Citadel Dispatch

Share on social media:

EPISODE: 0.1.0

BLOCK: 671870

PRICE: 2085 sats per dollar

TOPICS: Bitcoin Self Custody, Security, and Privacy

streamed live every tuesday:  

https://citadeldispatch.com

twitch: https://twitch.tv/citadeldispatch​

bitcointv: https://bitcointv.com/video-channels/citadeldispatch/videos

podcast: https://anchor.fm/citadeldispatch​  

telegram: https://t.me/citadeldispatch​ 

support the show: https://tippin.me/@odell

stream sats to the show: https://www.fountain.fm/

join the chat: http://citadel.chat/

[00:00:00] Unknown:

Still found things,   that that the points that you made that I went, wow.   I went wow when I read it because I I hadn't really considered it. So   there's a 100,000,000   holders   now. You figure it won't be long   theoretically until there's a 1000000000 holders, and   the global nature of who they would be is what hit me because everybody's gonna have a phone, eventually. It doesn't matter where you are. You're gonna have a phone, probably. You can afford that in every country of the world, most people.   So you could have people saving   where they had no other way to save. You could have people in countries where the inflation rate is a 1000%   on their currencies,   and they could be saving   on their phone using Bitcoin, and there could be a 1000000000 holders hodlers,   at some point. I I I hadn't even considered how powerful that is for people that don't have access to that now.  



[00:00:55] Unknown:

Look, the story here that's not being told is that Bitcoin is egalitarian   progressive technology.   We're gonna see a a day when 7 to 8000000000 people have a bar of digital gold on their phone and they're using it to store their life savings with it.   Google took 22 years to become a $1,000,000,000,000   network. Now Amazon took 24 years. Apple took 42 years. Microsoft took 44 years.   Bitcoin became a $1,000,000,000,000   digital monetary   network in 12 years.   And so the world needs this   thing and and, I think you can expect that we'll have a 1000000000 people   storing their value,   in essence, a savings account on a mobile device within 5 years, and they're gonna wanna use something like Bitcoin. Bitcoin is the dominant digital monetary network.  



[00:02:29] Unknown:

Well, hey there, freaks.   It's Matt O'Dell here for another episode of Citadel Dispatch. This is episode 10,   on the backs of a   bloody day in the markets,   with Bitcoin price down double digits.   Well, we're here to talk about more than just price on Citadel dispatch.   I'm here with Craig Raw and econoalchemist,   and we're gonna be talking about Bitcoin self custody, security, and privacy.   It's come to my attention that a lot of people in the new class of Bitcoiners   do not realize the gravity of of   of of the custodial risk that they face when they use these custodial products.   I don't think that established Bitcoiners realize,   how much occasion needs to be placed, in terms of   talking about why self custody is important and making it easier for people to use self custody   and helping with that education effort as well.  

Tomorrow, I will be doing a livestream with Pete Rizzo,   with with Bitcoin Magazine,   to   for the anniversary of Mt. Gox. 7 years ago, Mt. Gox went down, and a lot of people lost a lot of Bitcoin that is worth a lot more today than it was back then,   that probably wished that they,   you know, practice self custody at the time. So definitely go and check that out.   As for our guests here today, by the way,   shout out to all the freaks that are joining us here live in the chat.   I love our Bitcoin Tuesdays together, so cheers to you. Our guests here today are Craig Rauh.   Craig Rauh is the lead maintainer of Sparrow Wallet,   a wallet that frankly came out of nowhere,   and blew me away and others away. I I   I we haven't really heard him much on any of the podcast. I don't think he's ever been on the podcast.  

So I'm pretty excited to have this conversation.   And we're also joined by Econo Alchemist,   who is   more focused on content and guides   and blowing things up and lighting things on fire. And   his videos are just really exciting. And he focuses a lot on no KYC,   running at home for no KYC.   And I just think we're gonna have a really great conversation here. So with that said,   let's start with you, Craig. Did I miss anything?  

[00:04:59] Unknown:

No. Thanks, Matt. Honored to be on the show.   As you say, this is,   my first part. So,   yeah,   really keen to get into it and   talk Bitcoin.  

[00:05:14] Unknown:

Awesome. What's up, Hugo?  

[00:05:17] Unknown:

Good afternoon.   It is a pleasure to be here. Thank you for having me on.   And   like you, I was also blown away the first time I used Spare Wallet.   So I'm very excited to be having this discussion.   And,   yeah,   let's dive in.  

[00:05:37] Unknown:

Fuck. Yes.   So, I mean, I like to just   let's just go right off the bat. You know?   First of all, all the freaks in the comments, you know the deal. We got the evil empire price on top. That's a Coinbase pro price.   Underneath, we have the bisque price.   I forgot to mention for the for the listeners who are coming into the podcast feed,   that was in the beginning, that was CNBC. That was our boy Joe Kern talking to Michael Saylor of MicroStrategy,   about Bitcoin,   as as the price was dumping. So you you see the price dump there.   He has as much conviction as he always has,   which is way more than most people.  

And,   so yeah. So let's just let's just jump in let's just jump into this. Sparrow Wallet,   well, you know, what was the inspiration for Sparrow?   I feel like you kinda just came out of nowhere, Craig, and,   you know, give us give   a why Sparrow,   and why should people consider using it?  

[00:06:41] Unknown:

Yeah. So,   you know, I think that there have been a lot of,   sort of iterations   in   the the Bitcoin world in terms of   securing and storing your Bitcoin, your stash. And, you know, I think if if we go back, we sort of it goes back a long way, but I'm just gonna start with, you know, the first hardware wallets   Trezor coming out. I mean, clearly, that was   something that has changed, you know, the way that we see see things, and, you know, we've had many great hardware wallets since. Then after that, I think, you know, we've got   multisig, which, again, just, you know, really makes things so much more secure, and you can really just do you know, you you have to worry about a lot lot less.  

And then sort of towards   the end of,   you know, I'm not sure if it was about a year a year ago, I was just listening to Michael Flaxman   on the Stefan Levera part, and he was talking about multi vendor,   multi   seg, and for me, that really just seemed like almost the next step step up. So   I was quite inspired to give it a go,   and the only real tool we had at the time was to use Electrum,   and it wasn't easy. It was, you know, it was a real   difficult journey, and I had to write some code to do it, and it was just,   the whole thing just left me feeling pretty uncertain about,   being able to reproduce this or explain this to other people, and I just felt that there was a gap in the market for that.  

So, you know, it it was it was really just driven by the idea of, you know, having   done this for myself, and kind of wanting to make it easier for others, and frankly, making it wanting to make it easier for myself to do   in future, and less kind of   prone to, you know, making mistakes because I've typed some something wrong on the command line or whatever.   So that's kind of where I began.   It was around a year a year ago that I began to write,   and,   yeah, it's just been a a great   journey. You know, I've been wanting to get into the Bitcoin world for,   you know, 7, 8 years years now.  

Just being, you know, like most of the freaks, just, you know, consuming Bitcoin content every day, just living in that world,   you know, with a day day job that, you know, takes up my time, but just really just wanting to spend more time on it. And I finally got the chance to do that,   and it was just a, yeah, just a great journey to kind of go into it and fully get into all of the concepts and   and and kind of make make it happen.   So,   yeah, it's it's   largely about trying to   provide,   freaks with the ability to   really   self   store their stash, you know, to really be sovereign over it. That's what Spiro's mission is, and that's what I'm keen to keep going down the road road on. So   that's yeah.  



[00:09:47] Unknown:

So you made an interesting point there. I mean,   as a Bitcoiner, as a public Bitcoiner focused on education,   We've talked a lot about multisig. We I talk a lot about self custody, trying to improve your custody. And   a lot of us, I feel like, hit the same   we a lot of us hit the same wall about and I wouldn't be surprised if Econo Alchemist is the same with him. We hit the same wall, like, 2 years ago.   I was like, Electrum's the best thing there is   available.   It's too complicated to use.   It requires you to, you know, set up an Electrum personal server,   and and if you wanna use your own node with it,   and that is too complicated for people to use. And not and I don't wanna say too complicated in, like, the no corner, like or, like, the Peter McCormick sense or something like that, but just in in the sense that   you wanna reduce you wanna reduce the friction of best practices as much as possible. Like, you you can   personal responsibility will always be the more difficult option. You know, people that want no responsibility whatsoever, like, yeah, that'll always be more convenient, that'll always be easier,   but we can make it so that best practices with personal responsibility   is as frictionless   as possible,   as easy as possible.  

And so I feel like we a bunch of us all hit the same point.   Since then, there's been a couple big ones that have have released. I I would say the 3 big ones, at least in the desktop world,   were,   Caravan   and then Spectre,   Sparrow with you. And then on the in the mobile world, BlueWallet,   you know, has come, like, a really far away.   And I feel like they all try to address the same issue where you have this super powerful Electrum,   but it's just really complicated for individuals to use. Now Spectre   has gotten a lot of love, and I've especially for me as well, very you know, I I use Spectre. I recommend Spectre.   Spectre decided, you know, we're gonna completely take away   the   the need for an Electrum personal server. So we we we completely remove Electrum for the equation. You run Bitcoin Core either locally or on a remote machine, and then you connect directly to Bitcoin Core,   through the Spectre interface. And Spectre kinda, like, hides a lot of things from you. It's almost,   you know, to make it user friendly. This is, like, clean,   like, new age type of interface.  

With Sparrow,   you kinda did 2 things. First of all, you can still use it as just an Electrum front end with the typical Electrum back ends.   You recently added the support for core, but it's almost like a different   it it's it's it's super performant. It has all of these, you know, power user features,   but it it kinda and it has a beautiful interface. Like, it looks gorgeous. I put it up on the screen. Like, look at this thing. It it looks gorgeous,   but   you can't say   it's it's not it expects a lot of its user. It expect more of its user than the Spectre.   Would you what do you think of that of of that breakdown?  



[00:12:53] Unknown:

Yeah. I I I kind of agree. You know, when   when you had   MBK,   Rodolfo on, 2 weeks back, he said something which I really agree with. He said, you know, you don't get to avoid   the need to understand things. You know, you you you don't, as a Bitcoiner,   take self custody and self responsibility   over your wealth, and then just   kind of somehow   expect   to have it all work out fine if you don't put any effort in. And I think that that's something that I really believe believe in.   You know, I I understand that that might not be a use that's held by everyone, but I kind of want Sparrow to   be the the application for those people who really   who really want and need to know what is going on under the hood. So, you know, let's let's go all the way to the the fact that I show by default   the the actual hex code of the transaction that you're about to send out.  

You know, why did I do that? Well, it's because   let's imagine, for example, that you are,   looking after your family's wealth, and you've got it sitting in 1 or 2 or 3 UTXOs,   and you need to,   let's say that   Taproot is activated, and you want to sweep those UTXOs into your brand new Taproot wallet to take advantage of all the great new features that's coming.   Now when you have to send that   transaction with your family's wealth in it,   that's a high stress moment for any Bitcoin coin coin. And and for me, that was really what I was kind of being driven by was was how do I reduce that high stress? How do I take the stress out of that? And you can, if you want to, just put your trust in the wallet and say, you know what? I think this wallet has done me well thus far, and I'm just gonna click the button. But for me, that wasn't enough. And, I kind of wanted to build a wallet that allows people who who are paranoid, who are just like, I have to make sure that this goes goes right because there is no backup if I make a mistake. And that's that's the kind of user that   Sparrow is really designed for.  



[00:15:09] Unknown:

Yeah. I mean I agree a 100%.  

[00:15:12] Unknown:

Oh, awesome. Yeah. I wanna hear, Iko, what do you think here?  

[00:15:16] Unknown:

Well, yeah. I mean, first, just to go back a little bit, Electrum,   I had a lot of trouble with that. I've used it a little bit for doing some PSBT signing   or generating the PSBT and then signing with my cold card, but,   I've never implemented it successfully.   So when I had the chance to set Sparrow up with my   Raspberry   Pi running Bitcoin Core,   yeah, dude, it it just worked, and it and it was really beautifully   done.   And,   to what Craig was just saying about that high stress moment, like,   yeah. Like, if if I'm sending a lot of value with Bitcoin, like, I pour over every detail   multiple times, and it takes me, like, an hour and a half to do a single transaction   just because I know if I fuck it up,   that's it. And that and that's part of that radical responsibility you gotta take when you're responsible for   your wealth like that.  

And, so I I really appreciate developers   like Craig, who,   who who think about that and   and implement those   improvements for the end user.   And and one other thing I wanted to say too is that, I I think a lot of great projects come up because   the developers are trying to build the tools that they wanna use.   Samura Wallet's a good example. And, you know, like you were saying, Craig, with Sparrow Wallet, I just I think some of the best tools we've seen have come from people who are just making something that they wanted.  

[00:17:03] Unknown:

So freaks, I am currently   staying in a cabin in the woods, and my Internet connection has a lot of latency.   So I apologize   ahead of time if I talk over anyone or if they talk over me.   We needed to get the they must go on, so here we are.   So, yeah, I mean, I I a 100% agree, Iko. Like, I think,   you know, especially with open source software, what you do see is you see, you know, the best software is the one that's being built by people who wanna use it themselves.   It's the ultimate incentive.   I wanna make something really clear to the freaks.   It's really important that we have multiple   projects that are there's that are good projects,   that are well run projects that that are good   be because   be if if we have multiple, it allows you to verify against each other.  

If you do not,   have the wherewithal to actually   verify the code base.   So a perfect example is if you're running a Spectre stack   or an Electrum stack, and then you also verify on a separate computer that is,   running Sparrow.   And, also, just in general, it's just good to peep for people to have options. I want I want people to have as many options as possible.   So I just wanna go back a little bit.   We can get, like, deeper into the Sparrow conversation. I think we should.   I also wanna talk a lot about Samurai because,   Iko just released a bunch of guides about   Samurai's collaborative spends.  

But before we do that,   I you know? So, Craig, like, you really you really impressed me. Like, I feel like you're a very underappreciated Bitcoiner. I just wanted to say I appreciate you.   Thank you for Sparrow Wallet. It caught me off guard,   and I pay a fucking ton ton of attention in the space,   and it just literally just   it just completely blindsided me in, like, the best way possible.   So cheers to that.   I want,   and I think you have very interesting takes. So I I I wanna hear   for the freaks, especially the new freaks that might be joining us, you know, the relatively new Bitcoiners,   Explain to them why it is so fucking important that they don't leave their Bitcoin   on the exchange they bought it on or put it into, like, a BlockFi   custodial,   like, KYC product? Like, why should they care enough to hold their own keys?  



[00:19:38] Unknown:

Well, I mean, you know,   if you   if you don't hold your own keys, you just have an IOU. Right? Which is all that you really have in the Fiat world anyway. Right? You just have this IOU from from the bank.   And,   frankly, if you're looking at an exchange, they're not even governed by the same regulations that banks are. So you have even less guarantees around that particular IOU. And, you know, you have the capability   with Bitcoin to bypass that. And in the field world, you don't, unless you take it out in cash.   And in India, that even that didn't really work. So, you know, it's it's you you have this incredible tool. And, you know, to not   it's not to hold it in your own keys, to not take self custody   of it and take advantage of all of the advantages that that gives gives you of being able to travel with it anywhere in the world,   of being able to hold on to it through whatever so long as you don't make any mistakes.  

You know, I I think that it's   it's a trade off, but I think it's one that's really worth taking. And,   to to not take it or not even start going down that road and trying to learn more, I think, is a huge mistake.   So that's kind of how I see it is, you know, it's   a journey, and and I I know that it scares a lot of people off, and they, you know, really are   looking at it and they're thinking there's so much   to understand here. It's just beyond me. But it's it's honestly not. You know, these tools are getting easier all the time, and you don't need   to go all the way to, you know, the sort of golden class of multi vendor, multi sig. You can get there. You can take take your time. And   and, you know, just start that journey. That's that's my kind of message is is to at least make an attempt and begin and learn. And then when you're ready, start getting your coins off the exchange.  



[00:21:28] Unknown:

I   mean, but I that's very well said, but I mean, I'm I'm so   extremely on the opposite side of of   custodial risk, like, it's so against everything that Bitcoin is.   I kind of,   you know, I I feel like sometimes, especially our conversations that we have here on dispatch and we have on RHR   and and we have on TFTC and Stefan has on his podcast, and we have on Twitter and shit. Like, we we overwhelm people. They think they have to be too complicated, you know, as you and Niko were saying earlier that you wanna double check every single thing before you send it.   I almost, like, even if I was, like, an uneducated   a a uneducated,   like, a fresh but motivated user,   just, like, immediately pull it out to a mobile wallet. Or is that would you, like like, I almost, like, I'd rather   hot wallet risk than custodial risk. Am I at you know, I'm is my priorities misplaced here?  



[00:22:27] Unknown:

No. Completely agree with you. Yeah. 100%.  

[00:22:32] Unknown:

Get it off the exchange.  

[00:22:37] Unknown:

Exactly. So, like like so that that's this is a pretty example to jump into it,   Iko, because of of your work, with Samura Wallet and and making guides for Samura Wallet. Like, Samura Wallet is designed to be a very user friendly wallet.   And, you know, is it,   as secure for you know, if you wanna do, like, long term high value cold storage with, you know, multi sim, multi vendor,   you know, using an an air gapped computer as well.   You know, these are all additional things you could take. But if if just the average user is using something like Samura Wallet Hot Wallet on their phone,   it's very accessible. Wouldn't wouldn't you agree?  



[00:23:19] Unknown:

Dude, 100%.   Yeah. I use Samura Wallet all the time on my Android.   I use BlueWallet on my iPhone.   Dude, and, yeah, I've got substantial   amounts of value   on both of those wallets.   You know, I I'd like to use cold storage just as much as the next person.   But, you know, I I think people   discredit   how secure   that really is. I mean, with   with SHA 256   encryption, you're you're you're getting, like, military grade   security by default. And   I think I think people kinda freak themselves out because they're like, oh, I need to I need to run my own node before I before I self custody. I need to I need to, like, get a multisig set up, and they they just kinda freak themselves out and end up not doing anything,   which is probably the worst decision they can make. You know, like,   get the coins off an exchange,   set up a mobile wallet,   start with small amounts until you get more and more comfortable with it, and just start building from there.  

It doesn't have to be overly complicated.   And, you know, one of my arguments,   and I'm sure some holes can be poked in this, but, like,   everyone knows where Satoshi Nakamoto's   mining rewards were deposited to.   Those aren't in a multisig wallet,   and   no one has cracked that code. Like, it it's it's totally secure there. You don't have to   go   so far as to   get all these different hardware wallets and set up multisig to have really great security.   But it's possible.  

[00:25:09] Unknown:

If I can just add to that, you know, there there's one, I think, advantage   of advising people to go and buy a hard hard hardware wallet, and it's got nothing to do with security that a hardware wallet offers. It has to do with the sort of human psychology   of going out there and spending,   you know, some money, and it's, you know, not not cheap for most people in this world,   you just take the whole thing a little bit more seriously. You know? I think that the the the by far the highest chance that any Bitcoiner has of losing their but Bitcoin is just, you know, their own their own sort of ability to lose keys or lose phones or   whatever it is. And I I just kinda like the idea that if you've spent the money on the hard hardware wallets,   you, you know, you've kind of made an investments in your mind, and now you're you're sort of taking the whole self custody thing a little bit more   seriously. You know, you've got something you need to look after that's kind of unique in your world. So, anyway, just just a just a thought.  



[00:26:13] Unknown:

Yeah. I I like that. And I I think that,   you know,   for myself, personally, I I definitely did find some security in the idea of having an air gapped device.   But I think   over time, as I understood   how things worked a little bit better, I was more and more comfortable with the idea of having   larger amounts of funds   on a mobile phone.   And and I I feel totally fine with it now. I'm I'm confident with that setup.  

[00:26:49] Unknown:

So so there's a couple of things to unpack here.   First of all,   you misspoke,   briefly there. You said sha256,   it's a s 256   encryption usually,   but that doesn't really matter.   The ink   ink it's important that every every all important data should be encrypted.   You know, it makes it it makes it more secure. But but when we talk about hot wallet risk, what we're really talking about is the the risk is that it's on an online device,   and that device either   the app   itself that you're using could receive a malicious update,   or the software that it's running on top of could receive some kind of malicious update. Right? And you you come in,   you know, an attacker comes in and   compromise that underlying system, and then they they trick you into either, you know, sending a a transaction or they just, you know, pull out your funds, or they, like, key log you and and wait till you put in your pass raise or something like that to take your funds.  

So that's risk.   You know, the risk is probably often overstated. I mean, if you talk about compared to custodial,   if you could talk about compared to custodial risk, you already the hacker already has your funds. Right? They're the exchange. Like, there there's no you don't have the funds yet.   So when you compare it to custodial risk, I think   it's substantially   less risk. It's it's one of those things that, like, we have,   yes, if you have a compromised,   you know, mobile wallet, then then you could have funds stolen. We have not never seen a major a major one, a major hack to happen on any of these, you know,   respected   mobile wallets,   in the history of Bitcoin.  

That doesn't mean it won't happen, but we haven't. We've seen tons of exchange closers, hacks. We've seen people get their accounts closed and stuff.   So I think it's a significant step improvement.   In practice,   what does a hardware wallet help with and Airgap help with?   Airgap specifically helps with,   the fact that   the attacker needs to get access to the device   usually or the air gapped computer. It's not connected to the Internet. So you know even if you're the dumbest computer user ever,   you know if it's not connected to the Internet,   they probably have to come into your home or your office or whatever to   to to to compromise.  

The exception to that rule is twofold. The software that you used   and if you update the hardware wallet, which is why it's important that people learn how to verify things, but they don't. You know, people don't. So it is what it is, but that that that is   there you still have that attack vector there. Now   what how does a hardware wallet help there? What really helps, I've noticed, is with Coldcard and I've just decided I I used to say, you know, use a treasure or ledger,   if you're if you're a new user and then move up to Coldcard. I've decided that people should just go straight to Coldcard. Fuck it. If you're gonna use a hardware wallet, use Coldcard. The idea is instead of   setting up a clean computer,   that is air gapped and you don't think it's compromised, which is a very difficult thing for people to do, the cold card acts as your air gapped device as your air gapped computer. It's a purpose built small little computer. Now   if you use that they don't make their own software. So if you use that with Sparrow   and you're verifying   all everything that's happening on the cold card screen and you're verifying everything that's happening on on Sparrow on your computer,   then you're   essentially creating a situation, right, where you you need you need an attack an attacker has to compromise both. They have to compromise both the cold cards update mechanism,   and they have to comp compromise Sparrow Wallet to to display it incorrectly.  

So you you add that that by adding that second,   you know, that that combination attack, attackers will just go for the lowest hanging fruit, and that's what we see. Right? We see in practice. We can talk all day about all this shit, and in practice, what happens? In practice, the attackers just, you know, get people they trick people into just putting their seed into, a web page.  

[00:31:06] Unknown:

Yeah.   Sorry for misspeaking about that encryption,   but I, you know, I do see your point,   and,   and I agree. I I think they do go after low hanging fruit and   and get people to make critical mistakes like that.   I guess maybe I did downplay the risk a little bit with the hot device.   I do feel comfortable with it, though. And  

[00:31:39] Unknown:

Yeah. I think that one of the Yeah. Sorry. Sorry, Matt. No. No. Go. Go. I wanna hear I wanna hear your take, Craig. Hit us.  

[00:31:47] Unknown:

I think one of the difficulties,   you know, that we have is is that when we talk about these these things, there's such a wide audience. You know, we've got people who are literally coming in having never considered holding Bitcoin, and, you know, last week, they bought their first stats.   And then you've got people in the audience who have been doing this for, like, you   know, 5, 6, 7 years and just kinda know everything. I mean, that's a huge range,   of people that, you know, to talk talk to. So it's it's really hard to kind of say, well,   you know,   there's this von von vulnerability or there's this approach or that that that approach. I mean, my my sort of view is, you know, if you've just bought and you've managed to get your coins off the exchange, you're doing great. Like, well done. You know, pat yourself self on the back. All of the people, you know, all of the the talk around,   the things that can go wrong, that's all very valid. You shouldn't completely ignore it, but don't let it put you off. Don't let it sort of throw you off the trail   of figuring out   how to make yourself more   secure.  

The second thing is, you know, you kind of know in your own guts when you need to upgrade your your you know, how secure your setup is. You know, if you're lying awake thinking to yourself, well, that hot wallet, it's kind of the price has gone up. I'm not too sure whether   that's a safe place for me anymore. You kind of have that feel yourself, and you should you should listen to that, and you should let that drive you to do more education, and then finally choose on something which is better. But, you know, don't rush into anything.   Take your time, you know.  

Educate yourself. It's very unlikely that whatever you have today is going to fall over tomorrow. You know? So just it's almost sort of a peace of mind thing. You know? If you're if you're battling to sleep sleep at night or whatever because you're you're holding too much value in a setup that you don't feel is all that secure anymore, that's the time to kind of start working on it, I think.  

[00:33:48] Unknown:

I think that's solid advice.  

[00:33:52] Unknown:

And and yeah. That that is fantastic advice, and that's why I wanted you wanted you on the show so badly.   I,   I I I think,   you know, the other, like, the other thing people like, I I don't want you, Eko, to I didn't mean to like, you shouldn't.   Hot wallets have a place,   and they're   in practice, especially if you verify your software releases, and you check on, you know, to make sure that that it's actually the release that the developer has has released. And in that case, you're still trusting the developer, but you you're checking that, a malicious entity hasn't stepped in between you and the developer and given you a a bad copy of the software,   are significantly more secure than people lead them to believe. And especially if you're gonna use something like Lightning or CoinJoin,   you have no choice. You're going to be using a a Hot Wallet for that.  

And people get very very scared about that,   but   I personally have had significant   funds in Hot Wallet   and, you know, in Whirlpool's liquidity pool, in Whirlpool's privacy pool.   And right now, if you   if you look at, Clark Moody's dashboard,   the,   well, what is it? It's like a 2,000 Bitcoin right now or something like that.   And then if you talk about on the Lightning side, it's like at, like, the public capacity is like at a 1,000 Bitcoin or something like that. So those are those are Bitcoins that we know for sure are in hot wallets,   and they haven't been compromised yet. So there's something to be said there. Right?  



[00:35:29] Unknown:

Yeah. I I think so. And,   you know, you know, I think the the bigger point is that you're   you're taking more risk by keeping your coins   in someone else's possession.   You're now subject to their permission,   and you're at a much greater risk of being censored.   That's just a way more precarious situation to be in   than to have your funds   in a hot wallet, I I think.   At least with the hot wallet, it's like   you're responsible   for that. And if anything goes wrong, it's it's most likely your fault. And   and and I think that's what a lot of people need to come to terms with is is taking that radical responsibility and just understanding,   like, if if you get   tricked, like, yeah, that sucks.  

But, really, it's your fault for   typing that mnemonic phrase into the computer.   And,   like, you just gotta take responsibility   and understand what you're doing. And   I highly recommend just starting with small amounts and working your way up until you're more comfortable with this stuff and understand it better.  

[00:36:46] Unknown:

Yep. That's very good advice,   for sure. And you should always if you have a new setup of of any kind, you know, just test it with a few small amounts. Send some transactions in, send some transactions out, check everything, you know.   I think the best advice is just really just to   take some time to,   you know,   move   any   significant   value to it. You know, don't rush into it, because   the more you can learn, the safer you'll be.  

[00:37:19] Unknown:

Yeah. Absolutely.  

[00:37:22] Unknown:

I like what, so this is also 6102   show because,   he refuses.   So we can talk about that, Craig. 6102   thinks that you're a failure in in NIM Land,   because,   we're we're hearing your voice right now, and he refuses to dox his voice. So this is also 60 one zero two's show,   because he joins us live in the chat to hit us with, questions and comments. And one thing he mentioned here,   is is a simple thing you can do   is just use multiple different types of wallets. Right? And even if they're not multisig, if they're single sig, multi you know, different types of wallets,   you the the chances that you lose everything are are greatly diminished because you you would need multiple wallets to get screwed.  



[00:38:07] Unknown:

Yeah. Sure. Sure.   But, you know,   you know, we can cert certainly,   you know, talk about, you know, what it is to you know, what what the right choices are for those getting into it. But I think if we were to zoom out a bit and we see where Bitcoin what we all believe Bitcoin is likely to go in terms   of value, I I I do think there's value in having discussion now   about more advanced stuff. And I you know, it's it's not intended to put people off, but I I I do think we need to get into   what does ideal cold storage look like,   and,   you know, how how do we move   forward on that goal? Because,   you know, it could end up being that we're all holding   significant value,   you know, on on a level that we can't even really   sort of imagine today. And and how are we gonna do that? You know? At that stage, a hot hot wallet is not gonna be the right right thing.  

How are we gonna protect ourselves against   physical attacks? You know, those are those are the kind of things that I spend a lot of time thinking about.   So,   you know,   again, we're talking to a very broad audience here,   but, you know, I'd like to spend some time on that because I do think we need to   at least talk about it so we can end up in the right right place at some point further down down down the path.  

[00:39:34] Unknown:

A 100%, Craig.   This is why I brought you on. I think I   I I think in in Bitcoin land, it's important to be an adversarial thinker.   In general, I think, a lot of shit corners miss that.   You know,   naivety is a liability in this industry,   and I appreciated when you reached out to me,   saying I wasn't being adversarial enough, which is always a good sign.   So I I mean, what I wanted to do there was I I really wanted to unpack it for the freaks and go back, and then we come back.   So now we're here.   I have a feeling what we're about to talk about is is multi, you know, multi vendor, multi sig.   And and I want you to just let's let's go. What do you what do you think is is   the ideal path here? What what are Freaks looking at? I I think one thing people don't realize   is,   they, like, kinda realize it, but they don't they don't put 2 and 2 together.  

Most of us, I know myself, self, I know I'm gonna get both of you on the record whether or not you think Bitcoin is designed to pump forever.   I mean, I I think we think Bitcoin is gonna go up significantly in value, and I think if you've been here for even a tiny bit, you realize that happens way   at a at a large you know, quicker pace and at a larger scale than you could ever fathom.   So one thing that MBK often says is, you know, treat it like 10 x of of what it's currently, and I I think even more than that. You know, we we talked about Gox earlier,   and I'm gonna have that live stream tomorrow about Gox. Like,   those people, they lost their coins at $800 a coin.  

Even the most bullish people couldn't fathom that it was gonna be 50,000 that was gonna be $48,000   and people are gonna be scared that it was dumping. Right?   So like they couldn't fathom that shit.   And and that's that's how we have to think about security going forward. So so let's jump in here, Craig. This is why I wanted you on the show.  

[00:41:28] Unknown:

Cool.   Yeah. So I mean, look, as I was saying earlier, I do think that multi vendor, multi sig is   is currently the best you can can do,   in a sort of general sense. I mean, there's always, you know, other ways to to kind of look look at look at things, but I think that that's gonna be the most common path, for people to kind of achieve the best cold storage that they can.   Very briefly, why multi vendor? It's really because if there is a vulnerability in any specific vendor's product,   you know, there's gonna have to be   a,   you know, something that can be,   exploited   in   the other vendor's   product at the same time. And the chances of this sort of multiplicative,   experience or kind of event happening is really so so low that you can   you can almost rule that that sort of out. So, you know,   it it sort of allows you to to worry so much less about which vendor I'm using and, you know, is Trezor you know, can you put it into a little box and get the sick sick secrets out, or is Ledger closed saucer? All of these things suddenly   fade into the background because   all of a sudden you're now   just looking at you know, that have to find a way to exploit your treasure and your gold card at the same same time. And and there's just almost zero chance that that's ever gonna happen. It's already very hard to do 1. To do 2   is, you know, you just multiply those two chances together, and you end up with an extremely small numb number. So that's really the basis of why that is, I think, the best way to get to, you know, really good cold store storage.  

You know,   in terms of of   the physical attack side of side of side of things, you know, I'm gonna dox myself even more more here and say that I live in South Africa,   which is one of the, you know, the highest crime rates in the in the world. So   the that's obviously not a good thing, but the one good thing that it it it is is that it's just that everyone lives here with this really sort of adversarial thinking in terms of physical attack.   And, you know, one of the the best ways you can do you can avoid that as a bit Bitcoin corner, and I saw someone say it say it say it in the comments now,   is really just making sure that your devices are spread over a large area so that you have to travel to those   areas that it takes time to get there and that, hopefully, you can pass through some security checkpoints on on the way. And I think that that's a really important thing. It certainly makes my life feel better that I'm not sitting there   wondering if someone's gonna on my door with a gun and say, you know,   I'm going to,   you know, do something really bad to you or your wife   if you don't hand over your keys. So for me, that's pretty important, and I think it's a little bit under recognized in the Bitcoin world today. You know, I think that maybe it's just a point of view that I sort of have,   because of where I live, but   I can't see how   it doesn't become a bigger threat as Bitcoin grows.  

And, you know, you might say, well, I'm, you know, making sure that I'm   never doxing myself, and my address is always, and that's that's great. That's you should do do do that do that. But at some point, there's gonna be so many holders of bit Bitcoin, and it's gonna be such an easy   or or sort of the easiest way to walk out of your home with the most value that I think that, you know, there will come a point in the future where these these kind of thoughts become fairly important. So that's kind of,  

[00:45:13] Unknown:

my brief why multi vendor, multi seg. Look. The single let's forget multi vendor for a second. The single biggest   benefit of multi sig is physical attacks. Right?  

[00:45:28] Unknown:

Agreed.  

[00:45:31] Unknown:

Okay.   2%   massive improvement there that doesn't exist for anything non Bitcoin Bitcoin related. I mean, if if we talk about what people don't realize is when when self custody was big back in the Wild West days, like stagecoast   stagecoaches were getting robbed all the fucking time.   You know, banks were getting robbed until just relatively recently.   So now if you're your own bank, you have to do with that. Now, Craig,   just one thing I would mention is I think one of the reasons we don't hear more about it is because we have a lot of big corners in America.   In America, we have, you know, relatively low crime rates and high gun ownership.  

So that kind of mitigates it a tiny bit, but I I mean, multisig takes it to a whole another fucking level, and and it's actually even bigger than just multisig.   Really,   as a as a as a community, we need to make multisig   the expected standard. It's almost like,   because because the attacker if the attacker's already in your home   and they're, like, you know, torturing you or, like, fuck you up, and they have a gun to your head,   they might not they're that crazy person or that motivated person might not, you know, believe you at the time. Right? It's like, the the alarm systems when when you have something outside that says, you know, I own a dog or I have this alarm system.   There's there's a there's I'm gonna trigger a lot of people. There's a herd immunity,   in in Multisig. If if if the industry standard becomes Multisig,   people won't even think about trying because they'll just assume that any average BitCorner is gonna be using multisig. Would you agree?  



[00:47:06] Unknown:

Completely. Yeah. So that that's kind of where I want things to go. I know that they're not there today, and I certainly don't try and get anybody new into the space to do that. But I do think we need to talk talk about it because, you know,   it's it's something that's brought immense   peace of mind to my own own life. So, you know, I just want others to kind of share in that. And, you know, it's something you should work towards, I think. It's not that hard to do.   It's not that expense expense expense to to do. And, you know, you should really just make sure that   your home is not   is not, like, the the complete answer to your your kind of   personal wealth. There's not where you store everything, because   it just makes you way too big a target target target. And,   you know, there are some unpleasant people out there in the world who will take a bond bondage of it. There's   it it really, I think, is just a matter of time before it becomes   a bigger thing.  



[00:48:03] Unknown:

Okay. So let's so we've,   I would so,   one thing we talk about on the show a lot, if you've listened in the past   is this idea that I say self sovereign multisig, I've it was about 4 months ago, I said it's about 6 months away, like easy self sovereign multisig.   And I I think   there's a couple different concerns that people have here. So so unquestionably,   if it's if all you care about is physical attacks, it's a significant improvement. No doubt about it. A 100% do it.   The   when I say self sovereign multisig, I'm differentiating from Unchained Capital or Casa where they have a they host a key for you and your pub keys for you, because in that case, you're giving up your privacy. And in that case,   not only are there's a level of trust that you're giving to them,   you're a 100% trusting them with your privacy. And because you're trusting them with your privacy, your balances, your transactions,   it can make you more prone to physical attack in the future if if they get hacked or, if they get compelled to release it to governments or and then the government gets hacked. There's all different, you know, your your private information is out there.  

So I I think it doesn't reduce   I I think it does help in in certain threat models, and everyone has different threat models, but doesn't have help as much. Now the 2 main concerns about multisig and we're seeing some of them in the comments.   The first one is backing up is is a little bit more complex.   I I would push back against that. I mean, basically, what it means in practice   is   you need to have, this additional backup file, and and that backup up file is obviously risk. You might as well keep that with each key.   And if you keep that extra file with each key,   then then you're good to go, that that extra backup information.  

So I you're already backing up one piece of information. You back up an additional piece of information. You put that with each with each seed. That's not a,   or each each hardware wallet. That that's not a,   really as complicated as people might make it seem. Now I think the real concern about Multisig right now is the lack of standards between hardware wallets. And because of the lack of standards between hardware wallets, they're not able to communicate effectively the the information they need to communicate   to to verify against each other. So if you're using, like, a single sig cold card,   you it's it's it's a it's a easy standard process to verify your receive addresses, your change addresses, and stuff on screen.  

If if you're using multi vendor, multi sig,   you I I think right now, in practice, you can't verify any any kind of information on the individual hardware wallet screens.   Like, am I right that this is the big this is basically the biggest pain point we're sitting at right now in in this ideal setup?  

[00:50:49] Unknown:

Yeah. I mean, I think that that's absolutely right.   We we definitely need to make some ground ground there. And, you know, it's it's   frustrating to me, and I'm sure, you know, all of the freaks that, you know, these these guys you know, it's it's not that hard to do. It's really not. Like, we have standards   like the the Bitcoin core,   output descriptors now, which, you know,   really make this sort of stuff easy.   And, you know, it's   I I just think we need,   as customers   of these companies, we need to put pressure on them to   kind of add, you know, these key features that we need because,   you're absolutely right, Matt. These are these are things that are currently very hard to do. For instance,   in h w I, which is the line library behind the scenes that talks   via USB to your sort of trezle or whatever,   the multisig   display address command,   it just doesn't really work. And the lead maintainer of that, Andrew Chow, you know, he's just said, you know, it's just super hard to get get this to work. So, you know, it's   it's,   it's it's stuff that is not hard for them to do. I I I really just feel that,   more people need to ask for it.  



[00:52:11] Unknown:

I  

[00:52:14] Unknown:

mean, I would just add there that, like, even stuff like PSBTs,   partially signed Bitcoin transactions,   which have now basically become a standard, that's, like, relatively new, and it's because,   NVK, like, at Coldcard started pushing for it.   So just with everything else, like, we've made a lot of progress. I also saw in the comments, I did forget to mention Nunchuk.   I mean, between these open source,   wallets,   you know, Sparrow,   Specter, Nunchuk, BlueWallet,   Caravan,   and, like, the and these new standards that are, like, coming around. Like, I I it feels really bullish. I I feel like I feel like the industry is coming together. I wish they came together a little bit quicker, but they are coming together on this idea that, you know, instead of being a hardware wallet manufacturer, you're just a you're just manufacturing   a key,   like a signer device of of of a broader of a broader wallet. Right?  



[00:53:09] Unknown:

Yeah. Yeah. Agreed.  

[00:53:11] Unknown:

You know It's it's almost like like, you as an open source dev,   like, you have no there's no business model for Sparo. Right? Like, you've come to the you you you know that you're you're never gonna make money from this thing. Right?  

[00:53:26] Unknown:

I do. I do. I'm actually fine with that, Matt. I've I've kind of been in the commercial game my whole life, and,   you know, it's really   refreshing to just do something with a a pure sort of mission to it.   And that gets me up every day. You know, I can't argue just to go on a tangent for that. I I can't, you know, tell anyone else what their mission is, but I I know that this is mine.   So, I'm keen to keep on going on this path and and try and make the best tools for those who wanna be as   secure as they can can be. So yeah.  

[00:54:02] Unknown:

I mean, because the reason I bring it up is is because, like, you know, I feel like these hardware wallet fenders,   and and   Coldcard's always been good about this, is, like, they should just be, like, a little bit less greedy. Like, they don't need to control the whole pie.   They're making some profit off of their devices, and they don't need to, you know, have a lockdown system. We need open interoperable systems.   And I think, ultimately,   especially in a world of personal responsibility,   open, you know,   verifiable options are gonna be the ones that are chosen.  

They're the ones that are gonna win out in the market anyway. So if if you're gonna argue against that and you're gonna just try and create a closed system,   I mean, it's just short term thinking.  

[00:54:46] Unknown:

Yeah. I mean, I I think, you know, in in in re re response to that particular threat, you know, I I think what you should do is at least try and create your multisig wallet in different wallet soft soft software. So, you know, if you created   in Sparrow, you can easily export to Electrospectrum,   Spectre, or what have you, you know. And at least you can check the addresses in those. Right? The chances that all of those are gonna be compromised   on your machine are pretty low. So that's one way you can get around this sort of hardware wallets,   issue of not being able to actually check the addresses on the device, which is obviously the best. Right? We we would all want that, and hopefully, we'll get it get it soon.  



[00:55:28] Unknown:

I mean, just to bring,   Eco back into this. I mean,   Eco, like, would you ever use a closed source wallet   with your Bitcoin?  

[00:55:41] Unknown:

You know, I   no. I   I I'm I think I'm guilty of it, though, because I've used I used key keys before   I used Coldcard.   And   to be honest, you know, I'm not a developer. I'm not a coder.   I really appreciate the fact   that cold card is open source, or I don't really wanna spark the license debate.   But,   I appreciate the fact that it's open sourced. But to be perfectly honest, like,   I wouldn't know what to do with that information if I went online and looked at it. Like, I I wouldn't be able to tell you if it's malicious or not. So I like the idea that other people can look at it and determine   if it's malicious. But, personally, myself, like,   I I wouldn't be able to tell for myself if it is or not. If   but to specifically answer your question, if if a hardware wallet's like, yeah, this is closed source. Like, no one can look at it.  

Like, take it or leave it. I'm gonna leave it.  

[00:56:45] Unknown:

Well, with hardware wallets, it's a little bit different. Because with hardware wallets,   you have the secure element concept.   The secure elements are usually closed source, and it adds additional physical protection.   So what people don't realize is, like, if you're just storing, you know, your Bitcoin on Bitcoin Core on an air gapped laptop, for instance,   and someone, like, comes into your house and takes your laptop,   if you'd haven't encrypted that laptop with a strong passphrase,   they could probably break it. Now a a secure element on these devices makes it so those kind of brute force attacks where they're just, like, hitting you with a ton and ton and ton of of of, you know, attempted guest passphrases,   doesn't work. Like, the the cold card secure element   makes it so that if there's 13 mistakes, it's supposed to fucking wipe the thing, and the secure element enforces that.  

So with Harbor Wallet, it's a little bit different, and when you use multisig, you reduce the trust in between them. For software, I I I'm a I'm a hardliner here.   I mean, I agree with you that, you know,   it's you know, we've only had 10 episodes of serial dispatch, and we're only gonna get into the licensing argument. For 3 of the 10 so far would be nice.   I I,   the important thing to me is source viewable. The word you were looking for is source viewable. So you're able to view the source.   What that means is and and specifically,   if you can use it for purse if the license says you can use it for personal uses, but you can use it for commercial use. But but the real thing is is source viewable.  

And and the reason isn't so that you,   as a talented developer, can actually audit you yourself. It's it's   it's twofold. It's   the first thing is that other people can audit it, and if it's a useful piece of software,   presumably, you know, there'll be more eyes on it because there'll be more people using it.   And then the second thing is survivability.   There's this,   it's just really underappreciated,   this idea that, you know, if if you're using and, like, a a a good example is, like, Samura Wallet. Right? So you're using Samura Wallet,   you're storing your Bitcoin in Samura Wallet, and, you know, fortunately, we have we have some standards in BIP 39. I mean, you're supposed to know your   derivation path, but for the big wallets, that information will probably never disappear.  

So, like, you have some protection there. But the concern   that I see from a lot of normies when they don't realize is is you come into the space,   oh, that's a perfect example. I forget the name of it. They, like, turned into shit corners. You come into the space and you're like, if if I have this wall, how do I know it's still gonna work in 5 years?   Right? And if you have something, like, obscure backup method and you're closed source,   there that that company could just disappear.   That company can disappear, and you just never have access to your funds.   Open source, there there's   it's it's like a fucking virus, you know. It's like   it's just like you can't kill it. Like, the code is out there. It's like Barbara Streisand. You you post you post,   you know, you you you you post a picture on the Internet. You have to assume that picture is never coming off the Internet. You pour sort put source code on the Internet,   and,   like, that source code is always gonna be out there. It's gonna be if it's good if it's it's good code, like, it's gonna be flowed and it's gonna get forked. It's gonna get changed and stuff, and you you can always find it   in   5   years.  



[01:00:06] Unknown:

Yeah. I I think that's   that's totally critical,   and   I   I feel better when   I know that I can just   secure   a small amount of information   and regenerate that wallet on multiple different platforms,   whether that's a cold card or a samurai wallet or blue wallet.   And, honestly, it wasn't until very recently that I learned about the BIP 39,   derivation path and how important it was to notate that.   So  

[01:00:42] Unknown:

yeah. I understand. That's overblown,   the derivation path.  

[01:00:48] Unknown:

I don't fully understand it, but,   what could you explain what   what the what the issue is?  

[01:00:58] Unknown:

So with with with with derivation   with derivation paths is is people think the seed's the private key, but really the seed you derive the private keys from the seed.   So the paths allow you to, you know, have different variations   of   the same source material   generates different addresses for you. Now there's, like, semi standards around them,   and really what we want is, like, complete standards about which derivation path is used by but for for each different situation.   But,   I I think for the major wallets, like, that information never disappears, you know. Like, in a in a real world situation in 5 years, you only have the seed. The thing you really need to know is which wallet was it generated in. You know, like, you don't have to go and think about, like, exactly the derivation pass. Like, you know, it was created in Samari Wallet, you know, in 2019.   Like, that information isn't gonna disappear, out of the Internet. It's a very used it's a heavily used wallet. Now if you're using some random ass fucking wallet and you don't know what the debit path is, like, yeah, then you might lose your funds forever.  

Like, Craig, you wanna add on to this? Like, what what are your thoughts here in terms of, like, the the idea that people should be keeping the seed and the derivation path and whatnot?  

[01:02:09] Unknown:

Yeah. I mean, you know, I think that that sort of sort of thing is is is definitely   becoming less of a risk. I kind of agree with you. I think it's a little bit over overblown. You know? Yes. We do lack some, like, documented   stamp standards   on a few of these these things. I think BIP 80 4 is the main main one. But, you know, to be honest, all of the wallets that I've used, and I've used quite a few, they all follow, you know, the guidelines. They're all doing the same same same thing. You know, I I think any wallet that, you know, is talked about in the community   that doesn't do that will be brought to task so so fast.  

It's not really a major cons concern. You know?   You know, make your backups for sure.   But   to be honest, to go and test the, I don't   know, you know, 6 or so pods   that   it could be is gonna take you almost no time at all. Right? It's it's gonna take you, like, a half hour at at most, even if you had no idea. Then we got sites like wallets recovery.org.   There's just so much resource out there.   I I just can't see how the derivation part thing is a major issue anymore.   We should certainly make it make it better, for sure, and we're working on that. But, I don't think it's something that should   worry you too much.  



[01:03:31] Unknown:

Yeah. We even had, like, our boy, Luke Childs.   He, like I think he created a plugin for Electrum that just, like, automatically checks all the top derivation paths.  

[01:03:41] Unknown:

Yeah. For sure. It's easy.  

[01:03:46] Unknown:

I guess I'm wondering Craig. I guess as an I guess I'm wondering as a as an end user,   Craig, your perspective as a developer, like, why are developing why are developer teams using different derivation paths?  

[01:04:01] Unknown:

Well, they they actually, you know, not. But but, you know, they as I as I say, for the most part, they're all kind of using the same ones. The reason why we use different derivation parts is because we've got different,   you know, Bitcoin has evolved, and we've got different script types. Right? So we've got, you know,   we've got the original,   which is generally called legacy. We've got the nested Segwit, and then we've got the native Segwit Segwit, which is the addresses that start with b c one.   And   what   the the devs have tried to do is make sure that we use a different derivation part for the keys for each one of these different script types. And that's just good kind of practice to keep things apart. You know, you don't wanna kind of reuse the same the same keys over and over. So that's kind of the the the sort of thinking. The thinking is sound behind it. And as I say,   you know, we've we've come far enough down the road now that everyone's using the same pause for the same script script types. I I I really haven't seen a word that deviates   from from that because it's it's   perceived as a very poor kind of thing thing thing thing to do for the obvious reason that it puts user funds at risk.  



[01:05:11] Unknown:

See, that that makes way more sense to me because the the way the issue was presented to me was that, like, developers are just going willy nilly using whatever   derivation path they want for their specific wallet.   And unless you specifically write that down,   then you may not be able to restore your funds. So, I'm really, I really appreciate you clearing that up because   it seems much more like a non issue to me now,   than it did at the beginning of this conversation.  

[01:05:41] Unknown:

Great. Great. In fact, one of the things that Sparo does is it actually prevents you   from from using a derivation or or using, yeah,   a derivation part that matches the derivation part for another script script type. In other words, not the one that you're using. So it's really hard to mess that stuff stuff up. Most most wallets, you know, just say this is what it is based on the script type that you've chosen. Most some of them don't even allow you to choose the script type.   You know, it's it's just not,   it's not sort of this user configurable thing that it might have been 2, 3 years years back.  



[01:06:19] Unknown:

Gotcha.  

[01:06:25] Unknown:

This conversation is great, by the way, guys. I I like I said, I have latency over here. So,   Iko, feel free to,   this is the first time we got our boy, Craig, on on on air, so feel free to hit him with questions. That's why I brought you on is because I think you could ask them some good questions.   Awesome. And just just keep up keep up with that.  

[01:06:46] Unknown:

Okay.  

[01:06:50] Unknown:

So I mean,   wait, like, where do we where do we wanna go from here? I've, Freaks, first of all, remember, you just throw things into the into the live chat, and we will try and hit them,   as much as possible.   6102   mentioned that that thing I was mentioning by Luke Childs has been merged directly into Electronet plug in, so I think it's just in there now. And you can just,   it'll just automatically scan the known derivation paths.   I mean, just to recap, I I think the main issue is just with, like, random ass small wallets. Like, people don't realize, like, if you open iPhone or Android,   and type in Bitcoin Wallet into their their app stores,   there's a lot of shit. It's mostly shit.  



[01:07:37] Unknown:

Yeah. I agree with that 100%,   dude. It is mostly shit.  

[01:07:43] Unknown:

And I and I learned I learned that through experience.   Yeah?   Hit us.  

[01:07:49] Unknown:

Well So, Matt, do sorry. Go ahead. Go ahead, Igor.  

[01:07:53] Unknown:

I was just like, when I was first getting into this stuff, I I was trying to download as many different wallets as I could because I wanted to try everything and see what worked best. And there's just a lot of junk out there. You know? I I'm I'm not using Samura Wallet and BlueWallet because   those are the first ones I tried out. I'm using them because   I went through a lot of trial and error, and they're the best wallets out there for for what I'm trying to do.   And and same thing with Sparrow. Like, I, you know, I haven't done a lot with desktop wallets. I've got Bitcoin Core, but I've never, like, funded the wallet on Bitcoin Core. I just use it with my node.   But I'm working on this guide   for   Kevan Devani,   and   and I'm gonna go through, like, for total beginners, how to   download, install, and secure,   Samura wallet on an Android, a blue wallet on an iPhone, and I needed a desktop wallet. And I checked out Sparrow,   and I'm really glad that I did because it's an amazing   you you built a beautiful   wallet there, Craig, and, and I'm really excited to   go through the details for everybody   and and show them how to do it step by step.  



[01:09:08] Unknown:

Thank you. Thank you. That'd be be great.  

[01:09:11] Unknown:

Yeah.  

[01:09:15] Unknown:

Were you gonna say something here, Craig?   Yeah. I mean, one way we could take this if if you're keen is to kind of go into some more,   more of more thoughts around cold storage storage.   I've got a few there that might might be a bit   controversial, but Yeah.   If if you're keen to head down that that that path.  

[01:09:42] Unknown:

If if   Craig, I the reason I created Citadel dispatch is because there's not enough actionable Bitcoin discussion. I wanna talk about things   that Bitcoiners can be, you know, listening to every Tuesday   from their citadels,   and they're like, okay. This is things I can do. These are things I can consider.   Actionable. Not philosophy,   all this bullshit.   We all think the number's gonna go up.   I I do it it's am I hypocritical for putting the price there? No. It's kinda cool that in hindsight, when I when I spool all these together, it's gonna have the price just constantly showing there,   and I need to have something there, so fuck you.  

One thing I wanna start with before we dive into here, and I think this is a great idea. So what I wanna do is I like this as a model. We're gonna have Craig. We're gonna go down this hole with Craig.   We're gonna have me asking him questions as someone who's, like, slightly,   you know, slightly,   less technical than Craig asking questions, and we're gonna have Iko asking questions as as more of a,   you know, someone someone who's who's more sophisticated,   but but but not you know, we have 3 different levels here. I don't need to break it down further than that. Privacy,   so so, Iko, I need you to just jump in here, like, I got lag, so just jump in here whenever whenever you feel a pressing question. I want you to just hit him with the question. Your perspective matters.  

I wanna start with   someone in the chat said,   I am KYC'd.   I am doxxed. I people know I own Bitcoin. My government knows I own Bitcoin. All these different people know I own Bitcoin.   Is what there is no there he said there's no, you know, negative privacy reason for me to trust a company like Unchained or Casa   in a host and multisig setup. Craig, what do you say to that person?  

[01:11:31] Unknown:

Good question.   Yeah. I mean, I I guess, you know, I haven't done the research on Unchained, but I have no reason to believe that they're not using the best in class.   You know, if if you are fully doxed, then and and you think that that's a way for you to secure things,   and and you really appreciate the kind of assistance that they can provide, which I'm sure is excellent,   then I think it's a very valid path to go.   You know, it's it's pretty unfortunate that you're in the position that, you know, people know your balance and all of those sort of sort of things. It definitely puts you at higher higher risk.   But if you are there, then I can't see a strong reason not to go down that path.  

You know, yes. Sure. You'll further dox yourself self to them, but   it doesn't really matter at this point, if that is the case.  

[01:12:34] Unknown:

So, I mean, I   I like I think the product is a it's a good product. They have an open source, fully open source caravan,   and then they hold one key. So they created an open source stack so you can,   easily remove it without trusting them. I do think they are best in class. You are trusting them with your privacy.   Just just to explain, best in class, I mean, Casa's   app is closed source. So you're looking at your receiving addresses on a closed source app.   With with the the easiest way to verify a Casa multisig is with Caravan, which is Unchained's open source stack. I mean, I you could also use Sparo to do it. But, anyway, I digress.   The main concern is, to me,   is   if if   if the goal is ultimately security,   specifically physical security, I completely understand   you're using   a hosted multisync.  

Like Craig said earlier, geographical separation of keys is is super important when you're talking about, like, home invasion type threat models.   And they will hold your hand the whole fucking process. If you're a corporation   and, you know, you're you're like a Michael Sailor and you're keeping it one of these these massive regulated custodians,   Unchained will do that for you instead.   And then that way, you have a you have the the full quorum of keys yourself. You don't have to trust them with custody, but they hold one key. They can correspond with the audits and all these different things you want them to do. So there's there's definitely a value there if someone who wants to trust them with their privacy.   Now   if you are if your attempt is to be like a sovereign Bitcoin user and you're KYC'd and docs, I I don't want people to think,   like, the the enemy of of of good is perfect,   and that goes with privacy as well. And this idea that, like,   there's a 1000000 different reasons in this   today's age where you can say, like, my privacy is fucked. It doesn't matter anymore. I have a Facebook. I have an Alexa in my kitchen. Get rid of Alexa. Like, you shouldn't have one there. But I have an Alexa in my kitchen. I have a passport. Like, there's cameras every day when I go to work and they see me. And I walk out of my condo, and there's cameras in my face. And there's all different reasons   that you can come up with,   to say, like, my privacy is already fucked.  

Like, it doesn't matter. But that's not the case. Privacy   is on a scale. There it's it's not black and white, and and you can improve different things. And if you're already fully doxed and whatnot,   and and and your all your keys are KYC, you can still go through Whirlpool.   You can still hold your keys going forward and have, you know, forward privacy and and try and improve your forward privacy. Like, is is it is it a 100% perfect? No. But but you can improve your situation,   and and it's important to realize that I do think that all these hosts and multisig providers are gonna be compelled to hand over all this information,   to the major governments. So you you should operate under the assumption   that at some time in the future, all this information is gonna end up in a central database somewhere.  

And I'm not saying they're not gonna fight it. They're gonna try and fight it,   but it's gonna end up there eventually at some point. And you have to at least operate under that assumption.   And, the information I have to back that up is that Coinbase was compelled to hand over this information as well. They weren't compelled to hand over coins. They they didn't the government didn't say to them, you know, you have to hand over your customers' coins. They said, we want we want complete transaction history of these users.   And Coinbase thought it back and they said, okay, we just need the users that were over $20 worth, but they still got all the users.  



[01:16:15] Unknown:

Great answer, Matt.  

[01:16:19] Unknown:

Yeah. I would Okay. I would ask that I would ask that person, like, why why not start defensively   reclaiming some of your privacy ground? Like,   yeah, you might be doxxed, but,   like, you you can take steps to start undoing that and start improving   your privacy. You can start building a non KYC stack and keeping it completely segregated.   And   I just   you're just taking on so much more risk when when you have your identity associated   with your Bitcoin. And it it's not just physical attacks, but,   you know, if if the US government thinks that their sovereignty is threatened, they are not going to stop at anything to isolate that threat. And if they perceive Bitcoin to be that threat or people who are self custodying Bitcoin,   there's no length at which they will not go to try and get that from you. And so long as your identity is a is tied to that Bitcoin,   you're you're a potential target.  

And I I think the world is crazy enough today that that's that's a a reasonable threat to be thinking about.  

[01:17:35] Unknown:

Yeah. I mean, I it you know, as an American,   maybe you think that's a foreign threat, but but there's plenty of governments around the world where I think even, I think Americans would a 100% say that, of course, they should be worried about their government finding out.   And   and that could easily happen here, and there's other there's people that live in other countries that, you know and we don't want other governments to know either. Like, I don't want China to know my my transaction history. And, like, people say to me, they're, like, oh, but, like, America is, like, they do drone strikes and stuff. Like, I know. Like, when I say I don't want China to know, I'm trying to hit a different demographic that maybe a 100% trust America even though they shouldn't.   China I don't want China to know my fucking transaction history. In a world where American citizens aren't allowed to practice privacy best practices   and use CoinJoin and use encryption is a world where China has your full message history and has your full financial transaction history.  

If you wanna go even less than that, I mean, your boss shouldn't know what you're spending your salary on, and your bodega owner or the the person owning the store that you bought the sandwich at shouldn't know how much you made as your salary. Like, these are basic financial privacy,   necessities,   that I think most people agree to when when when   you start to explain the implications.   Craig,   let's go down this fucking rabbit hole, man. This is why I had you on the podcast. This is let's fucking go. I I I've been looking forward to this for a while.  

[01:19:03] Unknown:

Okay. Great. So   I wanna cover, like, 3 main points here,   which yeah. Let's just dive in.   All of the previous things   that were said before about, you know, if you're a beginner and you've got your coins off the exchange, you're doing doing great. Those all still apply. So this is more the sort of advanced level stuff. So let's get into it.   The the the first one I wanna cover, which I have discussed,   somewhat on   Twitter, is the idea well, not not the idea, but rather the fact that when you   use Bitcoin Core as your wallet. So in other words, you're connecting directly to Bitcoin Core with whatever wallet software you use, whether it's Specter or Sparrow,   you are using the Bitcoin Core Wallet on an in case, a sort of sort of internal level.  

And one of the the the kind of unavoidable facts about that wallet   is that it stores all of your addresses, your balance, and everything in an unencrypted format.   Now that's really that's not a sort of a design oversight. That's more   a software architecture   decision that they've kind of had to make. Because   if you think about what Bitcoin Core mainly is is it's this piece of software that connects to other other nodes,   downloads,   you know, new blocks, and tries to determine,   you know, the the consensus between between these these blocks. That's its main purpose.   The wallet is a required feature,   at least it was when the first version came out.  

And how it sort of works is every time a new block comes in, what the wallet's part of the soft software does is it goes and has a look at that block and says, are there any transactions in in this that apply to me? And if they are, then it stores those in your wallet dot dap file.   So just the sort of nature of the way that it works means that it has to operate in this un   net. And and that's that's almost like these 2   these 2 opposing forces. Right? On the one hand, you need to keep your Bitcoin code, your Bitcoin core node synced, and on the other hand, you need to try and keep your wallet, or at least your cold storage wallet offline   as much as you can. Right? And and those are 2   opposing forces, and it's the the only way to really,   in my view, solve solve this well   is to break them apart. Right? To kind of not try and make it one thing that you run that tries to do these 2 things at once.  

And and that's the sort of advantage of being able to use   a Electrum server,   which allows you to pay basically send a request in, get the results back, and then the server just forgets about it. It doesn't have to try   and say, you know,   what's going on? Can I store this information? Do I need to store a store a store it? The reason that an Electrum server can do it that way is because all of the transactions that are coming in, it just indexes.   So it can do a lookup really fast, whereas the Bitcoin core node doesn't have that. Right? And the Bitcoin core devs are not keen to add this.   So what you have is 2 different ways of working. 1 is this way of working where every new block that comes in, we need to analyze it, and we need to pull the information out of it if it applies to us. And the other way of working is every new block that comes in, we just index everything.  

And as a result,   your transactions from your wallet just look the same as everyone else's. So those are 2 very different ways of doing things.   And as a result, you know, if we zoom out again, if you're using Bitcoin Core,   your   your whole wallet is sitting in an unencrypted   form on that node.   And I think most people are not really aware of this. And I think that if we're looking at the physical attack mod mod model, people coming into your your home, getting access to your PC, they can see whatever balance you have. So even, you know, that gives them a huge tool to be able to say, I want all of that. Right?   And it's it's really an easy thing to avoid. Right? You just have to find a different way of being able to address this, or at least I see it. That's that's sort of me as a as a dev kind of looking at it.  

You know, being able to separate these two these two needs, one of the wallets and one of the node that needs to keep synced,   is for me a really important part of the reason why I wanted to build Sparrow in the first first place, was just be able to say,   you know what? I can keep my wallet,   my cold store storage wallet offline most of the time. I can only access that that thing when I absolutely want to, which might only be a few times times a year. But at the same time, I can keep my Bitcoin core node synced all the time. So I don't have to kind of get off my laptop, sync this thing for several days, and then eventually know what my balance   balance   is. So I don't not sure if I've described that well, Matt.  

Does that sound   something that makes sense?  

[01:24:22] Unknown:

I mean, I   yes. I mean, first of all, I mean, you've described it already to me,   twice now. So,   so so I think I think it was explained well to the freaks. If the freaks disagree in the comments, you can let us know.   If if if Eco,   thinks you didn't describe it well, then we'll know through through him as well. But I just wanted to say here, I mean,   one of the cool things about Sparrow is that it gives you so many different fucking options,   and it tries to explain the options to you as you go through them, which is pretty cool that it can do it in, like, a UX friendly way,   that it, like, kind of it it, like, explains, like, okay, you're doing this, you're doing that. Like, do you wanna generate a Hot Wallet? Do you wanna do this?  

You're able to back it up. Do you wanna add a passphrase? It's just, like, very   verbose, very clear.   But it has this watch only feature.   So, I mean, it   it that's exact what you just said is is   that if you use a watch only,   you know, the watch only feature in Sparrow,   you're susceptible to that as well, even if you use a separate Electrum server. Right?  

[01:25:31] Unknown:

No. No. I mean, if you use so so the way I sort of see it is and and, you know, the   new Spiro release that's coming out just this week, I think, will make it clearer. I was just redoing the whole sort of   welcome screen today. So, basically, I see it, you know, in terms of the Sparrow world, you can connect in 1 of 3 different ways. You can connect to a public server, right, which obviously means you docks all of your transaction data to that serve serve server. Now what I've I've done is I've picked a few servers that are run by by people   like Luke Childs who, you know, I think   you can, to some degree, trust. I'm not saying you should, but, you know, they're not just some random server that, you know, some chain out of Alice's comp company has   spun up and has joined the peer to peer to   peer network. Right? So that's the one way. Connect to a I didn't realize you did that.  

It it it's not a lot of 5 years. Yeah. So that that's what's kind of that idea.   Cool. Cool. So Sorry. Continue. That's the kind of   just just sort of mentioned.   But let's let's be honest, you know, just getting to the state of running a Bitcoin core node isn't the easiest thing for many people. So just having done that, you're doing well.   You know, it's a big step up step up. Now none of your transactions are leaving anywhere. Right? It's all staying there. Your own node is validating everything. That's a really good place to be. It's just got the one downside   of having your wallet stored in this unencrypted format on the node. Right? So that's that's the second way of doing doing things. And then the the the third way, which is the most private way, is to run your own private Electron server. And that's what Matt was saying wasn't the easiest thing. And it's true. It's not the easiest thing. But with these modern node packages like Umbrel,   it's really not that hard anymore. And I I I kinda wanna push back a little bit on on that. I think it was hard, but, I mean, the number of people I'm seeing on Twitter every day with sort of Umbrel, you know,   and and various things, you know, it's it's getting it's getting a lot easier.  



[01:27:48] Unknown:

Well, if you remember, when I said what I said was 2 years ago, I feel like we all hit this hole where we were like,   okay. Electrum is the best thing,   but it's just not there. It's just too complicated, and and Electrum personal server is too complicated. And 2 things happened that we had   we had, you know, you created Sparrow, we had Caravan, Nunchuk,   Specter created. And then on the opposite side, we had this blossoming of of node packages that made it easy to run your own Electrum server. Right? We had to comment it, like, both happened because of the same it was like this there was this group realization 2 years ago, and we were like, fuck. Like, this needs to improve. And over the last 2 years, it's just crazy. Like, you look at it. I mean, you mentioned Get Umbral. I mean, we have Keto we have Keto in,   we have Keto in the chat right now. He has Nodl, which is which is a prebuilt, you know, a prebuilt,   your own node,   highly performant.  

We have our own in Dojo. We have MyNode. We have RaspiBlitz.   Like, there's just all these packages that make it easy to to run your own node and run your own Electrum personal server, and it all kinda happened   over the same this bear markets are when things get done. People, like, oh, all caps Odell, like, do you not care about are you not in for the tech? You only care about the price and stuff. It's like, no. I'm trying to get through the bull market noise, and I'm, like, gonna attract people with some price, you know. Some people are gonna stumble on this little dispatch because they see the price ticker going on. They might stumble in because I'd say, you know, Bitcoin is designed to pump forever, which it is,   and, I'm gonna make them listen to the custodial talk. I'm gonna make them listen to the privacy talk. I'm gonna make them listen to the KYC talk,   and and this is how you get through in bull markets, but let's let's not pretend that bull markets are gonna be as productive as bear markets. Bear markets are when shit gets done. The bull cycles are, like, kinda when we watch this shit happen that we that we kinda expected, but it just, like, blew,   you know, blew up farther than we could think.  

But I I just want to   I mean, at the end of the day,   I I do agree that this is a threat, and this is what you initially mentioned to me.   But at the end of the day, like in practice,   like the average person, whether they're using Electrum personal server or not Electrum server or not,   Like, they're gonna have a computer that they have dedicated   if if for convenience sake, they're probably gonna have a computer that's dedicated to holding their public keys,   Whether that's core holding transaction like, actual transaction data along with it, or whether that's Sparrow holding an XPUB.   They're gonna have a computer that's hopefully air gapped   that is gonna, you know, that is gonna be holding their public keys for them. And   I I I get I guess Electrum makes that interface easier. Is that what you're saying?  



[01:30:37] Unknown:

No. I mean, look, I I think the whole thing I I I actually really doubt a lot of people are going out there and setting up air gap computers.   You know, I've certainly done it before, but,   it's it's expensive. It's not the easiest thing.   I think that the most common way that people are gonna go is the sort of hot hot hardware   wallet route.   And I think, you know, if you can use, as I say, a different piece of software   apart from Bitcoin Core and apart you know, and and sort of just connect   to your your   your Electrom's   serve server server. Now as as I was saying, the one real big advantage of that is that thing just indexes everything. So it doesn't need to store details of your wallet. So every you know, however often you wanna check your cold store storage, which shouldn't be often. Right? It should be, like, a few times a year, maybe once a month. Who knows? But, no, it's it's not something that you're gonna be doing every day. You wanna try and keep that cold storage wallet offline as much as you can. So then you can fire up Sparrow. You can load the wallet for the time that you require it. You can get your balance down. The server forgets that you asked for it. That's the way it's designed.  

And you're not storing anything in anywhere. So it's really only present,   you know, on the encrypted file, the Sparrow wallet file, and in the RAM of your computer for the time that you have that wallet open. And that's really the time that you're trying to minimize, right, the the the time that that wallet is open for. You don't want that wallet to be sort of sitting around in an unencrypted form,   for a long period of time. That that's at least what I'm trying to do.  

[01:32:19] Unknown:

So the advantage is the advantage is if you use it on a hot computer and you have, like, your XPUB on the hot computer with Sparrow,   then it's encrypted. But if you have if you have your XPUB in core, it's all the transaction data is unencrypted sitting there.  

[01:32:34] Unknown:

Yeah. That's right. That's right. So, I mean, what you can do, a a different way, of doing it is to set up the   dedicated air gap computer with an encrypted hard drive.   And then you open that thing up,   like, a few times a year, and you're gonna have to sync it, which will take a while. So that increases your risk because you're now sitting waiting for the thing to sync. It's not gonna take that long, though. Right?   I don't know. It depends. Like, my old Mac MacBook Pro,   I I was trying to sync 12 days today, and it took 6 hours.   So, it, it takes a little while. You know, to check your balance shouldn't take you more than, you know, 10 minutes to send send a transact transaction.  

Timed out.  

[01:33:19] Unknown:

Hey, can I just So I agree?   Yes, please.  

[01:33:23] Unknown:

So,   Craig, I really like the idea of separating   the Bitcoin Core Wallet from   the node that's, like, checking transactions on the network.   And the and the reason I say that is because   when I built my   Bitcoin Core node on a Raspberry Pi,   I I was just arbitrarily,   like, entering code that I was finding in multiple places on the Internet.   I had no idea what I was doing. Finding good instructions to build a node was   was pretty difficult.   I'm not a coder. I'm not a developer.   So I felt once I got it up and running, I felt really uncomfortable with the idea of putting any funds in that wallet. I like the idea of having a node   that was operating and keeping my own copy of the blockchain   to check transactions against. But I really didn't like the idea of having funds on it because I didn't know what I had just typed into the computer to make this thing work.  

And it   if I understand   you correctly,   you're saying, like, if I use my Bitcoin core node to back up Sparrow,   then   the transactions done in my Sparrow wallet are   being stored on the Bitcoin core   wallet dot dot file unencrypted.  

[01:34:42] Unknown:

Is that correct? That's correct. Yeah. Yeah. It's it's yeah. It it is an unfortunate thing. I don't think it's often talked talked about.   But, actually, like, what all the freaks should do is just open that wallet dot dap file in a text text editor. Like, prove it for yourself. Don't trust what I'm saying. Go and have a look. And you'll see there's a whole lot of binary in there. So it's not the easiest thing thing to read. But I guarantee you, you'll see your sort of addresses mixed in with all all of that. And and that's just the way that it's built. Right?   There's   as I say, because of the fact that it needs to be online, it needs to check for every new new block, it doesn't really make sense for them to encrypt encrypt things because   they have to have it unencrypted all the time anyway, if that makes any sense.  



[01:35:26] Unknown:

Yeah. No. It does. And you're you're saying the the Electrum one is indexing constantly. Right?  

[01:35:33] Unknown:

Yeah. So that basically just indexes every transaction that comes comes in. Right? So so the reason   that the Bitcoin core one needs to work the way it does is because it doesn't index everything. It tries for very good reasons to keep your disk space space down.   It doesn't index everything that comes in. Right? And the Bitcoin board devs are just not keen to build that feature in. So   that's the way that it is.  

[01:35:58] Unknown:

I I I came across this   command you can put in the bitcoin.com   file.   I I if I recall correctly, it was, like, tx index equals true. And I I thought it was so that your node would be indexing everything.  

[01:36:14] Unknown:

Yeah. So that's a really good good point. So what that actually does is it makes it so you can look up   any transaction on your node if you have the transaction ID. What it does not do okay. Well, what it does not do is allow you to look up the balance of your address. And that's what you actually need. So it's it's unfortunately   of no use   for a wallet. Like, a wallet can't really use use that in in the sense of saying, can I check my balance? Because you need to be able to look up the balance of an address, not the transaction   ID.  



[01:36:48] Unknown:

Right. Okay. That makes sense. Thank you.  

[01:36:51] Unknown:

Sure.  

[01:36:57] Unknown:

So, I mean,   first of all, thank you both. That was awesome.   Let's get more of that. I I   I I I think, Craig, I mean, to answer your question, the reason there's not much concern placed to that is because   Bitcoin privacy is a fucking mess right now,   and, that's like the least of people's concerns in terms of privacy.  

[01:37:22] Unknown:

Well, yeah. I mean, I I I guess as as I was saying, Matt, I I think that the the kind of physical threat is a bit underappreciated.   And that for me, you know, I guess this is being driven by my own fears.   I'm sort of thinking about this in my own own way, and and I was just thinking there's there's no way that I'm putting my pub keys uncript crypted on a machine which is constantly connected to the to the the   net. I mean, it's just it it doesn't make any sense to me as a dev. I've seen servers being hacked   many, many, many times. And,   you know, at at the very least, I want those to be, you know, offline for as as much of the time as I can have. Right? That's that for me is a key key goal goal here. So I hear what you're saying, and there's lots of areas to improve on,   but this for me is one that just seemed   kind of important.  



[01:38:18] Unknown:

No. Look, I 100% agree.   A 100% agree. I think it's a a very good point. This is one of the reasons I wanted you on. I I've tried to   RHR, but you do it in a way   you you just you know, obviously, you're you're very passionate about this topic. I just   I I think that to me,   what, 95%   of users aren't using their own node,   whosever node they're using, they're doxing their transactions to. Right?  

[01:38:49] Unknown:

Correct.  

[01:38:51] Unknown:

And then, well, like, 90%   of or, like, 95% of people who come into the space are using KYC   services,   and then they're giving them their passport and their, like,   everything,   and then and their address that they're sent to, and they're they don't know how to use CoinJoin, and they they're getting scared out of it, and certain influencers might tell them it's likely illegal,   and that that they should use BlockFi.   And and so we end up in a situation where, like,   you know, I'm just I'm I I   I I I realized   that   the most effective way   to   motivate people is to   to stick to, like, a clear trajectory. You know what I mean? It's like, oh, it's almost like   like I get   I I I I but I I respect it. I understand it, and I I I agree that it that it it is it's a true concern. But I I would I would say I would also argue that,   until, like, 6 months ago, you couldn't even really use a hardware wallet with Bitcoin Core, let alone multisig,   for for the average user.  

So maybe,   you know, maybe we're maybe there'll be improvements.  

[01:40:07] Unknown:

Yeah. I I you know, again, Matt, this is all sort of advanced stuff, and, again, I I really don't wanna scare people and stop them using whatever that they're on now. That that I think it's important to keep saying saying saying that   whatever setup you have now, if you've got your coins off the ex exchange, you're doing well. Like like, please do not take what I'm saying as   advice to go and make a dramatic change. Like, that's the last thing that I want. I I think it's just good that we talk about these these things because where else are we gonna gonna do it? Right? This is this is a good place to have a chat, but I I I don't wanna freak people out. It's just one of those things to be aware of and to think about. And if it worries you, do something about it. And if you're not too sort of concerned,   that's also fine. You know? It's all up to the individual user and how comfortable   they sort of are.  

I think that the solutions we have out there are great, and they're getting better, but that doesn't mean that we can't talk about, you know, the sort of next next sort   of levels and steps.  

[01:41:11] Unknown:

Fuck, yes. This is why we dispatch. I hope to have you on many times in the future.   This is the show that is not embarrassed to have people on multiple times, but just notice that we have people on for the first time they've ever been on a podcast,   and it's, you know, a fucking fantastic conversation.   Craig, you have us further down this rabbit hole? You wanna you have you we we hit your main point that you've you've hit me in the past with, and I I need to be a little bit more clear about it. I agree.   It it is it is a risk.  

What let's go down. You you wanna keep going down this rabbit hole?  

[01:41:45] Unknown:

Yeah. Sure. So That's number 2.  

[01:41:48] Unknown:

Number   number 2.   So I'm gonna speak from a personal kind of,   experience here. When I   started building Sparrow back in the day, you know, my whole career has basically been building   web apps. Right?   That's the sort of default, and for very good reason. You know, they're an extremely   powerful way to get,   applications to people.   But   I just thought immediately, like, that's not the right software   architecture   for a wallet that I want to use,   at least part of the time as my cold storage wallet.   And why is that? Well, you know,   browsers are just these   amazing, but also incredibly complex things, you know, and let's be honest, their main purpose is to   gather all kinds of different   resources,   from around the net and   display them, you know. That's kind of almost about as far away from   what you want a cold wallet   to be, you know. It's,   it just seems   like a web browser is not the ideal thing, and and, you know, there's plenty of people that have written about, but but but this. It's it's   it's just strange to me that we are using,   wallets that are essentially   sitting in web browsers. And   I guess I'm just putting it out there because   maybe I'm completely nuts, but   I've talked to a few devs.  

I was having a chat to   Nadav,   at   Cishek earlier   this this sort of week, and he kind of agrees. You know? He he's like, you know, if he he actually made the good point that if you look at how most web applications are made, they're made with JavaScript   that uses internally this kind of dev tool called NPM.   And   what NPM does is it just kind of the the sort of ecosystem uses up a whole lot of really small   little   projects or packages. And   the trouble with that approach is that it's just it becomes hard to sort of audit it. And we have seen, if you cast your mind back to 2018, we had that,   that dev who actually introduced   a,   basically, a Bitcoin   stealing   mechanism into one of the,   packages used by the co pay wallets.  

So, you know, that's a little sort of dev aside side there, but I I just I just wonder about the browser thing,   and I like to   get your views. Matt, do do you do you think we should worry worry about it?  

[01:44:38] Unknown:

So first of all, Craig, I love you. This is Civil Dispatch.   We don't mince words here, and we talk frank.   So so when when he talks about browser based, he means, Spectre is electron based.   Spectre basically runs in a web browser,   like a a   it it runs on the same engine of the browser.   It's its own little web browser instance.   And what is the main advantage of that? The main advantage of that is, is cross compatibility.   They can just easily make it so it it runs on many platforms.   First of all, Shisek is fucking a boss.   You know, I I love that dude. I I appreciate him,   and, I respect his opinion. But, yeah, obviously, it's it's a it's an issue. Right? And and I I think   I but I think we're in a situation but this is the thing. Right? And I said this to you, Craig. It's like Spyro caught me completely off guard. Like, you came out of nowhere. I don't even know who the fuck you are, and that's the coolest part,   because I love NIMS. This whole show was designed to pump NIMS.  

But, like, you came out of nowhere with this beautifully designed native application   that is on multiple platforms,   that is both user friendly and and beautiful, but also super power   power user focused, and shows you everything you need to just to see, like, where the fuck did you come from?   But but but we didn't really have an easy way to interact with Bitcoin Core   and and multisig hardware wallets,   and and bring your own signers, and they made it super user friendly.   And and and I would say from a security point of view,   if we have these standards on the hardware wallets and you're verifying it, and and to be clear, my guide,   that I've that I've   the the main guide that I talk to people about   is single is we run bitcoin.com. It's single sig cold card with Spectre and core.  

You're verifying everything on the cold card.   Right? So the trust in the actual software is a privacy trust.   It's not a security trust because   because the cold card is acting as a second factor there. Right?  

[01:47:00] Unknown:

Yeah. I mean, look, I I think yeah. That's right. It's, it's it's largely about trying to be as private as you can be, you know. I'm not, I I think we are you know, if you're using hot hot hotter wall wallets, you've largely,   you know, dismissed the chance of losing your funds unless you screw it screw it screw it up. Right? I think that's   but, you know, from a privacy point of point of view,   we do need to try and reduce the attacks surface   surface as much as we can. You know, one can never do   enough there, but you can you can think about things, and you can try and and kind of approach it from,   a method that   doesn't make it too hard to use, but at the same same time,   kind of, uses   the kind of tech that leads to the lowest attack surface. That's the way that I like to think about pilot pilot.  

I see there's a comment there, web browser engine is not equal to a web web browser. That is true.   So the Electron platform is built off Chromium, which is the same thing that powers Google Chrome and Edge and other browsers.   If you go and have a look at   at the sort of commit log,   on that, there's a commit about every 10 to 15 minutes. I mean, it is an amazing open source project,   it really is,   and it drives so much of the world. But   it's just incredibly busy, and if you just think about all the things that it can do, that Chromium,   sort of engine,   I think it is a very complex   thing.  

I'm I'm not comfortable myself   with the complex plexity there.   So I I kind of wanted to raise it because it feels to me like we need to talk about it at least a bit. Certainly, the devs that I've spoke spoke spoken to   tend to to agree.   So yeah.  

[01:48:58] Unknown:

I like your obsession.   So that Go ahead. Before you get started, Iko,   just that question was from our boy, Keto. Keto, I just sent you a Telegram message. If you wanna join us in this chat,   just click that link that I sent you on Telegram.   Iko, go.  

[01:49:16] Unknown:

All I wanted to say was that I I like your approach, and, you know, I think your main point is that   that's   widening the attack surface. And if it if it's not necessary, then then why not keep it simple?   And and I think you've done a really good job with that.  

[01:49:37] Unknown:

Yeah. Thanks.   Kito just asked how many dependencies   is Spero   using. That's a really hard question, obviously, to sort of answer because it depends how deep you go to write.   But,   if you just look at the sort of build file, there's probably around 15 to 20 or so.   I don't have an exact figure.   It's something that I tried really hard to keep as low as I could. Unfortunately, when you've gotta do things like support   cameras for QR codes and stuff,   it does   it is hard to   keep them down, but there are many times when I sort of just avoided   doing something a certain way because it would add one more   dependency.  

So   it is something that I think   devs are aware of in the   space, but   it's kind of if   you're going from a browser from   the start, then there's just a   whole layer there that you have to be aware of.  

[01:50:45] Unknown:

Did,   we appreciate the discretion. Just to be clear here, Kito is   Kito is currently in bed. He cannot,   join us. He he's only participating through via text.   Hopefully, we will have that in the future.   Yeah. I mean, I I think this is this is a good this is a good point that you made.   I think that,   in general, we wanna have, like, the lightest native   software possible with the least amount of dependencies. Do we all agree on this?  

[01:51:16] Unknown:

Yeah.  

[01:51:19] Unknown:

I think so.  

[01:51:22] Unknown:

Yeah. I mean, for sure, from my side, you know, and I would certainly like to keep, you know, getting Sparrow's dependencies   as low as I can. You know, that's always the sort of aim, I think. So,   yeah, I I mean, I I I I really don't wanna, you know, point fingers, and I think SpecSpectre guys are doing a great job. You know, just the fact that they are helping people get their coins   offline,   is is awesome. You know,   These are just thoughts that I have, and I think it's worth, you know, having   a chat about about about it.  

[01:51:56] Unknown:

Yo. Bitcoiners love Rust, Craig. Do you have an opinion on this?  

[01:52:00] Unknown:

I think Rust is great.   She's a rotten rust.   He's awesome.  

[01:52:08] Unknown:

Kito says,   thanks for clarifying this.   Low dependency count is great. Be   Libs though.  

[01:52:17] Unknown:

Completely agree. And   web view Libs as well, which I've luckily managed to avoid.  

[01:52:26] Unknown:

Honestly, Craig, you're killing it. I appreciate you, man. Thank you for joining joining us on dispatch.   This is just this is just great. This is fan this is why we dispatch. This is the whole point.   U t s 9 wants to know, and and I'm throwing this question at Craig. For single sig, why would I use cold card with Specter or Sparrow   and Bitcoin Core or Electrum? Right? You should be using Electrum according to Craig. And not just use Bitcoin Core, just straight up. Like, why like, I I this is the the hot wallet question all over again.  

[01:53:00] Unknown:

Well, not really. I mean, you know, if you assume when you say use Bitcoin Core, you mean use the Bitcoin Core GUI or the sort of QT front end. And and there's no   there's no, you know, technical reason. I think it's just ease of use. You know, the reality is the Bitcoin core wallet must move at the same speed as Bitcoin core. Bitcoin core must, for   very good reasons, move at a very slow speed.   So,   you know, that's,   I guess, also a case of where you have these 2 kind of things. 1, you have this consensus   which needs to move a lot faster, and they're currently all tied into 1.  

And as a result, Bitcoin Core's wallet is not that easy to use. So the main reason to use   Spector or Sparrow rather than Bitcoin Core is just really ease of use. It's it's, it's just quite difficult. It's not an you can do it, but it's it's not so easy.   And I guess there's more chance of you screwing up if you're using the Bitcoin Core Wallet just because,   for all the best intentions in the world, it just can't move as quickly and and gets,   the same kind of UI love.  

[01:54:20] Unknown:

I love I love Bitcoin Core as a hot wallet. Like, I think it's just fucking fantastic. I, you know, I I don't know. Like, when I would I when I withdraw   from so I have my, like, KYC stack that's just like my my fiat job with my fiat check, and my fiat salary just gets sent through Cash App and just comes out the other side of Bitcoin, and it it arrives in a in a core hot wallet.   And I just like it. It just has very easily coin control and will sync when it syncs, and I don't fucking care. And I just press receive address, and then just fucking do it.   Just, like, gets the job done.  

Someone asked me,   do I push back on companies I advise if they use non native? Yeah. I mean,   there's only one company.   I advise 3 comp I advise 4 companies right now. Full disclosure, you can view them on mattodell.com,   all the all the companies I advise.   I advise 4 companies officially. I advise a shit ton of companies and   and and founders in the space.   I do most of it for fucking free, because I want the space to be better, and because,   there's just so many bad actors out there that that if if people don't do it, then then no one else will. Like, if I don't do it, who else will fucking do it?   Of the 3 companies that have given me equity, you have Hexa Wallet, which is an actual wallet, and they they're a react native wallet.  

And then then I have 2,   basically, KYC on ramps to be quite quite frank. I have Swan Bitcoin, and I have Bottlepay.   And then the 4th company is Bitcoin Magazine. I build them out hourly. They don't give me equity. And if you wanna go and look at the equity, I have it lined up on on mattodell.com,   which no one else fucking does, and they should all fucking do it.   And if any of them   Bitcoin or do anything unethical, I can drop them and publicly,   call them out, which it says that also on my site. So there's your answer.   What else do we have here?  

17 dependencies on Sparrow is what 6102 said. Do you have   a   does that sound right to you?  

[01:56:29] Unknown:

It does. Yeah. Yeah. That's a good   count, I think. I think he went into the build file.  

[01:56:36] Unknown:

Yeah. Welcome to the 6102 show.  

[01:56:39] Unknown:

Awesome.   Just for those of us who don't really understand,   like, how does that number of dependencies   compare to other wallets?  

[01:56:49] Unknown:

Yeah. So I don't wanna   I I like, this whole dependency thing is is it's it's easy to just give a figure and and make it sound good or bad. You know? It's it's really about just trying to audit the libraries that a wallet uses. Right? If you've got a 1,000, that's really hard to go in there and sort of order them with them all. It's you know, how often do do do they change?   That's the kind of kind of thing. I think it's it's, you know, it's it's one of those areas which I I think needs a lot more work. But, you know, the reality is,   that I was trying to sort of make is,   the   sort of JavaScript ecosystem,   just just the way in which it's evolved   tends to have like, hundreds of dependencies.  

You know, it's it's just it's a development mindset that they've had, and and there's plenty of good reasons for doing it that way. It just doesn't   fit the cold storage kind of approach that well, because it makes auditing the soft software   harder.   That's that's the the kind of main message that I was trying to make there.  

[01:57:56] Unknown:

Cool.  

[01:57:58] Unknown:

Yeah. So, I mean, Doug Nebuchadnezzar   asked like he said, Big Magazine is not listed. I'm trying to figure out I'm I think I need to list them separately because it's   I   I don't know if am I supposed to list out everyone I bill out hourly or not. Like, that's, like, their question.   But to be clear, freaks, like, as number goes up, like, all this is negligible.   Like, like, Bitcoin Magazine is not paying me enough to to to hold my fucking tongue. Like, I will fucking talk.   If I if I if I have something to say, I'll fucking say it. No one no one no one can pay me enough to to fucking hold my tongue, and that that's the beauty of Bitcoin.   Yeah. I mean, so this is this is fucking awesome. Craig, do you have,   are are we down the rabbit hole? Are we go do we go farther? Is there a farther rabbit hole, or or do have we hit the bottom?  



[01:58:47] Unknown:

One more, Matt. One more.  

[01:58:50] Unknown:

Okay. Let's go. So  

[01:58:51] Unknown:

yeah. So,   this is something that I I sort of discovered as I was building   Spyro Spyro Spyro is, you know, you have this idea of you have your cold storage wallet, and you wanna keep it offline   as much as you can. And   what's it doing when it's offline? Well, it's obviously sitting in an encrypted format. And as Eco mentioned earlier, we are using the best kind of military grade   encryption that we we we can, which is AES 255   6, and that's awesome.   But one of the things you have to do before you run the encryption algorithm is you have to derive   a cryptographic key from the password that you enter to open your wallet.  

And there are various algorithms that derive this key. Now   the one that Electrum uses is incidentally the same one that is used to derive   your private key from your seat, and it's an algorithm called pbkdf2.   So great name.   The unfortunate   problem with using pbkdf2   for passwords is that it's really old. It's it's, like, decades old, and   it's now   easily attackable,   by,   you know, sort of modern hard hardware.   So you you sort of open yourself up if you   if somebody has an access to your cold storage wallet file   to being able to do what they call a rainbow table attack, where they basically feed a whole lot of common phrases in, and they essentially brute force your pass password just by running it through this   relatively insecure   key derivation algorithm.  

So, you know, it's a technical deep detail, but I do think it matters.   And, you know, that's I think there's an interesting aside to that as well.   If you are writing a piece of software for a mobile wallet, you are greatly limited,   because you need to support   a large range, particularly of Android devices, which, as we know, some of some of them can be pretty underpowered.   You can't choose a particularly hardcore   key derivation algorithm. You you know? Because you'll sit there waiting for, like, a minute for your wallet wallet to   open and your phone will be getting hot and your battery will be going down.  

It just doesn't make a lot of sense. So,   you know, the power of the phone actually limits the algorithm that you can you can choose.   Now you can always get around this by using a super long pass password of, like, random numbers and letters and punctuation marks.   But, you know, that, obviously, then increases the risk that you might   forget that thing or   write it down or, you know, have it in a place where it can can can be found.   So   two points here. 1, using desktop soft soft software means you can leverage the power of your desktop to use a more hardcore key derivation algorithm, which is good. The second is that you need to make sure that that algorithm   should take around half a second or more to derive the key. If it doesn't, then you're opening yourself up to,   you know, sort   of hardware   GPU type attacks on that particular file. Now, I mean, this this might sound a bit sort of esoteric, you know, what's the chances that someone's gonna get a hold of your wallet file and start doing this? But, you know, I'm trying to look ahead to the point where,   you know,   you   you really just don't wanna have to worry about that, because   it exists. Right? The tech exists to make that stuff   really hard to do, and we may as may as well use it. One of the surprising factors is that   despite being a cryptocurrency,   the cryptography   is actually often pretty old school that we are using. And there's no there's not I'm not saying we should be using the thing that was invented last last year, but, you know, using something that was invented in the last decade seems like a good idea.  

So that's kind of   the the the last point that I wanted to make was, you know,   really, I think it   it references   what you can do on a mobile wallet in terms of securing your wallet file, particularly for cold store storage.   And I think, you know,   as I say, I was just really surprised that   Electrum   used this relatively insecure,   key   derivation algorithm. And and to be honest, I think that that's because they have been around for such an impressively long period of time, and they've targeted such a wide range of   of of sort of platforms.  

So it's not a slight on them so much as it is just what they have done, you know, and and the the sort of space that they have come from.   Yeah. That's point number number 3.  

[02:04:02] Unknown:

And is that what people are doing when they buy a wallet dot dat file online? Is that how they're trying to brute force it?  

[02:04:09] Unknown:

It could be. Yeah. Yeah. So you can encrypt the private keys. If you're using   a hot wallet with your Bitcoin core wallet, then the private keys you can in encrypt.   I don't actually know exactly what the key derivation algorithm is that they use. So I don't know how hard that is is to do, but it sounds like that's what they would be doing.  

[02:04:31] Unknown:

Interesting.  

[02:04:35] Unknown:

I mean, so yeah. I   this goes hand in hand with the fact that I think, like, Sparrow, it like, there's no reason to use the Electrum front end anymore.   It's like   if if if you want super user friendly, use Spectre.   And then if you want   if you're an advanced user, then you use Sparrow, and there's just no reason to use Electrum.  

[02:04:59] Unknown:

Yeah. I mean, sure. But I I I think, you know, we shouldn't knock it out. I I like to him too much. You know, the the the fact that they've just been they've been around for so long, Matt,   that code has had so many eyeballs on it. So many transactions have gone through it.   There's value in that.   So   I still have a bit of love there.  

[02:05:23] Unknown:

Fair.  

[02:05:26] Unknown:

Just to be clear, that's   that's different than   saying using Electrum personal server. Right? You guys are talking about 2 different  

[02:05:35] Unknown:

Yeah. I'm talking about the front end. Using. Okay. Okay. Alright.   Right, Craig? We're talking we're talking about the front end here. We're talking about deriving keys. Correct. And and and and and for a practical point of view   practical point of view, the big   the big no no   the the big no no that that we all learned as Bitcoiners   was Blockchain dot info,   when they did the   they were using random dot org or whatever for their key generation.   Yeah. Do you wanna talk about this, Craig?  

[02:06:10] Unknown:

Well, yeah. I mean, you know, that's, I think that was more to derive the nonce.   I don't know too much about that, to be honest.   But, you know, it's yeah. So I can't really talk too much of that, I'm afraid.  

[02:06:23] Unknown:

Was so what happened was they were using random.org   as their source of of entropy.   And when you when you if you wanna do key generation in a safe way, you need a source of entropy, so   forget about the algorithm.   The entropy is more important. The algorithm is important, but the entropy is more important.   And they were using random.orgorrandom.com.   I don't know which one it was.   And and there was, like,   a, you know, like, a 4 or 4 error or something. Like, they couldn't connect to it. So, like, there was a bunch of keys generated in that middle time where it was just   there was they were using no entropy. It was just the same   it was the same   entropy. So, like, so so that's this is why when I say say to people use cold card, like, roll your dice. Right? Add entropy. You're not you don't wanna trust when we say entropy, we mean randomness. Like, you don't you don't wanna trust the randomness of whatever your device is generating.  

Would you agree, Craig? Like   Yeah. For sure. Like, the entry is the most important part. Right?  

[02:07:29] Unknown:

Always roll the dice. Always roll roll roll the dice. But, also, like, don't you know, there are there are so many things to think think about but but here, you know. I think, to be honest, I think that that risk,   has been a little bit overblown.   It's super important, but, you know, it's it's almost like it has become the   the, I don't know, the the sort of,   dominant factor at times.   You know, I I really  

[02:07:56] Unknown:

sorry, Matt. If you have, like, a closed source wall if you have, like, a closed source wallet that allows you to roll dice, like, it doesn't matter. Like, it's still closed source. Like, no fucking idea if they're using the dice or not.   Alright. Yeah.  

[02:08:08] Unknown:

For sure.   You know, I mean, honestly, the chances of your cold card,   you know, giving you   bad random numb numbers are are really, really small, but it's easy to roll the dice, so do it. You know, that's that's my sort of advice.  

[02:08:23] Unknown:

Well, I think I would I would say the argument is it's if if we can get it into standard practice   that   if you're a cold card user, you're gonna use your   own dice entropy,   then suddenly it takes an attack vector away from, Rodolfo. Right? It's like,   it and and it's not just Rodolfo   possibly attacking you, it's anyone attacking Rodolfo to attack the entropy, and they won't because   they just know that all the users are gonna roll dice.  

[02:08:52] Unknown:

Yeah.   I think that that's a great argument.  

[02:08:56] Unknown:

So I mean, I I'm curious, Craig, like, you've been kinda quiet about, like, CoinJoin and shit.   Like, how do you feel about on chain privacy with Like, I know Iko is, like, super pro.   He's been pushing this,   samurai is is the leader in pay join adoption. They call it stowaway by them. They added this whole new tour layer called Soroban, where you can communicate between the users.   They're doing this thing that I wanted to talk about this episode called Greta's Fury,   which is I guess, it's important to trigger the blue checks by   by by bringing Greta into it.  

But the idea is to, like,   kind of destroy the transaction graph by just doing all these pay joins in a row.   They call them stowaways. It requires these PayNMs, BIP 47.   So, like, I'm just really curious, like, on your opinion, and and this opinion is not stated yet. I'm curious of opinion on,   Chaumian coin joints.   I'm curious on your opinion on join market.   I'm curious on your opinion on   on on, like, this this samurai   this samurai post mix tool not post mix tools, just just spending tools, stowaway, stonewall. Stonewall is is basically a I don't know how familiar you are with the samurai stack, but I'm just curious on all of these on chain,   privacy things and and how where you stand here, how   into them you are. Like, are you paying attention to them, or did you not care about them? Where where do you stand?  



[02:10:26] Unknown:

Sure. So,   let's go through through them.   So   CoinJoin, I think, is great. I I don't like the fact that it's not a stand standardized thing.   You know,   at least from a Aspero development point of view, I've really tried to go down a standards based route.   And   that's the one thing that worries me. The other thing is fees. So, you know, the mem mempool is,   or I don't know. It's really high. Like, I'm not sure what it is right now, but,   it's going to   only get more. And I think that that is that is you know, that that that just worries me as a long term plan. Like, it's great today. Don't get me wrong. But, you know, if the fee market continues to develop as it's doing, I I do worry a little bit about whether   most people are gonna be prepared to pay the fees that will be required to be paid.  

So that's the sort of CoinJoin side. I have done Coin Joins. I think they're great. I think it's a great tool. I'm very happy we have access to it. Am I gonna build it into Sparrow? I'm not yet sure because of those   reasons.   Pay join is built into Spiro Spiro.   I think it's excellent.   I think the one flaw in Pay join that we have   is that it currently requires this   server kind of into it. So that's the way that it's usually implemented. So you But it's interact life. What are you gonna do?   Well, that's that's okay. But the the issue is that you have to have, like, a BDC pay server, which has an HTTP end endpoint, right, that that you can then talk talk to. Right? And I I would really like to see   individual wallets being able to talk to each other. Now that's obviously what samurai have built with Soroban,   and that's awesome. And that's something that's really, really interesting, and I'm hoping that that becomes some kind of a spec so we can all build it and all of the wallets can then take part. Right? Because,   I mean,   just think think think think about it. If every Bitcoin transaction you send, you just paid a little bit more and made it a pay join,   it's just so much easier to break the heuristics   than everyone doing coin joins. I mean, it's just, for me, as a dev back, just makes a huge amount of sense. So,   that's something I'm super keen on,   and it uses BIP 49 now. So   that's definitely something that I need to look into and and sort of,   figure out whether I need to add that as the first step to getting   a   Soroban or Soroban like layer so we can start doing   pay joins between wallets rather than between   wallets and,  

[02:13:19] Unknown:

some merchant wallets, if you will. Yeah. Yeah. I mean I mean, so there's like a fight here. There's a fight. There's a fight between, like, the b d c pay wasabi crowd, and   it's like every good thing I get stuck in the middle. Like, the important thing as a BitCorner is,   like, if you're a public BitCorner doing content like this every week, like, if you're not getting stuck in the middle of multiple fights, like, you're just doing things wrong. Like, that's just what I've come to conclusion of.   But, like, the was Bobby BTC pay decided they they're gonna have their own fucking pay join implementation.   Their pay join implementation,   it revolves around   the merchant customer experience.  

Samura is like, fuck you. We think p to p is the way.   Okay? And p to p, we don't have to have an online server. All we have to do is   the receiver needs to be ready to accept his payment. That's it. Right? And that's what Stowaway is.   Basically, he just needs to be online ready to go,   but there's no, like, server or whatever. Right? It's just he's he just, like, goes into his app, and he's, like, I'm gonna go connect to Tor and make this shit happen.  

[02:14:29] Unknown:

Yeah. Yeah. And I I, you know, I I think that that that for me is the way that it needs to work. And and there's no technical reason why that can't can't happen. Like, you know, some some some some arrive, obviously, built it. It works.   Why can't we all do it? It just makes so much sense. So so I really hope that we see   a spec because we're not gonna get broad global adopt adopt   option across wallets until we have some kind of kind of a BIP. And that's, you know, one thing that   the BDC pay guys did is they wrote BIP 78, right, which is the pay join BIP. And as a result, that is the sort of implementation.   Now I know that the sum of SunRail guys, if you suggest that they do a BIP, they will,   well, they won't,   ignore that. They're never gonna do that. They're never gonna do that. They don't agree with the bid process.  



[02:15:22] Unknown:

They disagree with the bid process,   from a principle point of view. But but so so so my question   my I I get my question to you is,   I mean I mean, so these paid joins are cool. Like, I I think this is, like, a cool concept.   I like the idea of of Sarban.   You mentioned fees. I mean, like, fees are just gonna go up. Right? Like, no matter what, fees go up.   I think I think people need to like, people are get we're we need people to be educated to realize that privacy is worth the additional payment. It'll always be more expensive.  

[02:16:01] Unknown:

Yeah. But I I think that we need to try and, you know, as best as we can be be sort of clever about the way that we do it. I mean, think about a pay join in   every wallet. Right? Everyone's being encouraged to pay join. I mean, it it would break every Chainalysis company. It's game over, you know, if you can get to that that sort of point.   I think it's a goal.  

[02:16:25] Unknown:

The the the thing that that really so like I said, I'm stuck in the middle of all these guys.   And I I really do I and and and the Samura guys will hate me for it. I really do believe the Wasabi guys are trying their best,   that that they have best intentions in mind, and the Wasabi guys will hate me when I say that I think the Samura guys have best intentions in mind.   A lot of this argument resulted it came from BIP 47, which is PayNibs.   BIP 47, these these payment codes.   This idea that you can accept a donation with text,   almost stealth address, like,   with just with just like a plain text. You have, like, a plain text   characters, and you can accept a payment in a semi private way,   where on chain privacy doesn't completely destroy you.  

And they just got wrecked. They got wrecked on the BIP 47 thing. Like,   Luke was against it. Everyone was against it. They've discouraged it for for usage.   And they built they built their whole wallet   around bit 47.   And and and in in their defense, it makes sense to me. It it seems it seems the right path to go. It's like almost a distributed,   identifier for wallets so that you can create a new,   addresses.   62102 wants to mention that he's blocked by Wasabi,   and he thinks it's hilarious.   What do you Craig, do you have a feeling on bit 47? Like, do you have any opinion here? Like, I I like, I it amazes me that the thinkers of Bitcoin, like, the smart guys in Bitcoin don't talk about bit 47 ever, and I just I always am just constantly trying to figure out why.  

[02:18:16] Unknown:

Yeah. I mean, look,   direct answer, Matt, is is is no. I actually really need to get into the spec spec spec and see whether it it sort of makes sense. I understand that there's been a recent change. I haven't got into that change change yet. I was concerned   about the additional   transaction that was required, but I I Yeah. But whatever, bro.  

[02:18:39] Unknown:

Yeah. Now they they've removed the requirement, and and in Sariban, it goes just just through a Tor layer. But but regardless of the requirement, like, this idea like, do you agree with me, like, this idea that, like,   with Bitcoin, like, you should be able to just, like, post text. I should be able to just, like, post   a fucking sentence that allows you to donate to me in a semi private way without, like, me doxing my whole on chain balance.   Like, that should just be that I that should be a capability of Bitcoin. Right? Like, I easy donations without BTC pay server. I don't want BTC pay server. I just wanna fucking post something on Twitter   and just be, like, if you wanna donate to me, this is the how you donate to me and, like, every wallet supports it. Do we agree that that should be a fucking thing?  



[02:19:25] Unknown:

Absolutely.   Fuck. Yeah.  

[02:19:28] Unknown:

Fuck. Yeah. Exactly. And that's what PayNim attempts to solve. Like, it's not perfect. I don't pretend it's perfect,   but that's that's what they attempt to solve. And the major negative is that it's just only Bitcoin. Only only only the samurai allows you to to spend it, which is the is the major negative. Like, if if you need them to be on Android   and you need them to be using Samura, otherwise, they can't donate to you.   But we need to get past that. I just I just need   I think people need a way to just easily accept   Bitcoin   in a private way, in a at least in a more private way than just fixed address. Like, fixed address is not private at all,   and,   and it just needs to be done. Like, it's a major pain point. It's it's one of those things that's, like, everyone's getting censored. No one can   everyone's having trouble receiving donations, like, we should have an easy way for them to do it.  



[02:20:24] Unknown:

Well, Matt, you'll be happy to know that it is literally the next thing on my list, so I am keen to get involved.   Yeah. I'm Yeah. It's it's it's I I completely agree agree with you.   The I I guess the the the one thing that was making me a bit uncomfortable, and it's probably just a result of me not understanding the spec spec well, is how much of this is tied into paynems.com.   I don't think it is, but I just need to go and kind of really   make sure that it's a standards based approach. Because if it is, then we should use it.  

[02:21:00] Unknown:

Oh, no. So the the the part that's PayNIMs is instead of, like, a payment code, it's just the NIM.   Is is that that part's tied into paynips.is.   So, like, the idea that you could be, like but you the way you use SloppyBot 52 or or whatever, and then you look up SloppyBot 52 and it's, like, the payment code,   that is centralized.   Okay. Which I think is, like, a decent enough trade trade off. Like, the idea that, like, you just have to look up the payment code somewhere because, like, you don't want to type in, like, 55 letters and numbers instead of, sloppy bot 52.  

[02:21:39] Unknown:

Yeah. Okay. Got it. Got it. I wonder if other wallets can integrate into that or whether it's   a it's just just, you know, sort of a We're not samurai wallet thing.  

[02:21:51] Unknown:

Well, look look, if if you if you wanna implement a new standard, like, we can make that happen. If you want to integrate with Pay Name, you let me know. I I can make that happen, You know? Like, we we whatever it is.   Like, let's make this fucking thing happen. Like, this is, like, a thing that I think is super important.   I've I talked about earlier that I'm advising Hexa Wallet. It's not a coincidence that Hexa Wallet has a donation mode that gives you, like, a borderline BTC pay type custodial. It's like a it's custodial privacy relationship,   but you hold your own keys.  

Luke was against that too. Of course, he was.   But, like, I I think that's super important, like, people we're gonna have more and more people, especially in the Western world, that get deplatformed   from all these donation platforms, you know, like the GoFundMe's and the Kickstarters and shit. And they're gonna want an easy way to do it,   and that easy way can't be   either paste a fucking fixed address or go b t c pay server. Like, we need to have a middle ground.  

[02:22:53] Unknown:

Agreed, Matt. Agreed.   Agreed. I'm gonna I'm gonna dive   in.  

[02:23:00] Unknown:

Yeah. I can't wait to see a second while it integrate the payments   for bit 47.  

[02:23:06] Unknown:

Basically, just need we get one iPhone wallet to do it, and then we're good.   That's it.  

[02:23:12] Unknown:

And then chain analysis is totally fine.  

[02:23:17] Unknown:

I love it. Well so so the cool part about   well, no. The reason he says that is because once you have   the Pay NIMs with Soroban now, if they integrate Soroban as well, then you can do,   then you can do a stowaway for pay join or you can do a stonewall times 2 where 2 people do a coin join, and then it pays out to a third person who doesn't even accept. They just give you a regular Bitcoin address.   And that like, that's kind of the situation we wanna be in, I think.  

[02:23:48] Unknown:

Yeah. It's pretty cool.  

[02:23:53] Unknown:

So, I mean, we're, like, 2 and a half hours in here. This has been fantastic.   How do you get a fixed address? I don't even know what he's talking about.   So, I mean, a big thing in this podcast, which is hilarious because I'm in it for the tech,   is   I make sure that every single person that comes on the show, and I expect you guys to come on as a return guest,   Answers the question, do you think Bitcoin is designed to pump forever?   I'm gonna start with Eco. Eco,   does does the the purchasing power of Bitcoin ever stop?  

[02:24:36] Unknown:

No. I don't think it does.   You know, I'm not I I I wanna be clear. I am not a NGU fan,   but   I don't think   Bitcoin is ever   going back to 0 or even close to it.   More or less, it is a one way street.  

[02:25:03] Unknown:

Craig?   It's gonna keep going   until something better comes along,   and I don't see that happening anytime soon.   So look, I mean, guys, nothing lasts forever. Right?   Things always stay. Bitcoin does.  

[02:25:22] Unknown:

Maybe  

[02:25:23] Unknown:

I I think this is too much to outlive all of us that are listening to this today. I agree. I completely agree.  

[02:25:31] Unknown:

So, I mean, I talked about this with the mooch, and I was like, I I don't wanna argue about things that my grandkids can argue with your grandkids about.   But,   I mean, I think I I see a world where Bitcoin when Bitcoin ultimately gets replaced,   but they there's, like, some hypothetical new technology,   The inertia the social inertia will be to take the Bitcoin ledger and transplant it onto the new technology.   So I think Bitcoin never dies if you care about the ledger. If the if if the ownership ledger is what you're talking about, it it literally would never die.  

[02:26:07] Unknown:

Yeah. Sure. Sure. Agreed.   What I'm talking about is,   really more time to be technically correct than useful.   I agree with you guys.  

[02:26:19] Unknown:

Yeah. I'm glad that I have both of you on the record saying that Bitcoin is designed to pump forever, so I appreciate that.   So another reoccurring segment we have on this show is how would you kill Bitcoin.   And,   I had Wiz on the show last week, and he asked me to define kill and Bitcoin.   So I'm gonna change it,   the the the the wording, and I'm gonna ask you,   if you are   the most powerful governments in the world, so let's say you're US or China,   or let's we'll just throw Russia in there, whatever. Fuck it.   You're one of those 3 governments.  

You want to stop Bitcoin. How do you stop Bitcoin? We will start with Eco. Go.  

[02:27:03] Unknown:

Yeah, Dan. Good question.   I would   initiate   a very elaborate media campaign of   very rich and in the spotlight CEOs to start acquiring Bitcoin   and to get as many people rallied around it as possible.   And then,   once everyone is is brainwashed by what these CEOs are saying to them and talking about the NGU,   then I would tell the CEOs that they need to hand over their bitcoin in a 6102   style order   and get those CEOs to   tell all the people that have been following them that,   that that giving the government custody   is a good thing for Bitcoin and and that this is how we, quote, unquote, achieve world reserve status,   and the crowds cheer themselves on into a cage.  

And then, and then, I don't know, maybe start requiring,   social security numbers and op return   and get someone to infiltrate the Bitcoin core devs to   have that rolled into it.   And then   who knows where it goes from there? But, yeah, I and I and I'm kind of alluding to the fact that I think some of this might be in play already with Michael Saylor and and Elon Elon Musk. And,   I I think there's some dangerous memes out there. I think number go up is a very dangerous meme. I think this Trojan horse   idea is a is a dangerous meme.   And I think people really need to to proceed with caution, and they need to understand their trade offs,   and they need to weigh their options, and they need to   to be very careful how they move forward, and they need to keep their identities out of it And go non KYC and make every Spend a Coin join.  



[02:29:03] Unknown:

That was a really good answer.   I'm I'm not sure I can top that, to be honest, or actually add much to it. I I would be much more brief and say,   the the the best way to do it is to adopt, infiltrate, and subvert,   which is basically what Iko just just said in a much better way.   I do think it can be done. There are not that many individuals. In fact, I was really surprised at how small   the community actually is. You know, it it appears from the outside, maybe not to everyone, but it appears to be quite large, and maybe it's growing at a pace. But it's,   if you if you get into it and and, you you know, the the people who are building and,   you know, adding and   I mean, by that, I certainly include the content, you   know,   producers as well.  

It's it's not that many people   on a global level.   And,   yeah,   it does worry me a little bit, but   so long as   we all   do our work, I think,   you know, we are winning.   But I don't think we should be unaware of the risks of that kind of model that Eco just put forward. I I think it is a very possible,   outcome if we don't keep on pushing   self custody,   non k y c,   and,   basically, just trying to make it as difficult to,   analyze the Bitcoin   blockchain as we can. So that's, yeah, that's my my thoughts.  

[02:30:50] Unknown:

The whole value prop of Bitcoin is censorship resistance.   So if you have significant stake in Bitcoin and you hold large amount of Bitcoin,   you better fucking be for that censorship resistance. Like, if you're not fighting for that censorship resistance, you are short yourself.   And why would you ever live a life where you're short yourself? That is just dumb. That is just stupid,   and you should fucking   rectify that.   You just start fucking fighting for yourself.   And and and and and we need to all fight together. Like, we need to just practice personal responsibility.   The more people that are practicing personal responsibility and taking action to their own hand, the more centrist and persistent the whole system is, and the farther we go. This is hilarious. A bunch of people just decided   that that Craig Raw is Craig Wright.  

So we have a bunch of people in here going with the CSW meme. He can go fuck himself. CSW would never be on this podcast, so you can just let that let that be known,   you fucking freaks.  

[02:31:50] Unknown:

I just wanna be on the record saying,   fuck Craig Wright.  

[02:31:57] Unknown:

A a 100%. You're on the record now. I agree with you. Craig, do you wanna be on the record as well to tell tell them to to fuck CSW?  

[02:32:06] Unknown:

Absolutely. Absolutely. I   distanced myself from the other Craig.  

[02:32:15] Unknown:

Before we end, like, I just I I wanna talk, Iko, I wanna talk about Greta's fury a little bit.   You wanna shield that to us?  

[02:32:23] Unknown:

Dude. Yeah. So Bitcoin Enemies,   check him out on Twitter, or I I believe his URL is bitcoinenemies.com.   He hosted Greco's Fury, or he organized it.   And it was this idea to use the stowaway transactions   and your pay NIMs to pass,   1 sat torch.   So there there's a couple of cool things here. 1 is   it's demonstrating that you can send micropayments   without using Lightning.   You know, the one   downside to this is that you're spending way more miner's fees than you're actually transacting.   But it's just a cool concept that you could send one SAP to somebody if you'd like to. And you can also do that in a way that is breaking those common,   what is it, common input ownership   common ownership input heuristics.  

And that was kind of the whole point of Greta's Fury, is to get   people off the sidelines,   get them curious about these tools, get them to use these tools.   There was   multiple channels set up on Matrix and on Telegram for anyone who is curious about the event   to find a place where they could get some guidance if they had never done a stowaway transaction before.   So,   it was great to see a lot of new people trying this stuff out for the first time in a fun way that really polluted the transaction draft.  

[02:34:05] Unknown:

I mean, that that's fucking awesome. Right? Like, that that's what we want.   I I would just I would just advocate for people who participate to just be careful about what they're polluting it with.   Just do not dox yourself. Just make sure those are   they they ideally should be post mix   transactions. I mean,   I'd ideally ideally,   non KYC, but if they are KYC, at least   post mix KYC,   before you participate in any of those types of situations, but I I I 100% support it. I think it's kind of funny that you're calling it Greta's Fury,  

[02:34:43] Unknown:

and I I I can't take credit for that name. That that's all Bitcoin enemies.  

[02:34:48] Unknown:

I love Yeah. I don't know who the   I don't know who that guy is, but he's been fucking killing it. He's been on a fucking roll. He self hosts everything,   mister Bitcoin enemies, and,   and he's gonna be on this podcast sometime soon because anyone who self hosts is a friend of mine.   But,   he's just he's just been fucking killing it. He's been fucking killing it, and, I know he has a plural, but let's be honest, like, when names plurals, it just means there's a single dude behind it.   But,   yeah. Yeah. I it's a really cool concept.   I I mean, I think everyone should use Samura Wallet. I think it's a very a very useful spending wallet if you're spending on chain.  

I think if you're not spending on chain, then you should spend lightning. So, like, you do one or the other, but if you do spend on chain, you should use you should use Semry Wallet. And if you'd wanna do CoinJoin, you should use,   Whirlpool is my favorite.   Or you can use Joan Market, but let's be honest. Like, you probably won't. And if you don't, you you you should use Samurai.   So, I mean, we're 2 and a half hours in. I wanna have both of you back on in the future.   I'm trying to talk about let let's see. Where do I wanna hit?   I still have you? Why I still have you? What do I wanna hit?  

Mining. I wanna talk eco. I wanna talk about mining. I don't know if Craig has an opinion on this or not.   Eco is decided to take over from Diverter, who is also on civil dispatch,   high signal, low noise,   KYC free   Bitcoin accumulation   via mining.   Eco tried to do this and then realized it's loud as fuck,   and then tried to build an enclosure to make it quieter.   You wanna talk about that experience, like, to the freaks who are thinking about,   basically stacking stats via   KYC free mining?  

[02:36:50] Unknown:

Yeah, dude.   I really believe the narratives around,   mining is for big players. It's not profitable.   It's only gonna work if you can get electricity for 1 cent a kilowatt hour.   And it wasn't until November of last year that I read Diverter's   Mining for the Streets Guide.   And after reading that, it really turned a light bulb on, and   I saw potential for how that might actually work. So   I crunched some numbers, and   and I decided to give it a shot. And,   you know, I I documented everything   that my entire experience from start to finish, I documented that all in my guide. I'll be presenting that at, Bear Arms and Bitcoin in Austin, Texas in April.   And,   so, yeah, I decided to dive in and go for it, and I   got a, Whatsminer   M31s   Plus, fired it up, and this thing is a fucking powerhouse. It puts out   like 148 degrees Fahrenheit   in heat,   and it was like 85 decibels   when you're standing next to the thing.  

Now,   I've got,   I'm married. I have kids. My minor was being installed in the room directly below my kids' room.   So I had to find   some way to   contain this powerhouse that I just introduced into our living space. And,   so I   I designed   an enclosure out of   easy materials to procure. I I got everything at Home Depot,   made an enclosure for it,   put in some infrastructure for the ventilation.   And, yeah, that that miner has been running nonstop for, like, the last 30 days now. I just got it fired up about a month ago.   And   we are   generating a constant stream of non KYC SAPS. And because the price is getting so   because the price is outpacing the hash rate,   this is   looking like I may have my   initial return on investment for procuring the hardware   paid off with   in less than 90 days.  

So I think   my timing was really good because I started this when Bitcoin was trading around $18,000.   And since then, the price of hardware   has has gone up with the price of Bitcoin.   But even that being said, I think anyone who's interested   should still take a serious look at it.   Check out my home mining guide. I I put every detail I could possibly think of in there. There's a ton of resources.   There's a lot of great groups on Telegram you can look at. There's a lot of great mining calculators you can use to figure out if your unique situation's gonna pay off.   Blockware Solutions does hosted mining. If you can't bring   that kind of equipment into your living space,   you can still buy a piece of equipment   and have it hosted somewhere else   and get that steady stream   of Bitcoin.  

So   I'm very happy that I decided to go down that path.   I know a few people have read my guide and read Diverter's guide. And   they've messaged me to let me know that they've started down the path as well. So, it's great to see that happening.   And,   I think it's gonna be important for   more people to mine   at home for their own safety   and for the decentralization   of the network. So   I mean,   to be clear  

[02:40:48] Unknown:

to be clear here, like,   I mean, if if I'm, I'm gonna start talking numbers.   Right? Like, I would be happy to,   lose,   you know, 20%   under   what I would buy from a KYC exchange, right, to to have non KYC Bitcoin or 40%. I would probably I mean, I'm I'm high. I would go 50%. Fuck it.   You know, if if if if I could   if I could if I could get KYC free Bitcoin for a 50% premium,   Hub can do that shit. That's fucking valuable as fuck.  

[02:41:25] Unknown:

Well, dude, here's the thing. Like,   I've been for the last month, in these current market conditions,   I'm generating non KYC Bitcoin at nearly 60%   below market price, not for a premium, but, like, 60% below market price.   Like, I'm generating,   like, $30 worth of Bitcoin a day for $10 worth of electricity.  

[02:41:53] Unknown:

I really?   Yeah. Yeah. I don't believe you. But if you say so, I   you're on you're on you're on stage. I'm not gonna I'm not gonna counter you. But  

[02:42:04] Unknown:

When I get my electric bill, I'm gonna I'm gonna post the results for my 1st month online.   And, yeah, I I was generating   non KYC   for nearly 60% below market price.  

[02:42:18] Unknown:

Do you know what your kilowatt per hours are by you? 12.12¢.   Okay. I mean I mean, that's half of New York City.  

[02:42:27] Unknown:

Yeah. New York City. Sorry. Sorry to say that.  

[02:42:32] Unknown:

Yeah. I mean,   that's our that's the least of our problems.  

[02:42:36] Unknown:

But even at 24¢ a kilowatt hour, you can use that brains mining calculator. You may still be profitable. It'll just take you a lot longer to get your return on your The short hardware investment.  

[02:42:48] Unknown:

Profitability   is a mindset.   People are fucking ridiculous.   Like, k non KYC Bitcoin is worth it. It doesn't matter what price you pay. Like, you can pay you can pay if you pay a 100% premium,   Bitcoin will pump past that. Like, if people think, like, a $100,000   Bitcoin is the top,   fuck you. You're short Bitcoin. You're wrong. Like   like like, we can argue about that now, and I'm not gonna argue about it because   in the future we will pass it, and then I will be right. Like, I don't need to argue with you about that.   But but that that's the case. Historically, it's been the case, and I think in the future, it will be the case.  

So I I think people should just   not worry about that aspect, and they should just get hardware and just fucking make it happen. But the biggest issue is sound,   and and you've done a good you've done a bunch of good posts about   the enclosures to try and, like, keep that sound away. Right?  

[02:43:48] Unknown:

Yeah. Yeah. It's all in my in my guide on my blog.  

[02:43:53] Unknown:

I was gonna post that.   I was gonna post videos of you showing the enclosure in this directly in this episode, but I figured the people that were just listening via the podcast   would just, like, not appreciate that at all. And, like, I'm actually just gonna put basic sounds into you while while you can't see him hold. He he literally he made an enclosure, and then he put, like, a decibel counter in front of the enclosure and held it there for the video so people could see,   that he decreased the the sound. It's still annoying. Let's be honest. It's still annoying. Like, really, best case scenario is you have, like, a garage you can put it in where, like, no one ever goes into that garage that's detached   from your house. Like, like, it's annoying fucking sound.  



[02:44:39] Unknown:

It is. Yeah. It is annoying.   But it's managed, like, can be managed. Yeah.  

[02:44:46] Unknown:

And and and you're you're you're you're mining the most scarce asset that has ever existed is fucking Bitcoin.   Craig,   do you have any opinions here on mining? Do you you have any have have you been exposed to mining at all?  

[02:45:02] Unknown:

I haven't. I actually read,   Because article, and I I thought it was great. I really just enjoyed the build and and,   yeah, appreciated the work that went into it.   I guess I have a question. You know?   Do you guys think that we are in the sort of almost the golden age of mining   before the rewards drop, or do you think that the fee market is going to   fully supplant   the current   rewards?  

[02:45:30] Unknown:

I I mean I mean, I'll let Eco respond after me. I actually think the opposite. I think,   we're kind of in the world where warehouse mining makes the most sense, and I think we're gonna enter the world where   ASICs   last way longer than they do right now. And you will have a world where, like, people will just use their water heater. Their water heater will be,   a Bitcoin miner will be heating that, and they'll be getting extra Bitcoin from it. Where their electric heater will be getting extra Bitcoin from it, and they'll have all these different mechanisms   where they're like, it'll it'll redistribute,   where you'll have discounts of scale, where where this idea that if the ASIC lasts long enough,   really the the the argument is can you secure that waste energy,   and that waste energy is the heat that gets released. Can that heat be reused? And if that heat can be reused, then all of a sudden you're talking   major diseconomies of scale. You're talking   houses,   buildings, apartments,   offices.  

They're all gonna have Bitcoin miners that are also heating shit,   and and no one can compete with that, and it'll distribute out.  

[02:46:46] Unknown:

Yeah. You know, if we look at   at previous   epochs in in Bitcoin,   you know, it went from 50 to 25, and it keeps getting cut in half. But mining continues to make sense in every epoch. And I think that's not going to change going forward. I think it'll   continue to make sense.   I don't know if that's because the fees go up or if it's just because the value of Bitcoin is so much that it offsets the electrical costs,   and and it's still worth it. But   I think, somehow,   it it it'll find a way, and and   mining will continue to make sense far into the future.  

[02:47:28] Unknown:

Do you think hash rate just keeps going up, or do you think we we level off, or do we drop at some point? I'm curious.  

[02:47:36] Unknown:

Yeah. You know, like Matt was saying, if if you got   every apartment building out there   using ASICs to run the hot water,   and, yeah, I think   hash rate is going to continue   to go up, as well.   The major problem we're having right now, I think, is that   you don't have that many great   ASIC   manufacturers.   And I think that's kind of creating a bottleneck.   So you've got What's Minor or,   BTC.   What's the company's name?   MicroBT   is the company behind the What's Minor.   And then you've got Bitmain.   And there's not a whole there's not a whole lot of other big fish out there. So,   yeah, I think the hatchery will   I think the price will continue to outpace it, and the next few years are gonna be very good years for mining Bitcoin.  



[02:48:50] Unknown:

Yeah. I mean, I I mean, it doesn't matter. You mine the Bitcoin, you buy the Bitcoin. Like, we're gonna fucking   all of us are gonna be winners. It's gonna be very good.   Don't let these short price movements fucking dictate any kind of attitude   here. We're we continue to win, guys. We continue to win.   All The Citadel's are receiving this.   They think they have us. They think they have us with this bullshit price decrease,   but we sit at $48,000   Bitcoin. Like, fuck you.   Like, we we will win.   To all the freaks here on live chat, thank you for joining us.   This is why we Bitcoin.  

Bitcoin Tuesdays   are what it's about.   To Craig Raw and Econa Alchemist,   thank you for joining us. I mean, you guys are gonna come back in future. I I would love to have you guys in the future. We're gonna have so many good conversations.   Craig,   we we got to we got to take your podcast, virginity. I appreciate that.   That's at   a@craigraw,   craigraw,   and Econalchemist   is   ec0nolchemist.   Go   follow them.   Make that fucking happen. Go follow us through the dispatch. Like and subscribe, all that, all the bullshit. I don't fucking do that shit.   And let's stay humble in Stack Sats.  

Craig, do you have any last comments?  

[02:50:31] Unknown:

Yeah. I just wanna give a   shout out to,   Elle Matan, who's doing her first PR review club,   in, about 12 hours or so.   Really great to see,   young new people coming into   the   space. And,   yeah, I'm just I'm keen,   to see how that one goes.  

[02:50:55] Unknown:

Iko,   hit us.  

[02:51:01] Unknown:

If you're if you're out there and you're trying to get involved with the Bitcoin space and you're not sure what kind of project to work on, maybe you're not a developer,   maybe you're not a coder,   We need people focusing on more non KYC onramps.   And if you wanna do something that's worthwhile in Bitcoin,   I think that area needs a lot of work, and it needs a lot of support.   And,   and I think it would be very   fruitful   of anyone out there who wants to get involved in this space to start thinking about   how they can provide non KYC on ramps.  

[02:51:43] Unknown:

A 100%,   total freaks out there. I have a mount but mount Gox   stream tomorrow about the anniversary of mount Gox.   It's gonna be all about self custody. I'd appreciate your support over there for that.   Retweets, likes, all that shit is super valuable.   And just, like, participation, like, just come into the comments. Let's have a fucking fun time with it. We're gonna   like, let let's let's show the noobs why self custody is important. I'm trying to fucking do a show over there. That's the whole point   of of being an adviser at Bitcoin Magazine. The second whole point of being an adviser at Bitcoin Magazine is I'm gonna throw a fucking insane 200 k party   for all those involved   in Miami in June, June 4th through 5th.  

The only   the only,   fucking discount code that will give you a 21% discount is humble, all caps, and that's my discount code. I've fucking negotiated that for you mother fuckers. I'm not making any money off of that. That's the only reason I'm fine with the ref link.   I I disagree with all ref links, but as long as all the money goes to you guys, I'm fucking fine with it.   Catan and Ministry of Nodes,   if if you need support, you should go to ministry of nodes.com.   They will give you support.   I I I they are not sponsoring it. They're my boys. Okay? In RHR last week, I said 60 to $70. I fucking sold them short. It's a value to value model. If you guys do not pay them more than a $150,   they will they're fucking gonna stop the service. Like, you gotta make that happen. Like, show them some love. Honestly, 1,000,000 sats,   bare minimum. That's how it should be. A 1,000,000 sats, you give them less than a 1,000,000 sats, you don't love them. Make that happen. Give them some love.  

I do really feel bad about short selling them last week on that. So,   like, please make sure that happens. Like, be be good about that.   And I will see you tomorrow for the Mt. Gox stream. I will see you Thursday   for RHR. It's gonna be fucking lit as fuck. I love all of you freaks.   Stay humble, and stack sides.  

[02:53:51] Unknown:

Thank you, Matt.   Cheers, Matt.  

[02:54:30] Unknown:

Except for   you.   Don't ever let anyone step all over you.   Just open your heart   Break free from the chains.   Yeah. I know that there is pain, but just hold on for one more day and you break, break, break from the chain.   Someday, some fight is gonna  

[02:57:47] Unknown:

Love you freaks. Stay humble. Stack stats.   I'll see you   tomorrow and Thursday for our HR.