right? It's not like we're, like, you know, executing stuff from my micro SD card too. Right? So it's, you do reduce there. But, you know, that reminds me, way back then there was a a power differential analysis attack on a Trezor and they were able to read the Trezor calculating keys and able to leak out the keys.
So so, you know, it just goes to show. Right? I mean, like, the stakes are very high. Right? So, like, how you find the straight offs, and how we derisk each solution really is really is the challenge there of of finding a good security sort of set for people. Yeah.
[01:47:23] Unknown:
I I would have to I would have to jump now. Yeah. You need to go. Right? Yeah. Yeah. That was a great discussion, sir. Thank you. Thank you very much for having me. Maybe we can continue the discussion in the in the next episode. Thank you. Thank you again. It was a pleasure. Appreciate you, Charles.
[01:47:39] Unknown:
Thanks. Bye, Charles. I I really appreciate you guys coming and, may may we'll do we'll do this again, Charles. Don't worry. Yeah. Cool. I'll let you here. Thank you, guys. And then, if you if you if you guys are still game, we can keep on going.
[01:47:55] Unknown:
I can keep going.
[01:47:57] Unknown:
Yeah. Sure. Happy to. Cool. I have a few more minutes, but not not forever.
[01:48:02] Unknown:
Okay. Yeah. No. It's just like I I just love the fact that we can have, like, a bunch of, like, different people from the industry in a non contentious sort of environment to sort of, like, just talk shop, you know, and sort of discuss the challenges and things we have and sort of where we can go. I don't see a lot of that out there. So, yeah, thanks for for being here. Okay. So, what do you guys wanna talk about next? Do you wanna talk about BIP standards and things like that, since since that's timely?
[01:48:34] Unknown:
Sure.
[01:48:35] Unknown:
So I guess, like, just generally speaking, the BIP process, for people who are not academic is is a challenge. Right? I mean, people like us like to go our own way and build things, and and sort of, like, have the least amount of input from others, based on our design choices. But standards are the magic that makes all the stuff work between each other. Right? And and there is a good xkcd cartoon about, you know, the best standard is all is this next one that's gonna solve everything else, right? So standards are about compromises, and right now we have one that, Craig, proposed.
So, Craig, do do you wanna talk about your your last, BIP proposal?
[01:49:22] Unknown:
Yeah. It it may very well be the last one that I ever do. I know you didn't mean it that way. No. It's it's, it's basically a, format for Warts to be able to export their labels. So right now, as we were talking about earlier, we can export, you know, the funds from a wallet just by using the seed seed words, but we have no standard to be able to export labels from a wallet. And those labels can contain a lot of valuable information. For example, you labeled your UTXOs to show where they've come from, and then that allows you when you spend them to determine whether you are linking UTXO's that may be giving away more information that you would like to. So, you know, there's a lot of value to the labels, and currently, they're quite siloed within different different wallets.
So what I was trying to do here, and to be honest, I pulled off this task for about 6 months because I knew it wouldn't be much fun, is to, you know, come up with a a BIP that just really just sits sits down here as a format to export the address labels, the transaction labels, and the input and output labels from a wallet. Unfortunately, I think it's probably the one of the most bike shedable, bips that you could ever write. You know, everyone has an opinion on something as basic as, you know, exporting, what is basically just a a map or a dictionary of of kind of the transaction ID to the label or whatever it is.
But what I was guided by when I was trying to do it was just the idea of trying to build something for users as opposed to building something for devs. And that led me to and I I didn't actually get here at the start, but I it led me to the CSV format, which is, you know, in some ways not ideal, because it is so, you know, so long in use has been exposed to, you know, different ways of doing it over over time. But it's just some something that everyone can use. Right? Everyone knows how to fire up Excel, and load a CSV in it, and that kind of gives everyone access to their labels outside of a wallet. So, you know, that's what I'm trying to do.
Hopefully, you know, we managed to get a standard across the line which retains that kind of, user accessibility. And that's, you know, that's also what I'm trying to do when I'm saying, let's if we want to make these labels more secure, which obviously they should be because they contain a lot of private information or is privacy sensitive information, You know, let's use a zip file because we can encrypt that. Right? So it's, again, a tool that in some ways is not ideal because zip files used to support relatively insecure encryption. But there's a way you can use them with strong encryption as well.
And if we can do that, then we can if if effectively give somebody a file which is in encrypted state at rest. And that just means that we don't, by default, have everyone exporting files which contains lots of privacy sensitive information that's just sitting around in hard hard drives, which obviously we're trying to avoid. So, you know, that was the kind of the design thinking that I had when I went into this. It was just trying to create some some something which allowed people to get their labels out of one application and into another, and secondarily, to be able to edit those labels in an application outside of a wallet. So, you know, integrate them into maybe their personal accounting, if it's a business, whatever business process that they're in. And I was kind of guided here by some of the the kind of professional users that Sparrow has. You know, those guys want to be able to, you know, manage and do their sort of work, in applications outside of the Sparrow Wallet. So yeah. So that that was kind of my my thinking on it. Obviously, when you submit a sort of a a a proposal like like that to a very developer focused list like Bitcoin Dev. You get a lot of views on why CSV is bad, why zip files are bad, and all of those kind of things, which I don't. You know, they do have down downsides, and they are always a better tool for the job.
But that tool tends to be very niche. And that just means that, again, those users don't get access, outside of, you know, one wallet application to the other. So that's, yeah, that's kind of what I'm trying to do.
[01:54:01] Unknown:
I I think, I mean, like, Electrum has had this issue for millennia. Right? I mean, there is a reason why, like, nobody used Core as the wallet after Electrum came out. It it did have labels, exportable labels, and and I think what you're trying to do is something that's extremely necessary even though it's technically so silly in a way. You know, this is not like you're inventing, like, some major thing that could cause some major problems for Bitcoin. Right? This is just a standard for labels. And, you you know, parsing CSVs is is very tricky. Right? That's why I think a lot of devs have an issue on the list about, CSVs.
But, you know, as you pointed out, there really is no other open format that is widely importable by consumer software. Right? I mean, you know, I do this monthly. I have to submit, like, I have to to put all the Bitcoin stuff into the accounting software. Right? And the accounting software does import CSV. What it does not import is JSON. Right? So, you know, as much as JSON is sort of like a great machine readable format, it is not human readable. So I I don't you saw maybe my reply there which is, you know, I personally have big doubts that most people will go, with the proposal as is just knowing the the the cat herding that would be there.
So, I mean, I think that having a format for import and export between wallets, with JSON and then, you know, just having a spec that most people export the CSV as might be a higher chance of getting a BIP going. I think that the ZIP you brought up, it's true. 7Z does support strong encryption as well, and it is supported by most systems, so maybe that helps your proposal. But, yes, I mean, you know, Zip, at least it's it's familiar to people, but I think most Zip clients do support 7 zed as well. Yeah. Yeah. It you'll be tricky.
[01:56:25] Unknown:
Yeah. I mean, I think, you know, one thing that I learned is is that, you know, CSV is actually defined. There is an RFC, for it. And if you follow the RFC, which my proposal now mandates, then I personally can't see how you're gonna end up in some kind of pausing hell. Like, you know, it's just, that's not to say that, you know, clients who implement the BIP will follow the BIP. They might, you know, do some something wrong. But at least, you know, if you follow the BIP and you implement the definition, which, as far as I can tell, is also what what is supported and implemented in Excel, in Numbers, in LibreOffice, Calc, you know, all of the sort of platforms, they all kind of follow this RFC as well. Then I think CSV is actually fine. I don't actually think it is the issue that I thought it was, when I first posted this to Bitcoin Dev. So I'm kind of, I'm kind of hoping that it's enough to get over the bar because I think losing the ability to export and see a CSV and we just go back to sort of a JSON, which would be easy, really just deprives users who don't really have much of a voice in this, to you know, from being able to sort of access the labels.
You know, then they have to rely on, hopefully, the wallet building some kind of a CSV export in addition, which which obviously is not ideal. So, yeah, so I'm kind of hoping that CSV is actually okay. But, you know, one of the things that I'm not sure of, this being my first BIP sort of process is, you know, how do you know that you're you're good? Right? How do you know that people have kind of gotten over the line? I'm not actually sure.
[01:58:15] Unknown:
You know? I have a couple comments on that. So I I don't disagree with you at all. The CSV could be workable by machine readable. I I agree with you. I just think you're gonna have a very hard challenge convincing other people that CSV is okay for that. Just knowing like, being experienced experiencing this crowd a little bit. And I think a lot of them will have a problem with the actual FC. You know, it it just might be like a a path of high resistance that may not be overcome. But just generally speaking about BIPs, there is no formal formal process, but it seems that the tradition is to, you know, you propose your bIP on the mailing list.
You know, let's say, let's say, you know, it's not super contentious or it is say say it's mid to low contention, right, which I think it's where you are at maybe. You know, maybe then what you do is you go and you submit the BIP to the actual BIP repo, right, asking for to be assigned a BIP number. That's normally where the people who are more high stakes in the game start to have an opinion, for things that are not too contagious outside, and and these are people who often actually care about the code and and be a little bit more skin in the game as opposed to just people replying on the mailing list. The mailing list sometimes can just get in the way, and and there is no, like, written requirement that it has to go through the mailing list to then have a a number assigned or or wait for a number, to be assigned on the BIP thing. Right? Remember, Bitcoin, we don't ask for permission.
Now when you're trying to create a standard from the social perspective is you want to have buy in. Right? Because you can create an amazing standard, get a BIP assigned to it, and nobody ever uses it or adopts it. Right? I mean, PSBT bit point 74 was never used before Codecard. Right? No single implementation of it was in use by users. So great, somebody invented PSPTs, but, you know, what's the point if there is no buy in? So I think the part that the majority of the engineers who sort of submit BIPS or want a new standard for something disregard or don't put enough effort into is go knock on the doors of other similar clients, or talk in private with a lot of people before submitting a bIP to the list or submitting a bIP for a number.
So because if you do a little bit of the legwork of selling a standard, because that's really what it is, right? You have to sell a standard. You will find that, you know, people are just either caught off guard or they just go immediately into, you know, I don't like the implementation, as opposed to, you know, I've talked to Craig in private or I've talked to him, you know, we've discussed in this conference and I can understand why he wants to do this in the way that he wants to do. So maybe I will either sort of, like, be less picky about some some part of the standard that may not be my preference. It's not necessarily wrong, but it's not my preference.
Or I might just abstain from the discussion and not sort of like add more to the contention. So I just think that, like, in Bitcoin, the most successful stuff or really in any open source software is is for people to find outside of public discussion consensus or buy in, before sort of suggesting something. Maybe maybe that would be, where I would start.
[02:02:05] Unknown:
Yeah. I think that that's good advice and kind of I reached the same conclusion myself, is to kind of at least get other wallet devs to kind of agree. You know, I'm not I'm I'm obviously hoping it ends up in a certain way, but the primary goal is really just to get wallets to be able to share labels. You know? That is that remains the the the sort of goal here. So, you know, if I come up with something and and nobody else implements it, well, then that's failed. So, yeah, I mean, I guess part of it is is talking about it here, and I'll keep on doing so. And, hopefully, that's that at least that first goal, we can reach,
[02:02:48] Unknown:
because Yeah. I mean, it's a it's a you have to be relentless in the sales job. Right? Yeah. I mean, you you just need more people that want the standard, even if it's not their preferred implementation because it would never be. Right? I mean, that's the very definition of a standard is a set of trade offs that most people will agree to use.
[02:03:09] Unknown:
Yep. Agreed. Agreed.
[02:03:11] Unknown:
Thanks for that proposal. It would be very useful to me.
[02:03:14] Unknown:
You're welcome.
[02:03:17] Unknown:
Lazy, do you do Lazy Odell, like, do you guys have any any, comments about this?
[02:03:22] Unknown:
I hadn't really looked at it prior to this, so I don't know if I have anything too intelligent to say on it.
[02:03:27] Unknown:
I maybe we lost Matt.
[02:03:29] Unknown:
No. This this is the first time it was on my radar, though, so I have nothing to add here.
[02:03:34] Unknown:
Cool. Alright. So, what what else do you guys wanna talk about in regards to wallets? Any any specific topics you guys wanna bring up? I want to bring up, while we have Lazy and Craig here,
[02:03:46] Unknown:
the thoughts on the trade off of the taps on or not having a screen.
[02:03:50] Unknown:
That's a very good, it's a very good, question or statement there, and I'd love to hear, Craig and and Lazy, what what are your opinions about this different type of set of trade off device?
[02:04:05] Unknown:
I I think the concept of managing lesser funds with something like that generally makes sense to me, so I I I don't have any big problem with it. But I sometimes you just gotta gotta think it through a little bit more and see if we're really adding anything. So is the TapSigner always a multisig, or can you just go through the TapSigner architecture, Rodolfo?
[02:04:28] Unknown:
Sure. For usage usage? Yeah. So so TapSigner is is is very, very simple. Right? The the the invention advancement here was essentially, what we did is we have a Java card, right, a secure Yep. Chip there, you know, of of sort of, like, Mead grade kind of thing so so that you could achieve the cost that you want, and it also means a lot less memory too. And we built the Bitcoin stack in there, right, the signing capabilities, but we built it to the extent that we could in the limitations of the hardware, which means, the the tap signer is essentially a a key holder, right, master a master, secret, and what it does is it takes messages, digests, and signs it with a Bitcoin signature.
That's that's all it does and it can do, and that's all protected by a PIN, which is also user changeable. Right? This means that essentially what you have is a a little device that when you give it any Bitcoin related thing, it will just sign provided that the pin is correct, right? Now use cases for it that we initially see and why we made it was 1, to start taking seeds off of phones. Right? Because phones are becoming progressively less secure, and also if you go to developing world as Bitcoin starts to take hold people are gonna get physically robbed on the street and be forced to sign a transaction out of their funds. I mean, I grew up in Brazil. It's exactly how it works with everything else. As soon as the bad guys find out that you have a thing that they want, they're gonna start robbing people on the street. And if they know everybody has a Bitcoin on their phone, they're gonna go and force the guy with a gun to their head to to take the money out. Now with the Tap signer, at least the key is not on the phone, so you can either leave it somewhere else, right, so when you leave your house with your phone because you don't actually have a computer, you have a single computing device in your life is your phone, you can leave your tap center at home, so if somebody robs you, it shows right there on the UI, there's no key here. So that's a huge improvement for these people's lives. Yeah. So I'm just thinking through just the security implications. I mean, it's
[02:07:01] Unknown:
basically, if the phone is completely owned by the attacker, he can just fake everything and your device will just sign whatever it signs and you'll send yourself the money. But that's not a standard attack. Usually, a phone is not completely controlled by an attacker and at the same time in your possession. Correct. Typically, right, a phone's gonna be stolen or something like that, and they're gonna have to do an attack at rest. Right? The the data you you haven't typed in your PIN. It's not just gonna sign anything, and they probably don't even have both devices, but even if they did, everything's at rest and then your setup provides relatively strong protection and that's probably the most common form of attack people experience.
Exactly. So just generally I mean, just that simple general thinking on it. I think it's a it's a fine trade off as long as people understand that this shouldn't necessarily be life savings money. This should be spending money, and I think it's completely
[02:08:02] Unknown:
acceptable to our marketing. Clear about that, right, on the marketing as well. And and the other part of that is people forget that, like, in in developing world, maybe their life savings is $500. Right? And a hardware wallet costs a 100 plus dollars, so it is economically impossible for them to justify a hardware wallet for those $500 life savings. Right? So at least with the TapCigner, they're increasing their security with trade offs, right, to achieve a developing world cost of security. It's kind of like the, you know, your bike lock should be relative to the price of your bike.
[02:08:41] Unknown:
So Is there a backup
[02:08:42] Unknown:
capability for the Tap Signers Yes. Stuff? Okay. Yes. So the way we do it is the we can we can encrypt the private key AES, right, with a key that is physically etched on the card on the back, but you cannot export that backup without the PIN. So that means you're never in a single sort of point of failure scenario in terms of usage. Right? So when you set up your Tap Signer, the the wallet software wallet ideally would ask if you wanna back it up. Right? And if it does, it's gonna say, okay. Just put your PIN and then it's gonna say it's gonna send a message to the card saying hey give me the encrypted private key and then they, you know, if the pin is correct, TapCigner gives the encrypted private key, you can store in your Icloud or whatever. Right?
It's very strong encryption. I'm not very concerned, especially for this level of funds. Right? It's better than anything else this person that cannot afford a proper hardware wallet would be able to get. So the recovery method is Yeah. So the recovery method is simple. Right? I mean, it's essentially you can, you you just decrypt that file that that you start in your cloud somewhere else or or you give it to your nunchuck or whatever. You give it the the actual AES key, and you can sweep the funds. Right? One one more question on that. So the AES key is backed
[02:10:04] Unknown:
up where then? So you have you have sort of the encrypted content in the cloud Yes. And then the key is it a word based key or is it like a hex string type of thing? It's a hex on the back of the card. Okay. And so if you've lost the card, you're out of luck unless you wrote that hex string down somewhere else. So the the normal methodology is Icloud, backup of the data, and then write the hex string down on a piece of paper and keep that at home. Something like that. No. I I mean, the card. Right? I mean, the card itself, the chances of you destroying the card are much lower than destroying paper. Right? Yeah. Not destroying it, but losing it losing it. Right? Like, you know, somebody steals your wallet type of thing. Exactly. Yes. But but the concept is that's the money and maybe you don't. Exactly. You just accept that it's lost. So backup of the actual key would be less common in your opinion. Oh, yes. Exactly. Right? I mean, the the the limitations of this target market are very severe in terms of of, like, cost,
[02:10:59] Unknown:
knowledge, and and also economical capacity. Right? So so, you know, like, yeah, sure. Piece of paper, write it down, an extra, like, string there. You have it. You know, you're in a much better scenario now, for that very limited cost of security. But then what's nice because it's a general purpose message digest signing device is that you can use this for a lot of money with multisig, for example. Right? Because the device doesn't have a screen for you to verify, right? So you're not going to rely on that and you're not going to rely on the client software to not lie to you in that scenario but because this is a resilient platform, you could use this as one of your backup keys, right, or one of your fast keys that you just cosign, but you don't necessarily do the original verification of transaction proposal, right, or better yet is the second signing key. So Matt Matt holds your cap card of your funds. Exactly, exactly. Right? Sure. And and that sort of, like, makes it very easy for you to enter that space. So in that case, then you really do want the backup. I I mean, I I always think 2 of 2 multisig, so you would really wanna backup in the multisig case with that. Yes. You can do more. Right? You can do 4, like 2 out of 4. Oh, I hate I hate those types of multisicks. I know, I know you don't like it, but in this scenario, maybe you do because you'd have 2 cards together somewhere in a in a safe or like 2 separate, sorry, 2 separate places for those cards, right? Because the the cards are very resilient in terms of like weathering and all that stuff. So Yeah. Maybe maybe that helps.
I think most people would just use one for that scenario,
[02:12:43] Unknown:
but, you know, or or maybe this is a a company thing. Right? Like Yeah. Think of it as a company thing. Multiple cards make sense. But, like, an individual for me, I would give Matt the the physical well, I I just so I'm just thinking this through on the fly. Mhmm. I'd almost like a version of card where the key that that AES key on the back is like a sticker and you can either leave it on the card or you can peel it off and stick it somewhere else. So I'd almost like to give Matt the card. I peel off the AES key. I keep that at home. I can recover this card if if need be. But Matt has the card which he has no ability to I mean, obviously, he'd have to have access to my Icloud.
[02:13:24] Unknown:
So I just wanna say I like that I'm the universal uncle Jim in this. Yeah. I know. My Matt Matt is holding the bags, the the the last bags. Uncle Matt. We're just gonna call it uncle Matt. Screw the uncle Jim part of it. You know, you did give me an idea, Lacey. I'm gonna actually so so the antenna does not span the whole, size of the card, so what I'm thinking because right now, just for for resiliency, we print we print, we etch, the the keys in 3 places on the card, right, like around the edges, on on three edges, so so that just there is less chances of screwing up. But what I'm thinking now is maybe I could draw on the card where to cut and put the c the the key below that cut line. Oh, yeah. I like that. So if you do want, you can just cut that off from the card. The card still works, and then you can just put that to the side. That that could be a fun little, different experiment for this. I mean, that does add complexity, more confusion, and everything, but I don't think it should be disregarded as an
[02:14:32] Unknown:
idea to pursue. Yeah. I mean, I I really like that idea. I think I think, yeah, loss of the card, I think, would be something relatively common just because it's sort of a a small inconspicuous thing. You can fall out of a wallet. You lose your wallet. Yep. It'd be cool to back up or the Uncle Jim scenario.
[02:14:47] Unknown:
Yep. I know. I like that. And then the Sats card is a variation of that, right, where it's essentially bare instrument, so that doesn't matter. Whoever has the card has the money. Right. So the security sort of trade offs are not as important really. Yep. Agree. Yeah. Craig, what what are your thoughts on this?
[02:15:06] Unknown:
Yeah. So, I mean, I don't have a great deal to add add here. You know, I think it is a very decent option for those who are not looking to store too much funds and are, you know, not able to afford, something, you know, which costs a lot lot more. You know, something, you know, that I've actually consented, which is sort of similar, you know, in in a very, kind of low tech way is actually just, you know, some kind of a system where you have a multiseg of seed seed words, no devices. And in in a sort of a village, you maybe have, you know, the different elders of of the village, each have their own seed, and they can kind of control the sort of community immunity funds in that way.
You know, there's there's definitely something something there, and I can see how the TAP signer can, work in that such situation as well. You know? There's I think that we kind of need a way for, you know, people in the developing world to be able to save, And many of them won't have the education to manage their funds them themselves, but perhaps if they can kinda outsource that to their village elders, they can actually find a way to do that. You know? We we have a kind of a word for it here in USA. It's called a stock fell, where people can save, you know, their funds together in a sense. Those are the kind of ideas which obviously Sparrow isn't trying to, you know, you know, aim at, but I kind of think about them because I wonder how people in Africa are going to take advantage of how do they save in Bitcoin. You know? What mechanism do they use to store store funds?
And, you know, it's it's a long road to get from a hardware wallet to where they are. And I think steps along that path can definitely bring them closer to that sort of world.
[02:17:06] Unknown:
Hey, Rodolfo. One other I just I we kept forgetting this. I wanted to add this too. One other thing that might be nice to add on the the tap signer or both these device the devices is some sort of, authentication mechanism where, end user can verify this is an authentic? We do that. Oh, you do that? Okay. Awesome. Yes. Good. Good. I I absolutely love that.
[02:17:29] Unknown:
So that that was part of the the the the very early design model of this and it's done through the browser on the phone. So if you just tap the card, you you know, your phone is gonna ask you to open the browser, and it opens the browser and it talks to our server to check the certificate.
[02:17:46] Unknown:
Nice. Yeah. I think that's really necessary for this device because these aren't something that you're that people will have individually shipped from the manufacturer. Right? That's correct. They're gonna ship, like, a 1,000 of these to some random store in a third world country, and they're just gonna hand them out. So the user needs to be able to gain some,
[02:18:03] Unknown:
authenticity guarantees from it. Yeah. Part part of the model, like, we we always wanted to make a a cheap hardware wallet. Right? That was, like, economically viable with enough security. Right? And, you know, the the challenge always was, like, finding 1, the the correct secure element that was economically viable and a package that it could actually ship anywhere in the world flat. It's surprisingly hard to make something flat that's not a card, and that is not a Java card, and Java cards are not that cheap. So, finding that sort of like that the Venn diagram of that was was really it, and and being able to ship the top signer on a on a plain envelope anywhere in the world is huge because, you know, most stuff you ship to developing world doesn't make it there. Right? Unless it's flat on an envelope, people think it's a ladder or a credit card or whatever, it makes it there. And and the issue was like, okay. Great. So what if it gets intercepted? Right? Like how do we test that the device is Kosher, and that is through the certificate model, and we also sleeve the card so that customs in these countries don't just have a machine that reads NFCs and look for those to intercept them, right? So they are sleeved so the NFC doesn't leak in shipment.
So yeah guys, any other topics that come to mind?
[02:19:29] Unknown:
I have a ton of other topics, but I think I I don't think I can keep going much longer.
[02:19:34] Unknown:
We've been here for, for over 2 hours. Yep. So unless unless there's a a pressing issue that any of you would like to add to to to this recording.
[02:19:45] Unknown:
One thing that we can. Go ahead, Matt. Because I I expect this to have a lot of publicity and, you know, make a big splash when it comes out, and there's been a lot of updates they've been releasing, lately, including one that seems they released while we were, during this discussion. And that's from the Block hardware wallet team, Block, formerly Square. I'm curious on your guys' thoughts. If you're familiar with, their setup, the the main idea is a cheap NFC enabled, hardware device, presumably without a screen. It might have a screen. The phone holds one key.
The device holds one key. Square, I'm now block, has the 3rd key, and most transactions, the phone key and the square key are the ones that authorize it, and you have some kind of threshold limit. And then if you wanna sweep at any point, you bring in that hardware key that's kind of just used as, like, a escape hatch type of situation.
[02:20:52] Unknown:
If the hardware key is only gonna be used as backup, I don't see the point in making the device being electronic. It'd be much better to just write down some secret than it is for you to keep around a device. You know, devices do, tend to fail over time. So, you know, that's that's one tricky part. The other one is collusion between the two servers, you know, is less likely a massive company, but also, you know, if the state doesn't like anybody, these these massive big actors like Square and whoever is gonna hold the other key are exactly the targets that do have to comply. So, so so there is some some challenges there. But, you know, they they are looking at mass market, so there's very few easy answers that do incentivize self custody on mass market, and it's just nice to see people trying different stuff.
[02:21:53] Unknown:
I've just been reading the blog post on their choice of chip, which has come out as Matt says as we have been talking here. So, unfortunately, I can't offer any any views on it. I don't know enough about the space, but I know that, both you, MBK and Lazy, would certainly have some interesting views on on this choice of chip. But, yeah, it's, it seems that at least they are moving forward with their design. Do you think you could you could explain how a secure element differs from an MCU and then what is a secure MCU in that context?
[02:22:36] Unknown:
It depends on the design. But think about, like, a secure element essentially as a chip designed to take to take a beating. Right? So you would have something like a mesh on the top of the silicon. So if you try to to probe from the top, you you you essentially trigger the chip to either raise itself or break or something. You'd have you'd pay very good attention to not leak calculation secrets over the power. You would you'd have, like, write one's memory so that you cannot change the memory. Right? So, so that, for example, you store there a hash of the firmware.
You would have, like, the the pins are enforced by hardware. Right? So that you can't change the firmware that checks the pin. You know, Lazy can can sort of do a much better job than I can at, like, going through all the defenses that some of the stuff would have, but essentially, that's what Secure Element is. Right? It's it's a processor designed to secure things, and it makes a lot of trade offs in terms of functionality to achieve that, and then what happens is when you try to do more advanced things inside of secure enclave or meaning you have a normal type of processor running virtually or physically inside all this other net of securities to try to do more more general purpose things like say for example, calculating Bitcoin keys or something. So cold cards secure elements are very rudimentary on purpose.
Right? The more rudimentary these chips are the less attack surface you have, in my opinion. And then what we do is use the secure elements to 1, attest and guarantee the firmware, 2 is like make sure that you cannot get in unless they are unlocked pin wise. And, you know, we use it for a few other things, like that's where we store it encrypted seed and stuff like that. But generally speaking, we use an MCU which is a mostly undefended processor, right, because we just assume it's gonna, you know, it could be broken anyways, and then we do the secure stuff on the other chips when the main processor is not employed.
But in this design here, it looks like they're using a secure element that does have an arm capability, meaning a general purpose computing capability there so that they can do the Bitcoin stuff inside the secure element, which is great. It's it's similar to how Ledger does their things, but there'll be a few challenges here. One is unlikely the firmware will be open source all the way down the stack. 2 is the cost to increase. And 3 is the the complexity of this chip will be higher, so more attack surface. You know, you ask a secure element vendor, they'll give you this spec sheet sheet of all the amazing things to defend against until they fail,
[02:25:41] Unknown:
and they all eventually fail. Yeah. I'm I'm just trying I'm just going through the data just pull or I'm not even looking at the data sheet. I'm just going through their their website of what's on here. And so it looks like so this is an m 33 core. So that's just a standard ARM core. So that's not actually an ARM secure core device.
[02:25:58] Unknown:
Oh, the that core is not inside?
[02:26:00] Unknown:
Yeah. So Ledger uses a specific ARM Yes. Secure core in their STM secure element. So this is just a generic new so the m 33 is sort of the newer ARM core, but I see so they list a secure vault, but the secure vault looks like just a software peripheral that includes a bunch of features. So, I'm just going through here. So the people like to do this, and this side really gets me. So they they have a puff, so a physically uncountable function. So, basically, that's a methodology where, a device collects randomness from the initial state of its SRAM, so it's, it's sort of provably random that bits in, SRAM will power up uniquely random between devices if you get large enough samples, but then consistently in that state, and so it gives a unique fingerprint for the device.
But people often use that aspect to infer a lot more security than that feature actually provides. Not it it's a nice it's a nice feature, but people infer way more security than it provides. I do see DPA countermeasures, so that's differential power analysis. So that would be for people trying to, probe, what the chip is doing. So there is some DPA countermeasures and some anti tamper, but this I I have to look at this more to determine exactly what it is. But I mean, it looks like a it looks like a good choice, but this is not a secure element. This is just a general purpose ARM controller with security features and peripherals.
Is what it appears to me in just a quick look here. Well, that that would make sense because
[02:27:53] Unknown:
having an arm inside, a secure element would, cost a lot more, and I'm sure they are cost conscious because this is a mass mass market.
[02:28:04] Unknown:
Some manufacturers actually have separate die Yeah. Or they have a monolithic separate processor embedded within another within their their, silicon, but Exactly. Yeah. This this looks like just a single, m 33 core with security features, which is it is good. So there's nothing wrong with it. This is, you know, this is gonna have good features. This may be hard to defeat or not, but, I mean, it will have to be, tested, by the market to see how well it does.
[02:28:34] Unknown:
It don't see a display here on the oh, no. RGB LED. No. That's just an LED there. There is no there is no the SPI is already fully taken here, so the SPI, probably not enough ports for more, so they're not gonna be driving a display. Hey, Matt. Are we rambling about anything
[02:28:54] Unknown:
to general people yet, or is there there there's something else here that we should ramble about that's more interesting?
[02:28:59] Unknown:
This pod me and MBK started this pod for for not than not, average. This is for a more sophisticated listener, and I think, it's been pretty interesting. I mean, you guys are touching on things that are obviously way above my pay grade. And there's absolutely nobody listening right now anyway, so we can just sorta talk about what Yeah. I know. We should we should do what we enjoy. You'd be surprised. A lot of the die hards make them all the way through. Yes.
[02:29:24] Unknown:
I don't see a display here, and I don't I don't see the capacity of adding a display to this to this, processor. I don't think they would have enough ports
[02:29:33] Unknown:
left. Well, it has a really large flash. I mean, you could do all sorts of things over just SPI, just a SPI display or something really simple. No. I know, but their their SPI is already using the fingerprint and is using
[02:29:44] Unknown:
what else? They're probably controlling. No. No. Actually, there might be more.
[02:29:50] Unknown:
So, yeah, my only concerns in general about a device like this that combines, you know, the wireless technology into sort of a monolithic solution is there's just so many attacks that come in over wireless. They now there's there's logical things, so they have TrustZone, which is sort of ARM's proprietary logical way of isolating memory. So one process can be isolated from another process, just generically speaking. But it's actually tricky to do everything right. So we'd have to look to make sure they have good isolation between their wireless stacks and then the stacks that are dealing with Bitcoin stuff.
[02:30:29] Unknown:
So but, Lazy, I think I think the way we could, like, probably describe this to to people listening that are not familiar with hardware, just, you know, this is a substantially step up, say, from a ledger sorry, from a Trezor. Right? So this actually has security. There's a few things going on here they try to do, you know, of course at the end of the day implementation
[02:30:52] Unknown:
is how you do or die. And Vicky, I don't want to disagree. I don't know that this is a significant step up from what Trezor does. I mean, maybe there's some additional features here, but,
[02:31:02] Unknown:
it's still only a significant step up for Cash App. Yeah. Which is what I think the target is. For sure.
[02:31:08] Unknown:
But but, see, these new arms have better proper ECC. Right? So you wouldn't be able to do the original glitching attack, on on the STM. Maybe there's a new glitching attack, but the original, I think, will be much harder with proper ECC. I know this because our choice of, MCU does have good ECC and data attack is is not, like, I have not seen anybody successfully achieving it. But the thing is it doesn't have a display. Right? So, you know, there is that issue. Fingerprint sensors are, you know, with a photocopy piece of paper, you can spoof them.
And if they're a little bit better, you can just there's 50 ways to spoof, you know, fingerprint is pointless, but it's much cheaper and much easier to deploy on the on the mechanical package than it is to put a keyboard, for example, or buttons. Right? So because the fingerprint sensor is, is like static. Right? There's no movement on that, so it's much easier to build a package. It's mentally less burdensome. Yeah. But again, this is from their model. This is designed as the backup system, which is great, but I I you know, if for backup, I will just use seeds. Maybe maybe they have more plans. Why this conversation is important to me is because Cash App already has 80,000,000 users.
[02:32:35] Unknown:
And that's 80,000,000 users mostly in the United States because I I believe they're barely launched in the UK. It's like their only other market. Presumably, this will allow them to offer a Bitcoin only type of Cash App, that is quote, unquote self custody so they can get around international regulation in terms of KYC and friction stuff and allow them to open up globally. Obviously, Square is an extremely trusted brand just among among the normal population. So, I mean, I'm kinda operating on the assumption here that this could quickly
[02:33:09] Unknown:
become, you know, the most used hardware wallet in the world. You will be. Matt, what did you say their, their multisig setup was? It was this
[02:33:19] Unknown:
device cash uphold, their square server holds a key. I'm saying cash app, but they're probably going to have a different app, a separate app, but the app holds a key. Their server holds a key and the hardware device holds a key. It's a basic 2 of 3. And then most of the time, their server and the phone are signing.
[02:33:39] Unknown:
So they they're holding really 2 lags of the side. You set limits. No. But hang on. So they they are holding the the 2 legs because one is in their client that's developed and maintained by them and the other one is on their server.
[02:33:53] Unknown:
Right.
[02:33:54] Unknown:
Listen. But it makes sense. Yes. If you're building something for 60,000,000 people today immediately, because they will deploy this to literally 60,000,000 people, right, you have to come up with something that has a lot of trade offs, Right? So you can immediately meet these people where they are. Yeah. No. I'm I'm excited. This looks good. You could say the same thing about Casa's 2 of 3 setup. Yeah. But that is a concern. Right? Yeah. The phone app is holding a key. Casa is holding a key, and you have a key on a hardware device. And also on the Casa scenario, they have some custom multisig that's sort of like their thing. Right? The key rotation and all that stuff that makes it extremely hard to recover
[02:34:36] Unknown:
unless you use their recovery tools. So there is no backup. There is no siege. I don't think so. I think you can mirror a Casa setup in Spara is my understanding.
[02:34:45] Unknown:
Yes. But but then there is key rotation as well, if I remember right. So Right. I I I actually, to be fair to them, like, I don't know like, I the last time I look at the CASA actual implementation was, like, ages ago. I don't know where they are at, so I can't really, like, you know, educately comment on it. But the point stands the point stands that this doesn't protect from essentially
[02:35:09] Unknown:
Square or Cash App being malicious, actively malicious. Correct. But presumably presumably, they will open source the client, and presumably, they're trying to get it. It's more of a a regulatory play in in my book because it's, you know, quote, unquote technically self custody, but you get a lot of the so called benefits that people like with the handholding of a custodian.
[02:35:31] Unknown:
You know, open sourcing the client is a nice thing, should be done because it gives you more confidence. Yeah. I'm aware. But it doesn't really mean much because, you know, the the the binary that's deployed to the users could be completely something else. Right? Most people are gonna auto update to their app store. Exactly.
[02:35:48] Unknown:
So the only thing I see missing in this is or well, maybe not missing. Maybe it's there and I'm not aware. But the only thing I would like to see would be they give people the ability to actually back up. So you didn't just Exports. Basically export the key from your phone, export the key from this hardware device, and actually do physical backup. If they did that, then I think I have almost no complaints.
[02:36:08] Unknown:
So, you know, Lazy, I think thinking from their perspective and extrapolating here, I think the whole point is not to let the user export the secret. I I think that is probably correct, and that's that would be my concern. Because that's how I see that design. I don't see any way in which the secret comes out, unless it was sort of like similar to TapCigner where they're encrypting with something and then spitting it out. Because to me, this looks like there could still be a regulatory capture
[02:36:35] Unknown:
and, you know, so the government goes to Square and they says, this user is doing bad things, and Square goes out and basically disables the app on his phone or removes it from his phone. So effectively he and then he can't recover from their server, so effectively he loses to his clients.
[02:36:53] Unknown:
Yeah. It could be that. It could also be just extraction. Right? They could be mandated to extract the seed from the device, you know, provided that there is backdoors and things, which, again, I I don't I I just want the people to know we're not trying to beat on them or think that they're in affairs or anything like that. We're just trying to sort of, like, play out the game theory here of how could they get captured and be forced to do something they don't wanna do. I think that's very important for people to understand that we have very mean laws, to make sure that companies comply when the government asks men to jump, they jump as high as the government wants. Right? Like, nobody wants to go to prison for 30 years. Yeah. There should be an advanced option
[02:37:36] Unknown:
to export data that they can back up. I think if if that if they add that, then I think everything's good.
[02:37:43] Unknown:
Yeah. Maybe maybe they will. I haven't read it through.
[02:37:48] Unknown:
Something that, you know, the Unchained guys have said to me many times is is the feeling, that their clients get when they export their wallets to Sparrow for the first time, and they see their funds appear in a different app. Right? So now they have this experience that my funds are not locked into an Unchained in some sense that I can get out of that world is a very powerful thing. And they say that that that's you know, they often get a lot of lean in at that point, and, you know, the client's eyes really light up. So, hopefully, that incentive will apply to Square as well, and they will see that if they wanna get people to trust, it's obviously not the same user base. We're talking about a much, much, much broader set of users who are probably just gonna say, you know what? It's Square. I'm gonna give them all my my money. But, hope hopefully, that still remains a sort of a backdoor for people, and Square kind of see the value of that, because I think it is a very powerful thing, to allow people to to kind of know that their funds are safe even if the company that they are currently using isn't there anymore.
[02:38:58] Unknown:
And, specifically, Unchained makes it really easy. They they Yes. It's just you just export configuration file, import into Spero, boom, done.
[02:39:07] Unknown:
You know, if we assume that the Pareto distribution continues, you would say that 80% of people will never want to take custody of their Bitcoin, right? They're gonna want to outsource that security thinking and risk to a 3rd party, right, at the expense of incurring third party risk. So I think that anything that just moves people an inch away from not being fully exposed to a third party is a monumental win, Right? So if we can have 60,000,000 people who do use Cash App to have even a set of trade offs that may not appease us as people who care about security, but it's already a huge upgrade from FUO on custodial Bitcoin, it's it's it's a big win.
[02:39:59] Unknown:
Definitely a massive win. I would just say to anyone on the block team listening, like, consider consider the trade offs that signal has made, and and just try and limit the amount of of control you have over your users because there will be governments that will push you, and you'd rather not have that ability.
[02:40:20] Unknown:
But they'll come. Right? Yeah. I mean, it's just a matter of time. You're gonna be you're gonna have a user who accidentally ended up with a coin from the old fact list, and then, and then you're gonna have to act on that user even though that guy probably didn't even know what's going on here. The tornado cache guy is still in jail, I believe. Yep. It's, well, remember. Right? Like and even when a developer puts themselves in a way that they cannot do anything for this stage, they can find themselves in a lava bit scenario where the state may try to coerce them to change that software or risk jail in order to to continue that business going. Alright, guys. I think we've really covered a lot today. This was was pretty monster conversation. I can't thank you all enough for for giving so much of your time and coming here and talking shop.
I will try to have more of these in between list episodes. I think it's, it's super fun to have, actual builders and people who have user bases, who do actually interactive security things, and and are the people working on all the client stuff that that everybody in Bitcoin uses. It was an absolute blast. If you guys have any final words or or any any things you want to, to shield, please do, And, yeah, I really appreciate it. It was an absolute pleasure. Thank you guys for joining us. Final thoughts, Craig. You first.
[02:42:03] Unknown:
Yeah. Don't don't have a whole lot to add at this this this point some 3 hours down. Other than, you know, I'm really looking for feedback on the wallet labels spec that I put out, you know, particularly from users. I'm trying to actually talk to people on Bitcoin talk and all kinds of other forums that I don't usually use. So I'm gonna try and engage more on that and and just, you know, I guess, try and sell it as MBK says or at least the the idea and and see what format we come up with at the end of it. So, yeah, so that's kind of, what I'm thinking about right now.
Otherwise, it's been great to chat to you you guys. It's always nice to, you know, interact with others, particularly when you're working on a solo project. So thanks again. It's been it's been awesome.
[02:42:55] Unknown:
Thanks, Craig. Lazy, final thoughts. Yeah. So final thought is I I always remind everybody of this is do not let anything said here scare you away from using hardware wallets. It's it's exponentially even with problems and this and that, it's always exponentially safer, not to poke Craig here, but you know, than using a a PC based, wallet. So just wanna remind everybody of that.
[02:43:25] Unknown:
I'm not arguing.
[02:43:27] Unknown:
Yeah. Matt, any final thoughts as a guest? Thank you for coming. Stay on, bullstack, Seth. Thanks, guys. You you all have a a fantastic day. I'm gonna stop recording now. Thanks for listening and going through another boring list of updates once again. Don't forget to get in touch on Twitter at Bitcoin Review h HQ or the Telegram Bitcoin review pod or email bitcoin review atquaintite.com. Remember, I don't have a crystal ball. So if you have a cool project you're working on, do make sure to get in touch with us. And if you're still not bored, you can follow me on Twitter at nnickay.
Hello, and welcome to The Bitcoin Review Podcast. We're trying something different today. This is a Bitcoin review conversation in which we talk to people working on the Bitcoin projects that we often talk about. So we have a great panel today to talk about wallets. And these guys are all actual industry people, not LARPers. I'm really looking forward to this. We have Craig Raw, who builds Sparrow Wallet. Craig, thanks for coming.
[00:00:43] Unknown:
Yeah. Great to be here. Looking forward to our discussion today.
[00:00:49] Unknown:
We have Lazy Ninja, who is a a security researcher for actual hardware, which is very very cool and is not somebody you normally have in this, kinds of discussions. So, thanks for coming, Lazy. Hey, Yeah. Thanks for having me, Rodolfo. Yeah. I just,
[00:01:06] Unknown:
love embedded security and specifically wallet security.
[00:01:10] Unknown:
We have Charles from, Ledger. He is the CTO, but previously, pencil before he was a pencil pusher there, He was an actual, security researcher and ran the Don John. They broke pretty much all the wallets, which is a lot of fun. Thanks for coming, Charles.
[00:01:30] Unknown:
Yeah. Thanks for having me, Rodolfo. Yes. I'm CTO at Ledger, and my background is cryptography and security. And, as a lazy ninja, I spent a lot of time studying hardware security in general and also wallet in in particular. But, yeah, this is my background. Thanks for having me, and I'm looking forward to discussing with all these great people.
[00:01:56] Unknown:
And now we have our guest, Matt O'Dell, who is an all star podcaster, privacy advocate, and an educator for Bitcoin, somebody who tends to have opinions about wallets, and, oftentimes, they are good opinions. So, thanks for coming, Matt.
[00:02:19] Unknown:
Looking forward to this conversation, boys.
[00:02:22] Unknown:
So we're we're trying this new thing, you know, in between the list episodes, because the the list do take 2, 3 weeks to have meeting them. And I figured I'd bring the people who actually work on the projects that we often talk about on the list. So why don't we start talking maybe a bit the the UX challenges that like a lot of the the Bitcoin client software has. We often hear the memes about Bitcoin is hard to use, harder wallets are hard to use, harder wallets are not hard to use. It's a big messy topic out there because, you know, being your own bank is not exactly, the cup of tea for everyone.
So, you know, Charles, you guys make a wallet that's more noob friendly. You know, what kind of stuff do you guys encounter in in UX challenges?
[00:03:19] Unknown:
Yes. Definitely, I think UX challenges is one of the biggest challenge we have, for, mass adoption. And often we, we take the Bitcoin revolution and we compare it to, the Internet revolution. And if we if you do this comparison, we are very early. And, in terms of adoption, you can compare, Bitcoin adoption to, like, 1998. And if you remember, Internet at this time, that was quite creepy. The UX was, horrible. And It was great. Yeah. Because you're like terminal UX. That's why. And, yeah, I think we are we have plenty of things to, to improve. And the mass adoption of Bitcoin and cryptocurrency in general, I'm trying to be a little bit more general even if I know we're talking about Bitcoin here.
Today, it's very complex for someone who is not tech savvy. It's not usable. When I think about that I think about my mother. My mother can't use Bitcoin. She can't use, how how we're at it because it's simply too complex. And for me, first of all, there is a paradigm shift. You have to understand what is cryptocurrency, what is Bitcoin, where it lives, then what is self custody. This is something very different from, having an account, to to to bank. So this is something to understand. And second, for me, my top of mind UX challenges, the the the best 2 are seeds. Like, what what what are these 24 words? Like, my mother, if I if I had to explain her Bitcoin and I start, okay, you would generate a secret and then you will you will have 24 words. You will you will have to secure them.
This is something complex to understand. And for me, this is one of the challenge we have today. Like, see how can we hide this complexity, to people. And the second thing is addresses. Like, what is just one of them, exact decimal string for a normal user? This is something weird. When you have exadecimal, usually this is because you have an error. And we we need to, we need to manage the those issues. And there was nothing,
[00:05:49] Unknown:
easy. How are you guys actually, like, attacking those problems at Ledger?
[00:05:55] Unknown:
If if there was an easy solution, like, we already would have implemented it or some someone else, we have ideas. We are researching for both. Unfortunately, this is made a matter of trade off. How do you trade off security with convenience? How do you trade off, convenience, with, decentralization and the security? These are these are the the kind of discussion we have. We we have some IDs. There are there was a couple of ID, which, I hope we'll implement. But, there was for now, we didn't find the perfect solution, with, without Drift. I I have to to admit that.
[00:06:41] Unknown:
I mean, I don't think there's a perfect solution. Right? It's unfortunately everything is gonna have trade offs. You know, we have the cold card crowd, right, that sort of like we try to give all the tools and everything you could possibly need in the most high security environment that we can possibly come up with. Right? And then with the TapCigner, we sort of try to make the trade offs where, you know, you don't have a screen, it's very cheap, and there is no seeds. It's just a blind signer, right? So, you know, the way, like, when you initialize it with a phone, he asked, do you want to store the encrypted private queue on your phone? Right? So that your mother would have a backup of that, but then again, right, like, I cannot recommend people putting their life savings on a top signer, unless they're doing it in a multisig. Right? So now if they're doing multisig with Nunchuck, for example, you know, what are the other keys being held with, right?
We still like started so early on this, and that sort of, like, brings Craig in because Craig did did a very incredible, in my view, upgrade in UX, from a similar model to Electrum. Right? It's an SPV wallet, it's a desktop wallet, and and it's sort of like it does multi sig, it does a lot of the advanced features, but like it's a much more sane UI and UX. So Craig, like what brought you to develop, Sparrow and and, like, some of the reasons why you made those UX decisions?
[00:08:18] Unknown:
Yeah. You know, if we zoom out a little bit here, and we look at, you know, kind of where we have come from and where we're going and what people kind of view as important in the space, I think that most of the the the kind of opinions and the views that you see all, you know, have a a very natural and human flaw is that they fail to kind of take into account the the kind of span of time. They all have quite a recency bias to them. And, you know, for me, designing Sparrow, it's it's not dissimilar. Really, I was just trying to improve and take, you know, what I think is ultimately going to be seen as a fairly small incremental step in terms of the UX of wallets. You know, taking at least the UX of sort of more more advanced, more, capable wallets, perhaps more, more difficult for noobs, but certainly, you know, you're able to do more with them. You know, my intent was to really take what Electrum was offering at the the time, which I thought was a good concept and a good kind of model, this idea of a light client, which they really pioneered, and really just put it into a a different package with better UX, with with a a more sane kind of data model and UI model.
You know, that was really my intent. Where we are going next, it's hard to say. Right? If I knew the answer to that, I would be trying to build it perhaps, but, you know, it's really hard hard to say. And that's, I guess, one of the great things we all get to experience on this journey is the ability to see whatever's next, and kinda be part of that. But, yeah, I mean, that that's really what I was trying to do. I kind of built Sparo for myself. It's still really the case. Whenever I come to a decision point and I don't know what to do, I kind of have to go back and say, well, what would I like to use use here? And that kind of defines it for me.
I have the advantage that I didn't set this thing up to be a business like you guys.
[00:10:34] Unknown:
We didn't start it as a business for a cold card either. It's just kinda funny. We we did it because there was no alternative that we were, like, sorta happy with.
[00:10:45] Unknown:
Yeah. Yeah. I mean, sure. So, you know, often it begins there, but now it's become some some something else. Right? And, you know, I think that that's that's always a challenge. Right? That's the that that kind of trying to maintain the balance of, you know, who are you building this thing thing for? Because if you're building it for somebody that isn't you, that immediately creates a bit more of a challenge. Right? Now you're trying to imagine yourself as someone else, and what would this person need?
[00:11:11] Unknown:
I have a couple questions for you, Craig. So, one is, like, do you see yourself porting Spiro to the phone so that, you know, like, you wouldn't, of course, be all the functionality and everything that's in there, but, I I failed to find a reasonable phone wallet that that is not like, you know, like, so Moon is fantastic for, you know, a total noob that has $50. Right? But it would be nice to have a phone wallet where you can live a couple $1,000 as your sort of like checking account. Right? And and and go about your life without having to pull out the computer. Because funny enough, if the opponent is not a state actor, the phone is fairly secure.
So I, you know, anyways, I was just curious if you intend to port that that wallet at some point, to the to the phone.
[00:12:11] Unknown:
The answer is no. I've got no no plans to do it at this time, mainly because it would just stretch me too far. You know, taking care of Sparrow across all of the desktop platforms is enough work as it is, and, it would materially affect, you know, the product that I offer now to try and put it onto a phone as well. It would be a completely different UI, a different environment for it to run-in. That that said, I I completely recognize, the need for better, better access to, you know, phone wallet apps, and I hope we get more of them. You know, that's that's absolutely some something. In fact, I actually feel, you know, somewhat guilty at times that I live here in Africa where most people don't own desktop computers and here I have built a desktop app. So, there is a degree to which I recognize the irony of that situation. But, in any case, to for me to stretch Sparo to a phone, is I think just a complete reimagining of the UI.
You know, why did I choose a desktop in the first place was really because, as I said previously, I wanted to build it for me. And if I'm gonna manage my funds, I'm gonna use the most capable device that I have, which is my PC. So that's what led me to make that call.
[00:13:26] Unknown:
But that that doesn't mean that I don't, have the need for phone wallets as well. On that note, Craig, I just wanna jump in here real quick and touch on something we had a personal conversation with, about in Miami, when I also met your lovely lady. I said to you, how can, you know, how can I help? Do you do you need more contributors? Do you need more eyes on the code? And usually in an in open source land, you know, projects are always in demand, for more contributors, They're open source project. And you said something interesting to me. You said that in a lot of ways, when you have all these different moving parts, bringing in additional contributors makes your life more difficult, and you like being in total control. You wanna touch on that a little bit?
[00:14:13] Unknown:
Yeah. Sure. I mean, I completely support, and, I did say that. That that that is very, very much the case. You know, I'm experiencing right now, and I imagine we'll get to it late later, but I'm experiencing right now the joy of of kind of trying to find agreement with with others via the BIP process. And it's really, for me anyway, not a lot of fun. It's not something I particularly enjoy doing, and I didn't start Sparrow, as I said previously, at commercial intent. So I'm I started it because I enjoy what I do. I enjoy the creative process, and I primarily enjoy the creative process, or at least my creative pros press process is one that I do on my own.
You know, I like to imagine things. I like to design sign things. And that's not to say that I haven't enjoyed working in teams before, but, you know, if you look at the great, you know, the the if if you're sort of inspired by great works of art or whatever, usually those are created by solo individuals.
[00:15:16] Unknown:
Yeah. It's it's it's fascinating you bring that up because, you know, in our sort of open source saga with CodeCard, what a lot of people fail to to see is that, you know, it was open source but it was single source. It was mostly Peter's design, for the software and if anything, every time somebody makes a contribution, the effort to review the contribution because this is security software, right? And oftentimes just have to politely disagree that we don't want that contribution is an immense time sink and that's not to say that it's a nice, I mean like we have received contributions that were amazing. HODAwave I think did some con I can't remember right now, but he had some interesting contributions that were accepted. It was the address explorer. Right?
No. He he did a the multisig explorer which we had to turn down because there was no secure way of doing that. But there were a few other contributions. And and a lot of people sort of like fail to see the toll that it takes on open source to receive these contributions and sort of disagree and say kind of like very politely fork off. So, I find, and I've been following your, your, CSV request And and I find that there is sort of like 2 kinds of open source people. There is the people who are sort of like working on base layers, OSes, the very the larger picture that everybody builds on top, and those folks tend to be more academic like workers where they are very good at sort of like being polite and doing the back and forth and working through that and they also have the patience to deal with outside ideas and outside contributions while the people who build client software that runs on top of this sort of like base layers or assets, they tend to be more opinionated and they tend to want to build their vision, and that's sort of like the goal, right? I hope that people like my vision but it's still my vision.
And and I I find the the sort of like the the dynamic between these two, the tension between these two to be a very interesting place where a lot of cool stuff gets built. But, yeah. The the other question I had for you was the maintainability that Matt did bring up, which is, you know, there is a point in which, especially with security software, where you have to have enough either time, budget, or something to get appropriate amount of reviews, especially as the project grows, it becomes more complex. So, I mean, I don't wanna put you on the spot and you feel free to sort of like move on from this if you don't want to, but I'm just very curious, as to like, do you have plans, ideas on on sort of, like, you know, further monetizing it, in in a way to to keep the project healthily, sort of, like, maintain and and get more help under your terms?
[00:18:41] Unknown:
Yeah. I mean, you know, to be honest, Sparrow is is, you know, not exclusively I'm not gonna rule anything out, but it's kind of an attempt to see what one man can do. And if it doesn't work, then fine. It doesn't work, but so far, it seems seems to work. I don't see the pace of development in terms of new features happening at anything like the rate in which it has happened. And I sort of, you know, was rolling out features really intensely at the start because I realized that my user base is small and the the cost of making a mistake is less. That has now changed. I don't view it that way anymore. I think Sparrow is probably managing 1,000,000,000 of dollars.
I don't say that as a any kind of credit. It's quite a burden, but it is probably true. And as a result, I have to be really careful with anything that I do. So, you know, it's it's it's really time now to, you know, to kind of review code, to go over things, to check algorithms, to and and that's the one of the reasons that you see, you know, a much slower release cycle now is because I'm really, you know, taking the time to really just go back over over over things. I try to stay very involved in the user support because that's where you get most of your feed feed feedback and staying close to your users, I found, is the best way to really understand what's going on and to see see things coming down the pipe. So, yeah, I mean, you know, that's not to say that I I'm not I'm I'm certainly keen to find good people in the space who can review things that I'm maybe less qualified to do, you know, cryptographic algorithms and and the and the like.
But I don't see that as something that's gonna cost a huge amount because, you know, most of the time, the algorithms, using the libraries that I use are very well reviewed anyway. So, yeah, I'm just gonna see how how far I can go and try and think about it in a in a sane way and approach it in that way.
[00:20:48] Unknown:
I would just add here, I mean, on the monetization aspect, I mean, I think Sparrow has already found a a pretty stable monetization method for a one man shop because he is collecting coin joint fees right now. So as far as open source wallets go, that seems to be, one of the most obvious, sustain sustainability models.
[00:21:10] Unknown:
Lazy, do you want to, to give your 2¢?
[00:21:13] Unknown:
Yeah. It's it's sort of an interesting time we're in right now because, you know, so it's hard to design UX when you don't know exactly how people are gonna be using things in the long term. Because right now in Bitcoin, we're sort of using Bitcoin in a different way than I think it will maybe ultimately be used. Like, I'll just sort of take myself, like, people would look at me as, like, maybe a wallet power user or just a Bitcoin power user because I've been around a long time. And I I so in reality, I probably only use a hardware wallet to sign transactions and really use it once or twice a year.
So when I get that hardware wallet out again, it's actually been a long time, and I sort of need to go slow and be careful with stuff just because it's been a long time because I'm just sort of in HODL mode. Like, I, you know, I just accumulate Bitcoin. I don't I'm never spending it, so there's just very little I have to do with my hardware wallet. And it just sort of if I'm sort of somewhat a noob sometimes, I can't even imagine how newbie real newbie people are. Right? So it sort of creates this falsely reinforcing thing that everybody's just really dumb and doesn't know how to do stuff on hardware wallets. I think maybe in a future where Bitcoin is used differently I guess your model was sort of the tap signer and things like that somewhat address address that.
You know, maybe people will be using hardware wallets much more often, and it will be easier to understand you and they'll be more capable of understanding complex UX. So maybe we may be oversimplifying
[00:22:47] Unknown:
things in the in the long term. I I think another thing that's gonna inform us what's gonna happen is, you know, we all know all the phones are owned. Right? Like, they they're fully backdoor devices, by state actors. Right? Now, they're fairly walled garden and nice in regards to other attack surfaces. Right? Like, say, your average bad guy. Right? Now, what's interesting to me is, as exploits sort of start to become known on phones, is that will inform us which direction we have to go. Right? Can we still have private keys on phones or do we need TapCigner or some other solution like the Ledger, with the with the Bluetooth?
Like, do we need to offload those keys from the phone or we don't? Or or where is the happy medium? Right? Is it multisig? Is it multisig with a server with a server? Right? The Nunchuck guys are releasing, hopefully, like, a service soon that that does some of that. So, I I don't think there's gonna be, 1, an answer that sort of fits everybody, and 2, I don't think we we are capable now of of just knowing the the environment, the security environment we're in in 5 years from now. Right? Because you know imagine you are you know, a quality dictator.
Right? Like, very nice guy, but still a dictator, you know, all the phones are sharing their their memory with the carrier that's state owned. And then, you know, the the dictator is in a in a pickle because he ran out of money, he bought too much lobster, and then, you know, like he sees that there's this massive, install base in his country where everybody's using a phone wallet, the private keys in their phone, and then he goes like I need money, I'm gonna just sweep everybody's phone. Right? Like we are not far from that technically speaking, that is already possible. If the wallets have x y's. Go ahead. I mean, is the Chivo model?
Yeah. I mean, I don't know. Right? But the Chivo is worse than that. Right? Because the Chivo is custodial. So people are already accepting that they are owned. So go ahead, Charles. Sorry. We cut you off. Yeah. In in your analysis,
[00:25:11] Unknown:
when you say that the your main opponent, for stealing your keys in your phone is a state actor, I would tend to disagree. Like, the secure security vulnerability market, because there is a market, is, mostly there there are plenty of actors. You have, on one side, security researcher who find vulnerabilities. In this researcher, some, some of them are more, like, responsible disclosure like like what WhiteHat. Some other are more, like, with BlackHat. They are using the ability for for them, directly, trying to monetize them, in a way or another. And in between, you have a gray hat, and these these people are, mostly selling their vulnerability to the one who who gives them the most money. And people who are buying this vulnerability, of course, you have state actors, but you also have a criminal organization. Right? This is, this is something widely known. You have, brokers.
Like, if you go to xerojam.com, this is a broker for Vulnerability, and they buy Vulnerability and they sell Vulnerability. And, this market has been huge. Like, 25 years ago, when I started in in this area, when when you found when you found the critical vulnerability, if you've got 100 bugs bugs, you you were very happy. Now, if you find, like, a zero click persistent vulnerability on, on Android, it's 2,000,000. This is this is the price for, this kind of. You have state actors buying those, but also criminal organization. And today, this kind of vulnerability is mostly exploited to spy on people or, like, doing, like, doing intelligence and this kind of thing. But tomorrow, if the opportunity cost of, like, draining all the software wallet on, a given device is higher than the price of the vulnerability, and this will come very fast, these vulnerabilities will be bought for draining, software wallet.
And it's even worse than that because when I when I say, like, 2,000,000 for vulnerability allowing me to drain your software wallet without you doing anything, this is the this is the worst worst situation. But this is for an up to date phone. Like, if if you use, an old phone, like, this will cost nothing. They are known already. They have been patched, and, unfortunately, your vendor do not provide upgrades. So your your phone is vulnerable or you didn't click on upgrade my my phone. And in this kind of situation, you're not protected at all. You know, so people know, like, when you are on an airport,
[00:28:10] Unknown:
if they take your phone, it doesn't matter how latest the model is, they'll stick it in a little machine that will, like, take all the data out of the phone even if they can't break it right now. They'll wait until they have a vulnerability to break it later. It's it's so hopeless.
[00:28:27] Unknown:
Yeah. There is a famous vendor, which is called CelebLight. Yes. And they they have this, like, some kind of mallet and, a bunch of wires. You plug in your your phone phone and then they they can extract everything. But you also have another vendor, which is called NSO. And NSO is the company which develops, Pegasus Pegasus Software. And this software is quite simple. I put your phone number on the software. I click on hack and I am root on your phone. And there's nothing you can do. You you you don't even have to do anything. This is Artrix. And to build this software, what they what they did was to, search for VINR which is all by them. This is Yeah. This is the this is the market. But for now, these VINROGs are not used for draining words,
[00:29:17] Unknown:
but more for, like, just spying on people. But they they will, of course. Imagine we are in a in an environment where, you know, it's hyperinflation or something. Bitcoin is worth, you know, $1,000,000 a coin. And now you have, you know, maybe not in a major Western country, but say like a developing country, like Brazil, Russia, India, China, something like that, and they're experiencing a high volume of capital flight, right maybe they start draining people's wallets you know it's it's a lot cheaper and easier than go and hit somebody with a club in the head
[00:29:50] Unknown:
What Charles mentioned was really interesting about the older phones because where we're gonna see most mobile wallet penetration is gonna be in markets where people are using old Android phones. And, this threat of Pegasus is is very real. When we were in Oslo, there was a partner there that was was doing Pegasus checking. And me being paranoid, I would never plug my phone into the Pegasus checker, but, apparently, there was 7 7 different attendees had Pegasus on their phone.
[00:30:19] Unknown:
Yeah. I know. It's expected. Right? And and remember, phones were not designed to have a a a a supply chain security between the manufacturer, the carrier, and yourself. So one is, especially with Android. Right? With Android, you're buying something that the carrier already rooted. Right? Like, it comes pre rooted. If you buy your Android directly, you know, maybe a better chance, but still somebody can intercept in the middle of the way. IPhones, it's my opinion that you are a little bit more secure against the, you know, the average scumbag, but, but, you know, you're still sort of at the mercy of state actors, or old exploits or old hardware.
But it is pretty bleak and and that's why I highly discourage people doing large transactions on phones. It's it's not not a good idea. If anything, you could just be losing your privacy. Right? Maybe they're just capturing, you know, transactions on you just so they can attack you later.
[00:31:20] Unknown:
Right? Yeah. Just just a tiny detail about iPhone Exploit versus Android Exploit. For now, the market is saying the opposite. Like, iPhone, iPhone Xplots are a little bit cheaper than Android Xplots, but just a detail.
[00:31:37] Unknown:
No. I I wonder why. I I know that the volume of exploits is different there too. My understanding of the reasoning, correct me if I'm wrong, Charles, is because,
[00:31:47] Unknown:
if like iPhone is a very, homogenic ecosystem, like all the phones are pretty much standardized because they still get updates. But with Android, it's very fragmented. So if you get an if you get an iOS vulnerability, you pretty much get access to to all the iPhones. But with Android, there's a bunch of different ones.
[00:32:08] Unknown:
You know, the difference is BSD versus Linux. You know? What can you do?
[00:32:12] Unknown:
Yeah. There are plenty of, of reasons, but, again, it's a it's a matter of market and it's not really a matter of demand, but of offer. Like, when when some researcher, start to find many vulnerabilities, the price of vulnerabilities drop. This is this is more of this mechanism.
[00:32:31] Unknown:
So another problem too is that the install base for iPhone is much smaller than Android. Right? Android is what? Three times now the market than iPhones. So you just have more suckers to steal stuff from if you buy an exploit for Android. Okay.
[00:32:47] Unknown:
Before we move on on the UX on the UX topic, I just have a quick question for Charles. I mean, Charles, obviously, Ledger supports, you know, all these alt coins and NFTs, and there's all these other complexities that you guys have to deal with because of that. You know, you have to think about staking. You have to think about NFTs. How does that how does that factor into your UX equation? Has there been any thought to having a Bitcoin only product?
[00:33:13] Unknown:
Oh, this is an this is an old debate that we have. So in terms of security, in order to segregate your asset and mitigate the the risk, what what we did is the is the following. We have developed an operating system, which is quite simple, and this is on purpose. And this operating system is mostly a big cryptographic toolbox, and you have different API where you can, ask for a request for a hash, a signature, encryption, whatever. And on top of this operating system, you can load application and this application are isolated from one to another.
And to do so, we are leveraging the, hardware feature, which is which is MPU. We are we are using a hardware feature so that even if your application is trying to, access to, to some data which is not, in its in its world, you will have a hardware failure. This is this is what what we are using. So we are using the MPU hardware to, isolate application from one to another. This is how we avoid that even if there is an, even if there is a vulnerability in your, Ethereum app, your Bitcoin keys, if everything is is is well done. This is a yeah. There was always a question about that, of course. If everything is well done, if there is a vulnerability in the Ethereum app, it cannot be leveraged to access to your Bitcoin keys. So this is how we we mitigate that.
If you want to tell me that more complexity complexity is the enemy of security, I really agree with that. There was no no debate, but this is a trade off for you. I can't even imagine the amount of work that it is to review
[00:35:09] Unknown:
the signing, like, capacity, for all the Shecoins. It must be, like, an absolute, like, hell. Like, you know, it's a good business. Right? I mean, people want a single solution that supports all the stuff. Right? Yeah. But like just speaking as as like somebody who builds software is is is just I I can't even imagine what it is in terms of like just the amount of people and teams and stuff you need to just support the stuff because,
[00:35:38] Unknown:
you know, Bitcoin is simple. That's what people don't understand. Bitcoin is so so simple. And more more simple than than other protocol. I agree. So we we have a dedicated team for that. This is, this is the dungeon. But we also use third party security evaluation lab because there was no absolutes in security. And the more eyes you have, the better it is. Also, we we have improved our SDK. We are providing more tools, some static analysis tools and so on. So, yeah, this is this is not absolute, but this is, we we are putting a lot of effort to improve the security of everything we do, especially when it comes to to signing. You know, it's funny.
[00:36:19] Unknown:
We also use Don John. For free. We for free. We send, we send code cards to Don John, for them to try to break. So, thank you very much, for that work. I I seriously, like, I I mean that for real. I I think it's fantastic that you guys are willing to spend so much money, trying to break you know, I know you get the PR from it and all that stuff too, which is great for your brand, but, it's just nice that there is enough market and enough economies of scale now that there can be an actor like you that sort of goes out of your way to try to break other devices. It's surprising. I mean like we gained a lot in security from you guys breaking, all the all the microchip, secure elements. Right?
They're working even a new version now. Right? So, which is which is great. And and, you know, as much as there will be, of course, vulnerabilities in the next one, the next one, the next one, they start to become more expensive, and and we start to understand where the limitations of that technology is and try to build around it. Right? So you get a secure element like a secondary secure element and and sort of try to navigate that way. It's better to know from a friendly actor than, than to find out from, you know, exploits in the wild, which we would never know. It's part of the reason why we we advocate so much for for air gapping and and that kind of stuff is because, you know, what a lot of people sort of, you know, on Bitcoin Twitter don't understand is that the biggest challenge with security is the unknown unknown.
Like most exploits will be overused before they become known. It's not that like, you know, like most guys that are friendly are gonna send you an email, hey, I found a bug, do you wanna pay me? No. Most guys are gonna go try to go in the market and steal people's money. Hey Charles, I have a question sort of extending Matt's question.
[00:38:13] Unknown:
So when Ledger is receiving I just want to sort of think about the economic incentive alignment. Right, so when Ledger is receiving $1 for selling a hardware wallet, some portion of that is is is put into supporting new tokens and feet and things like, you know, that we'll call shit coins. Not not to disparage the business model, but it's it's it's a good it's an interesting business model. And then some portion of that is put into hardware and hardware security. And where I get a little concerned is when that ratio of new money coming in where the incentive becomes more to support more and more tokens and alternate altcoins rather than to improve and increase security. I mean, is sort of DanJon just sort of the a fixed security spend, like, you allocate this much money to DanJon and then increase you don't maybe maybe that's too much detail for you to give away, but I'm just curious your thinking on that as how as new money revenue comes into Ledger, how are you divvying deciding how to divvy that up to security, new hardware security, and just new software altcoins?
[00:39:32] Unknown:
Yeah. It's it's it's a it's a good question. So recently, we have grown a lot. And when we when we grow, of course, we are allocating some resources to support new features and so on, but also to security. Frankly, to to be honest, I I I would have difficulty to to to tell you, x amount of percent and so on. First of all, what I can say is, last year especially, we invested a lot on platformizing our products in order to so that this is the community which invests in supporting new features and new coin. So this is there, you have a great alignment in in incentives because the community is happy to have its new application, its new coin within, a ledger environment.
And, on our side, we can continue investing in security. And about these very parts, like security, like, is about it's also when you are a security vendor, it's mostly about trust. And if you do a big mistake, your clients, the ecosystem, the trust can fade away very quickly. So and and investing in security is is probably a good idea, short term, but long term, it's a very bad idea. Long term, you lose. And at leisure, I can say that this is this is really true. We are playing the long tech long term game. And I agree it's always a matter of trade off. So how can you make sure that, this amount of investment is enough on the long on the long run and so on? It's always difficult to to say. But what I can say is security is always our top priority, and we we we can't do a big mistake in this area because, otherwise, we lose we lose the game, and that's it. So, yeah, this would be my my answer.
[00:41:35] Unknown:
Let me let me just jump in here real quick to pull it back. Charles, first of all, I appreciate your answers. Look, I think I think, you know, you and the rest of the ledger team have, you know, a very strong, security reputation, very good track record. Don John, as MBK said, is absolutely, fantastic to have in the space. My question with the alt coins and the staking and the NFT was more on the UX side. So it's, you know, I, I, I wonder that there's been a recent move that I've I've really enjoyed in the in the Bitcoin industry of of trying to simplify to simplify the UX.
But on the ledger side, you know, you guys have a, a, a pretty great mobile app and a mobile experience with, with the ledger device. But ultimately, it's it's it's a feature packed, like, software suite. Is there any thoughts about offering maybe some kind of simplified experience that doesn't give you all the things that Ledger Live gives you, or is that not a priority?
[00:42:44] Unknown:
To be to be honest, this is a regular discussion we we have, again and again. And for now, the I think the consensus at ledger after, like, doing user research and so on is that the market is more expecting what we built at Ledger, I think, a one stop shop software rather than adding something very, minimal and very, and very simple. So this is this is where we are in terms of user or research, but things change. Like, user change. We have new and new users. The users we had, like, 5 years ago are very different from the one we have today. So this is something we we we have to think about. And when when when we talk about UX and ease of use and when I think about my mother using, using crypto, frankly, digital life is too complex for her.
So probably this answer will evolve in the future and probably we will need, like, something more simple for for my model.
[00:43:45] Unknown:
I think there's a comparison here with NVK. I mean, obviously, CoinKite is Bitcoin only, but the cold card is a very feature full device. There's a lot of things you could do on a cold card. And the moved the move with the tap signer to me signifies, you know, oh, this is a a more simple straightforward device that does one thing, does it does it well, and takes a different trade off balance. Right?
[00:44:12] Unknown:
Yeah. So as the pie grows, right, in this whole industry, I I I think shitcoins are only gonna grow. Right? And and they're gonna grow a million x still until they go to 0. So I I think it's gonna be hard for a more mass market product, like Ledger to sort of cut that off. I mean, like, you know, you guys are gonna have to sort of get rid of, like, what? Like, a 5th of your like, 5 sorry. 4 5ths of your team because it's like, you know, you have the exchange services, you have all that stuff, and and it's extremely lucrative, and, you know, and, I believe in the free market, and there seems to be a very strong market demand for providing a secure solution for the Shecoins, And then that opens space for people like us who want to do Bitcoin only, don't want to sort of address that specific market.
If anything, I find Ledger to be a great funnel, sales funnel for us because a lot of their users graduate and come to us to be Bitcoin only. Some leave us to go to them because they wanna have Shecoins now. I mean, you know, it it it that's that's how a market works.
[00:45:22] Unknown:
I sort of have a question for all you guys because I this is something I don't see is what is sort of the number one support question you get? Because you guys all you Craig too. Right? You guys all see support stuff, and I only have sort of micro interactions where I I either had a problem or I know somebody that had a problem. I'm just sort of curious if if you guys all see the same things or different things.
[00:45:44] Unknown:
I I love this question so much because support is, one of those things that that direct and inform us on almost every decision we make. So we make almost all decisions based on diminishing or extincting any support question. So, you know, our rate of support is abysmal tiny, right, because we've been making decisions, design decisions that further that goal through years, and even pre in our previous iterations of CoinKite and services that offered before even Cold Guard or OpenDine. So when people on Twitter like to go and sort of like bitch about, you know, UX, Bitcoin's difficult, Coldcard is difficult, You know, they're speaking from their asses, they don't understand that like the people who get into Bitcoin, they find a way, they learn, and they actually don't have support problems. I mean, we only get support questions when there is a bug. Right?
A bug is found. It's like these users keep on hitting something that, like, we're like, hang on a second, like, it's not supposed to, like, you're not supposed to have this question. Oh, wait, you found a bug. Right? Really, the support questions are where is my order? Or why do customs have my order? Right? Like, this is the support that we get, and and I assume that for Ledger, it's probably going in that direction too because the market is evolving and becoming a lot more, knowledgeable or or find other means of finding that that knowledge. But, you know, I remember when we designed the OpenDime, we're like, how can I make a device that doesn't doesn't require software?
Right? Like, there's no app, there's nothing, you just stick the thing in, and it's very sort of easy. And I find that generally speaking, the majority of the people who also buy our product are very self selecting too. Right? These are people who want to be Bitcoiners, so they will try to find answers by themselves too, which, you know, it's kinda sad because it prevents us from knowing questions they may have. So, yeah, so that's sort of like from our end. I'm curious, on on Craig and Charles, like, what are the support questions they have? And, Matt might have some great, unquote, gym questions there too.
[00:48:12] Unknown:
Well, I just wanna say, first of all, in in, Vk, a lot of the time you don't get support questions because I get your support questions.
[00:48:20] Unknown:
Nice.
[00:48:21] Unknown:
So, you know, obviously, when people are using a Bitcoin wallet application, you know, that's what they're thinking about, right? The wallet application is giving them the error. It's saying I can't do x or y. In fact, often, even if the hardware wallet is showing them in their error, they still contact Sparrow support group and still kind of like, you know, my cold card won't sign the transaction. You know, what should I do? And I frequently then jump onto, you know, cold card's code and kind of look through and try and see, well, why is it throwing an error on this line, which it often quite helpfully provides the line number. So, you know, that is something that I didn't fully appreciate when I started this whole thing off is that kind of, you know, kind of all, not all, but certainly I think most of it gravitates towards the wallet application that's being used. You know, so there's there's a whole whole lot of lot of that. But to go back to the original question, you know, the the major, you know, recurring support, you know, issues that I have, I actually made a note of them before this.
They are, you know, perhaps in order or the the the the major one, at least for Sparrow is how do I connect to my node? I'm having issues connecting to my node. Obviously, we could have taken the sort of ledger approach, the blue wallet approach of by default, you know, you connect to the the sort of company server if you will or the provided one. I really didn't wanna do that. I still don't wanna wanna do it. One of my aims with Sparrow is to get more people running nodes. And, you know, so that's kind of one way to do it is just not to ever run the server yourself. So I'm kind of But you have a curated list, right, of,
[00:50:02] Unknown:
yeah, which is fantastic.
[00:50:04] Unknown:
Yeah. I kind of got to the point where I was I was helping sort of neighbors and friends work with Spud Sparrow, and it just kind of realized there's a whole bunch of people out there who, you know, can use the soft soft software if they could just connect to a node. Like, it's not too difficult to use if they can just, get their wallets, to load. So, you know, providing those was really and remains a jumping off point. But, you know, the UI, the support, everyone kind of pushes people towards getting their own node. And so if you're a Sparrow user, and, you know, you're having issues with, you know, public nodes, the the general advice that anybody on the support group will give you is really consider getting your own node at this point. You know? So, definitely, there's a strong push towards towards that even though the public nodes are provided for people who just kind of getting into it. So that's support issue number 1 and will probably always remain support issue numb number number number 1. Then I would say Tor is the next issue. Tor, as as we know, is, often down, often has issues.
No one really knows knows why an issue occurs. You know, it's just one of those things. Hopefully, at some point, it gets better, but I I suspect it won't. Maybe we need to look more closely at, I2P, but, you know, TOR is is one of those major things that never really goes away. And then just, for you guys, I I do get a fair number of of USB kernel kinda issues, which are just, you know, random issues where the USB kernel is just giving errors. And very unclear why. But often the best advice there is just to ask the user to re reboot, which almost always clears it up. So, you know, that's just one of those those things. I wouldn't say it's super common, but, it is kind of one of those, queries that you you get, and there's no real way to solve it or to reset set things that I'm aware of.
But it it does pop up from time to time.
[00:52:16] Unknown:
You know, Craig, so I I'm actually curious. What kind of signing difficulty do you see? Is it because the user so the the main issue with Coldcard, which is kind of by design is that it doesn't sign stuff that it shouldn't sign. Right? So it wants to make sure that it's sending change addresses back, you know, so essentially trying to not just YOLO. Right? It's trying to have some sanity check on what's signing to prevent the users from either being grifted or accidentally sort of sending to, you know, proof of burn. So I'm actually curious, like what kind of signing difficulty do they have?
[00:52:57] Unknown:
So I I would say, you know, usually the the first response I would give if I had that kind of support query is, have you upgraded your firm firmware? Because that's often the case. Right? We often have some old firm firmware there, and as soon as the user up upgrades, the issue goes away. So that's kind of the major one. I would say that cold card doesn't actually give a lot of issues. I'm actually getting more issues with the Trezza these these days because they are very restrictive on their derivation parts. And as a result, you kind of you often get these kind of errors where it just won't sign this path, and the error is not always super clear. And I think they've actually done quite a bit of work in the last few months, but people's firmware is not always up to date with that work. So they get a quite an odd error, and then you're not quite sure sure why. I think the more recent firm firm firmwares tend to make it a lot more more sort of clear.
[00:53:54] Unknown:
Have you thought about because it sounds that, like, one major thread on on how you end up having to spend your time doing support is because the hardware all the hardware is not up to date or the or the or the OS is not up to date. I know like USB on Linux is an absolute disaster. So that's a whole different problem, right? Like the majority of the people using Linux shouldn't be using Linux. They should be using a Mac or a PC and they would actually be safer doing that because they wouldn't be able to muck around and break things, but that's like a whole different thread. Now have you thought about, like, on the UI of Sparrow when they set up a new hardware wallet? Maybe you pull from, our GitHub repos, right, the latest version, not the software, just like, say maybe a model saying, hey, oh, I see that you are setting up a code card or a ledger.
Are you running this latest software version xxx? You know, like maybe maybe them reading that or having to press okay to that might incentivize them to maybe upgrade, that's just an idea, that that could maybe help you have less support tickets.
[00:55:09] Unknown:
Yeah. Look I I I do get that idea. It kind of runs contrary to my general design philosophy of like, don't build Nag Ware. You know, I really don't want to nag anyone. I kind of want to treat everyone as an adult who's kind of thinking about this. That may often not be the case, and maybe I'm I'm, misguided in in in that that that approach. But again, you know, I built Sparrow for me, and I don't want to have a little pop up that I have to dismiss saying, have you upgraded to the latest firm firmware? So that's why it isn't that kind of thing isn't isn't there.
It may very well, you know, if I did that kind of thing, reduce the number of support tickets and, well, you know, queries. But, it's gonna, in my opinion, diminish the quality of the soft software. So, you know, I'm always gonna tend towards, inequality rather than trying to diminish support, I guess.
[00:56:02] Unknown:
I I think, I mean, at least to me, like, the end goal of the stuff that we make is to make sure users don't lose their money. Like, it's sort of like that's always sort of like priority number 1 in my head. I mean, Coldcard was designed in our image. We wanted to have all the features and all the things that Bitcoin does, but I find myself also as a normal user who is just sitting trying to do core, you know, corporate treasury operations, and I don't wanna have to think about all this stuff. So I try to build sort of, like, things that that sort of I can offload some of that thinking to the device in a pinch. Right? So, or like, you know, I just have to go sign a transaction. I don't wanna have to, like, check the signature and all the stack and doing all these things. So that that balance and and the the the friction in that balance, it really is sort of like where you try to find good software.
Charles, you must get a, you know, you're probably like a 1000000 x bigger than all of us in terms of like install base. Very curious, aside from where is my ledger, tickets, like where do people fail? Maybe not the super normie people because, you know, that's the obvious stuff, but like where is that middle ground of people who are at least trying to understand what they're doing? Where do they fail and they need to ask for help?
[00:57:33] Unknown:
So in terms of customer support, Jess, we are receiving a lot of tickets. And as you said, most of tickets are, like, very, very simple. Like, clients, customers don't really understand what's going on, what to do, how to initialize their wallet. We we have a lot of, this this kind of stuff. Also, something which, which comes quite often is, like, connection issue. When you have, like, Bluetooth, BLE, with the NanoX. If you have, like, an old phone or, some some very, very weird BLE implementation, it can it can be difficult. USB on Linux, can be can be an issue as well. So, So, yeah, we we have this kind of stuff. And I I don't have, like, precise numbers, but I think that this is 90 90% of, of the of the volume of of tickets.
And, and sometimes you have very tech savvy users who are, like, asking, like, very, very precise question. And when this question come to, the technical team, we are like, woah. How? How how to deliver that? I I I don't have a precise example, but you have people, like, playing with complex, with with a complex dApp on Polygon chain and so on. There's a stuff we we don't even know. So we have to, research in order to to help them. So various thing, but mostly mostly simple stuff, of course.
[00:59:05] Unknown:
So, our resident uncle Jim here, like, Matt has had the privilege and and the the amount of work that it is to try to sort of like educate people on Bitcoin, deal with activists, deal with, you know, like different categories of people who are not necessarily, you know, the the proverbial mother, but, like, the the the next people, right, the the the people who are actually trying to understand what they're doing, like, where do people fail, and where do they hit up you or or you tell them to sort of go talk to support and try to figure out what's going on? I will say,
[00:59:48] Unknown:
that, you know, I'm not a, I'm a relatively pragmatic person. So with a lot of people, they, they do want to hold altcoins. And because they want to hold altcoins, I do send them to Ledger a lot. Particularly the mobile app, I feel like has made it a lot easier. It's a lot lower lift. Most people do not have phones, and do not have computers. So the fact that that you can just do everything from the phone from the get go is a is a massive win. The single biggest thing, I mean, I see is people trying to move from Ledger Live to Sparrow Wallet or something like that where they wanna use their own node.
And most of that, like, we've made it easier, but Craig Craig has touched on it already about Tor issues. I mean, most of the time, people are connecting to their own node via Tor. With Ledger specifically, there's, like, always, like, the issue of, like, okay. So I gotta initialize the device. I have to set it up. I have to update the firmware. What information am I leaking to Ledger? There's a lot there's a little bit of nuance there, in terms of of trying to set that up where you're not leaking data before you're connecting it to your own node. But, specifically, that pairing process with your own node or with the trusted friend's node, uncle Jim node. Right? When we say uncle Jim, we mean, you know, a friend or family member that you trust using their node.
I we see a lot of difficulties with that. I will give Craig a huge shout out that because he has Tor directly built into Sparrow, you literally just need to just need to copy and paste, the Tor Electrum address directly in there and boom, done.
[01:01:28] Unknown:
So, Craig, that actually brings me to something here. It's a 2 minds on this. One is I don't think any client should have 4 in them because users end up with 2, 3, 4 services running at the same time in their computers that can cause problems, or if anything just slows down further. So I mean I have never looked into it but have you looked into maybe helping users sort of like set up Tor natively on their computer, as just a, like, know, every time you boot your computer, you'll have a Tor proxy running. Right? I I do this. Right? You go brew, services, start Tor.
Matt, this this is this is a You're wrong on this one. Yeah. So you don't want it to tour in each app. You you definitely don't. It does help the noobs. I'm I'm not denying that. It really does help the noobs, but I I really don't want my client's software choosing which store to run and and have that being the default. Yeah. I think you're wrong in this one, MBK.
[01:02:39] Unknown:
I I mean, the perfect example was the move from Electrum to Sparrow because with Electrum, you had to have your own tour separate. Yes. That's a good thing. And you wanna talk you wanna talk about time and support tickets was getting people set up using Tor with their Electrum serve with their Electrum client. Meanwhile, with with Sparrow, all I have to do is tell them install Sparrow, then go to the setup guide and either press ledger or or cold card, and then follow the steps and paste the tour address into the thing. It's, like, well, it's way simpler.
[01:03:08] Unknown:
We've have had this discussion internally for as long as this company exists. I almost feel like in Bitcoin, when you when you turn on any Bitcoin device or software, there should be a a pop up that asks, noob, not noob. And and and it's like, and he presents completely different sets of defaults, completely sets different sets of like features and everything because I I find it so frustrating, when people obviously make different design decisions based on the expectation of how new or not new I am, and we are all always gonna disagree on that. Right? Like I mean, it is the very nature of advanced people.
We're all gonna have opinions and and it's such a a huge, huge challenge to to find that balance and and anyways, it's just more like a rant than like anything actionable. Noob or not noob? And sort of like change the UX after that. But then, you know, we go through the struggle of trying to create the the UX that serves both. But because it does expose the noobs to more stuff, right, and sort of like people learn. But, yeah, that's, that's an interesting thing there.
[01:04:33] Unknown:
Just getting back to the Tor thing quickly, you know, I'm always like, my my heart often sinks a bit when people, like, are saying, well, I'm trying to connect via via tour. Because now I just think think to myself, well, now there's just a whole lot of other issues that it could be. You know, tour is is this thing that we all love and love to hate at the same same same time. Right? So, you know, for me, I always you know, if I'm talking to somebody over support, I always say, listen. The best way you can connect if you're running your own node and you're sitting in the same house as that node is con is connect to the local IP, get the best speed that you can, and then configure an external Tor proxy, which is exactly what you're saying, MBK, you know, that is that is it makes complete sense. Then all of your external communications are going out over tour, and you're connecting over your local private network to your your your node to sync your wallet. So, you know, that's that's kind of the way that I do it.
Obviously, if you leave your your home, then you might need a different way to do things, but then I tend to opt for a VPN. So, you know and I kind of VPN into that private network that I have at at home. So there's there's kind of, I try to avoid using Tor to download, you know, the data for the for the wallet. Because if you have a large wallet, you can imagine there's a lot of data that you have to now transmit over Tor. And it's just a very slow transport mechanism to use. So, you know, I very much support for a more advanced user is don't use the tool built into Sparrow. You know? Rather go out there and set up your own tool, which starts whenever the computer could've starts. But to Matt's point, you know, trying to explain to a user that they need to run brew services, tour, or, you know, whatever it is, that's a challenge. That's a real challenge.
[01:06:27] Unknown:
I mean, particularly on the Uncle Jim side. Right? Because I just all I had to do is put my my Tor address into a signal message and be, like, paste this into the field on Sparrow. Boom. Done.
[01:06:37] Unknown:
And then please type your seed here. See, that that's actually another, like, small rant on the UX part. Right? One of the biggest problems with, like, creating experiences that are too easy, right, is that the users rightfully being lazy and busier with the other parts of their lives, don't put any effort into learning what the seed is or what it does. So there is this very easy social engineering attacks where they'll go to a user and they'll say, like, you know, to the mom, right? The mom has a hardware wallet, set it up, whatever, and then it goes to her, you know, on a DM saying, hey, I've heard that you have a problem with your wallet, send me your seed, and people do, right? Because they were not forced into understanding how dangerous that is,
[01:07:30] Unknown:
right from the beginning. Right? So again, it's just a matter of Just one thing I tell people when I onboard them. I'm like, never put this seed into anything unless you call me first. That's just what I say to them. I just say never never take this into anything unless you call me. So what do you do what he did is you're essentially the personal firewall for, for family and friends. That's right. That's right. I mean, we we talk about all this advanced security stuff, and then 99%
[01:07:57] Unknown:
of users that lose funds, it's from phishing. Right? They just get an email or a text message, and they fall for it. Yeah. This is a low hanging fruit. And for now, scams work. So scammers will will will go through, this methodology to to steal people. But this is this is a little bit like at the beginning of the Internet when, people didn't know, that they they they have to be careful about their credit card number and so on. Now, people have gained experience and understand better. And, but for for crypto, for Bitcoin, we are at the very beginning. People do not understand, and phishing them is the easiest way to steal them. But I think it it won't last. At some point, people will be educated and will be will understand
[01:08:46] Unknown:
how it works and phishing won't won't work anymore. At least it will be a class. I completely agree. I think it's there there are just a few wallet designs out there where they're trying to get rid of seeds because they're too easy for people to get phished on and things like that, which I I sort of completely disagree with. I think the the c is the best way for self custody and robust backup. And I think that you just that is the preemptive thing, and then you just need reinforced training that you don't enter this into things. Because even with, you know, sort of binary type x string type of things, people still can cut and paste those into things. Right? You can get phished on those things almost as easy.
[01:09:27] Unknown:
It's funny you went there. That was exactly, like, where I was going. What what a lot of people don't understand is that most people will screw themselves out of their coins before they're ever robbed or phished even by anybody. Right? So, you know, asking a user who might put real money into a wallet to not have a non digital backup that's human legible, it's it's an absolute disaster waiting to happen. Right? Because statistically speaking, I mean, the chances of your house catching on fire, your phone catching on fire with the house, or you losing the phone, and maybe not having access to your cloud or something are much higher, sorry, sorry, much much lower than, you know, your house catching on sorry, your house catching on fire has a much higher capacity of happening than somebody stealing the money from you. So having that seed, that human legible seed, right, on a piece of metal, it's like in my view, it's like this just, it's almost like another huge advancement just like Bitcoin was. This idea that it can have, you know, this this cryptographic secret
[01:10:42] Unknown:
written in plain words. I actually think it's easier to understand for noobs. Like, my I just onboarded my brother-in-law, and I I really hadn't been priming him very much. I mean, he was sort of aware of Bitcoin and dabbling and looking at this or that, but I really hadn't been pushing him at all. And he was sort of ready at one point, and we sort of went into it. And when I sort of told him about the metal backup and I sort of showed him what to do, I showed him, you know, stamping washers and stuff. That made perfect he's not a technical guy. I mean, that made perfect sense to him, and we went through it, and he he took it really seriously. And and and I I thought it was a really great success, and he he understands. I'm like, if somebody finds this, they have your money. Right? I mean, this is like a bar of gold. You know, wherever you put this, you're putting a bar of gold.
And that that's just a really easy concept for him to get, I think. Yeah. No. That's exactly it. I mean, humans have been doing physical custody
[01:11:36] Unknown:
forever since humans were around. Right? Like, I was there screaming in the forest, running after animals to eat, and I was probably custodying whatever I killed, right? So like it is it is a very natural thing for people to do which is really cool. People understand that natively. They don't have to sort of like get schooled on how to keep something secret physically, So that's like a nice first step, so that when they go to the next round and sort of like the next upgrade in security and do, I don't know, multi sig or pass phrase or whatever, they will instinctively understand that now maybe they have 2 secrets as opposed to 1, and they should put it in 2 separate places, right?
Yeah, I am not a fan of the seedless designs, and I think will will lead to a lot of grief.
[01:12:29] Unknown:
MBK, what are your thoughts on seedless multisig setups?
[01:12:35] Unknown:
So, like, top signer is seedless. Right? That essentially, like, negates all my rants that I just had. Because, you know, really, like, we have to try stuff to see if we can come up with the next thing. Right? Because seeds are not perfect. They're amazing, but they're not perfect. So how do we go to the next thing? And there is also Taproot, which does change the the security trade offs as well when it comes to multisig and and each signer sort of derisking them and stuff. So TapSigner is our attempt at doing seedless by still making the user ideally back up on their phone an encrypted key where the encryption of the key is laser etched on the card.
So the phone cannot see that private key. Now we're very clear that the trade offs that we made on that product are not for you to put your life savings in single sig, right? But they could work for you to have your life savings in multi sig because see, you can use you can have a tap signer as just one of your signers, one that is high availability to you so the keys are not on the phone. And the other signer could be a cold card that's deep buried somewhere where you do have a backup and maybe the third one is a service or is another cold card or something. Right? So you could derisk the lack of that seedless signer of that multisig.
We essentially get back to seeds even though you're functioning on your daily base seedless. I think it's an interesting proposition, and as Charles and Lazy would would be very familiar with this is Java cards are a very old and resilient technology. Right? So the the chances of that device breaking beyond recoverability are very low. So that also gives me a bit more comfort. And these devices are essentially fully sealed, right, because they are, NFC sort of essentially baked into plastic. And on Charles case, I think you guys put epoxy over the the SE, right, or no? I can't remember. But but, you know, but the package is resilient enough and and and you should be able to at least recover in a lab in case you need to, provided that you have the PIN and all the good stuff on your case. But anyways, I I think 2 things are important. 1 is we need to recognize that seeds are an incredible achievement.
We should push people towards them, but we should not stop attempting to come up with alternatives that may resolve some of the UX challenges, at least for the daily operational, part of your life. That that's sort of, like, my my view on this. I'm kinda curious on Lazy's view on this.
[01:15:44] Unknown:
So I'm a single sig maximalist. I will so well, for say for personal savings, like, I think there may be a c list multi sig for an intermediate value of spending or something like that, like, your normal bank account, not your life savings account might work. But I I've just been really against I I mean, what bothers me with multisig is when you have sort of the 2 of 3. Like, a 2 of 2 multisig, I'm much more comfortable with, but when you start having 2 of 3, I think it starts really leaving room for people to mess up because they they don't realize that they need 3 of 3 public keys backed up, and the redundancy in their their backup setup of all those. So I I I'm really 2 of 2 may be multisig, but I'm I'm really just a single sig passphrase guy. I that's all I ever recommend right now. I I am a 100% with you there. I don't think people appreciate
[01:16:43] Unknown:
the complexity and the room to screw yourself out of your c out of your money by using multisig. It it it's a ginormous
[01:16:51] Unknown:
complexity increase. Right? It's literally exponential. People think it's small though. Like, it it seems like it doesn't seem like a lot, but there's just there's so many things that just go like, I look at some of the dumb thing, like, I I so I well, I I don't wanna describe what I did specifically, but I I did something with, my backup so I could have it sort of more available. So there was some superficial protection not superficial. Some strong protection against somebody just casually finding it, outside the passphrase. And I had I had sort of done it a couple times and tested it, and then I tested it one time and I realized I had duplicated one of the things on there in a way that I could figure it out, but I'm, like, I did this, like, 3 times and I didn't catch this simple mistake, and this is just sort of a simple single sig type of thing. I'm like, holy cow.
Adding small things just create a lot more additional complexity than people appreciate.
[01:17:43] Unknown:
It's a and and, you know, going back to that support question way, earlier in the conversation, husbands and then the husband dies and then, like, he left a super complex multisig setup that is incredible. It's so secure that the wife can't figure out. Nobody can. You know, I I I am a staunch believer that multisig should be done managed. Right? So you're gonna have a wallet like Nunchuk that will sort of, like, help you set up the multisig in very specific use case or, you know, Craig's solution is gonna use a similar solution. Ideally, like on Sparrow, like, you know, I understand you wanna let people be grown ups and set up all the stuff however they want, but like people make mistakes and they don't back up things the right way, so they do end up screwing themselves over. And I think a lot of the hate for single sig come from people doing, FUD ing, harder wallets really.
There is some actors in the space, they're like, the paranoia that they have against hardware wallets is completely uncalled for because it's provably wrong. Right? You can be provably wrong, right, if you do your diets, if you do all the stuff, and you could resolve that that paranoia instead of pushing noobs to do multisig with 50 CDs.
[01:19:06] Unknown:
There there's an interesting aspect that I just wanna touch on there, which is essentially inheritance planning, which is what you just mentioned. If you have a if you have a really complicated multisig and you pass away and whoever you want to receive your Bitcoin, isn't able to access it. That, and that is not unique to multisig. I have had, I've gotten messages at, you know, midnight from a friend. I'm going into surgery tomorrow. You know, my wife knows where my seed and my pass raises, but I told her to call you if something bad happens, it's free to recover it. And like, obviously that's not a great situation because she has, you know, whoever, whoever your air is, has the whole, the whole kit and caboodle. Now, if you have, a well oiled, you know, multisig UX, then if you're already trusting me for the recovery process, I could have one of those keys.
She could, she could still call me in that situation. I could still walk her through the setup, but I can't spend it on my own. She can't spend it on her own. Maybe you involve some other third party in there so that I'm not trusted. Right? So, like, all of a sudden, that inheritance issue could be mitigated to a degree and made more safer
[01:20:18] Unknown:
in a multisig setup. Multisig does offer some advantages in that inheritance situation. You know, the challenge now is that if you have access to the quorum set up information, right, the script and the xpubs, you can find out the the amount. Right, and you don't wanna share that amount with friends or family, right, you want to be blinded but you want them to be part of the recovery setup later. I think that's where Taproot is gonna really shine later on once we have like a proper MOSIG spec and sort of because then you can you can lower the threshold of those keys and you can come up with much more clever ways of blinding that that, those amounts to essentially the saving grace keys that are out there, the emergency keys.
Until then, you know, every time you do multisig with a third party, you're essentially doxing your your coins to that third party, which is a much worse attack surface than the security of the single sig, right? Because say we're friends now or or say, for example, you're a non Bitcoiner, you know, and let's say some bad guys assume that you do have knowledge over other people's money, you're now at risk and they could try to coerce you even though you don't have that to try to get that information on other Bitcoiners. Right?
This this attack surface is terrible. Yeah.
[01:21:44] Unknown:
I pressed up I pressed up by accident, to be honest.
[01:21:48] Unknown:
I've got a, just a bit of a counterpoint to the single sig pass pass passphrase argument. You know, getting back to the support queries thing, I get a lot of support queries. Well, when I say a lot, I mean there there's there's been a few people who have forgotten their passphrase and can no longer access their funds. And that's a really sad situation. You know? I mean, as we all know, people, lose access to their funds far more often than they get stolen. And, unfortunately, past phrase phrase phrases are generally considered something you need to keep in your your head.
And as we know, humans are really bad at keeping things in their head. So people, you know, forget them, and then you kind of have to say that, you know, they're they're just panicking and freaking out in the support chats, and and, you know, you just gotta say, just calm down, Try the all the different options. Take your time, it's gonna take many hours, but you know, you'll eventually get the right one. I gotta gotta say, I don't love passphrases for that reason. I I really do find that they have a major UX challenge there.
[01:22:58] Unknown:
You know, what I normally recommend people, especially sort of noobs with a lot of money is to pick, essentially 12 words, out of the BIP 39, namespace, and back use those as the passphrase and bake those into a metal plate as well. So you put one metal plate to the seed somewhere, and then you put the passphrase seed plates elsewhere. Right? So now you diminish the risk of 1, you don't have to remember anymore, right, except for operation, but also, you know, you don't have a challenge with people having complex passphrases using, you know, like a larger character set that could also be not supported by a different hardware, and and they do have a nice backup for that. Hey, Rodolfo. I I agree with that strategy,
[01:23:54] Unknown:
but actually hardware wallets present a problem there because I I I actually agree 100%. You're I I think a passphrase should actually be a part of the word list. I think that's just a seamless way to help support backup, and it it just makes sense. But it's really hard to enter that many characters on a hardware wallet, so people just aren't gonna do that because the UI and hardware wallets is just painful to enter a large number of characters for a passphrase.
[01:24:23] Unknown:
Yeah. I don't disagree with that. You know, I'm of 2 minds on that. One is that's a good thing and the real money should not be easily accessible, should not be fastly typable. You know, like for money you need to actually transfer, like all the time, then just use a phone wallet, use something else, use, you know, non passphrase, wallet, hardware wallet, whatever. Like, there's a million ways for you to do that. But then for the the real money, you want to be in a position where not even you can transfer that money in less than, you know, like, 10, 15 minutes typing.
[01:24:59] Unknown:
I I think that's actually a security feature. But then you have a separate issue, right, which is you have an issue where people, they don't touch their savings for, you know, a certain amount of time. We go through a bear cycle, then it's like 5 years later and they're not comfortable at all of using their using their funds. Maybe the funds are up 10 x, 20 x at that point, and they have no idea what they're doing. Like, they just like, there there needs to be some level of familiarity there. And, obviously, it gets solved if you have a separate wallet that is easier to access. It's not your savings wallet, and you're using and spending Bitcoin all the time or you're getting comfortable with it, but most people don't. And I do feel like there's a bit of a disconnect. I think Ledger does a pretty good job with this, but there's a bit of a disconnect between pragmatic options, versus overly secure options. I think SeedXor is a good example of a pragmatic option that you've implemented on cold card. But for just for an easy example here, you know, when it comes to really close friends, when it comes to people I went to high school with or college with that are that are not, you know, very proficient with using Bitcoin, but they've heard me just harp about it all the time, so they end up doing it. There's been so many situations where I just have their full seed in front of me, you know, where they just put it in front of my face because they won't recover their funds unless I have that that thing. Like, I, like, I can completely own them, And and there are probably little pragmatic things we can do to prevent that from being the end result. Right? From that being end result in reality.
[01:26:31] Unknown:
My overall recommendation, like, would be to keep it simple and stupid. Because when when you have a look to the numbers, I think we have plenty of people who just lose the access to defense because they, they set up a too complex methodology. Either that was something with with, with multisig. Either they they lost their passphrase. And, again, you you don't really you don't really improve security if you if at the end, you lose your fence because, because your your setup is not is not usable anymore. So I remember a couple of years ago, there there was some debate on, Twitter with Michael Flaxman, for for instance, like, that hardware was not were not secure enough, and you you had to, to use a multisix setup and so on. I think we are we there are plenty of people who just lost money because they've listened in.
Yeah. I think this is this is a mistake. We we we need to have, like, a simple setup. After that, it depends if you are a financial institution and so on and you need governance and so on, then it's different. Then you need some some some rules. Using a multisig can make sense. And, and and, by the way, there's are some steps which are often requested to to us. But again, there are very few people, who who use them. We we are working in, in implementing a mini script, by the way. We will release it in a couple of months. I think it's, it it will be ready in on October. So if you want to implement some, like, enhanced governance, this is the tool you need. But for, like, 99% of the users, don't choose MiniScript, don't choose, Multisig.
And even passphrase, think about that. If you lose your passphrase, you lose your friends for forever. So you have to, to think about your threat model, but also to think about what happens if you lose your, passphrase. So this is a there's a there's a lot of stuff, to to be, to be taken into into consideration.
[01:28:42] Unknown:
Yeah. You know, one of one of the biggest issues I have with the with the conversations about wallet, on Twitter and and some of the other sort of, like, chat systems where Bitcoiners sort of, like, bitch and and also cheer for things that they like personally, is that there's this sort of, like, all or nothing, sort of like view of of of of security. Right? And and a lot of times, most of the people giving opinions on these things are not people who are capable of giving an opinion about these things. And you know they're very sort of like a strong opinion about security where they don't fully understand what's going on under the hood. And you know, I I really think that as as an industry, like, one of the best one of the best things we can do is push people to have more than one setup.
You know, like, is for them to have a spending wallet on their phone, a very easy moon wallet or something like that. Right? And then have a middle ground place where, you know, they have their sort of like more money but not all the money. Where maybe maybe is a passphrase wallet, maybe is not. And then they have their deep cold stuff where it's like really is the money under the mattress. Right? Where where they do have a different a different they need to have a different view on this as as, like, don't don't put all your eggs in one basket and and and don't don't listen to people who tell you to put all your eggs in one basket either. Right?
And and also don't listen to overly, like, expert opinion. Right? Because, you know, like, I absolutely love the questions that that Flaxman open up. Like, it was actually a lot of advancements that happened in Multisig because of the questions that he did open up. But the problem is Flaxman is a wallet developer. Like, you know, if he screws up his system, he can go and code his own wallet to redeem those coins, right? That's true. And the challenge is with his design choices, like the average person would be completely screwed. And we had conversations about this publicly too and I find it's like you as an expert is very easy for you to see all the flaws and everything, but you're not necessarily measuring, what are the chances of stuff happening for 1, and and 2 is how people are gonna screw themselves up because you wouldn't screw yourself up. Right?
So so that's sort of like just how I view that that that specific time in Bitcoin space, when, when multisig was sort of like coming forefront because of the was a 10 x improvement security paper that, Flexman wrote.
[01:31:42] Unknown:
It's sort of funny. There's the reverse of that almost with the air gapped PC where the layperson it looks so easy and simple. I'll just you know, where the the opposite is with multisig, but yeah. So people just I know this is one of the topics, and I
[01:31:55] Unknown:
I just No. Bring it up. This is a perfect time for it. I just shake my head
[01:32:01] Unknown:
at people with the air gap PCs. They they just think that it's something magical and easy. Oh, I don't need a hardware wallet. I just plop this PC down and turn it off turn the network, card off and I'm done. It's just I I just and they're like, well, how could this possibly be hacked? Like, one guy just asked me that recently. It's like, please explain this to me. I just don't understand, and I I almost don't even know where to start. I'm like, you clicked download Ubuntu, right? But there was 3,000 other things developed downloaded from from repositories that other people were maintaining and developing. I mean, it's just there's so much happening and people just don't appreciate it. I mean, you know, computers were designed for you to answer email and go watch porn.
[01:32:45] Unknown:
You know what I mean? They're not designed to hold secrets. They can't hold secrets, especially modern OSes. We're talking about tens of millions of lines of code that are not like, you cannot audit that And that's not even getting to the hardware. Right? Like so so let's say you use Tinfoil OS. Right? Like and and Tinfoilos was like, you know, reviewed line by line by Max, by, g Max. Right? Like, you have a team reviewing line by line of every single thing that the computer does. However, now you have another problem which is the hardware. Every single little subsystem in that computer has closed source hardware stuff running on it, and it's all remote upgradable.
[01:33:34] Unknown:
Well, like, let's take the Trezor, like, example. Right? So we pick on Trezor because they, you know, don't have a dedicated secure chip and it's sort of easy to fault the ST chip to get it to do bad things. Right? Well, in a PC there's 50 of those chips in the PC, all of which can be faulted in the same way, if not easier than than the Trezor, we'll click on Trezor, but the STM 32 just generically. I mean, people just, you know, because all the chips are wrapped up in this box, they don't realize how much is going on inside that box.
[01:34:09] Unknown:
Yeah. A traditional device is, like, 100 times more, secure than, your gapped computer. There was there was no debate about that. Like, the attack surface of a computer, even if it's a gapped, is wide. Like, you you have to to think about that. It's a Swiss cheese. Yeah. Definitely. Definitely. And, if you want to to take an example, like, Al Iranian sent refuge, like, 15 years ago, I think. They were they were completely gapped in, secure, premises and so on. And then the American with, Israeli secure, secure services, they developed TextNet and TextNet broke the Iranian centrifuge even if they they were a air gapped. I I just want to say that there was no magic, with, with air gapped thing. So, yeah, Stuxnet was this thing.
[01:35:04] Unknown:
So, guys, with this going on, why do you think we are not seeing more software wallets getting hacked and people's funds getting taken. Because, presumably, you know, it should be happening every day. Right? We should be hearing about this every day. People should be jumping on Twitter saying, I lost all my funds. I don't know what's going on. And then someone says, oh, you have a virus.
[01:35:25] Unknown:
Why is that not going on? It does happen. You won't hear it. It does happen every day. And and for now, I think it's also a matter of opportunity cost. When if you are an attacker, it's, like, far more easier to fish people, to scam them. Just you you just tell them just give me your 24 words and it works one times over 10, and then it's easy. You don't have anything complex to do. So for now, this is mostly a matter of opportunity cost cost of very, like, advanced attack versus,
[01:36:01] Unknown:
versus a scam or fish. Well, remember. Right? Like, this is also an install base problem. Sorry, Matt. This is also an install install base size problem too. Right? So the amount of people putting their seeds in a computer is tiny. Right? Majority of people who do who do use their own self custody solution do use hardware wallets, but the great, great, great majority of users have their coins on Coinbase. Like so, you know, like, you just don't have a lot of people doing these stupid solutions that get sort of, like, recommended on on on Twitter, for for people to do the air gaps sorry, the the air gap laptop.
Sorry. One more thing is is the same for the Raspberry Pi based hardware wallets. It's like it's idiotic, that that, like, you cannot protect that OS. So you cannot protect that firmware, and and, you know, you may not see attacks while this this install base is tiny, but as it grows, you will, and people won't know what happened. And most of them may not be even on Twitter, so they won't go complain there.
[01:37:12] Unknown:
I just wanna add here that to me, it seems like most people get compromised through phishing. And from a newcomer perspective, the single biggest advantage that a dedicated hardware wallet or hardware signer does is I'm able to tell them when they get into it, that they should only enter their secret backup words. That's what I call the seed to them into the device, that one single piece of advice. And that one part of the UX flow that you you enter it directly into the device rather than entering into your phone or into an email or to a computer saves a shit ton of people.
[01:37:49] Unknown:
Yeah. It's good hygiene. Right? Like, having single purpose devices forces users to have good hygiene and including advanced users. Right? Because you can be the most advanced person, but when you're dealing with your accounting and dealing with your, like, other stuff of your business, you might have your programmer brain turn off and make a mistake as well. Right? It is surprisingly easy to make a mistake with this stuff.
[01:38:16] Unknown:
Yeah. And it it makes me think about, like, a large scale attack that we we that we saw a little bit in the past. Some people are just taking pictures of this of their seed and with their phone. And, yeah, it's, unfortunately, this happens. Yeah. This happens a lot. And in the past, there were some some random, application on Android, which, just request, the right to access to to your your photos, and that's it. They scan them. And as soon as they they they, they find seed, they just send them to the other cars. So this happens every day, Craig.
[01:38:53] Unknown:
Well, another one on that is, like, remember when they were preloading hardware wallets on Amazon with a seed? Remember they were ledgers and Trezors. Right? You know, you guys have a bigger install base, so they were just putting them for sale on Amazon for cheap. First was eBay, but then it was Amazon for cheap repackaged, and users just don't know. I mean, even even us going through the extent that we go with the security, I mean, the the user is still sort of like the biggest, security hole.
[01:39:23] Unknown:
Yeah. It's it's it's a big challenge. As a new user, you don't know what to expect. So you receive a scratching card, like, with a prefilled, seed, and you don't know what to expect. And you think it's normal, and then you just load your Bitcoin on it and that's
[01:39:38] Unknown:
it. You know, one note on the on the air gap stuff. You know, one thing that I love about the air gap stuff is that it sort of essentially saves you from unknown unknown. Right? Like, we were talking about, we just don't know if the device has a bug that's exploitable or, you know, or the the manufacturer is malicious or something has a backdoor on it. And if you're not connected, you remove the synchrony, synchronous of the attack capacity. Right? So the attacker would have a much, harder time to to remotely access it. And, you know, USB is a shitcoin.
But, yeah. Sorry. So so Charles needs to step out, in was it 10 minutes or so? If you guys wanna keep on going, there is other things for us to talk about, but, you know, it's all up to you guys.
[01:40:28] Unknown:
Do you guys wanna do the air gap a little bit more? I I do have I wanna get you and Charles in a in a fight here because I I do I do have a Go for it. Some thoughts on SD card and versus USB connection, which I think is sort of interesting. I'll give you sort of my you've heard this before Rodolfo, but, the benefit of the cold card, right, is you can do USB less. Right? You can just do SD cards to physically transport the the PSPTs across the air gap. Right? But and then you mentioned this, you know, the attacker's synchronicity. Right? He he can't he maybe can modify the PSBT and but it's physically transported over that barrier by a human.
Now, I I do have one thing there that I brought up before is SD cards aren't just physical media, they are actually microcontrollers. So the hacker can actually insert software on the SD card and when you plug the software when you plug that SD card into the cold card, it can do stuff, Right? It could do things like you could maybe drop a file on it on the computer, but when it gets plugged into the cold card, it shows the cold card different files. Now, obviously, the user can, you know, verify addresses and catch it there, but there's other things it could do. It could try to exploit protocol errors in the SD card interface with the thing. Right? So there's the attacker has a small microcontroller that he can attack with. Yeah. No. I I completely agree with you there.
[01:41:56] Unknown:
I think that because, like, essentially, like, nothing is fail proof given enough resources, enough time. Right? That's that's code card reads a drive. Right? Like, the way Coldcard is looking at that micro SD, it is a substantially smaller, surface and purpose. Right? So we can audit that, we can look at that, and try to find paths in which, you know, attacker could try to exploit that. The amount of people out there that can insert, you know, malicious firmware on a micro SD is much smaller than the people who can do malicious things with USB. Right? I mean, USB is an absolute clusterfuck.
It's huge attack surface. What's nice about what Ledger does is that Ledger is using a secure element that is designed to handle things in a very narrow way too. Right? You guys are probably using CBOR or something like that to talk back. So the thing is, you but you're still connected, and that connection matters because if you are trying to do a remote attack, you want feedback. Right? Like, is this working? Try this other thing. Is this working? Try this other thing. Oh, did you get something? Oh, you need to go there to get it now. You need this other bug to happen in order to extract. Right? So there is this very long list of things you're gonna probably need to do to pen test it. Now if you're not USB, technically, you could have the software trying to do that, and and then there is the bugs. Right? You could have a bug that has a hole on it, and then boom, gone. Yeah. I I'm really curious to hear Charles' thoughts on this before he goes because so I'm really interested.
[01:43:39] Unknown:
Yes. Yeah. Sure. When when when you have to sign a transaction, at some point, you need to communicate with the blockchain. There was, there was nothing like those worlds are completely separated. You need to bring some data from, like, the blockchain to your signer, sign it, and then bring back this sign paid up to the blockchain. So when we say a gap or something, this is just a matter of channel. What what does your your channel look like? Is it complete? Is it SD card? Is it USB? And then we can discuss. Then this is about, like attack surface.
So your thesis is to say, like, the SD card attack surface is simpler than USB. It can be debated. I don't know. USB is large standard. You you agree I agree with you, Enrique. This is large standard and if you try to implement the the standard overall, there is some area to to to do mistakes. So what we do is to implement a very small subset of this tunnel. And when we implement USB, it's implemented on another microchip. It's not implemented in, the secure element so that you have, like, another layer of of another layer to to to to do this this communication. And the attack surface of the secure element itself is, is less, is is is not bigger because of because of USB.
But, Adrian, what what I want to say, there was no perfect solution. There there's plenty of trade off. And when you choose SD cards versus USB, you in terms of UX, it's clearly, less for less convenient and it's it's yeah. The the UX is is, is better with with USB. Does USB have a lot larger, larger surface? Maybe. Maybe you're you're correct with that. But I think the trade off is, is better in terms of UX, and this is, this is the one we, we choose. But, yeah, I I I will review. When when you implement USB, you have you have to be very careful. You have, you have to limit, what kind of USB standards you you you implement, and then you have to to to do penetration testing, verify,
[01:46:10] Unknown:
how it works and so on. You know, what's nice about, like, this new standard for PSVT is that we no longer need to take arbitrary data in or arbitrary formats in to, to to operate with. Right? So you can be very, very picky about which data bytes really you are you are picking in and you're letting in to sign. Right? It's not like we're, like, you know, executing stuff from my micro SD card too. Right? So it's, you do reduce there. But, you know, that reminds me, way back then there was a a power differential analysis attack on a Trezor and they were able to read the Trezor calculating keys and able to leak out the keys.
So so, you know, it just goes to show. Right? I mean, like, the stakes are very high. Right? So, like, how you find the straight offs, and how we derisk each solution really is really is the challenge there of of finding a good security sort of set for people. Yeah.
[01:47:23] Unknown:
I I would have to I would have to jump now. Yeah. You need to go. Right? Yeah. Yeah. That was a great discussion, sir. Thank you. Thank you very much for having me. Maybe we can continue the discussion in the in the next episode. Thank you. Thank you again. It was a pleasure. Appreciate you, Charles.
[01:47:39] Unknown:
Thanks. Bye, Charles. I I really appreciate you guys coming and, may may we'll do we'll do this again, Charles. Don't worry. Yeah. Cool. I'll let you here. Thank you, guys. And then, if you if you if you guys are still game, we can keep on going.
[01:47:55] Unknown:
I can keep going.
[01:47:57] Unknown:
Yeah. Sure. Happy to. Cool. I have a few more minutes, but not not forever.
[01:48:02] Unknown:
Okay. Yeah. No. It's just like I I just love the fact that we can have, like, a bunch of, like, different people from the industry in a non contentious sort of environment to sort of, like, just talk shop, you know, and sort of discuss the challenges and things we have and sort of where we can go. I don't see a lot of that out there. So, yeah, thanks for for being here. Okay. So, what do you guys wanna talk about next? Do you wanna talk about BIP standards and things like that, since since that's timely?
[01:48:34] Unknown:
Sure.
[01:48:35] Unknown:
So I guess, like, just generally speaking, the BIP process, for people who are not academic is is a challenge. Right? I mean, people like us like to go our own way and build things, and and sort of, like, have the least amount of input from others, based on our design choices. But standards are the magic that makes all the stuff work between each other. Right? And and there is a good xkcd cartoon about, you know, the best standard is all is this next one that's gonna solve everything else, right? So standards are about compromises, and right now we have one that, Craig, proposed.
So, Craig, do do you wanna talk about your your last, BIP proposal?
[01:49:22] Unknown:
Yeah. It it may very well be the last one that I ever do. I know you didn't mean it that way. No. It's it's, it's basically a, format for Warts to be able to export their labels. So right now, as we were talking about earlier, we can export, you know, the funds from a wallet just by using the seed seed words, but we have no standard to be able to export labels from a wallet. And those labels can contain a lot of valuable information. For example, you labeled your UTXOs to show where they've come from, and then that allows you when you spend them to determine whether you are linking UTXO's that may be giving away more information that you would like to. So, you know, there's a lot of value to the labels, and currently, they're quite siloed within different different wallets.
So what I was trying to do here, and to be honest, I pulled off this task for about 6 months because I knew it wouldn't be much fun, is to, you know, come up with a a BIP that just really just sits sits down here as a format to export the address labels, the transaction labels, and the input and output labels from a wallet. Unfortunately, I think it's probably the one of the most bike shedable, bips that you could ever write. You know, everyone has an opinion on something as basic as, you know, exporting, what is basically just a a map or a dictionary of of kind of the transaction ID to the label or whatever it is.
But what I was guided by when I was trying to do it was just the idea of trying to build something for users as opposed to building something for devs. And that led me to and I I didn't actually get here at the start, but I it led me to the CSV format, which is, you know, in some ways not ideal, because it is so, you know, so long in use has been exposed to, you know, different ways of doing it over over time. But it's just some something that everyone can use. Right? Everyone knows how to fire up Excel, and load a CSV in it, and that kind of gives everyone access to their labels outside of a wallet. So, you know, that's what I'm trying to do.
Hopefully, you know, we managed to get a standard across the line which retains that kind of, user accessibility. And that's, you know, that's also what I'm trying to do when I'm saying, let's if we want to make these labels more secure, which obviously they should be because they contain a lot of private information or is privacy sensitive information, You know, let's use a zip file because we can encrypt that. Right? So it's, again, a tool that in some ways is not ideal because zip files used to support relatively insecure encryption. But there's a way you can use them with strong encryption as well.
And if we can do that, then we can if if effectively give somebody a file which is in encrypted state at rest. And that just means that we don't, by default, have everyone exporting files which contains lots of privacy sensitive information that's just sitting around in hard hard drives, which obviously we're trying to avoid. So, you know, that was the kind of the design thinking that I had when I went into this. It was just trying to create some some something which allowed people to get their labels out of one application and into another, and secondarily, to be able to edit those labels in an application outside of a wallet. So, you know, integrate them into maybe their personal accounting, if it's a business, whatever business process that they're in. And I was kind of guided here by some of the the kind of professional users that Sparrow has. You know, those guys want to be able to, you know, manage and do their sort of work, in applications outside of the Sparrow Wallet. So yeah. So that that was kind of my my thinking on it. Obviously, when you submit a sort of a a a proposal like like that to a very developer focused list like Bitcoin Dev. You get a lot of views on why CSV is bad, why zip files are bad, and all of those kind of things, which I don't. You know, they do have down downsides, and they are always a better tool for the job.
But that tool tends to be very niche. And that just means that, again, those users don't get access, outside of, you know, one wallet application to the other. So that's, yeah, that's kind of what I'm trying to do.
[01:54:01] Unknown:
I I think, I mean, like, Electrum has had this issue for millennia. Right? I mean, there is a reason why, like, nobody used Core as the wallet after Electrum came out. It it did have labels, exportable labels, and and I think what you're trying to do is something that's extremely necessary even though it's technically so silly in a way. You know, this is not like you're inventing, like, some major thing that could cause some major problems for Bitcoin. Right? This is just a standard for labels. And, you you know, parsing CSVs is is very tricky. Right? That's why I think a lot of devs have an issue on the list about, CSVs.
But, you know, as you pointed out, there really is no other open format that is widely importable by consumer software. Right? I mean, you know, I do this monthly. I have to submit, like, I have to to put all the Bitcoin stuff into the accounting software. Right? And the accounting software does import CSV. What it does not import is JSON. Right? So, you know, as much as JSON is sort of like a great machine readable format, it is not human readable. So I I don't you saw maybe my reply there which is, you know, I personally have big doubts that most people will go, with the proposal as is just knowing the the the cat herding that would be there.
So, I mean, I think that having a format for import and export between wallets, with JSON and then, you know, just having a spec that most people export the CSV as might be a higher chance of getting a BIP going. I think that the ZIP you brought up, it's true. 7Z does support strong encryption as well, and it is supported by most systems, so maybe that helps your proposal. But, yes, I mean, you know, Zip, at least it's it's familiar to people, but I think most Zip clients do support 7 zed as well. Yeah. Yeah. It you'll be tricky.
[01:56:25] Unknown:
Yeah. I mean, I think, you know, one thing that I learned is is that, you know, CSV is actually defined. There is an RFC, for it. And if you follow the RFC, which my proposal now mandates, then I personally can't see how you're gonna end up in some kind of pausing hell. Like, you know, it's just, that's not to say that, you know, clients who implement the BIP will follow the BIP. They might, you know, do some something wrong. But at least, you know, if you follow the BIP and you implement the definition, which, as far as I can tell, is also what what is supported and implemented in Excel, in Numbers, in LibreOffice, Calc, you know, all of the sort of platforms, they all kind of follow this RFC as well. Then I think CSV is actually fine. I don't actually think it is the issue that I thought it was, when I first posted this to Bitcoin Dev. So I'm kind of, I'm kind of hoping that it's enough to get over the bar because I think losing the ability to export and see a CSV and we just go back to sort of a JSON, which would be easy, really just deprives users who don't really have much of a voice in this, to you know, from being able to sort of access the labels.
You know, then they have to rely on, hopefully, the wallet building some kind of a CSV export in addition, which which obviously is not ideal. So, yeah, so I'm kind of hoping that CSV is actually okay. But, you know, one of the things that I'm not sure of, this being my first BIP sort of process is, you know, how do you know that you're you're good? Right? How do you know that people have kind of gotten over the line? I'm not actually sure.
[01:58:15] Unknown:
You know? I have a couple comments on that. So I I don't disagree with you at all. The CSV could be workable by machine readable. I I agree with you. I just think you're gonna have a very hard challenge convincing other people that CSV is okay for that. Just knowing like, being experienced experiencing this crowd a little bit. And I think a lot of them will have a problem with the actual FC. You know, it it just might be like a a path of high resistance that may not be overcome. But just generally speaking about BIPs, there is no formal formal process, but it seems that the tradition is to, you know, you propose your bIP on the mailing list.
You know, let's say, let's say, you know, it's not super contentious or it is say say it's mid to low contention, right, which I think it's where you are at maybe. You know, maybe then what you do is you go and you submit the BIP to the actual BIP repo, right, asking for to be assigned a BIP number. That's normally where the people who are more high stakes in the game start to have an opinion, for things that are not too contagious outside, and and these are people who often actually care about the code and and be a little bit more skin in the game as opposed to just people replying on the mailing list. The mailing list sometimes can just get in the way, and and there is no, like, written requirement that it has to go through the mailing list to then have a a number assigned or or wait for a number, to be assigned on the BIP thing. Right? Remember, Bitcoin, we don't ask for permission.
Now when you're trying to create a standard from the social perspective is you want to have buy in. Right? Because you can create an amazing standard, get a BIP assigned to it, and nobody ever uses it or adopts it. Right? I mean, PSBT bit point 74 was never used before Codecard. Right? No single implementation of it was in use by users. So great, somebody invented PSPTs, but, you know, what's the point if there is no buy in? So I think the part that the majority of the engineers who sort of submit BIPS or want a new standard for something disregard or don't put enough effort into is go knock on the doors of other similar clients, or talk in private with a lot of people before submitting a bIP to the list or submitting a bIP for a number.
So because if you do a little bit of the legwork of selling a standard, because that's really what it is, right? You have to sell a standard. You will find that, you know, people are just either caught off guard or they just go immediately into, you know, I don't like the implementation, as opposed to, you know, I've talked to Craig in private or I've talked to him, you know, we've discussed in this conference and I can understand why he wants to do this in the way that he wants to do. So maybe I will either sort of, like, be less picky about some some part of the standard that may not be my preference. It's not necessarily wrong, but it's not my preference.
Or I might just abstain from the discussion and not sort of like add more to the contention. So I just think that, like, in Bitcoin, the most successful stuff or really in any open source software is is for people to find outside of public discussion consensus or buy in, before sort of suggesting something. Maybe maybe that would be, where I would start.
[02:02:05] Unknown:
Yeah. I think that that's good advice and kind of I reached the same conclusion myself, is to kind of at least get other wallet devs to kind of agree. You know, I'm not I'm I'm obviously hoping it ends up in a certain way, but the primary goal is really just to get wallets to be able to share labels. You know? That is that remains the the the sort of goal here. So, you know, if I come up with something and and nobody else implements it, well, then that's failed. So, yeah, I mean, I guess part of it is is talking about it here, and I'll keep on doing so. And, hopefully, that's that at least that first goal, we can reach,
[02:02:48] Unknown:
because Yeah. I mean, it's a it's a you have to be relentless in the sales job. Right? Yeah. I mean, you you just need more people that want the standard, even if it's not their preferred implementation because it would never be. Right? I mean, that's the very definition of a standard is a set of trade offs that most people will agree to use.
[02:03:09] Unknown:
Yep. Agreed. Agreed.
[02:03:11] Unknown:
Thanks for that proposal. It would be very useful to me.
[02:03:14] Unknown:
You're welcome.
[02:03:17] Unknown:
Lazy, do you do Lazy Odell, like, do you guys have any any, comments about this?
[02:03:22] Unknown:
I hadn't really looked at it prior to this, so I don't know if I have anything too intelligent to say on it.
[02:03:27] Unknown:
I maybe we lost Matt.
[02:03:29] Unknown:
No. This this is the first time it was on my radar, though, so I have nothing to add here.
[02:03:34] Unknown:
Cool. Alright. So, what what else do you guys wanna talk about in regards to wallets? Any any specific topics you guys wanna bring up? I want to bring up, while we have Lazy and Craig here,
[02:03:46] Unknown:
the thoughts on the trade off of the taps on or not having a screen.
[02:03:50] Unknown:
That's a very good, it's a very good, question or statement there, and I'd love to hear, Craig and and Lazy, what what are your opinions about this different type of set of trade off device?
[02:04:05] Unknown:
I I think the concept of managing lesser funds with something like that generally makes sense to me, so I I I don't have any big problem with it. But I sometimes you just gotta gotta think it through a little bit more and see if we're really adding anything. So is the TapSigner always a multisig, or can you just go through the TapSigner architecture, Rodolfo?
[02:04:28] Unknown:
Sure. For usage usage? Yeah. So so TapSigner is is is very, very simple. Right? The the the invention advancement here was essentially, what we did is we have a Java card, right, a secure Yep. Chip there, you know, of of sort of, like, Mead grade kind of thing so so that you could achieve the cost that you want, and it also means a lot less memory too. And we built the Bitcoin stack in there, right, the signing capabilities, but we built it to the extent that we could in the limitations of the hardware, which means, the the tap signer is essentially a a key holder, right, master a master, secret, and what it does is it takes messages, digests, and signs it with a Bitcoin signature.
That's that's all it does and it can do, and that's all protected by a PIN, which is also user changeable. Right? This means that essentially what you have is a a little device that when you give it any Bitcoin related thing, it will just sign provided that the pin is correct, right? Now use cases for it that we initially see and why we made it was 1, to start taking seeds off of phones. Right? Because phones are becoming progressively less secure, and also if you go to developing world as Bitcoin starts to take hold people are gonna get physically robbed on the street and be forced to sign a transaction out of their funds. I mean, I grew up in Brazil. It's exactly how it works with everything else. As soon as the bad guys find out that you have a thing that they want, they're gonna start robbing people on the street. And if they know everybody has a Bitcoin on their phone, they're gonna go and force the guy with a gun to their head to to take the money out. Now with the Tap signer, at least the key is not on the phone, so you can either leave it somewhere else, right, so when you leave your house with your phone because you don't actually have a computer, you have a single computing device in your life is your phone, you can leave your tap center at home, so if somebody robs you, it shows right there on the UI, there's no key here. So that's a huge improvement for these people's lives. Yeah. So I'm just thinking through just the security implications. I mean, it's
[02:07:01] Unknown:
basically, if the phone is completely owned by the attacker, he can just fake everything and your device will just sign whatever it signs and you'll send yourself the money. But that's not a standard attack. Usually, a phone is not completely controlled by an attacker and at the same time in your possession. Correct. Typically, right, a phone's gonna be stolen or something like that, and they're gonna have to do an attack at rest. Right? The the data you you haven't typed in your PIN. It's not just gonna sign anything, and they probably don't even have both devices, but even if they did, everything's at rest and then your setup provides relatively strong protection and that's probably the most common form of attack people experience.
Exactly. So just generally I mean, just that simple general thinking on it. I think it's a it's a fine trade off as long as people understand that this shouldn't necessarily be life savings money. This should be spending money, and I think it's completely
[02:08:02] Unknown:
acceptable to our marketing. Clear about that, right, on the marketing as well. And and the other part of that is people forget that, like, in in developing world, maybe their life savings is $500. Right? And a hardware wallet costs a 100 plus dollars, so it is economically impossible for them to justify a hardware wallet for those $500 life savings. Right? So at least with the TapCigner, they're increasing their security with trade offs, right, to achieve a developing world cost of security. It's kind of like the, you know, your bike lock should be relative to the price of your bike.
[02:08:41] Unknown:
So Is there a backup
[02:08:42] Unknown:
capability for the Tap Signers Yes. Stuff? Okay. Yes. So the way we do it is the we can we can encrypt the private key AES, right, with a key that is physically etched on the card on the back, but you cannot export that backup without the PIN. So that means you're never in a single sort of point of failure scenario in terms of usage. Right? So when you set up your Tap Signer, the the wallet software wallet ideally would ask if you wanna back it up. Right? And if it does, it's gonna say, okay. Just put your PIN and then it's gonna say it's gonna send a message to the card saying hey give me the encrypted private key and then they, you know, if the pin is correct, TapCigner gives the encrypted private key, you can store in your Icloud or whatever. Right?
It's very strong encryption. I'm not very concerned, especially for this level of funds. Right? It's better than anything else this person that cannot afford a proper hardware wallet would be able to get. So the recovery method is Yeah. So the recovery method is simple. Right? I mean, it's essentially you can, you you just decrypt that file that that you start in your cloud somewhere else or or you give it to your nunchuck or whatever. You give it the the actual AES key, and you can sweep the funds. Right? One one more question on that. So the AES key is backed
[02:10:04] Unknown:
up where then? So you have you have sort of the encrypted content in the cloud Yes. And then the key is it a word based key or is it like a hex string type of thing? It's a hex on the back of the card. Okay. And so if you've lost the card, you're out of luck unless you wrote that hex string down somewhere else. So the the normal methodology is Icloud, backup of the data, and then write the hex string down on a piece of paper and keep that at home. Something like that. No. I I mean, the card. Right? I mean, the card itself, the chances of you destroying the card are much lower than destroying paper. Right? Yeah. Not destroying it, but losing it losing it. Right? Like, you know, somebody steals your wallet type of thing. Exactly. Yes. But but the concept is that's the money and maybe you don't. Exactly. You just accept that it's lost. So backup of the actual key would be less common in your opinion. Oh, yes. Exactly. Right? I mean, the the the limitations of this target market are very severe in terms of of, like, cost,
[02:10:59] Unknown:
knowledge, and and also economical capacity. Right? So so, you know, like, yeah, sure. Piece of paper, write it down, an extra, like, string there. You have it. You know, you're in a much better scenario now, for that very limited cost of security. But then what's nice because it's a general purpose message digest signing device is that you can use this for a lot of money with multisig, for example. Right? Because the device doesn't have a screen for you to verify, right? So you're not going to rely on that and you're not going to rely on the client software to not lie to you in that scenario but because this is a resilient platform, you could use this as one of your backup keys, right, or one of your fast keys that you just cosign, but you don't necessarily do the original verification of transaction proposal, right, or better yet is the second signing key. So Matt Matt holds your cap card of your funds. Exactly, exactly. Right? Sure. And and that sort of, like, makes it very easy for you to enter that space. So in that case, then you really do want the backup. I I mean, I I always think 2 of 2 multisig, so you would really wanna backup in the multisig case with that. Yes. You can do more. Right? You can do 4, like 2 out of 4. Oh, I hate I hate those types of multisicks. I know, I know you don't like it, but in this scenario, maybe you do because you'd have 2 cards together somewhere in a in a safe or like 2 separate, sorry, 2 separate places for those cards, right? Because the the cards are very resilient in terms of like weathering and all that stuff. So Yeah. Maybe maybe that helps.
I think most people would just use one for that scenario,
[02:12:43] Unknown:
but, you know, or or maybe this is a a company thing. Right? Like Yeah. Think of it as a company thing. Multiple cards make sense. But, like, an individual for me, I would give Matt the the physical well, I I just so I'm just thinking this through on the fly. Mhmm. I'd almost like a version of card where the key that that AES key on the back is like a sticker and you can either leave it on the card or you can peel it off and stick it somewhere else. So I'd almost like to give Matt the card. I peel off the AES key. I keep that at home. I can recover this card if if need be. But Matt has the card which he has no ability to I mean, obviously, he'd have to have access to my Icloud.
[02:13:24] Unknown:
So I just wanna say I like that I'm the universal uncle Jim in this. Yeah. I know. My Matt Matt is holding the bags, the the the last bags. Uncle Matt. We're just gonna call it uncle Matt. Screw the uncle Jim part of it. You know, you did give me an idea, Lacey. I'm gonna actually so so the antenna does not span the whole, size of the card, so what I'm thinking because right now, just for for resiliency, we print we print, we etch, the the keys in 3 places on the card, right, like around the edges, on on three edges, so so that just there is less chances of screwing up. But what I'm thinking now is maybe I could draw on the card where to cut and put the c the the key below that cut line. Oh, yeah. I like that. So if you do want, you can just cut that off from the card. The card still works, and then you can just put that to the side. That that could be a fun little, different experiment for this. I mean, that does add complexity, more confusion, and everything, but I don't think it should be disregarded as an
[02:14:32] Unknown:
idea to pursue. Yeah. I mean, I I really like that idea. I think I think, yeah, loss of the card, I think, would be something relatively common just because it's sort of a a small inconspicuous thing. You can fall out of a wallet. You lose your wallet. Yep. It'd be cool to back up or the Uncle Jim scenario.
[02:14:47] Unknown:
Yep. I know. I like that. And then the Sats card is a variation of that, right, where it's essentially bare instrument, so that doesn't matter. Whoever has the card has the money. Right. So the security sort of trade offs are not as important really. Yep. Agree. Yeah. Craig, what what are your thoughts on this?
[02:15:06] Unknown:
Yeah. So, I mean, I don't have a great deal to add add here. You know, I think it is a very decent option for those who are not looking to store too much funds and are, you know, not able to afford, something, you know, which costs a lot lot more. You know, something, you know, that I've actually consented, which is sort of similar, you know, in in a very, kind of low tech way is actually just, you know, some kind of a system where you have a multiseg of seed seed words, no devices. And in in a sort of a village, you maybe have, you know, the different elders of of the village, each have their own seed, and they can kind of control the sort of community immunity funds in that way.
You know, there's there's definitely something something there, and I can see how the TAP signer can, work in that such situation as well. You know? There's I think that we kind of need a way for, you know, people in the developing world to be able to save, And many of them won't have the education to manage their funds them themselves, but perhaps if they can kinda outsource that to their village elders, they can actually find a way to do that. You know? We we have a kind of a word for it here in USA. It's called a stock fell, where people can save, you know, their funds together in a sense. Those are the kind of ideas which obviously Sparrow isn't trying to, you know, you know, aim at, but I kind of think about them because I wonder how people in Africa are going to take advantage of how do they save in Bitcoin. You know? What mechanism do they use to store store funds?
And, you know, it's it's a long road to get from a hardware wallet to where they are. And I think steps along that path can definitely bring them closer to that sort of world.
[02:17:06] Unknown:
Hey, Rodolfo. One other I just I we kept forgetting this. I wanted to add this too. One other thing that might be nice to add on the the tap signer or both these device the devices is some sort of, authentication mechanism where, end user can verify this is an authentic? We do that. Oh, you do that? Okay. Awesome. Yes. Good. Good. I I absolutely love that.
[02:17:29] Unknown:
So that that was part of the the the the very early design model of this and it's done through the browser on the phone. So if you just tap the card, you you know, your phone is gonna ask you to open the browser, and it opens the browser and it talks to our server to check the certificate.
[02:17:46] Unknown:
Nice. Yeah. I think that's really necessary for this device because these aren't something that you're that people will have individually shipped from the manufacturer. Right? That's correct. They're gonna ship, like, a 1,000 of these to some random store in a third world country, and they're just gonna hand them out. So the user needs to be able to gain some,
[02:18:03] Unknown:
authenticity guarantees from it. Yeah. Part part of the model, like, we we always wanted to make a a cheap hardware wallet. Right? That was, like, economically viable with enough security. Right? And, you know, the the challenge always was, like, finding 1, the the correct secure element that was economically viable and a package that it could actually ship anywhere in the world flat. It's surprisingly hard to make something flat that's not a card, and that is not a Java card, and Java cards are not that cheap. So, finding that sort of like that the Venn diagram of that was was really it, and and being able to ship the top signer on a on a plain envelope anywhere in the world is huge because, you know, most stuff you ship to developing world doesn't make it there. Right? Unless it's flat on an envelope, people think it's a ladder or a credit card or whatever, it makes it there. And and the issue was like, okay. Great. So what if it gets intercepted? Right? Like how do we test that the device is Kosher, and that is through the certificate model, and we also sleeve the card so that customs in these countries don't just have a machine that reads NFCs and look for those to intercept them, right? So they are sleeved so the NFC doesn't leak in shipment.
So yeah guys, any other topics that come to mind?
[02:19:29] Unknown:
I have a ton of other topics, but I think I I don't think I can keep going much longer.
[02:19:34] Unknown:
We've been here for, for over 2 hours. Yep. So unless unless there's a a pressing issue that any of you would like to add to to to this recording.
[02:19:45] Unknown:
One thing that we can. Go ahead, Matt. Because I I expect this to have a lot of publicity and, you know, make a big splash when it comes out, and there's been a lot of updates they've been releasing, lately, including one that seems they released while we were, during this discussion. And that's from the Block hardware wallet team, Block, formerly Square. I'm curious on your guys' thoughts. If you're familiar with, their setup, the the main idea is a cheap NFC enabled, hardware device, presumably without a screen. It might have a screen. The phone holds one key.
The device holds one key. Square, I'm now block, has the 3rd key, and most transactions, the phone key and the square key are the ones that authorize it, and you have some kind of threshold limit. And then if you wanna sweep at any point, you bring in that hardware key that's kind of just used as, like, a escape hatch type of situation.
[02:20:52] Unknown:
If the hardware key is only gonna be used as backup, I don't see the point in making the device being electronic. It'd be much better to just write down some secret than it is for you to keep around a device. You know, devices do, tend to fail over time. So, you know, that's that's one tricky part. The other one is collusion between the two servers, you know, is less likely a massive company, but also, you know, if the state doesn't like anybody, these these massive big actors like Square and whoever is gonna hold the other key are exactly the targets that do have to comply. So, so so there is some some challenges there. But, you know, they they are looking at mass market, so there's very few easy answers that do incentivize self custody on mass market, and it's just nice to see people trying different stuff.
[02:21:53] Unknown:
I've just been reading the blog post on their choice of chip, which has come out as Matt says as we have been talking here. So, unfortunately, I can't offer any any views on it. I don't know enough about the space, but I know that, both you, MBK and Lazy, would certainly have some interesting views on on this choice of chip. But, yeah, it's, it seems that at least they are moving forward with their design. Do you think you could you could explain how a secure element differs from an MCU and then what is a secure MCU in that context?
[02:22:36] Unknown:
It depends on the design. But think about, like, a secure element essentially as a chip designed to take to take a beating. Right? So you would have something like a mesh on the top of the silicon. So if you try to to probe from the top, you you you essentially trigger the chip to either raise itself or break or something. You'd have you'd pay very good attention to not leak calculation secrets over the power. You would you'd have, like, write one's memory so that you cannot change the memory. Right? So, so that, for example, you store there a hash of the firmware.
You would have, like, the the pins are enforced by hardware. Right? So that you can't change the firmware that checks the pin. You know, Lazy can can sort of do a much better job than I can at, like, going through all the defenses that some of the stuff would have, but essentially, that's what Secure Element is. Right? It's it's a processor designed to secure things, and it makes a lot of trade offs in terms of functionality to achieve that, and then what happens is when you try to do more advanced things inside of secure enclave or meaning you have a normal type of processor running virtually or physically inside all this other net of securities to try to do more more general purpose things like say for example, calculating Bitcoin keys or something. So cold cards secure elements are very rudimentary on purpose.
Right? The more rudimentary these chips are the less attack surface you have, in my opinion. And then what we do is use the secure elements to 1, attest and guarantee the firmware, 2 is like make sure that you cannot get in unless they are unlocked pin wise. And, you know, we use it for a few other things, like that's where we store it encrypted seed and stuff like that. But generally speaking, we use an MCU which is a mostly undefended processor, right, because we just assume it's gonna, you know, it could be broken anyways, and then we do the secure stuff on the other chips when the main processor is not employed.
But in this design here, it looks like they're using a secure element that does have an arm capability, meaning a general purpose computing capability there so that they can do the Bitcoin stuff inside the secure element, which is great. It's it's similar to how Ledger does their things, but there'll be a few challenges here. One is unlikely the firmware will be open source all the way down the stack. 2 is the cost to increase. And 3 is the the complexity of this chip will be higher, so more attack surface. You know, you ask a secure element vendor, they'll give you this spec sheet sheet of all the amazing things to defend against until they fail,
[02:25:41] Unknown:
and they all eventually fail. Yeah. I'm I'm just trying I'm just going through the data just pull or I'm not even looking at the data sheet. I'm just going through their their website of what's on here. And so it looks like so this is an m 33 core. So that's just a standard ARM core. So that's not actually an ARM secure core device.
[02:25:58] Unknown:
Oh, the that core is not inside?
[02:26:00] Unknown:
Yeah. So Ledger uses a specific ARM Yes. Secure core in their STM secure element. So this is just a generic new so the m 33 is sort of the newer ARM core, but I see so they list a secure vault, but the secure vault looks like just a software peripheral that includes a bunch of features. So, I'm just going through here. So the people like to do this, and this side really gets me. So they they have a puff, so a physically uncountable function. So, basically, that's a methodology where, a device collects randomness from the initial state of its SRAM, so it's, it's sort of provably random that bits in, SRAM will power up uniquely random between devices if you get large enough samples, but then consistently in that state, and so it gives a unique fingerprint for the device.
But people often use that aspect to infer a lot more security than that feature actually provides. Not it it's a nice it's a nice feature, but people infer way more security than it provides. I do see DPA countermeasures, so that's differential power analysis. So that would be for people trying to, probe, what the chip is doing. So there is some DPA countermeasures and some anti tamper, but this I I have to look at this more to determine exactly what it is. But I mean, it looks like a it looks like a good choice, but this is not a secure element. This is just a general purpose ARM controller with security features and peripherals.
Is what it appears to me in just a quick look here. Well, that that would make sense because
[02:27:53] Unknown:
having an arm inside, a secure element would, cost a lot more, and I'm sure they are cost conscious because this is a mass mass market.
[02:28:04] Unknown:
Some manufacturers actually have separate die Yeah. Or they have a monolithic separate processor embedded within another within their their, silicon, but Exactly. Yeah. This this looks like just a single, m 33 core with security features, which is it is good. So there's nothing wrong with it. This is, you know, this is gonna have good features. This may be hard to defeat or not, but, I mean, it will have to be, tested, by the market to see how well it does.
[02:28:34] Unknown:
It don't see a display here on the oh, no. RGB LED. No. That's just an LED there. There is no there is no the SPI is already fully taken here, so the SPI, probably not enough ports for more, so they're not gonna be driving a display. Hey, Matt. Are we rambling about anything
[02:28:54] Unknown:
to general people yet, or is there there there's something else here that we should ramble about that's more interesting?
[02:28:59] Unknown:
This pod me and MBK started this pod for for not than not, average. This is for a more sophisticated listener, and I think, it's been pretty interesting. I mean, you guys are touching on things that are obviously way above my pay grade. And there's absolutely nobody listening right now anyway, so we can just sorta talk about what Yeah. I know. We should we should do what we enjoy. You'd be surprised. A lot of the die hards make them all the way through. Yes.
[02:29:24] Unknown:
I don't see a display here, and I don't I don't see the capacity of adding a display to this to this, processor. I don't think they would have enough ports
[02:29:33] Unknown:
left. Well, it has a really large flash. I mean, you could do all sorts of things over just SPI, just a SPI display or something really simple. No. I know, but their their SPI is already using the fingerprint and is using
[02:29:44] Unknown:
what else? They're probably controlling. No. No. Actually, there might be more.
[02:29:50] Unknown:
So, yeah, my only concerns in general about a device like this that combines, you know, the wireless technology into sort of a monolithic solution is there's just so many attacks that come in over wireless. They now there's there's logical things, so they have TrustZone, which is sort of ARM's proprietary logical way of isolating memory. So one process can be isolated from another process, just generically speaking. But it's actually tricky to do everything right. So we'd have to look to make sure they have good isolation between their wireless stacks and then the stacks that are dealing with Bitcoin stuff.
[02:30:29] Unknown:
So but, Lazy, I think I think the way we could, like, probably describe this to to people listening that are not familiar with hardware, just, you know, this is a substantially step up, say, from a ledger sorry, from a Trezor. Right? So this actually has security. There's a few things going on here they try to do, you know, of course at the end of the day implementation
[02:30:52] Unknown:
is how you do or die. And Vicky, I don't want to disagree. I don't know that this is a significant step up from what Trezor does. I mean, maybe there's some additional features here, but,
[02:31:02] Unknown:
it's still only a significant step up for Cash App. Yeah. Which is what I think the target is. For sure.
[02:31:08] Unknown:
But but, see, these new arms have better proper ECC. Right? So you wouldn't be able to do the original glitching attack, on on the STM. Maybe there's a new glitching attack, but the original, I think, will be much harder with proper ECC. I know this because our choice of, MCU does have good ECC and data attack is is not, like, I have not seen anybody successfully achieving it. But the thing is it doesn't have a display. Right? So, you know, there is that issue. Fingerprint sensors are, you know, with a photocopy piece of paper, you can spoof them.
And if they're a little bit better, you can just there's 50 ways to spoof, you know, fingerprint is pointless, but it's much cheaper and much easier to deploy on the on the mechanical package than it is to put a keyboard, for example, or buttons. Right? So because the fingerprint sensor is, is like static. Right? There's no movement on that, so it's much easier to build a package. It's mentally less burdensome. Yeah. But again, this is from their model. This is designed as the backup system, which is great, but I I you know, if for backup, I will just use seeds. Maybe maybe they have more plans. Why this conversation is important to me is because Cash App already has 80,000,000 users.
[02:32:35] Unknown:
And that's 80,000,000 users mostly in the United States because I I believe they're barely launched in the UK. It's like their only other market. Presumably, this will allow them to offer a Bitcoin only type of Cash App, that is quote, unquote self custody so they can get around international regulation in terms of KYC and friction stuff and allow them to open up globally. Obviously, Square is an extremely trusted brand just among among the normal population. So, I mean, I'm kinda operating on the assumption here that this could quickly
[02:33:09] Unknown:
become, you know, the most used hardware wallet in the world. You will be. Matt, what did you say their, their multisig setup was? It was this
[02:33:19] Unknown:
device cash uphold, their square server holds a key. I'm saying cash app, but they're probably going to have a different app, a separate app, but the app holds a key. Their server holds a key and the hardware device holds a key. It's a basic 2 of 3. And then most of the time, their server and the phone are signing.
[02:33:39] Unknown:
So they they're holding really 2 lags of the side. You set limits. No. But hang on. So they they are holding the the 2 legs because one is in their client that's developed and maintained by them and the other one is on their server.
[02:33:53] Unknown:
Right.
[02:33:54] Unknown:
Listen. But it makes sense. Yes. If you're building something for 60,000,000 people today immediately, because they will deploy this to literally 60,000,000 people, right, you have to come up with something that has a lot of trade offs, Right? So you can immediately meet these people where they are. Yeah. No. I'm I'm excited. This looks good. You could say the same thing about Casa's 2 of 3 setup. Yeah. But that is a concern. Right? Yeah. The phone app is holding a key. Casa is holding a key, and you have a key on a hardware device. And also on the Casa scenario, they have some custom multisig that's sort of like their thing. Right? The key rotation and all that stuff that makes it extremely hard to recover
[02:34:36] Unknown:
unless you use their recovery tools. So there is no backup. There is no siege. I don't think so. I think you can mirror a Casa setup in Spara is my understanding.
[02:34:45] Unknown:
Yes. But but then there is key rotation as well, if I remember right. So Right. I I I actually, to be fair to them, like, I don't know like, I the last time I look at the CASA actual implementation was, like, ages ago. I don't know where they are at, so I can't really, like, you know, educately comment on it. But the point stands the point stands that this doesn't protect from essentially
[02:35:09] Unknown:
Square or Cash App being malicious, actively malicious. Correct. But presumably presumably, they will open source the client, and presumably, they're trying to get it. It's more of a a regulatory play in in my book because it's, you know, quote, unquote technically self custody, but you get a lot of the so called benefits that people like with the handholding of a custodian.
[02:35:31] Unknown:
You know, open sourcing the client is a nice thing, should be done because it gives you more confidence. Yeah. I'm aware. But it doesn't really mean much because, you know, the the the binary that's deployed to the users could be completely something else. Right? Most people are gonna auto update to their app store. Exactly.
[02:35:48] Unknown:
So the only thing I see missing in this is or well, maybe not missing. Maybe it's there and I'm not aware. But the only thing I would like to see would be they give people the ability to actually back up. So you didn't just Exports. Basically export the key from your phone, export the key from this hardware device, and actually do physical backup. If they did that, then I think I have almost no complaints.
[02:36:08] Unknown:
So, you know, Lazy, I think thinking from their perspective and extrapolating here, I think the whole point is not to let the user export the secret. I I think that is probably correct, and that's that would be my concern. Because that's how I see that design. I don't see any way in which the secret comes out, unless it was sort of like similar to TapCigner where they're encrypting with something and then spitting it out. Because to me, this looks like there could still be a regulatory capture
[02:36:35] Unknown:
and, you know, so the government goes to Square and they says, this user is doing bad things, and Square goes out and basically disables the app on his phone or removes it from his phone. So effectively he and then he can't recover from their server, so effectively he loses to his clients.
[02:36:53] Unknown:
Yeah. It could be that. It could also be just extraction. Right? They could be mandated to extract the seed from the device, you know, provided that there is backdoors and things, which, again, I I don't I I just want the people to know we're not trying to beat on them or think that they're in affairs or anything like that. We're just trying to sort of, like, play out the game theory here of how could they get captured and be forced to do something they don't wanna do. I think that's very important for people to understand that we have very mean laws, to make sure that companies comply when the government asks men to jump, they jump as high as the government wants. Right? Like, nobody wants to go to prison for 30 years. Yeah. There should be an advanced option
[02:37:36] Unknown:
to export data that they can back up. I think if if that if they add that, then I think everything's good.
[02:37:43] Unknown:
Yeah. Maybe maybe they will. I haven't read it through.
[02:37:48] Unknown:
Something that, you know, the Unchained guys have said to me many times is is the feeling, that their clients get when they export their wallets to Sparrow for the first time, and they see their funds appear in a different app. Right? So now they have this experience that my funds are not locked into an Unchained in some sense that I can get out of that world is a very powerful thing. And they say that that that's you know, they often get a lot of lean in at that point, and, you know, the client's eyes really light up. So, hopefully, that incentive will apply to Square as well, and they will see that if they wanna get people to trust, it's obviously not the same user base. We're talking about a much, much, much broader set of users who are probably just gonna say, you know what? It's Square. I'm gonna give them all my my money. But, hope hopefully, that still remains a sort of a backdoor for people, and Square kind of see the value of that, because I think it is a very powerful thing, to allow people to to kind of know that their funds are safe even if the company that they are currently using isn't there anymore.
[02:38:58] Unknown:
And, specifically, Unchained makes it really easy. They they Yes. It's just you just export configuration file, import into Spero, boom, done.
[02:39:07] Unknown:
You know, if we assume that the Pareto distribution continues, you would say that 80% of people will never want to take custody of their Bitcoin, right? They're gonna want to outsource that security thinking and risk to a 3rd party, right, at the expense of incurring third party risk. So I think that anything that just moves people an inch away from not being fully exposed to a third party is a monumental win, Right? So if we can have 60,000,000 people who do use Cash App to have even a set of trade offs that may not appease us as people who care about security, but it's already a huge upgrade from FUO on custodial Bitcoin, it's it's it's a big win.
[02:39:59] Unknown:
Definitely a massive win. I would just say to anyone on the block team listening, like, consider consider the trade offs that signal has made, and and just try and limit the amount of of control you have over your users because there will be governments that will push you, and you'd rather not have that ability.
[02:40:20] Unknown:
But they'll come. Right? Yeah. I mean, it's just a matter of time. You're gonna be you're gonna have a user who accidentally ended up with a coin from the old fact list, and then, and then you're gonna have to act on that user even though that guy probably didn't even know what's going on here. The tornado cache guy is still in jail, I believe. Yep. It's, well, remember. Right? Like and even when a developer puts themselves in a way that they cannot do anything for this stage, they can find themselves in a lava bit scenario where the state may try to coerce them to change that software or risk jail in order to to continue that business going. Alright, guys. I think we've really covered a lot today. This was was pretty monster conversation. I can't thank you all enough for for giving so much of your time and coming here and talking shop.
I will try to have more of these in between list episodes. I think it's, it's super fun to have, actual builders and people who have user bases, who do actually interactive security things, and and are the people working on all the client stuff that that everybody in Bitcoin uses. It was an absolute blast. If you guys have any final words or or any any things you want to, to shield, please do, And, yeah, I really appreciate it. It was an absolute pleasure. Thank you guys for joining us. Final thoughts, Craig. You first.
[02:42:03] Unknown:
Yeah. Don't don't have a whole lot to add at this this this point some 3 hours down. Other than, you know, I'm really looking for feedback on the wallet labels spec that I put out, you know, particularly from users. I'm trying to actually talk to people on Bitcoin talk and all kinds of other forums that I don't usually use. So I'm gonna try and engage more on that and and just, you know, I guess, try and sell it as MBK says or at least the the idea and and see what format we come up with at the end of it. So, yeah, so that's kind of, what I'm thinking about right now.
Otherwise, it's been great to chat to you you guys. It's always nice to, you know, interact with others, particularly when you're working on a solo project. So thanks again. It's been it's been awesome.
[02:42:55] Unknown:
Thanks, Craig. Lazy, final thoughts. Yeah. So final thought is I I always remind everybody of this is do not let anything said here scare you away from using hardware wallets. It's it's exponentially even with problems and this and that, it's always exponentially safer, not to poke Craig here, but you know, than using a a PC based, wallet. So just wanna remind everybody of that.
[02:43:25] Unknown:
I'm not arguing.
[02:43:27] Unknown:
Yeah. Matt, any final thoughts as a guest? Thank you for coming. Stay on, bullstack, Seth. Thanks, guys. You you all have a a fantastic day. I'm gonna stop recording now. Thanks for listening and going through another boring list of updates once again. Don't forget to get in touch on Twitter at Bitcoin Review h HQ or the Telegram Bitcoin review pod or email bitcoin review atquaintite.com. Remember, I don't have a crystal ball. So if you have a cool project you're working on, do make sure to get in touch with us. And if you're still not bored, you can follow me on Twitter at nnickay.
Introduction to the podcast episode and the panelists
Discussion on the UX challenges of Bitcoin client software
Challenges with seeds and addresses in wallet security
The different approaches to wallet UX and design decisions
The trade-off between supporting altcoins and improving security
The most common support questions and challenges
Support issues with public nodes
Issues with Tor
USB kernel issues
Signing difficulties with Coldcard
Issues with Trezor
Updating firmware and OS
Customer support tickets
Challenges with user understanding
Balancing security and usability
Phishing attacks
Advantages and challenges of multisig
Inheritance planning and multisig
Simplifying security for users
Reasons for lack of software wallet hacks
Air gap security and the benefits
SD cards vs USB connection
BIP standards and the challenges
Trade-offs of using TapSigner or TAP card
Thoughts on Block hardware wallet
Randomness collection from SRAM for device fingerprinting
DPA countermeasures and anti-tamper features
Lack of display and SPI limitations
