EPISODE: 55
BLOCK: 722645
PRICE: 2217 sats per dollar
TOPICS: build your own hardware wallet, signing devices, open source software, off the shelf hardware, funding options, ux challenges, tradeoffs, risks and mitigations
@seedsigner: https://twitter.com/seedsigner
streamed live every tuesday:
https://citadeldispatch.com
twitch: https://twitch.tv/citadeldispatch​
bitcointv: https://bitcointv.com/video-channels/citadeldispatch/videos
podcast: https://www.podpage.com/citadeldispatch
telegram: https://t.me/citadeldispatch​
support the show: https://citadeldispatch.com/contribute
stream sats to the show: https://www.fountain.fm/
join the chat: https://matrix.to/#/#citadel:bitcoin.kyoto
[00:00:00]
Unknown:
Problem. K? Pre COVID, inflation was 2%. Okay? So now it jumps huge, and everybody's right. From 2% up to, what, 7% plus, we're gonna start to come down. No doubt about it. And you're going to be right. It's gonna be 4a half, 5. The issue is just because it came down from 7, the real issue is where it started, and I think that's where everybody's gonna fall into this trap. Oh my god. Look at half of this inflation has disappeared, but it's still significantly higher than pre COVID. And that is the point. And and the other issue is, in my opinion, where where's the tightening been? Give me a break. We're 0 to 25. They're still buying. Soma was 30,000,000,000 for the 3 year note. Okay? I don't see any tightening. I can't imagine that you have a microscope bigger than mine. Jack. Yeah. Come on. What is your mic? What is your mic? The Rick Ezel. There's 90 basis points.
[00:01:00] Unknown:
Rick, there's 90 basis points of tightening
[00:01:02] Unknown:
in the 2 year. Gets. That's power. Market's doing it because the Fed is behind the curve. Fed. That's how it works, Rick. That's how it works. I think that's great, though. It's not the fact that the Fed has done nothing. The Fed has done nothing. Blah blah blah blah blah. Rick, I I totally agree that the Fed's done absolutely
[00:01:21] Unknown:
nothing, but the free market has come to the rescue here in tightening.
[00:01:25] Unknown:
And the inflation's tightening this as well. I mean, it's it's brought money growth nominal money growth from 27 to 13% in a economy that's gotta be slowing down, of course, is gonna experience less pressures on the demand side. Of course. That's the whole point of it.
[00:01:42] Unknown:
Right. The other thing
[00:02:20] Unknown:
Happy Thursday morning, freaks. It's your boy Odell here for dispatch 55. Yes. This is a 2nd dispatch in this week. It's the first time we're doing it. First time we're doing, 2 dispatches, in 1 week. I have our our boys, seed signer, and Tony here in the studio. So I felt it was prudent to have this conversation in person while we had the opportunity. Sale dispatch is an interactive live show about Bitcoin distributed systems privacy and open source software. Our show is a 100% audience funded without ads and sponsors, purely focused on actionable Bitcoin discussion.
Thank you so much to, you freaks for continuing to support the show and keeping it ad free. I really do appreciate it. Easiest way to support dispatch, is through podcasting 2 point o apps. My favorite 2 are Fountain Podcasts and Breeze Wallet. They work like traditional podcast apps. You simply search Zillow Dispatch, press subscribe, load it up with sats, and you can choose how many sats per minute you think dispatch is worth, and it it it streams the sats directly to my node. You can also support the show at sildispatch.com. We have a BTC pay server set up there, so you can pay you can support the show via lightning or through Onchain.
And, as always, I have a PayNim easy to remember. It's Odell. So if you use Sparrow or Samurais, you can, support the show via PayNim. As always, dispatch is broadcast via Twitch, Twitter, YouTube, and bitcoin tv.com. All archives are on bitcoin tv.com afterwards. You can use any podcast app to listen to the archives as well. You just search Sildispatch. So, yeah, thank you thank you all, for joining us. Again, I hope you enjoy this trip. I think it's gonna be a good one. So with all that said, we have Seed Signer here. How's it going, Seed Signer? Good. How are you? And we have Tony again in the studio. How's it going, Tony? It's okay. Fuck. Yeah.
So, the focus today is basically, the seed signer, obviously, a signing device, an open source signing device, and also just discussion on open source software, the power of open source software, and we're gonna kinda just see where the conversation takes us. As always, if you wanna join the live chat, we're on Matrix. You can the easiest way to join us is to go to sil dispatch.com and click that Citadel's chat link, and then you just follow the instructions. You download Element, you make an account, and you join the chat. Now that is a live discussion that allows you to participate directly in the discussion as we are going, but it's also a very lively discussion throughout the week.
So consider joining us. We have over 500 really good ride or die Bitcoiners there. Awesome. So where do you guys wanna start? We have we have a seed signer in front of us. We have the person seed signer in front of us. We have a seed QR. First time I ever saw that, which is right there. That's pretty fucking cool. And when I say right there, I'm just pointing to the guys in the studio, and I know none of you can see that. I guess I guess the first place to start is, we had NASH Bitcoiners last night, and I think we're all a little bit little bit hungover after that.
[00:05:47] Unknown:
Maybe some more than others, but yeah. Oh, wow. Okay. Just a little bit. I wish the bar sort of closed at 2 AM instead so I can be a little bit more responsible.
[00:05:56] Unknown:
Personal responsibility, Tony. Personal responsibility. What did you think? That was your 1st NASH Bitcoiners. Was how how was the experience? I loved it. I loved the,
[00:06:05] Unknown:
I I think the right word is, like, the Chatham House rules that, like, no recording devices, no photos. Like, what happens there stays there. I thought that was, like, a great, element of the meetup, but, like, the people were great, very engaged. Like, everybody I talked to, like, you could tell, like, they're interested. Like, they're paying attention. Fuck. Yeah. They're engaged, and it's, it's a great scene down here. I thought it was pretty cool that,
[00:06:34] Unknown:
you brought seed signers with you so people could buy them and get them directly in person instead of having them shipped to their house or their office or something. Yeah. Any, like, opportunity that I can jump on to,
[00:06:46] Unknown:
get them to people, like, in person, I think that's a great opportunity because you don't you're not giving your credit card company your identity. You're not gonna get emails from, like, a wallet provider. You're like it's it's it's, a great way to get those without me knowing any anything about you.
[00:07:03] Unknown:
But I bought, I bought one last night. I'm looking forward to, like, putting it together. It'll be my 1st seed signer to actually have. So, yeah. Thank you for that. Thank you for bringing them. I think it was, like, last Nashville Bitcoin meet up. There was, you know, lightning point of sale systems that a guy was selling. Very cool. Very hardware. You know, I'm not sure if you've seen one of those before, but those are awesome as well. And I think it's, like, just the best way to be able to, like, buy in person, you know, directly from the source. Like, they are the manufacturer, you know, you are the, you know, manufacturer seats. I don't have to worry about, like, you know, man in the middles or anything like that too even. So I think it's, like, the best way to kind of, you know, get hardware. And honestly, like, with everything being open source, I'm kind of hoping that,
[00:07:44] Unknown:
you know, a kind of mini cottage industry springs up to where, like, people who are trusted parties in other parts of, like, the US or other parts of the world who have a reputation in in their local Bitcoin community, Like, maybe they order some parts and, like, it's a a way for them to stack sets a little bit on the side.
[00:08:01] Unknown:
It could be a cool way to, like, fund a meetup. Right? Like, get a little bit extra sats for a meetup and then also support your local community. Yeah. The person that was selling the, lightning point of sale system, they weren't even,
[00:08:14] Unknown:
the the I guess, yeah, they weren't even the the They weren't Ben Arck. Yeah. The one Ben Arck. So they were and they they they were honest. They're like, yeah. I'm I'm just charging, like, $10 more. Like, is that fine? I was like, yeah. Absolutely. Like, you know, thank you. I don't have to go through a shipping service or anything, so I was happy to pay it. The lightning point of sale was actually kinda funny because we had maulers in the house for that one.
[00:08:33] Unknown:
And, I picked him up from the airport, and, I picked him up from the airport, went to the went to the meetup, and I got really excited. And I showed him the lightning point of sale. I was like, look how cool this is. It's offline lightning point of sale, but it uses lnurl, and Stripe doesn't support lnurls. So it was, like, it was very much a bittersweet thing. He's like, really, Matt? You're gonna drag me into the lnurl controversy?
[00:08:56] Unknown:
I did the same thing to Rockstar last night too talking about the point of sale system.
[00:09:01] Unknown:
That's how we make change. So where should we start? We had we've had Seed signer on the show previously. We went we went deep on Seed signer. I don't remember how long Seed signer. Do you remember how long ago that was?
[00:09:18] Unknown:
I would say it was last summer if I had to guess. Like, maybe 6, 7 months. So a lot has changed since then. What has changed? How's the project going? It like, we things are going very well, and that's, primarily due to just additional people with such great skills, like, coming on board to help in various different ways. I don't know if, Keith Mukai was involved. I know that Nick. He was because Keith was on the show with you. Oh, duh. It was me, you, and Keith. That would mean that he was involved. Yeah. Me, you, and Keith. So Keith has really brought, like, a ton of creativity and productivity to the project in terms of implementing new features and coming up with creative ways to solve pain points that are kind of, like, built into the system.
So our user experience has improved a ton, but, like, since then, also, there is a Bitcoiner in Europe. I don't wanna docs, like, specifically where he is, but he is, involved in manufacturing, like, a permanent long term backup solution for us where you take your QR code that that, is, like, just an alternative version of your seed phrase that makes it quick and easy to import into Seed Signers. So you take that QR code, and you can actually stamp it into metal, with this device using just a simple center punch instead of, like, some of the solutions you see where you have to stamp individual letters into, like, washers or Right. Some other kind of metal. So you just have one center punch, and you basically create handmade, like, a QR code. So the center punch is, like, these little cylinder thing. Right. You can buy like any hardware store or online or whatever. Yeah. There's a couple versions. There's either like one that you use kinda like caveman with a hammer, like a, you know, a hammer and a punch thing, but they're also automated ones that are a little bit easier to handle that work almost as good as, like, the hammer and, hammer and chisel type solution. But yeah. So you create this metal backup like cavemen now. We just went back to the hammer and chisel.
But you can create this backup that is, you know, fire resistant, crush resistant, water resistant that, I'm excited for that as a great storage, medium for people to especially set up a multisig and be able to, like, be confident in their setup and preserve their keys long term that way. But, yeah, just other people, jumping in. There was another it was just this week. There was a guy over, I believe he's in somewhere in the UK, who, produced, like, a new version of the seed center enclosure that looks a lot like a classic 8 bit NES controller. And it's just so Yeah. It's, like, great design on his part. And, like, I haven't gotten a test one in hand, but he's been able to implement, like, a d pad instead of And it's all 3 d printed. Right? It is. Now it uses a couple different types of, 3 d printing. There's, like, the traditional type where you use the filament that people are more familiar with, but there's another type 3 d printer that's called SLA, and it's where you have a vat of, like, liquid resin, and you have a photostatic screen that, hopefully, I'm using the right terminology.
The screen illuminates and basically, like, photo activates the, resin so that it hardens, like, one crazy tiny layer at a time. And the thing about those is you can produce items with, like, so much more precision and detail than you can with, like, a traditional 3 d printer. So to get that d pad, working with our, LCD hat, like, you need a really precise piece of equipment. So, I'm excited to see that he's launched sales of those, and, they've, like, gotten good feedback so far, and I'm excited to just see more of them in the wild. The the more we can make the device, like, appealing to people just visually in terms of better usability in terms of interacting with the controls, the more it looks like something, some other type of consumer electronic device that they use. Right. Like, that that bear
[00:13:23] Unknown:
the the bear joystick or whatever without the case on top is a little bit, a little bit finicky or maybe intimidating.
[00:13:31] Unknown:
It it it just looks more technical to people, and we're we're any way that I can communicate to people that SeedSiner, is not just a project for, like, Bitcoin hackers or Bitcoin, like, makers. It's a project that is, like, attainable for people with, you know, very modest technical skills. It's not something that, people need to conceive of as this, like, super highly technical project.
[00:13:57] Unknown:
So I'm looking back. So it was so dispatch, 33 was when you guys were on, which is block 694,094 blocks. Mhmm. And then this one is block 722-645. So what is that? I hate math. I'm a Bitcoiner. I'm a Bitcoiner who hates math. I'm not gonna do that, Mike. It's been it's been, like, 30,000 blocks, since we since we last had you on. I I think, before we go any deeper, just in But let's just do a quick overview on what the seed signer is.
[00:14:53] Unknown:
Right. And, like, I get a little finicky about the hardware wallet versus signer thing, but the only, like, distinction there is, I can see of a hardware wallet as something that has some sort of secure element technology in it that is meant as a technological safeguard to store your keys. So a hardware wallet is something that is intended to be storage for your keys, whereas a signer, it's just taking your keys and generating signatures with them. And a signer, I guess, kind of definitionally for me means that it's not meant to hold your private keys. Like, once the device is turned off, it's not meant to store your keys. Like, with seed signer so if I can just kinda go over the basic value proposition, seed signer does 3 things.
It helps you trustlessly generate private keys using real world entropy. And then the kinda second functionality is once you And when you say entropy, it's it's randomness, which is the key element to generating secure private keys. Yeah. And I I'm you know, there's there's some debate, like, in the Bitcoin space and the larger computer science community about, like, can you really generate truly random data with code that was written by human beings and, like, technology that was made by human I'm I'm not gonna dive into that debate, but I just feel like a real great source of entropy that is accessible to everybody is just the world around us, whether that be picking, bit 3 9 words out of a hat or rolling dice 99 times, or we even have a a feature where you can take a digital photograph and capture the entropy from that to,
[00:16:26] Unknown:
as well as some other sources to be able to because the seed signer has a built in camera. Yes. And then the key I mean, you you dropped the lead there. The key here is that the seed signer, can accomplish a lot what hardware wallets can accomplish, the hardware wallets you can buy at, like, a website or something, but it's all off the shelf parts. Last time you were on, the parts came out to about $50. Now I think they're a little bit more expensive.
[00:16:53] Unknown:
Yeah. The tricky part is the Raspberry Pis. There's with all the I guess it's with all the supply chain BS. Like, the RPi Foundation has had to pause some of their production. So the specific, Raspberry Pi 0, which is a version 1 dot 3 that we use, And the special thing about that version is there's no, Bluetooth, no Wi Fi built into it, so you can think of it as, like, this inherently little air gap computer. Those have been a little bit harder to find. I think they're running for about $30 on eBay. That's the most expensive part. Right? Right. Yeah. And then you have, the screen. There's a screen on it, and there's a camera. Yeah. The screen's, like, 10 to $15 depending on where you buy it. And the camera is, like, you can get those for $5 or a little bit more on Amazon depending on where you buy it.
[00:17:39] Unknown:
Cool. Okay. So the seed signer is a stateless device, which means, when you unplug it from power, it loses all of its memory. So you have to enter your private keys every time you use it. Since last time, you have now this QR code method. And, you kind of talked about it earlier already, but, like, this idea that you basically, record your seed not as seed words, but you record it in a QR code format, and you have these metal these metal plates where you can punch in the QR code. I guess you you look at the screen. The screen shows you how to punch it, then you punch it in. And then every time you boot up the seed signer, you just use the camera to scan the QR code to load up your load up your seed. Right? Yeah. That's correct. We also have,
[00:18:28] Unknown:
in the GitHub repo, you don't have to stamp it on metal. Like, if you're just looking to test with the device or if for whatever reason you're not worried about fire, we have some templates in the repo where you can just use a a home printer, print up a QR code template that you then like, with a Sharpie marker, you can, color in the dots. Keith also also came up with a a super clever kind of interface for, transcribing the QR codes where, you know, it'd be kind of overwhelming to transcribe a 29 by 29 QR code dot by dot. But he breaks it down into 5 by 5 kind of like quadrants. And you just step through the grid 5 by 5, 5 by 5 by 5 by 5.
And it's it sounds a little, cumbersome maybe, but usually in about 10 minutes. You don't have to be super meticulous about filling in the squares. QR codes are pretty forgiving that way, with the built in error correction. But, yeah, you either you can still type in your your seed phrase using, you know, the joystick and buttons on seed center. You know, if you wanna bring a seed in that you created using a different device or that you're using on a different device. But, the QR code was just a great hack that we came up with in terms of being able to instantaneously, get your seat active in the device because, like you said, it's stateless. So every time you power it on It was a fucking pain in the ass. You had to Yeah. Fucking enter the seed. Yeah. That was that was a good point.
[00:19:53] Unknown:
I wanted to ask if there was any passphrase option that that you added to it as well. So, like, say, for instance, I have this QR code on a piece of paper, I scan it, is there any, like, additional security, components as well where I can, like, maybe enter, like, a 25th word Yeah. Or or things like that? Just so someone does just fly by and, like, capture my QR code and run off. Right. That was important. Something that was important to us, early on, even before, I believe, we we implemented the CQR was to be able to support BIP 39.
[00:20:21] Unknown:
Some people call it word 25. Some people call it passphrases. But, yeah, the the important thing for people to understand with that is that the entropy from, like, the data from the passphrase you choose, and obviously, people wanna choose, like, a strong passphrase. But the the data within that passphrase is incorporated into the entropy that makes up your key. So it's not just like, an access mechanism to your key. It's actually part of your key. So you have to make sure you you somehow, either in your memory or otherwise, preserve that. But yeah. So that's a great kind of mitigating factor, depending on where people plan on storing and accessing their QR codes. It's a safeguard that some people choose, some people don't.
But it was important to us to have that there because, like you said, like, depending on your OPSEC situation, you should obviously be aware of who's around you or if there's any sort of cameras, you know, in the area. Ideally, there aren't any of those things, but, you know, Bitcoiners are careful. So that that, passphrase is another kind of additional safeguard. Yeah. That's awesome.
[00:21:27] Unknown:
Well, you know, one time, I set up a friend, with a cold card, and we went through the whole process, and she stamped it on steel. He, like, got a seed ready to go. And then, his his wife took a picture, and he had his like, he had written out the words on a piece of paper before he stamped it in his deal. And you could you could see it in the background of the picture, and you had to do everything over again. Oh my gosh.
[00:21:58] Unknown:
Like, I was so even before seed starting, I went through the process with actually a, Spectre DIY of going through and putting my seeds in the metal. And it's, you know, it's long, laborious process where you have, like, you know, 26 stamp letters, and you're constantly pulling out different stamp letters and hammering on them. My son's helping me just kind of, like, pull the letters out for me while I'm stamping them in. And he started to say one of the words out loud. And I was like, no, no, no. We don't even say these words out loud. There's probably, like, Siri or Alexa, You know? Like, a 1000000 different live mics everywhere. Right. Right. Right.
[00:22:33] Unknown:
Go into the bathroom and do your seed. Get in the bathtub.
[00:22:39] Unknown:
So what do you wanna talk about? Yeah. Well, since you brought up the Specter DIY, I wanted to ask you, like, in the whole DIY space, whether if it's, hardware wallets or or signing devices, you know, where where does what does that current environment look like? I think there's also like the jade wallet. Is that is that DIY as well? And then, like, how you know, maybe if you wanted to do, you know, a comparison or something just like a quick little snippet. I'm not sure of all the various DIY,
[00:23:07] Unknown:
you know, devices that that are out there. I'm, I'm familiar with Jade, but I'm not I don't honestly don't know if there's a DIY option for Jade. I'd love if there was, like, I'd love to see more projects like this. There's, I think, I don't know if Jade is partly on the MD 5 stick platform, which is another kind of one of these single board computer kind of prebuilt, premade platforms. Somebody has actually done a version of seed center kind of on that called Crocs, I believe it is. But the Crux, SpecterDIY and Seed Center are they're the only ones that I'm familiar with.
I I hope that we see more development in this space because, I kind of see the specter DIY and Seed Center as emblematic of a new generation of hardware wallets that are intended to bring some power back to users in terms of there there's a lot of trust that goes into the existing existing hardware wallet kinda landscape where it's this proprietary device that this, manufacturer has made. And and from what I understand, they're all good actors. It's just we, as Bitcoiners, have to trust their implementation of a secure element, and they're, you know, most mostly, they're open source, but we still have to trust they're kinda like hardware implementation, as well as some of the personally identifying information you have to give up to order one of those through the mail.
So DIY may not be an option for everybody, but I it's super important to me that it is an option out there because it it allows Bitcoin users to reclaim some of their privacy and necessarily
[00:24:49] Unknown:
like not have to put trust in third parties quite so much. Yeah. Privacy in terms of just, like, shipping it to your house. And so you could you can pretty much walk into, like, a hardware store, you know, like something like Fry's and and, and Micro Center and, like, pretty much pick up these devices as long as they're in stock. So, like, I I love the privacy aspects of it as well. I think it's super important that we have this option so we don't just say, yeah, let's everyone just use Treasure and everyone just use Ledger and then, you know, things like that. On the one hot topic that's kinda come out I guess maybe this year and last year, where do you kinda see the whole NFC environment?
Is that something that you would look at as incorporated into Seed signer? I think there's been some arguments that NFC is cheaper to implement than a camera, but like what I have wondered about that is like you you have implemented a camera and and a very affordable one. So, you know, where do you kinda sit on the whole NOC, versus, like, camera thing or a combination of both? Yeah.
[00:25:49] Unknown:
It's not something that's on our road map. It's not something I can rule out in the future. Everybody has to kinda make their their own choices in terms of, their preferences on hardware profiles. For me, and this is maybe a little bit of a tinfoil hat thing, but what I don't like about NFC is that it is communication that I can't see. And, you know, that it's it's excellent that it is, like, geographically sort of, like, restricted so that only within a certain number of meters or I don't know what the spec is. But you have to be, positionally close to 2 devices. You basically have to touch it almost. Right? Right. They have to be, like, super close. Yeah.
I just, I I just don't trust information that I can't see. And you don't, like even when you're sitting there with your hardware wallet that's near your phone or your laptop, like, again, tinfoil hat stuff, but I I don't feel absolutely assured that those devices aren't somehow communicating without my awareness. With SeedSigner, the what I really like about the Airgap QRs is that, one, they're auditable. It's not a super easy process. But if you really wanted to know what information is going back and forth between your, your wallet coordinator and your sign of device, like, you could audit that and confirm that there's no nefarious sort of data or funny business or whatever. But another aspect of it that I like is, like, it's very apparent when the 2 devices are communicating.
Like, the only way that SeedSigner can communicate with the outside world is via the camera that's built into it and then the screen. So if you're not, you know, using the camera to capture QR codes and you're not holding the screen up to your your laptop to relay information back to it, like, it's not communicating with anything else. And if you suspect that, like, there's something weird going on while you're relaying QR codes, you can abort that communication, like, immediately just by removing the QRs from the field of view. I'll say it one more time. Like, is that tinfoil hat territory?
Maybe. But it's it's all about meeting people where they are. And me with a background kind of, like, in digital forensics and information security, like, you know, certain technologies that were once beliefs to be secure were subsequently, you know, over time, security is a cat and mouse game. There are vulnerabilities that are discovered and then solved for and then other vulnerabilities are discovered. I I just like the assurance of that. You know, I know when the 2 devices are talking to each other.
[00:28:28] Unknown:
Yeah. Exactly. And and as I think just even being able to have, like, different trade offs and and vectors for each. Right? Like, you know, I think this is where, like, multi sig is really important and and, you know, we can we can say, like, I have, you know, one of each of these devices and if there's a flaw with one of them or the other or, like, you know, I keep 1 in, like, super secure storage, like, I don't even let anyone, like, get access to the actual hardware wallet versus, you know, versus my seed signer, which I can carry around in person, even without the QR code attached. Like, I can walk around without my backpack and just be fine because there's no loss of funds as a possibility. And then, you know, when I get home or or maybe I have my QR code in, like, 2 geographic spots, you know, when I get to the next location, then I can bust out my seed signer and and be ready to go. So, where do you kinda see, like, or maybe that's part of it. Where do you kinda see, like, Seed signer in the realm of, like, other hardware wallets and signing devices? Do you see, do you see it, like, maybe for yourself or for other users like them doing multisig a lot and and with with this as one of the keys in the quorum? Right. You bring up a good point that, like, not all security,
[00:29:35] Unknown:
or not all I'm sorry. Rather, not all storage use cases are created equal. So Bitcoiners may have, you know, some funds that they're they carry around that are, like, akin to, like, a wallet that they have in their pocket, or, you know, maybe, some funds that maybe it's, like, a little bit more money, and you want additional safeguards kinda like a checkbook. And then you have, like, your long term savings, like your Huddl stash. And they're like, it totally makes sense to have different security profiles for each of those kinda different use cases.
And I think, like, NFC can totally make sense for, like, everyday wallet use and even, like, a checkbook. But, like, for my long term stash, like, that's where I really start thinking about, like, vulnerabilities and and and ways that I can mitigate different vulnerabilities. But to get back to your question, SeedSigner, when I conceived of it and first, like, you know, started creating the proof of concept, it was created with multisignature in mind. And it was created with, like, long term Bitcoin storage in mind. So that was kinda, like, built into it. Now some of our users that have, like, you know, discovered the device and become more familiar with it, more comfortable with it, like, are comfortable using it for more, like, day to day spending or or more frequent spending.
But, you know, we're designed kind of with the initial presumption that this is something to help people soar Bitcoin with, over the long term. And we really try to put a lot of thought and care into the user interface to make the multisig, experience as user friendly and approachable as possible. You know, I've I've kind of watched Multisig evolve over the last few years. And when, you know, when there first started to be rumblings of it, it was super technical and theoretical. And then once, like, you know, standards started to emerge and it became a little more feasible, that was the point at which, like, people had to start building tools that were accessible to not just highly technical users, but accessible to more like what I call everyday Bitcoiners.
And, you know, Seed Center rose out of my own interest to transfer my long term Bitcoin storage from, what was previously like a Shamir's secret sharing type setup, which is kinda like a proxy of multisig. And I wanted to get to real multisig on the protocol. And when I started kinda, like, looking back into it, I'd set multisig away for a while because the tools are being built. And when I revisited it, like, Spectre desktop, you know, had been out for a little while and was, was improving and and becoming much more user approachable.
And so, I think over time, like, the multisig tools are gonna become more intuitive, more user friendly because I I hate this notion that multisig is only for highly technical Bitcoiners. Like, if it's something that only highly technical Bitcoiners can use, like, we at Seats are doing it wrong and the people making the coordinators are doing it wrong. Like, we we we can make the tools such that they're accessible to people. And that's that's I've already strayed so far probably from your question. I Oh, no. I love it. This is awesome. But, yeah, that's that's like, we are built with multisig in mind, and we're that's something I'm personally really excited about. We have a solid link in the comments saying that a friend of his worked in a marketing startup that successfully identified and located all visitors' NFC enabled bank cards in the shop with advanced antennas,
[00:33:15] Unknown:
and he says that you can communicate with NFC through a wall if you have, a higher powered antenna. So seems to validate some of what you said. Just to, like, bring this back, I mean, so when we're talking about using a seed signer with multisig or single sig, the the actual flow is is rather simple. Right? So, you can use, like, a BlueWallet on your phone, You can use Spectre desktop, as you said, on your computer or Sparrow on your computer, and what happens there is it is showing QR codes on the screen to construct your transaction.
You're scanning that with the camera on the seed signer, Then the seed signer's signing that transaction, showing a new QR code on the seed signer screen, which then you you scan with either your computer's camera or, your phone's camera, and then you broadcast the transaction. So it's a relatively simple flow, even if it sounds more complicated
[00:34:14] Unknown:
on air. It's definitely, like, more rote, like, a more labor intensive kind of flow. But feedback I've gotten from people is that, like, going through those steps 1 by 1 of, you know, moving the PSBT or what I would call is, like, a rough draft of a transaction that includes most of the information, just not the signatures needed to spend the money. Like, the process of moving that from the coordinator on your laptop or on your phone into the seed signer and then adding the, keys to the device and then adding the signatures to the PSVT and then going through the process of passing that back to the coordinator that's gonna interact with the protocol.
I have gotten feedback from people, which I love to hear that it helped them understand the basic mechanics of the process of multisig and a partially signed transaction. So it it breaks it down into steps that I think, for whatever reason, just resonate more with people.
[00:35:10] Unknown:
That's awesome. Do do you ever are there ever any, like, I know when you start getting, like, really advanced multi sig, for instance, you know, some of the data can be kind of large. Is there ever a, qual like a picture quality issue that that you see at all with either the signing device camera quality or the screen quality on your on your seed signer? So with,
[00:35:32] Unknown:
seed signer, the camera that we have, in it, like, even for an inexpensive camera, it's, it's a very capable camera. Like, I I've been impressed at the size of some of the QR codes that we've been able to import, like, in a single frame with the density that they have. With the screen that we have, you know, with the current first kind of iteration of Seed signer, it's pretty limited. So it's 240 pixels by 240 pixels. And with larger transactions where you're consolidating UTXOs or if, you know, you have a larger multisig, you're gonna be holding the seed signer screen in front of your webcam, like, for a little bit longer period of time.
I personally have so for our development fund for the seed center project, we have a 4 of 6 multisig that, you know, I myself have a couple of the keys and then 4 other contributors have keys. And when we have done distributions from that, like, I sign everything with the seed signer. And so, it's been such that, you know, it's like I said, I'm I'm holding the screen up for a little bit longer. But once you get it dialed in, it it's it's a reliable process. It works back and forth. We've tried to improve the user experience as much as we can in terms of, being able to adjust the brightness of the QR codes as they're displayed on the screen.
Sometimes at full brightness, it creates a glare that your webcam doesn't like. So you can reduce that. But there are some other what I'm gonna get at here is, like, it's software, and the user experience is gonna improve over time, as well as I'm super bullish on us getting into, supporting multiple different displays, especially a touch screen, because the larger the screen gets, the fewer QRs you have to pass back and forth because you can pack more information into them. What I've noticed is, from my experience,
[00:37:24] Unknown:
is the integrated webcam on my laptop, has trouble. It's, like, not, it's not as high quality. Right. So, like, obvious and, also, it's just a little bit awkward trying to use a integrated webcam on a laptop to actually scan the QR code. Ways around that is, like, having a USB webcam, like a cheap USB webcam that you can actually, like, hold in your hand and is separate from the screen is higher quality. Also, just in general, like, the like, a new gen phone with BlueWallet tends to be a much more user friendly experience in terms of of
[00:38:05] Unknown:
scan and Yeah. Broadcast. And we've, there's a couple, in addition to the brightness, which helps with a lot of those webcam issues, we've also implemented some QR density settings. So if you wanna reduce the, reduce the resolution of the QR so that they each frame takes a little bit less data, but it's a little easier to scan. That's an option that helps a lot of people. And, also, on webcams, you're right that the integrated webcams on some laptops, just for whatever reason, whether it's the drivers and the software implementation or if it's just the hardware itself isn't able to capture a good enough resolution. But, I've found, especially on Linux, there are some kind of, like, secondary driver packs where you can tweak, the ambient light settings and tweak the, the focus settings. And I've been able to get it working on some some fairly like, I have a $250, like,
[00:39:02] Unknown:
Netbook that I was able to to get scanning working, but it it can take tweaking. Yeah. Have you looked at any of the projects that kinda do, like gift based QR codes? So like the QR code just cycles through, multiple like it scatters the data across Animated QR's. Animated QRs. Yeah. I think Chris Round has, like, like, a project utilizing it and trying to do that in the Bitcoin space. It seems promising because there's also, like, like, data error handling and and check sums too. So so you make sure you're not, like, getting some bad packets of data that gets scanned. Have you looked at any of that at all? No. That's
[00:39:34] Unknown:
absolutely implemented. So, for, like, transactions, usually, when you're passing a PSBT, there's at least 3 or 4 QR code frames. So we we do implement animated QR codes and, the standards that Christopher Allen's working on. For some of the coordinators that we support, we use those standards, and I I look forward to those being kinda, like, once we figure out what the best practices are in terms of, you know, error handling and how to how to handle those animated QRs. I look forward to just, like, not saying that we support these 3 coordinators, but we support any coordinator that, you know, is consistent with whatever standards emerge.
[00:40:15] Unknown:
And just to, like, add back in there in this in the scanning discussion, there is there is something about on the it's not even just well, first of all, I am using Linux, so that probably has something to do with it. Like, I imagine if you have, like, a, like, a new gen MacBook or something, it'll have a better camera, a better software, whatever in terms of scanning. But there's something about, like, actually because when you're using a phone to scan it, you're actually using the back camera, which is a better camera. Right. And you actually can, like, point and aim. Like, you see you see what what the screen sees rather than, like, blocking your screen trying to use the inter it's just something about the integrated web cam is just, like, it's it's just physically more cumbersome in terms of trying to use it. I, like, I I see and and let's be honest. Right? Like, the majority of people that are coming in, to Bitcoin over the next 5 years, 10 years will probably just be using a mobile phone as their primary device anyway.
[00:41:15] Unknown:
So I don't really think it's if if anything, like, that should be the UX that is targeted. Right? Yeah. And especially, like, in developing parts of the world where people maybe their first, you know, experience with Bitcoin is with, like, a hosted lightning wallet. And then as they accumulate a little bit more Bitcoin and they start thinking about, seizure resistance and security issues, they're gonna, they're gonna want to, you know, set up something with, like, a a more secure kinda signed device or hardware wallet, and then they're gonna start to think about multisig. And what I'm super bullish on, like, hats off to BlueWallet for, like, being right now, they're kind of the only game in town in terms of a a mobile based coordinator. But I'm also looking forward to other wallets that will implement more flexible, multi sig kind of implementations on mobile so that people in parts of the world where, laptop computers and desktop computers are kind of more the exception than the rule, like people who are operating in a mobile first environment, like, they'll have access to more tools while at the same time being able to keep their private keys off of their phone. Like, that's that's just a a security no no for secure for security larger amounts of Bitcoin, as I'm sure you guys know. And,
[00:42:30] Unknown:
yeah. Unless you have $4,000,000,000,
[00:42:32] Unknown:
then you can just keep it on your cloud storage. Yeah. Then you bypass the phone and you go straight to the cloud. Yeah.
[00:42:39] Unknown:
On that note, you know, what would you say, like, the suggest the suggestion should be for just, like, a user to just get started with with Seed signer? Like, what should be the the the very basic beginner flow for it, is it using Seed signer, using a piece of paper and then using BlueWallet or like kind of how like if you were to say like how to get started in like the easiest way possible just to, like, you know, throw maybe a $100, you know, just to spending money on it. Right. No. I'm, like,
[00:43:07] Unknown:
as much as I love Bluewatt, I I hope they can get to a test net implementation because I am, like, super big on test net. Like, even before you put $10 that you're gonna move around or whatever, like, people need to practice with their storage system and be comfortable with it. And, like, test net is perfect for that, and it's something that even, you know, your average Bitcoiner can get up and running with, Sparrow, like, in less than 10 minutes with a with a Testnet set up. In in terms of, you know, getting that kind of independent custody, savings set up in place, I'm super excited about an independent custody guide that I'm working on, and I kind of have the first rough draft finished. And I'm I'm selectively letting a few other Bitcoiners I know look at it to give me feedback.
But I I anticipate that's gonna be done within, like, the next few weeks, and I'm bullish to get that out because I realized that, like, I've done some walk through videos on how to set up, like, a simple 203 and stuff. But in terms of a proper guide that people can follow kind of step by step, as well as a guide that explains some of the, security choices and some of the implementation choices that we've made with Seed signer, something that spells those out so people can understand those. I'm excited to get that out just so people can have like an exhaustive go by it. Kind of, I realized that we didn't have anything like that. And it was an obvious gap in our our ecosystem. So I'm I'm excited to get that out there. But, currently, if somebody's excited to jump into it, on Citadel Dispatch I I'm sorry, on bitcointv.com, I believe I have a simple, 2 or 3 setup demonstration that people can kinda use as a go buy, and we're gonna have more stuff coming out on the way. That's awesome. That's awesome. Yeah. What what are you excited about,
[00:44:55] Unknown:
besides that coming down the pipeline, if if you wanna if you wanna share any of that? Yeah. Bunch of stuff. Like, very near term stuff for those metal QRs that we talked about.
[00:45:04] Unknown:
I'd anticipate those being available, like, within the next month or 2. But beyond that, our 2 developers, especially Keith Hokai, is deep into what I would call, like, the 3rd full, the second full rewrite of our software. So kinda like the 3rd iteration of seed signer's basic code structure. First being the proof of concept that was kinda hammered out by me, and then big props to Nick, who's our other kinda lead developer who came in and took my sloppy, ignorant spaghetti code and turned it into something that was much more performant and much more structured.
And now Keith, who's kind of like a Python native, first language kinda guy, is doing a complete rewrite that's gonna, increase the quality of the underlying structure of the code, make it more performant, more to where other developers familiar with the standards can step in and use kinda, like, modular portions of it to implement new features or change things. But what is also coming with that kind of, like, new rewrite of the code is an entirely new user interface that we have, I wanna give a shout out to. He's a NIM on Twitter. B c one easy is his, his NIM, and he is, as I understand, like, a user interface designer. That's his daytime gig. And he has, like, been super generous with his time and expertise to help us overhaul our user interface to make it much more graphically driven, to make the the user flows more intuitive, And to make Seed signer, like, when this code comes out in our next, like, major version release, like, it's gonna transform the device in its current form as something that almost looks, like, DOS like when you look at it because you're selecting, like, these, you know, text based options on a screen. It's gonna make it look much more like a device you would buy as opposed to something that you would build yourself. So I think I'm excited to get people's reactions to that and for just people seeing that to make them more excited to take the plunge and, like, maybe consider building one themselves.
So new that's gonna be in our 0 dot 5 dot 0 release. I'm super excited about that. And, also, coming down the line, like, 2 other things that come to mind are, multi language support. So Keith was the one who led the multi language support charge with Spectre desktop, And he's he's Alright. Has experience in that. So I'm eager to get like, we have a lot of people have reached out that are not English first speakers in different parts of the world who know enough English, and our menu is simple enough that they can kinda navigate through it. But I think also getting versions of SeedSigner out to where once you, you know, power it on, you select your native language, and it becomes a much more intuitive, approachable device for maybe less technical Bitcoiners.
So I'm super excited about multi language support. And then there's also a, another contributor in our Telegram group and that I've interacted with who has we've already gotten it into proof of concept. If you follow me on Twitter, you've probably seen it. But we are going to be moving away from building on top of, like, a stack a a stock version of the Raspberry Pi operating system to a custom, build route Linux implementation where it it's gonna be a much smaller footprint, and it only contains kinda, like, the necessary building blocks that we need.
And a couple, like, great things come out of that. I'm gonna screw up his name. But on Twitter, he's called Desobediente Technologico. Like, he's
[00:48:52] Unknown:
You wanna spell that for us?
[00:48:56] Unknown:
But he he's super, super sharp guy. And kind of the possibilities that open that that the custom OS opens up for us is, first and foremost, it makes it such that there's a static OS image that when you power on the device, the static OS image gets loaded into memory in the Raspberry Pi. And once it's fully loaded in the memory, you can pull the micro SD card out. So what that does just kinda right off the top is it creates an additional security assurance for users that if for whatever reason you still had suspicions that your private key might somehow be making it onto the memory card, Being able to remove the memory card now, like, gives people that additional level of insurance that there's no way that my private key can somehow be making it onto the memory card if it's physically removed from it. And a couple other possibilities that that opens up are, number 1 is it makes it it's going to make it much easier to verify your software installation.
So if you've set your seed signer, up with your, like, long term storage and maybe you haven't used your SeedSigner in 6 months. And in the back of your mind, you're like, what if someone got access to my micro SD card and put, you know, some sort of unwanted code changes on there or something? It's gonna make it much easier to where you can just pop your memory card, into, like, your laptop or whatever and hash a range of sectors on the memory card that are that static image that's loaded into memory. And you'll be able to get, like, an additional level of assurance that you're running, you know, the verified version of the software that doesn't have anything malicious, inserted into it.
And whereas, like, you're you can currently do that with seed signer, but it right now, it's it's a process of, like, writing a new 3.5 gigabyte image to the memory card to know that you're getting, like, a clean version of the software where whereas with, like, this update, once it's implemented like, with the current version of ours, you can't hash it because it's a live operating system. So it's gonna change. Like, there are changes that are happening on the device after you boot it. So you can't go back and rehash it and try to verify that against our our verified release image. But with the new OS, you'll be able to do that. Also, it opens the door to, being able to move PSBTs with a micro SD card.
Now we're gonna have to be very careful about implementing that, and I think best practices is still always gonna be air gap QRs. But there are some people that you seed signer that have asked about being able to move PSB Ts via, micro SD. And for, you know, larger, more complicated transactions or where you're consolidating a bunch of UTXOs or you have a larger multisig, like, I get that it's more convenient. It just has to be something that, that is done the right way on our end, and that people just understand that there's an additional level of of risk that comes with, you know, removing the memory card,
[00:51:56] Unknown:
and putting in another one that has data on it. Like it's again drifting into tinfoil hat territory. But like we just have to keep all these things in mind. So that's high level view. Those are kind of the near term ish things that I'm excited about. That's awesome. That's all really exciting. Yeah. I was gonna ask about the micro SD card, like being able to just pop on transaction, but what would be the risk though in just, like, popping on, you know, an SD card with just, you know, a few PSBTs that you're trying to sign? Like, what would be the, like, in your tinfoil hat mind, like, what would be the I'm I'm really curious. Like, what what would be the, you know, surface
[00:52:31] Unknown:
layer there? Right. When when so when you and there are ways to mitigate this with Linux in terms of manually mounting and unmounting, storage media. But, like, let's just say with, like, a Windows system because, obviously, it's less secure. When you insert a memory card into your Windows desktop, like, it automatically runs some code that recognizes that as a removal of storage volume and automatically mounts it. And there's, like, there's some just inherent security risks associated with that process. So, depending on how you're moving that PSPT around, like, it just becomes riskier. There's there's, room for some sort of malicious code to be able to execute
[00:53:14] Unknown:
when you're moving that device between because it's like a 4, 8 gigabyte micro SD card. You can fit a lot of malicious code on there, meanwhile, like a QR code, and you can't really just stick a whole
[00:53:25] Unknown:
program script on on the QR code Right. And that execute. And the so I think you can now, can't you? Maybe. Oh, you could. You probably could, but So there's, like, there's one thing I wanna point out is that, like, it's important. So for your private key to leak or for malicious code to be introduced by a seed signer, practically speaking,
[00:53:44] Unknown:
seed signer as well as the coordinator you're using would have to be colluding. But and, like, to if you wanna go full tinfoil hat, like, if you want to be, you know, and everything has trade offs. Right? And if you wanna be on the more secure side, like, your coordinator, so whether that's your phone or whether that's, a computer running Sparrow or Spectre Mhmm. It should be it should be a dedicated device. Right? Like, if you if you're using a a if you're using your everyday computer, we'll go back, like, your everyday Windows computer. Right? And, you know, a lot of people are, like, playing games on it or looking at porn or something like that. Like, there's a bunch of different, threat vectors that open up there because you're using your everyday computer. Right? So, like, best practice was, you should you can mitigate a lot of these risks if you're using a dedicated machine as your coordinator. And for larger amounts, if that's negligible cost to to just have a dedicated machine to do that, or an old phone or something that is that is dedicated, wiped.
Ideally, you know, use one of these non Google Android Forks, and just use it only as your coordinator.
[00:54:50] Unknown:
Right. Right. And even, like, you know, if you set up a laptop that, like, once you set it up, maybe it never talks to the Internet, and it's, like, an additional buffer between between you and your, your coordinator that's actively talking to the Internet. But one kind of, like, security thing that that I wanna point out, I I tweeted about this the other day because you see, like, Trezor, has their own, like, you know, application portal that you use with their you can obviously use Trezor with Electrum
[00:55:16] Unknown:
or Specter or other things, but Trezor has their own software portal that I would suspect that a lot of users just end up being funneled. 99% of users are probably using, like, Trezor Web Web Suite or Ledger Live. Right. Ledger Live,
[00:55:28] Unknown:
I think I saw on Foundation's website that they're gonna implement some sort of, like, front end coordinator capability. Like, it's a security best practice to have what they call separation of duties. So you don't want the entity that is, writing the software that you used to interact with the protocol to be the same entity that is writing the software that you used to interact with your private keys because there's that natural opportunity for collusion between the 2 parties. So best practice not even collusion at that point. It's just the same party. Yeah. Yeah. Exactly. So, like, yeah, you want you wanna have, like, that that separation of, entities so that there's just less likelihood of some some sort of malicious
[00:56:09] Unknown:
process. Right. Like and and then if they're tracking, you know, user balances, which which they basically are That's too. Yeah. You know, they can basically associate an address that ordered from their website to to their transaction. They say they're not. But They say they're not, but they are.
[00:56:24] Unknown:
But they are. They could. They they are. And and just to add on top of that, I think I think, Ledger Live just added support, but just by default, you know, you those aren't using your own node. You're using their node. So you're trusting them with validation, and you're you there's an additional privacy trust there.
[00:56:47] Unknown:
Absolutely. Cool.
[00:56:51] Unknown:
One one question I was curious about. I'm I I like lightning a lot, and there's this lightning c sorry, lightning signer project, which is kind of like a way to be able to take the light, the the the seed and private keys that are, like, on a lightning note typically, and we're able to extract that away and have a different device or a different process, you know, manage all the all the keys there so it's not just in the node. Mhmm. Have you have you looked at that at all and, like, you know, possibilities of being able to integrate it with something like seed signer?
[00:57:24] Unknown:
It's just probably still very early ages for that to be even, like, a possibility, but, I'm curious of your thoughts on that. I am probably woefully under, educated about the nuts nuts and bolts of lightning. So I obviously, like, use lightning and understand the high level stuff. But, my first thought about that would be is, like, with lightning, a part of the security model is that you need high availability of keys. Right? Because if you need to, for whatever reason, like, close a channel quickly to to make sure that you don't, you know, somehow lose funds. You have to have availability that's used to a hot wallet. Yeah. It basically has to be a hot so I'm curious about, like, Or Watchtower too.
[00:58:03] Unknown:
You know, you can offload some of that to a Which is like a third party, basically. Right? Yeah. Or it could be, you know You can run your own Watchtower on a separate server or something. Yeah. It doesn't have to have the keys on that, you know, 3rd party or watch tower. Right. I
[00:58:16] Unknown:
I, I'm I'm curious about, like, potentially use cases, but I honestly don't know enough about it to be able to comment. I know that there's been 1 or 2 people over at Lightning Labs that have, I don't even know if it's it's related to Lightning who have been in contact and kinda like playing around with seats. I'm curious about some of the the possibilities with it. But, yeah, I what I love about Keith's rewrite of the code that he's currently going through is that it makes it much more modular and makes it much more to where you can insert different functionality. So it potentially opens the door to where you could build a version of seed signer that is PGP compatible to where you can use it to encrypt and decrypt messages,
[00:58:56] Unknown:
by swapping out some of the functionality while maintaining kind of the the same UI elements in the same hardware set. So maybe, you know, depending on the opportunities with lightning, something like that as an opportunity as well. I guess we'll just have to kinda see. Yeah. That that's kinda awesome. With with the device specifically, do you see any other you you mentioned PGP. Do you see any other, like, know, maybe it's not on your road map, you know, but maybe some hacker out there, you know, wants to just, you know, have fun with something. Do you see any other, interesting non Bitcoin related projects that you could like use the same model for?
Because, you know, maybe it's just PGP, but do you do you know of any others that come to your mind? Other people like we spoke a little bit before we went on air about, like possibly a password manager.
[00:59:37] Unknown:
I'm not entirely sure what that implementation would look like, but like I that's the beauty of FOSS and open source. Right? If somebody else has, like, an opportunity they see and they have, like, the skills like it, The code's out there, and we're happy to, like, see other people working with it and building with it. So, yeah, we'll just kinda keep an eye out. That's awesome. And it is, it is a MIT license, I believe. It is. That was that was one of the things that, like, I I I think I talked to Matt a little bit about when We literally talked about it on air because we were about to make the decision, 30,000 blocks ago. That was like a that was probably the hardest decision I've made with regard to SeedSiner that, like, I I feel good about in retrospect, but I don't feel great about the process that we got there with
[01:00:23] Unknown:
about that.
[01:00:25] Unknown:
Because when so when I, I were kind of a community community oriented project, and when I when it was time for us to pick a license, like, we didn't wanna keep going forward, just kind of like in the gray area. We wanted to pick a license. I kind of solicited some opinions on Twitter. And I got like a lot of, very we'll call them forceful DMs. Just kind of like people Very strong opinion. Very strong opinions and even, like, to the point of I wouldn't call it, like, extortion, but people saying, like, you know, I was thinking about contributing your project. But if you don't go with MIT, like, well, I just can't do it either because, my employer doesn't allow me to contribute to things that aren't MIT or it's just not consistent with what I think software should be.
[01:01:09] Unknown:
So, like, the two choices were basically so MIT, just unpack it here. MIT license is a unrestricted free open source license. Anyone can modify the code Right. Distribute the code, sell the code, use it for however they wanna do. Then I guess your other choice was GPLv3, which anyone can modify, distribute, or sell, but they have to keep that code GPLv3. With MIT, they can they can relicense the code however they wanna do it. They can they can even make it closed source if they want to. Right. Some people refer to GPLv3 as copy left Right. Well,
[01:01:46] Unknown:
and I like, I'm sympathetic to that licensing scheme, and it, like, ultimately, it comes down to choices and trade offs. What what could happen with, with MIT is that somebody could take our code and, like, monetize SeedSigner out from under us to where they build, you know, some sort of, commercially, available product that uses our code, but that's that's just kinda like that's that's the nature of the beast. Like, we're so focused on
[01:02:17] Unknown:
Well, they could do that with GPL too. But in that case, they could do it and, like, not contribute back upstream and keep keep their contributions restricted or Yeah. No. You're absolutely right. Source viewable, but they can change it so it's just source viewable, so you can't even use the changes that they do even if they don't contribute upstream. Or Or they could just take our code and go completely Go completely with the closed source. With yeah. Closed source too. And, like, a lot of people would say, I mean, you should just never use a closed source hardware wallet.
But meanwhile, you know, Ledger is probably the most successful hardware wallet in the business, and they are closed source, so or partially closed source.
[01:02:52] Unknown:
Right. It's it's, you know, props to the other projects for being, open source. We talked about this a little bit at the meetup last night, but I kind of see seed signer as and and some of the DIY projects as, like, kind of a new generation of hardware wallets that are the 2nd the 2nd generation is kind of these, secure element enabled USB connected, purpose built and designed devices that are, you know, sold by companies. And when they first were made available, like, I don't wanna knock them. Like, they were huge security,
[01:03:28] Unknown:
like, leap forward improvement. Right? I I people don't remember, like, new people, like, it used to be before Reddit completely died, like, r/bitcoin. It was just, like, every day, you would see,
[01:03:40] Unknown:
a new post about someone whose computer got compromised and their and their keys swept. And they hadn't even added, like, you know, any sort of encryption or anything to their keys, you know, in their in their core storage. So, like, when, Trezor came out and when other hardware wallets started to come out, like, hugely forward, that gave people a ton of security, but, like, security is an evolution and it's a process. And I think, like, a few things falling into place are creating this, like, new evolution of the security process that has an emphasis on multisig.
Because, frankly, a lot of the the current wallets, I've heard feedback that they're not created with multisig, first in mind. So an emphasis on multisig and emphasis on, like, publicly available components, I guess you'll say. Building you can build a signed device from non Bitcoin specific components so you don't have to give your information to a distributor or hardware wallet so you can maintain that degree of privacy. Right. Like, we saw with Ledger,
[01:04:41] Unknown:
their customer database got Right. Got got compromised, and then all of the any all the custom a bunch of customers,
[01:04:49] Unknown:
like home addresses and email addresses, were all exposed in that. Yeah. It's horrible. And that's something that doesn't get talked about enough because as the value of Bitcoin grows, like, it's just a huge kinda, like, honeypot
[01:05:00] Unknown:
that, is sitting out there for people. And you can't even buy a ledger. I'm pretty sure you can't buy a ledger with Bitcoin. So, like, you're also using your credit card, which is your credit card. Is literally just corporate surveillance card. Right. So I see, like, multisig first.
[01:05:14] Unknown:
I see, like, people being able to DIY and leverage open source code, and I also see air gapping as, like, a huge step forward. I I think that over time, most of the major hard hardware makers are gonna get away from that USB connected device because it's like, again, you know, is something gonna happen if you have a USB connected, hardware wallet? Like, in great likelihood, their security precautions are adequate. But as we reflect Like, I don't think we've seen a single
[01:05:41] Unknown:
like, I think your concerns are valid, but I I'm pretty sure, at least for the majors, like the ledgers and the treasures, we haven't seen a USB style attack Like a USB. Actually executed in the real world. Right. Now what I would throw out, like, this is my,
[01:05:56] Unknown:
kind of spook warning is like, as someone who previously worked in law enforcement As a previous spook. You can trust me now. See you see you later. The the federal government like has and I've, you know, during my career had access to it, like they have for like the Android platform, for the, iOS platform. And there's nothing to say that they don't have access to 0 day for 1 or more of the commercially available hardware wallets that we just don't know about. Right. That could leverage either, USB connectivity or that could just be getting your hands on the device and taking it apart to exploit the hardware.
[01:06:36] Unknown:
That's why I would I mean, we're being a little, like, I think rightfully so. There's criticism leveled at Ledger here throughout this discussion, but they do deserve props for their Ledger Don John security team where they basically are just taking these commercial hardware wallets, their own hardware wallets and other hardware wallets, and they're trying to compromise them. They're spending 100 of 1,000 of dollars trying to compromise them and releasing their findings rather than which is which is what you wanna see. You wanna see, you know, good actors in the space. You wanna see positive actors in the space trying to compromise all these things. So we know, you know, what kind of vulnerabilities are out there rather than getting surprised by 0 days. Or Yeah. That's a great service just to leverage that kinda, like, white hat adversarial thinking to expose vulnerabilities
[01:07:27] Unknown:
and disclose them before bad actors do.
[01:07:31] Unknown:
That's awesome. Yeah. Is there, like yeah, have have you or anyone else, like, done like, what are the analysis here? Like, basically, once you unpower this device, like, the the seed is gone, the seed is wiped, right? Right. But in theory, like, what if someone, you know, were to get their hands on it, like, while it was on, right? So like, basically, the model here, like, we can assume like, you know, someone gets the ledger and someone gets the treasure like some people in this space will say, assume that if someone gets their hands on it, it's compromised and and you know, those are completely powered off, you know, in their default state. So assume it's compromised, but like I love this model because like, you know, assume, once you unplug it, like, there's nothing to be compromised. Right? Like, it's it's it's safe. Right. So the way it's engineered is that, when you enter your private keys into it, they're stored as temporary Python memory
[01:08:21] Unknown:
sorry, temporary Python variables that just live in memory. So and we've gone to additional lengths to make sure that, like, through virtual page file or swap file, like, your keys don't somehow get involved in that and end up being written to the memory card. Like, we we disable virtual paging. But, yeah, your keys exist in RAM, and RAM is by nature, a volatile memory, meaning that once power is removed from the the media, like, the information that's stored on it just dissipates and goes away. But you you still,
[01:08:53] Unknown:
you want to keep your seed signer physically secure because, you you still have, like, evil maid attacks. I know maids get a bad rap, because of that term. But if someone, like, gets access to your device, they could they they might not be able to pull the seed from it, but they could compromise it and load up, like, a malicious version of SeedSauna. The next time you put the seed in, they can maybe store it or take it, or they could even there could be a a physical attack where they add, you know, some kind of transmission mechanism. So, like or it looks like they just swap out the device. So, like, they take your device and put a compromised one that maybe has Wi Fi in it, and then they can just transmit it out. So you wanna keep it physically secure. You want it you don't want it to be out in the open where someone can get access to it. And that that goes for all hardware wallets. But, I would say particularly, probably particularly, the seed signer because it, you know, doesn't have a secure element on it. Right. I'd I'd kinda compare it to that private but not secret
[01:09:55] Unknown:
sort of framework that we use for, like, extended public keys and wallet descriptors. It it it doesn't require the absolute security that you would give to your private keys, but, like you're saying, you definitely don't wanna leave it out, you know, for any sort of mal intended third party to interact with it because they could jack with, like you said, creating some sort of mechanism that does capture the private keys, or they could jack with your PSB Ts, or they could, like you said, with the hardware, put something else in there. Yeah. Just to go back to, like, the the mitigator for that is, obviously, if you feel like you left your seed signer out or somebody used it that you don't feel is, like, a trusted third party or anything like that, then the solution is just to zero out the memory card and write a new fresh version of software, and that's gonna mostly counteract,
[01:10:46] Unknown:
what could be done. Open up the case. Look at it. Right. Right. Or, you know, if it's it's $60, just build a new one.
[01:10:53] Unknown:
Right. Right. Right. Never be too paranoid. I agree.
[01:10:58] Unknown:
Yeah. I mean, I thought that was a good question because I wanted to actually I was I was gonna frame it a little bit differently because seed signer used to be the person who's sitting in front of us, used to be, like, a digital forensics guy for, the police, for the cops. And, he would literally go in and and, you know, look at computers and stuff that criminals had, to try and see what kind of information was there. And I I thought it's kind of an interesting dynamic that, like, whoever replaced him, there's some, like, young young seed signer replacement. And he's, like, going into he he's, like, he's seeing a seed signer on the table, and he's trying to compromise it. Right? He's for It's come full circle. He's like, WTF is this first.
What is this nest controller? Exactly.
[01:11:44] Unknown:
Yeah. And, just to strike back on the the points you guys brought up with hardware wallets and the the PIN security on them. Like, that's something I've seen firsthand from my time in digital forensics is, unfortunately, people don't use, really secure pins just as a habit. Somebody who has, like, either had knowledge of or had to, like, brute force, like, pins on people's Android phones or their iPhones. Like, people use the most brain dead stuff. Like, they're you know, it's always their date of birth, last four of their Social Security number. Or 1111? Yeah. Or 1234, you know, whatever. And that's actually like some of the, some of the tools that are created to exploit, like, iPhones and stuff, they have, like every time they crack, like, a a a pin code, it gets added to a database. And the next phone you try to crack it, the first thing it runs through is the database of busted pins with the theory being that, like, we're all human beings, and we tend to think alike. So if one person used a particular pin, be it because it was a certain visual pattern on their phone or whatever, like, somebody else might have thought of that. So it's a game of is terrible entropy.
[01:12:54] Unknown:
I mean, that's why it's important that that all these hardware wallets that use pin codes have rate limiters or, I mean, a lot of phones have settings where, like, 10 wrong pin codes wipes the device or
[01:13:06] Unknown:
And some of that can be exploited,
[01:13:08] Unknown:
through, like, various workarounds. But yeah. Yeah. It's all about just mitigating risk. You're never gonna eliminate risk completely. Right. And that's why I think it's always important to remind the freaks, that, like, don't get overwhelmed with this stuff. It's it's, you know, you're never gonna have a perfect solution. It's always gonna be a constant learning experience and evolution. You're you're really just trying to do little steps to continually, reduce that risk, of coin theft or or privacy. Bitcoin q and a has a good question, in the comments. He goes, notoriously difficult for false projects, but does Seed Signer have any alternative revenue stream plans just to ensure project longevity?
[01:13:49] Unknown:
Is that question coming on behalf of Foundation Devices?
[01:13:53] Unknown:
Or I'm just messing with it. You're taking business model. Open source. For the freaks that don't know, Bitcoin q and a is working for Foundation.
[01:14:00] Unknown:
And, like, even, like, the work he does for them and all of the open source, like, openly available walk throughs he do are awesome. Like, I I give a little bit of trouble about the foundation stuff, but, like, he is an amazing resource and somebody that I personally keep in touch with. So So what are you thinking about revenue? I mean, it is it is this is something that is,
[01:14:21] Unknown:
you know, a a very important aspect of of keeping the open source community robust and growing is is this funding issue. And a lot of times, it comes from grants, whether or not it's donations or individual donations, or if it's corporations giving donations, or if it's these foundations like HRF or Brink or OpenSats, which I cofounded. Like, how do you how do you look at revenue? And do you do you have, like, a business model that you're trying to attach to this, or is it gonna only be donation funded? So just in terms of the the larger funding question, I kind of view that in terms of a problem
[01:14:59] Unknown:
that is in the process of being solved, and it's not, like, solved yet, but we're getting there, just to give people kinda, like, some insight into, like, how we've historically been funded, and then we can talk forward from that. First off, like, we have a, I think I mentioned it before, a jointly managed multisig wallet that is what we call our develop development fund. And so I tried to give a lot of thought to how we compensate people who contribute to our project, and I tried to approach it from, like, an early stage venture kinda model to where every time we release kinda like a major version of the software, we have essentially a scoreboard that scores people's contributions and awards new points to, like, a scoring pool based on, like, new features that are added and stuff like that. It's not a perfect system, but it it's intended to be, like, some way of, like, rewarding people for, what they're doing for the project. So when we release a new version, we take some funds from this development fund, and we basically split them up according to the proportions of contributions as they exist on the score board. So people accumulate points over time.
The the challenge with that is just raising, you know, donations at large from, you know, our user base. And some people, you know, have been very generous. I'm sure there are other people that use it and haven't donated yet. But, it has been a good mechanism to provide some sort of reward for open source developers, especially people who are doing this kind of in their spare time, not as their full time gig. We recently had, like, the opportunity at the beginning of the year where Keith, previously had, like, from what I understand, like a non Bitcoin related job. He primarily works contracts, and so he's contracted by a particular company for a set period of time to provide development services.
And he had a contract that was expiring, and he was looking for a new gig. And, Spectre desktop took him on for about 3 months, as a contract gig. So he did some, like, very cool development work for them. But as of the beginning of this year, like, his contract with them was up, and he was looking again for a new gig. And so we started just kinda, like, raising funds based on the idea of his previous contributions and some of the great, innovation that he brought to our project. And there were, some very cool companies, individuals that reaped up reached out, some of which were anonymous, but some of which, like, coin ATM radar. And I'm I'm gonna do a horrible job at remembering specific people that that contributed to this, but Keith has done a great job of acknowledging them.
And the the if you think of those as donations to our project, they've actually been donations to Keith that I don't have a handle in. It's between Keith and the people that are gifting that money. And, generally, those gifts have come without strings attached to where people, you know, are super excited about the possibilities that he brings to seed signer, and they're willing to give him kind of open ended money just to focus, a lot of his day to day work on SeedCenter. After that, he set up a BTC pay server and said, like, hey. I'd really like to focus on SeedCenter for the Q1 of 2022. Would any people in the Bitcoin ecosystem be willing to, donate some funds to allow me to do that? And like much to every one of the community's credit, there were smaller donations that came in, and then we actually had, like, a 12 or $13,000 equivalent donation in Bitcoin that came in.
That's an anonymous donation, but, like, it's it's amazing. So Keith will be working on SeedSigner full time through the end of Q1 2022. Moving forward, like funding is a general question, I can't totally close the door to creating, you know, a purpose built retail available version of SeedSigner, but what I can tell you is that the open source source off the shelf ethos of our project is very important to us. And regardless of anything that we would do with some sort of retail available device, like, we are still going to maintain and build new functionality into, the the do it yourself version because, like and huge credit to Alex Gladstein who,
[01:19:21] Unknown:
love Gladstein.
[01:19:22] Unknown:
Yeah. Gladstein who was, like, one of the earliest supporters of our project and willing to kind of put a vote of confidence in the project for recognizing kind of the value of SeedSigner for people in parts of the world where Bitcoin use is either discouraged or even outright banned. People who want to use Bitcoin as a way of just preserving their savings ability or even to fund dissident activities, like seed center or something that's available to them that they can build privately in secret without the self off the shelf components to be able to store their Bitcoin in a more secure way.
It doesn't involve them having to try to source a hardware wallet or anything like that. And having that ability out in the world, you know, the the attending the HRF conference last year was a very eye opening experience to me. That's a great event. To get a glimpse of, like, things going on in other parts of the world that, you know, myself as an American don't have a lot of exposure to in the media and just in, you know, news sources or, persons that are within my circle. So it's a long winded way of saying that functionality and that ability to privately and secretly build a seed signer is extremely important to me personally, and it's something that I will not steer the project away from. Like, I've had people who live in the Middle East that have reached out to me privately, that, you know, talk about why they love the device because they can build it in private and not have, you know, anyone knowing that they're saving with Bitcoin when they would otherwise have trouble obtaining a hardware wallet and don't wanna use their phone because that's inherently less secure, yada yada yada. So,
[01:20:56] Unknown:
what about, well, first of all, to the freaks that are considering supporting SeedSigner, and you should consider it, it's seed signer.com/ donate. I mean, I have a couple thoughts here. First of all, I mean, dispatch emulate kind of what open source projects have to deal with in terms of funding. So we don't have Azure sponsors. It's all community funded. I consider it a free and open project. People can cut it up. They can torrent it. They can do whatever they want, with dispatch. So seed signer.com/ donate.
One thought is, first of all, like, on the splash screen when you first load up the seed signer Right. Like, you should just tell people seed signer.com/ donate to support the project every time they load it up. Like, I feel like just a nice reminder, like, this is a community funded project. A lot of people wanna support it. They just they need a little bit of a reminder. Right? So I think that's kind of a cool idea. The second thing is, I'm I mean, I know we've talked about this privately, and I'm curious if your thoughts have evolved. Like, what are the thoughts on in terms of, like, ads or sponsors or something? Like, is is is that a thought, like, to on the on the splash screen? Yeah.
Show a sponsor logo or something like that. That's something that we're
[01:22:18] Unknown:
opposed to at all. We would have to give careful in terms of a corporate sponsor, we'd have to give careful thought and consideration to the values of the company that was offering the sponsorship as well as, like, the the level of sponsorship that they'd be, offering to be able to get the splash screen. Another interesting kind of idea that came up was the screensaver on SeedSiner, which I think initiates after a minute or 2 of of device, device inactivity. So one idea that came up was, like, for plebs or people in the Bitcoin e ecosystem Clubs. Damn it.
[01:22:54] Unknown:
That that there's a debate there, but it's clubs. Hell, I've stumbled into that.
[01:22:59] Unknown:
For people who are just like, you know, everyday Bitcoiners who would like to develop in, like, a a meaningful way, we thought about when the screen center, screen saver comes up, like, what if it every time it bounces off? Because we have if people haven't seen it, like, it has a very classic, like, Microsoft kind of screensaver feel I've been staring at it the whole year. Where you stare at it waiting for it to bounce, like exactly into one of the corners and you feel like excited if it gets close to that. What if every time it bounces up against like one of the perimeters, it were just display a different, NIM or identity that was chosen by the person who donated or some sort of message? And maybe That's cool. Maybe that was, something that just lasted for a given, like, major version release, and then we'd kinda reset it, make it a new version of so Contribute this amount and your message or you can get a in the screensaver kind of thing. And this I like that idea. I like that idea better than an ad or sponsor. This this kind of stuff is, like, what I'm talking about. We're, like, you know, we're in the process of gaming these ideas out, not just us, like anybody working open source just to creatively come out with ways of incentivizing people to make support and to recognize people that make support, like in the way that they like to be recognized. It's just we'll get it figured out over time. And I think this is one of the things that, thankfully, like, Bitcoin really does fix this, like, beyond the meme, like, the ability to, send censorship resistant money in flexible dominations anywhere in the world to anybody you want to, like, No middleman.
Yeah. This this, like, this can fix open source and the open source funding problem. So I'm I'm bullish on, like, finding solutions moving forward.
[01:24:41] Unknown:
That's amazing. Besides, besides funding, are there any other ways that, like, people can get involved in the project or, like, you know, maybe some of the needs that you're specifically looking for right now, whether if it's, you know, Python developers or, you know, you know, people that, you know, manage projects or documentation, things like that. Like, what are your, like, more specific, needs right now that people can help out with? I am, like, forever looking for,
[01:25:06] Unknown:
people to make demo videos, especially in alternate languages, especially as we emerge into, excuse me, multi language support. I I'm always excited to have people do walk through demos and videos or people who create documentation. But, like, the ways that people have found to contribute to the project have been amazing. There's a a guy from South America who people have seen, like, the baseball baseball card style, QR cards that we have where you can manually transcribe your QR code that way. Like, that was created by a guy who does graphic design on the side in Brazil. Or our website was built and maintained by a guy from the Philippines who just saw Seed Signer, was excited about it.
And he's actually recently, launched also, like, a, a sales portal to where, like, it's tough for me or people in Europe to ship devices or to ship hardware kits to people in Asia. So now, like, people in Asia have a source where they'll be able to buy a kit. People who just generally, like, you know, it it it sounds like, you know, not trivial, but, like, people would just tell other people about seed signer. Like, that's we don't have any kind of advertising budget. We don't have, like, you know, I I'm on Twitter, but it's not like we have a social media offensive or anything. So, like, at meetups, just people Bitcoiners talking to other Bitcoiners, that is our primary way of spreading the word about what we're working on is, like, people just saying, hey. Like, I'll talk for a few minutes at a meetup about seed signer and point people to, like, the website and the repo and stuff.
That's such a it's this is, like, truly a grassroots thing. I that term grassroots is, like, overused to some degree, but, like, we are just people that are trying to build, like, a kick ass little sign device that, provides value to others in the Bitcoin ecosystem. So there's, like, a myriad of different ways to contribute to that.
[01:26:58] Unknown:
Awesome. You got any more questions for him?
[01:27:02] Unknown:
Not personally. No.
[01:27:04] Unknown:
So, I mean, you're relatively new to open source. You kinda just dove in. What's it been like running a being a maintainer for an open source project? This is like the second iteration of that question that I didn't answer well enough in the first I'm giving I'm giving you a second I'm giving you a second chance. I asked him 30,000 blocks ago, and he froze up a little bit. So, And a lot has happened since then too. So I feel like you're more experienced now. And the repo is, like honestly, the the repo, we've gotten more contributions. There's probably,
[01:27:35] Unknown:
I think, 4 or 5 people other than, Nick and Keith who were eligible. By the way, shout out to Bitcoin Magazine and for you for organizing the, open source tickets develop 100%. Tickets for open source developers is what I'm trying My pleasure. To get out. We had a few contributors that, like, when that came out, I made sure to DM them and send them a link to their PR and, make sure that they were aware of that program. But the experience of managing a repo, like, has been probably a reflection of, like, the amazing, collaborators that I have Because me being you know, it went from me being the only contributor to, when Nick came in, like, I was reviewing his PRs, but his code was quickly, getting to the point that, like, it wasn't something that I could review at a glance. I really had to sit down and dig in because I'm not, like, a coder by trade, and I'm not, like, a Python native thinker.
So then as Keith has come in, like, it has become more about me responding to issues that are raised and me kinda, like, creating the new repos and kinda, a big part of what I do is assembling the prepared releases, and I control the private keys that are used to sign those releases. I I become a little bit more like an administrator, but the developers do a great job of playing off of each other to where when there's, like early on, I offered Nick, like, admit some degree of administrative rights in the repo and much to his credit, like, he totally declined it. He was like, I like having, you as a check against the things that, like, I'm writing. And even if you can't review the code, like, it's trivial just to load it onto, like, a development, seed signer where I can swap code out real quickly? I can test, like, is it doing what it it's supposed to? Does it crash? Does it not crash kind of a thing?
But Keith and Nick do a great job of kind of, like, thumbs upping each other's code. So when somebody does a pull request, they they do a great job of looking deeply at it, and, I rely on them, heavily on that just for, like, checks and balances, as we move forward. But, I am super bullish on, we've been doing this for a year, and I am super bullish on as the the project gets a little bit more exposure in the Bitcoin space, like, getting more experienced Python developers involved. And just like we need like every project, we need more eyeballs on our code and, people being able being interested rather to fix, like, little pain points that they see or little opportunities to tweak it or to, like, build a new functionality. Like, I I'm excited for that, and that just helps me. Like, as a maintainer now, I'm kind of, like, I feel like my role is less than what it was, because we have more people looking at the code.
[01:30:27] Unknown:
And I'm kinda just the guy. Love to see it. Yeah. Yeah. It's been That's like the that's the power that's one of the main powers of open source projects. Right? It's that they're bigger than any individual,
[01:30:39] Unknown:
and they can they'll outlive any individual. And the the incentives, like, frankly, are all aligned to where people are incentivized to collaborate with each other and to produce the best version of of what they're collectively trying to work on. Like, it's it, like, is this great, like, collaborative brings out, you know, usually the best in people kind of thing. I it's that aspect of open source has been something that I had no exposure to, you know, in my previous life journey. And it has been just an amazing, almost rejuvenative, aspect of, like, my experience with it. Like, you you see the just the the beauty in people and their goodness, and they're willing to just pitch in and help out, like, when you need stuff. Like, it that's just been a mix.
[01:31:26] Unknown:
Yeah. That's I think, like, being able to that's what I love about open source and open source communities, like, the ones that are ran really well and are really successful. It's, like, being able to foster an environment, being able to create a community, sharing vision, getting people, like minded individuals to believe in that vision as well and and then, you know, kind of, you know, dedicate, you know, time and effort to, you know, once you find, you know, other people, that that share the same vision, you almost wanna, like, you know, work together and, like, make sure that you guys can come together. I don't know if you have any, like, other other advice for anyone maybe thinking about, not only just contributing, to you guys, but also just, like, creating their own, like, you know, how to find and create an open source community. That's, like, that's one of,
[01:32:15] Unknown:
that's kinda one of the tongue in cheek reasons why I put myself out there is, like, you know, I used to be a cop. Like, I I was not a developer by trade. I had a little bit of, like, exposure to coding in college and stuff like that. But, like, I am the perfect example of somebody who is not, like, a native coder. It's not, like, something that I've done for 5 or 10 years in, you know, some sort of professional capacity. But what I want people to come away with when, you know, I talk to them or they asked me about a project that they have in mind, like, it is so important to, in the best way you can.
There's a highly underrated skill in this world. It's just effectively communicating a vision for something you have, an idea you have that you would like to see come into existence, being able to
[01:33:01] Unknown:
Sorry about that, freaks. We got our audio cut off somehow. I don't know where you lost us, but, SeedSiner was giving a very inspiring, tale of of how of how welcoming the open source community can be and not to be afraid of jumping in. Right?
[01:33:23] Unknown:
Absolutely. Just, like, put your idea out there.
[01:33:26] Unknown:
100%. Well, I appreciate your time. I appreciate your time as well, Tony. Absolutely. We've been ripping for an hour and 40 minutes. It's time for some lunch. We got a rabbit hole recap in 2 hours. Final thoughts.
[01:33:46] Unknown:
I'd like final thoughts are just gratitude. Like, I appreciate the opportunity to come down here. The the, BitKite, who's the organizer of the Nashville meetup, has been, like, an amazing host. Like, logistically, just in terms of, like, the meetup that he leads and everybody else who helps with that meetup. If anybody's out there listening and you're, like, anywhere near Nashville, it's worth, like, a it's worth a weeknight of your time to to come in and experience it and, just the opportunity to sit here and talk with you guys. And and for everybody out there who's built a seed signer or talked about it, like, much love, much gratitude. Like, I this if you would have told me, like, a year and a half ago, I was a guy listening to Bitcoin podcasts, like, who had just kind of like stepped away from his career as a stay at home dad. And I, like, was just tinkering with 3 d printing and different things.
And, like, to be here, like, 18 months later, never would have believed it. Like, this is this has been such an amazing experience, and I'm thankful to everybody out there for. Well, we appreciate you. Thank you.
[01:34:45] Unknown:
Yeah. I love it. Yeah. Thank you so much for I mean, you know, and the Nashville, Bitcoin, you know, you know, we don't record anything, and I just wanna say, like, your, your your panel with Rockstar and Matt, like, that was, like, as an audience member, I loved it. There's a lot of really good questions and a lot of good answers, and the the back and forth was amazing. So thank you for taking the time to, like, come here and then the conversation today as well, was amazing. So, yeah, my closing thoughts just, you know, along the same vein, you know, just just do it, you know, just go to a meetup, you know, if if just dive right in, you know, if you have a project, just just do it, and, you never know where you're gonna end up. If you've never used Seed Center before, just just, you know, buy 1 and just start playing with it. Like, you're it sometimes just seems intimidating going to a big Bitcoin meetup or or using a new device that, like, you never used before, especially if you've already gotten used to something. So, yeah, just just dive right in, start playing with it, start going to meetups, and, you know, you never know what's gonna take you. I think that's a great final thought.
[01:35:45] Unknown:
Just a reminder to all the freaks that are interested in the project, that's seed signer.com. If you wanna support the project, that's seed signer.com/ donate. Every sat counts. I think I can speak for them that they'd really do appreciate all of your support. I will see you freaks for rabbit hole recap in 2 hours. I'll see you for dispatch next week. I got some of the Spectre team joining us on on Tuesday, and, I I love you all. Cheers. Thanks, guys.
[01:37:05] Unknown:
Twisted faces in the cloud.
[01:40:22] Unknown:
Love you, freaks. See you next week. Don't forget to try and support seed signer, seed signer.com/ donate. Stay humblestack sets.
Problem. K? Pre COVID, inflation was 2%. Okay? So now it jumps huge, and everybody's right. From 2% up to, what, 7% plus, we're gonna start to come down. No doubt about it. And you're going to be right. It's gonna be 4a half, 5. The issue is just because it came down from 7, the real issue is where it started, and I think that's where everybody's gonna fall into this trap. Oh my god. Look at half of this inflation has disappeared, but it's still significantly higher than pre COVID. And that is the point. And and the other issue is, in my opinion, where where's the tightening been? Give me a break. We're 0 to 25. They're still buying. Soma was 30,000,000,000 for the 3 year note. Okay? I don't see any tightening. I can't imagine that you have a microscope bigger than mine. Jack. Yeah. Come on. What is your mic? What is your mic? The Rick Ezel. There's 90 basis points.
[00:01:00] Unknown:
Rick, there's 90 basis points of tightening
[00:01:02] Unknown:
in the 2 year. Gets. That's power. Market's doing it because the Fed is behind the curve. Fed. That's how it works, Rick. That's how it works. I think that's great, though. It's not the fact that the Fed has done nothing. The Fed has done nothing. Blah blah blah blah blah. Rick, I I totally agree that the Fed's done absolutely
[00:01:21] Unknown:
nothing, but the free market has come to the rescue here in tightening.
[00:01:25] Unknown:
And the inflation's tightening this as well. I mean, it's it's brought money growth nominal money growth from 27 to 13% in a economy that's gotta be slowing down, of course, is gonna experience less pressures on the demand side. Of course. That's the whole point of it.
[00:01:42] Unknown:
Right. The other thing
[00:02:20] Unknown:
Happy Thursday morning, freaks. It's your boy Odell here for dispatch 55. Yes. This is a 2nd dispatch in this week. It's the first time we're doing it. First time we're doing, 2 dispatches, in 1 week. I have our our boys, seed signer, and Tony here in the studio. So I felt it was prudent to have this conversation in person while we had the opportunity. Sale dispatch is an interactive live show about Bitcoin distributed systems privacy and open source software. Our show is a 100% audience funded without ads and sponsors, purely focused on actionable Bitcoin discussion.
Thank you so much to, you freaks for continuing to support the show and keeping it ad free. I really do appreciate it. Easiest way to support dispatch, is through podcasting 2 point o apps. My favorite 2 are Fountain Podcasts and Breeze Wallet. They work like traditional podcast apps. You simply search Zillow Dispatch, press subscribe, load it up with sats, and you can choose how many sats per minute you think dispatch is worth, and it it it streams the sats directly to my node. You can also support the show at sildispatch.com. We have a BTC pay server set up there, so you can pay you can support the show via lightning or through Onchain.
And, as always, I have a PayNim easy to remember. It's Odell. So if you use Sparrow or Samurais, you can, support the show via PayNim. As always, dispatch is broadcast via Twitch, Twitter, YouTube, and bitcoin tv.com. All archives are on bitcoin tv.com afterwards. You can use any podcast app to listen to the archives as well. You just search Sildispatch. So, yeah, thank you thank you all, for joining us. Again, I hope you enjoy this trip. I think it's gonna be a good one. So with all that said, we have Seed Signer here. How's it going, Seed Signer? Good. How are you? And we have Tony again in the studio. How's it going, Tony? It's okay. Fuck. Yeah.
So, the focus today is basically, the seed signer, obviously, a signing device, an open source signing device, and also just discussion on open source software, the power of open source software, and we're gonna kinda just see where the conversation takes us. As always, if you wanna join the live chat, we're on Matrix. You can the easiest way to join us is to go to sil dispatch.com and click that Citadel's chat link, and then you just follow the instructions. You download Element, you make an account, and you join the chat. Now that is a live discussion that allows you to participate directly in the discussion as we are going, but it's also a very lively discussion throughout the week.
So consider joining us. We have over 500 really good ride or die Bitcoiners there. Awesome. So where do you guys wanna start? We have we have a seed signer in front of us. We have the person seed signer in front of us. We have a seed QR. First time I ever saw that, which is right there. That's pretty fucking cool. And when I say right there, I'm just pointing to the guys in the studio, and I know none of you can see that. I guess I guess the first place to start is, we had NASH Bitcoiners last night, and I think we're all a little bit little bit hungover after that.
[00:05:47] Unknown:
Maybe some more than others, but yeah. Oh, wow. Okay. Just a little bit. I wish the bar sort of closed at 2 AM instead so I can be a little bit more responsible.
[00:05:56] Unknown:
Personal responsibility, Tony. Personal responsibility. What did you think? That was your 1st NASH Bitcoiners. Was how how was the experience? I loved it. I loved the,
[00:06:05] Unknown:
I I think the right word is, like, the Chatham House rules that, like, no recording devices, no photos. Like, what happens there stays there. I thought that was, like, a great, element of the meetup, but, like, the people were great, very engaged. Like, everybody I talked to, like, you could tell, like, they're interested. Like, they're paying attention. Fuck. Yeah. They're engaged, and it's, it's a great scene down here. I thought it was pretty cool that,
[00:06:34] Unknown:
you brought seed signers with you so people could buy them and get them directly in person instead of having them shipped to their house or their office or something. Yeah. Any, like, opportunity that I can jump on to,
[00:06:46] Unknown:
get them to people, like, in person, I think that's a great opportunity because you don't you're not giving your credit card company your identity. You're not gonna get emails from, like, a wallet provider. You're like it's it's it's, a great way to get those without me knowing any anything about you.
[00:07:03] Unknown:
But I bought, I bought one last night. I'm looking forward to, like, putting it together. It'll be my 1st seed signer to actually have. So, yeah. Thank you for that. Thank you for bringing them. I think it was, like, last Nashville Bitcoin meet up. There was, you know, lightning point of sale systems that a guy was selling. Very cool. Very hardware. You know, I'm not sure if you've seen one of those before, but those are awesome as well. And I think it's, like, just the best way to be able to, like, buy in person, you know, directly from the source. Like, they are the manufacturer, you know, you are the, you know, manufacturer seats. I don't have to worry about, like, you know, man in the middles or anything like that too even. So I think it's, like, the best way to kind of, you know, get hardware. And honestly, like, with everything being open source, I'm kind of hoping that,
[00:07:44] Unknown:
you know, a kind of mini cottage industry springs up to where, like, people who are trusted parties in other parts of, like, the US or other parts of the world who have a reputation in in their local Bitcoin community, Like, maybe they order some parts and, like, it's a a way for them to stack sets a little bit on the side.
[00:08:01] Unknown:
It could be a cool way to, like, fund a meetup. Right? Like, get a little bit extra sats for a meetup and then also support your local community. Yeah. The person that was selling the, lightning point of sale system, they weren't even,
[00:08:14] Unknown:
the the I guess, yeah, they weren't even the the They weren't Ben Arck. Yeah. The one Ben Arck. So they were and they they they were honest. They're like, yeah. I'm I'm just charging, like, $10 more. Like, is that fine? I was like, yeah. Absolutely. Like, you know, thank you. I don't have to go through a shipping service or anything, so I was happy to pay it. The lightning point of sale was actually kinda funny because we had maulers in the house for that one.
[00:08:33] Unknown:
And, I picked him up from the airport, and, I picked him up from the airport, went to the went to the meetup, and I got really excited. And I showed him the lightning point of sale. I was like, look how cool this is. It's offline lightning point of sale, but it uses lnurl, and Stripe doesn't support lnurls. So it was, like, it was very much a bittersweet thing. He's like, really, Matt? You're gonna drag me into the lnurl controversy?
[00:08:56] Unknown:
I did the same thing to Rockstar last night too talking about the point of sale system.
[00:09:01] Unknown:
That's how we make change. So where should we start? We had we've had Seed signer on the show previously. We went we went deep on Seed signer. I don't remember how long Seed signer. Do you remember how long ago that was?
[00:09:18] Unknown:
I would say it was last summer if I had to guess. Like, maybe 6, 7 months. So a lot has changed since then. What has changed? How's the project going? It like, we things are going very well, and that's, primarily due to just additional people with such great skills, like, coming on board to help in various different ways. I don't know if, Keith Mukai was involved. I know that Nick. He was because Keith was on the show with you. Oh, duh. It was me, you, and Keith. That would mean that he was involved. Yeah. Me, you, and Keith. So Keith has really brought, like, a ton of creativity and productivity to the project in terms of implementing new features and coming up with creative ways to solve pain points that are kind of, like, built into the system.
So our user experience has improved a ton, but, like, since then, also, there is a Bitcoiner in Europe. I don't wanna docs, like, specifically where he is, but he is, involved in manufacturing, like, a permanent long term backup solution for us where you take your QR code that that, is, like, just an alternative version of your seed phrase that makes it quick and easy to import into Seed Signers. So you take that QR code, and you can actually stamp it into metal, with this device using just a simple center punch instead of, like, some of the solutions you see where you have to stamp individual letters into, like, washers or Right. Some other kind of metal. So you just have one center punch, and you basically create handmade, like, a QR code. So the center punch is, like, these little cylinder thing. Right. You can buy like any hardware store or online or whatever. Yeah. There's a couple versions. There's either like one that you use kinda like caveman with a hammer, like a, you know, a hammer and a punch thing, but they're also automated ones that are a little bit easier to handle that work almost as good as, like, the hammer and, hammer and chisel type solution. But yeah. So you create this metal backup like cavemen now. We just went back to the hammer and chisel.
But you can create this backup that is, you know, fire resistant, crush resistant, water resistant that, I'm excited for that as a great storage, medium for people to especially set up a multisig and be able to, like, be confident in their setup and preserve their keys long term that way. But, yeah, just other people, jumping in. There was another it was just this week. There was a guy over, I believe he's in somewhere in the UK, who, produced, like, a new version of the seed center enclosure that looks a lot like a classic 8 bit NES controller. And it's just so Yeah. It's, like, great design on his part. And, like, I haven't gotten a test one in hand, but he's been able to implement, like, a d pad instead of And it's all 3 d printed. Right? It is. Now it uses a couple different types of, 3 d printing. There's, like, the traditional type where you use the filament that people are more familiar with, but there's another type 3 d printer that's called SLA, and it's where you have a vat of, like, liquid resin, and you have a photostatic screen that, hopefully, I'm using the right terminology.
The screen illuminates and basically, like, photo activates the, resin so that it hardens, like, one crazy tiny layer at a time. And the thing about those is you can produce items with, like, so much more precision and detail than you can with, like, a traditional 3 d printer. So to get that d pad, working with our, LCD hat, like, you need a really precise piece of equipment. So, I'm excited to see that he's launched sales of those, and, they've, like, gotten good feedback so far, and I'm excited to just see more of them in the wild. The the more we can make the device, like, appealing to people just visually in terms of better usability in terms of interacting with the controls, the more it looks like something, some other type of consumer electronic device that they use. Right. Like, that that bear
[00:13:23] Unknown:
the the bear joystick or whatever without the case on top is a little bit, a little bit finicky or maybe intimidating.
[00:13:31] Unknown:
It it it just looks more technical to people, and we're we're any way that I can communicate to people that SeedSiner, is not just a project for, like, Bitcoin hackers or Bitcoin, like, makers. It's a project that is, like, attainable for people with, you know, very modest technical skills. It's not something that, people need to conceive of as this, like, super highly technical project.
[00:13:57] Unknown:
So I'm looking back. So it was so dispatch, 33 was when you guys were on, which is block 694,094 blocks. Mhmm. And then this one is block 722-645. So what is that? I hate math. I'm a Bitcoiner. I'm a Bitcoiner who hates math. I'm not gonna do that, Mike. It's been it's been, like, 30,000 blocks, since we since we last had you on. I I think, before we go any deeper, just in But let's just do a quick overview on what the seed signer is.
[00:14:53] Unknown:
Right. And, like, I get a little finicky about the hardware wallet versus signer thing, but the only, like, distinction there is, I can see of a hardware wallet as something that has some sort of secure element technology in it that is meant as a technological safeguard to store your keys. So a hardware wallet is something that is intended to be storage for your keys, whereas a signer, it's just taking your keys and generating signatures with them. And a signer, I guess, kind of definitionally for me means that it's not meant to hold your private keys. Like, once the device is turned off, it's not meant to store your keys. Like, with seed signer so if I can just kinda go over the basic value proposition, seed signer does 3 things.
It helps you trustlessly generate private keys using real world entropy. And then the kinda second functionality is once you And when you say entropy, it's it's randomness, which is the key element to generating secure private keys. Yeah. And I I'm you know, there's there's some debate, like, in the Bitcoin space and the larger computer science community about, like, can you really generate truly random data with code that was written by human beings and, like, technology that was made by human I'm I'm not gonna dive into that debate, but I just feel like a real great source of entropy that is accessible to everybody is just the world around us, whether that be picking, bit 3 9 words out of a hat or rolling dice 99 times, or we even have a a feature where you can take a digital photograph and capture the entropy from that to,
[00:16:26] Unknown:
as well as some other sources to be able to because the seed signer has a built in camera. Yes. And then the key I mean, you you dropped the lead there. The key here is that the seed signer, can accomplish a lot what hardware wallets can accomplish, the hardware wallets you can buy at, like, a website or something, but it's all off the shelf parts. Last time you were on, the parts came out to about $50. Now I think they're a little bit more expensive.
[00:16:53] Unknown:
Yeah. The tricky part is the Raspberry Pis. There's with all the I guess it's with all the supply chain BS. Like, the RPi Foundation has had to pause some of their production. So the specific, Raspberry Pi 0, which is a version 1 dot 3 that we use, And the special thing about that version is there's no, Bluetooth, no Wi Fi built into it, so you can think of it as, like, this inherently little air gap computer. Those have been a little bit harder to find. I think they're running for about $30 on eBay. That's the most expensive part. Right? Right. Yeah. And then you have, the screen. There's a screen on it, and there's a camera. Yeah. The screen's, like, 10 to $15 depending on where you buy it. And the camera is, like, you can get those for $5 or a little bit more on Amazon depending on where you buy it.
[00:17:39] Unknown:
Cool. Okay. So the seed signer is a stateless device, which means, when you unplug it from power, it loses all of its memory. So you have to enter your private keys every time you use it. Since last time, you have now this QR code method. And, you kind of talked about it earlier already, but, like, this idea that you basically, record your seed not as seed words, but you record it in a QR code format, and you have these metal these metal plates where you can punch in the QR code. I guess you you look at the screen. The screen shows you how to punch it, then you punch it in. And then every time you boot up the seed signer, you just use the camera to scan the QR code to load up your load up your seed. Right? Yeah. That's correct. We also have,
[00:18:28] Unknown:
in the GitHub repo, you don't have to stamp it on metal. Like, if you're just looking to test with the device or if for whatever reason you're not worried about fire, we have some templates in the repo where you can just use a a home printer, print up a QR code template that you then like, with a Sharpie marker, you can, color in the dots. Keith also also came up with a a super clever kind of interface for, transcribing the QR codes where, you know, it'd be kind of overwhelming to transcribe a 29 by 29 QR code dot by dot. But he breaks it down into 5 by 5 kind of like quadrants. And you just step through the grid 5 by 5, 5 by 5 by 5 by 5.
And it's it sounds a little, cumbersome maybe, but usually in about 10 minutes. You don't have to be super meticulous about filling in the squares. QR codes are pretty forgiving that way, with the built in error correction. But, yeah, you either you can still type in your your seed phrase using, you know, the joystick and buttons on seed center. You know, if you wanna bring a seed in that you created using a different device or that you're using on a different device. But, the QR code was just a great hack that we came up with in terms of being able to instantaneously, get your seat active in the device because, like you said, it's stateless. So every time you power it on It was a fucking pain in the ass. You had to Yeah. Fucking enter the seed. Yeah. That was that was a good point.
[00:19:53] Unknown:
I wanted to ask if there was any passphrase option that that you added to it as well. So, like, say, for instance, I have this QR code on a piece of paper, I scan it, is there any, like, additional security, components as well where I can, like, maybe enter, like, a 25th word Yeah. Or or things like that? Just so someone does just fly by and, like, capture my QR code and run off. Right. That was important. Something that was important to us, early on, even before, I believe, we we implemented the CQR was to be able to support BIP 39.
[00:20:21] Unknown:
Some people call it word 25. Some people call it passphrases. But, yeah, the the important thing for people to understand with that is that the entropy from, like, the data from the passphrase you choose, and obviously, people wanna choose, like, a strong passphrase. But the the data within that passphrase is incorporated into the entropy that makes up your key. So it's not just like, an access mechanism to your key. It's actually part of your key. So you have to make sure you you somehow, either in your memory or otherwise, preserve that. But yeah. So that's a great kind of mitigating factor, depending on where people plan on storing and accessing their QR codes. It's a safeguard that some people choose, some people don't.
But it was important to us to have that there because, like you said, like, depending on your OPSEC situation, you should obviously be aware of who's around you or if there's any sort of cameras, you know, in the area. Ideally, there aren't any of those things, but, you know, Bitcoiners are careful. So that that, passphrase is another kind of additional safeguard. Yeah. That's awesome.
[00:21:27] Unknown:
Well, you know, one time, I set up a friend, with a cold card, and we went through the whole process, and she stamped it on steel. He, like, got a seed ready to go. And then, his his wife took a picture, and he had his like, he had written out the words on a piece of paper before he stamped it in his deal. And you could you could see it in the background of the picture, and you had to do everything over again. Oh my gosh.
[00:21:58] Unknown:
Like, I was so even before seed starting, I went through the process with actually a, Spectre DIY of going through and putting my seeds in the metal. And it's, you know, it's long, laborious process where you have, like, you know, 26 stamp letters, and you're constantly pulling out different stamp letters and hammering on them. My son's helping me just kind of, like, pull the letters out for me while I'm stamping them in. And he started to say one of the words out loud. And I was like, no, no, no. We don't even say these words out loud. There's probably, like, Siri or Alexa, You know? Like, a 1000000 different live mics everywhere. Right. Right. Right.
[00:22:33] Unknown:
Go into the bathroom and do your seed. Get in the bathtub.
[00:22:39] Unknown:
So what do you wanna talk about? Yeah. Well, since you brought up the Specter DIY, I wanted to ask you, like, in the whole DIY space, whether if it's, hardware wallets or or signing devices, you know, where where does what does that current environment look like? I think there's also like the jade wallet. Is that is that DIY as well? And then, like, how you know, maybe if you wanted to do, you know, a comparison or something just like a quick little snippet. I'm not sure of all the various DIY,
[00:23:07] Unknown:
you know, devices that that are out there. I'm, I'm familiar with Jade, but I'm not I don't honestly don't know if there's a DIY option for Jade. I'd love if there was, like, I'd love to see more projects like this. There's, I think, I don't know if Jade is partly on the MD 5 stick platform, which is another kind of one of these single board computer kind of prebuilt, premade platforms. Somebody has actually done a version of seed center kind of on that called Crocs, I believe it is. But the Crux, SpecterDIY and Seed Center are they're the only ones that I'm familiar with.
I I hope that we see more development in this space because, I kind of see the specter DIY and Seed Center as emblematic of a new generation of hardware wallets that are intended to bring some power back to users in terms of there there's a lot of trust that goes into the existing existing hardware wallet kinda landscape where it's this proprietary device that this, manufacturer has made. And and from what I understand, they're all good actors. It's just we, as Bitcoiners, have to trust their implementation of a secure element, and they're, you know, most mostly, they're open source, but we still have to trust they're kinda like hardware implementation, as well as some of the personally identifying information you have to give up to order one of those through the mail.
So DIY may not be an option for everybody, but I it's super important to me that it is an option out there because it it allows Bitcoin users to reclaim some of their privacy and necessarily
[00:24:49] Unknown:
like not have to put trust in third parties quite so much. Yeah. Privacy in terms of just, like, shipping it to your house. And so you could you can pretty much walk into, like, a hardware store, you know, like something like Fry's and and, and Micro Center and, like, pretty much pick up these devices as long as they're in stock. So, like, I I love the privacy aspects of it as well. I think it's super important that we have this option so we don't just say, yeah, let's everyone just use Treasure and everyone just use Ledger and then, you know, things like that. On the one hot topic that's kinda come out I guess maybe this year and last year, where do you kinda see the whole NFC environment?
Is that something that you would look at as incorporated into Seed signer? I think there's been some arguments that NFC is cheaper to implement than a camera, but like what I have wondered about that is like you you have implemented a camera and and a very affordable one. So, you know, where do you kinda sit on the whole NOC, versus, like, camera thing or a combination of both? Yeah.
[00:25:49] Unknown:
It's not something that's on our road map. It's not something I can rule out in the future. Everybody has to kinda make their their own choices in terms of, their preferences on hardware profiles. For me, and this is maybe a little bit of a tinfoil hat thing, but what I don't like about NFC is that it is communication that I can't see. And, you know, that it's it's excellent that it is, like, geographically sort of, like, restricted so that only within a certain number of meters or I don't know what the spec is. But you have to be, positionally close to 2 devices. You basically have to touch it almost. Right? Right. They have to be, like, super close. Yeah.
I just, I I just don't trust information that I can't see. And you don't, like even when you're sitting there with your hardware wallet that's near your phone or your laptop, like, again, tinfoil hat stuff, but I I don't feel absolutely assured that those devices aren't somehow communicating without my awareness. With SeedSigner, the what I really like about the Airgap QRs is that, one, they're auditable. It's not a super easy process. But if you really wanted to know what information is going back and forth between your, your wallet coordinator and your sign of device, like, you could audit that and confirm that there's no nefarious sort of data or funny business or whatever. But another aspect of it that I like is, like, it's very apparent when the 2 devices are communicating.
Like, the only way that SeedSigner can communicate with the outside world is via the camera that's built into it and then the screen. So if you're not, you know, using the camera to capture QR codes and you're not holding the screen up to your your laptop to relay information back to it, like, it's not communicating with anything else. And if you suspect that, like, there's something weird going on while you're relaying QR codes, you can abort that communication, like, immediately just by removing the QRs from the field of view. I'll say it one more time. Like, is that tinfoil hat territory?
Maybe. But it's it's all about meeting people where they are. And me with a background kind of, like, in digital forensics and information security, like, you know, certain technologies that were once beliefs to be secure were subsequently, you know, over time, security is a cat and mouse game. There are vulnerabilities that are discovered and then solved for and then other vulnerabilities are discovered. I I just like the assurance of that. You know, I know when the 2 devices are talking to each other.
[00:28:28] Unknown:
Yeah. Exactly. And and as I think just even being able to have, like, different trade offs and and vectors for each. Right? Like, you know, I think this is where, like, multi sig is really important and and, you know, we can we can say, like, I have, you know, one of each of these devices and if there's a flaw with one of them or the other or, like, you know, I keep 1 in, like, super secure storage, like, I don't even let anyone, like, get access to the actual hardware wallet versus, you know, versus my seed signer, which I can carry around in person, even without the QR code attached. Like, I can walk around without my backpack and just be fine because there's no loss of funds as a possibility. And then, you know, when I get home or or maybe I have my QR code in, like, 2 geographic spots, you know, when I get to the next location, then I can bust out my seed signer and and be ready to go. So, where do you kinda see, like, or maybe that's part of it. Where do you kinda see, like, Seed signer in the realm of, like, other hardware wallets and signing devices? Do you see, do you see it, like, maybe for yourself or for other users like them doing multisig a lot and and with with this as one of the keys in the quorum? Right. You bring up a good point that, like, not all security,
[00:29:35] Unknown:
or not all I'm sorry. Rather, not all storage use cases are created equal. So Bitcoiners may have, you know, some funds that they're they carry around that are, like, akin to, like, a wallet that they have in their pocket, or, you know, maybe, some funds that maybe it's, like, a little bit more money, and you want additional safeguards kinda like a checkbook. And then you have, like, your long term savings, like your Huddl stash. And they're like, it totally makes sense to have different security profiles for each of those kinda different use cases.
And I think, like, NFC can totally make sense for, like, everyday wallet use and even, like, a checkbook. But, like, for my long term stash, like, that's where I really start thinking about, like, vulnerabilities and and and ways that I can mitigate different vulnerabilities. But to get back to your question, SeedSigner, when I conceived of it and first, like, you know, started creating the proof of concept, it was created with multisignature in mind. And it was created with, like, long term Bitcoin storage in mind. So that was kinda, like, built into it. Now some of our users that have, like, you know, discovered the device and become more familiar with it, more comfortable with it, like, are comfortable using it for more, like, day to day spending or or more frequent spending.
But, you know, we're designed kind of with the initial presumption that this is something to help people soar Bitcoin with, over the long term. And we really try to put a lot of thought and care into the user interface to make the multisig, experience as user friendly and approachable as possible. You know, I've I've kind of watched Multisig evolve over the last few years. And when, you know, when there first started to be rumblings of it, it was super technical and theoretical. And then once, like, you know, standards started to emerge and it became a little more feasible, that was the point at which, like, people had to start building tools that were accessible to not just highly technical users, but accessible to more like what I call everyday Bitcoiners.
And, you know, Seed Center rose out of my own interest to transfer my long term Bitcoin storage from, what was previously like a Shamir's secret sharing type setup, which is kinda like a proxy of multisig. And I wanted to get to real multisig on the protocol. And when I started kinda, like, looking back into it, I'd set multisig away for a while because the tools are being built. And when I revisited it, like, Spectre desktop, you know, had been out for a little while and was, was improving and and becoming much more user approachable.
And so, I think over time, like, the multisig tools are gonna become more intuitive, more user friendly because I I hate this notion that multisig is only for highly technical Bitcoiners. Like, if it's something that only highly technical Bitcoiners can use, like, we at Seats are doing it wrong and the people making the coordinators are doing it wrong. Like, we we we can make the tools such that they're accessible to people. And that's that's I've already strayed so far probably from your question. I Oh, no. I love it. This is awesome. But, yeah, that's that's like, we are built with multisig in mind, and we're that's something I'm personally really excited about. We have a solid link in the comments saying that a friend of his worked in a marketing startup that successfully identified and located all visitors' NFC enabled bank cards in the shop with advanced antennas,
[00:33:15] Unknown:
and he says that you can communicate with NFC through a wall if you have, a higher powered antenna. So seems to validate some of what you said. Just to, like, bring this back, I mean, so when we're talking about using a seed signer with multisig or single sig, the the actual flow is is rather simple. Right? So, you can use, like, a BlueWallet on your phone, You can use Spectre desktop, as you said, on your computer or Sparrow on your computer, and what happens there is it is showing QR codes on the screen to construct your transaction.
You're scanning that with the camera on the seed signer, Then the seed signer's signing that transaction, showing a new QR code on the seed signer screen, which then you you scan with either your computer's camera or, your phone's camera, and then you broadcast the transaction. So it's a relatively simple flow, even if it sounds more complicated
[00:34:14] Unknown:
on air. It's definitely, like, more rote, like, a more labor intensive kind of flow. But feedback I've gotten from people is that, like, going through those steps 1 by 1 of, you know, moving the PSBT or what I would call is, like, a rough draft of a transaction that includes most of the information, just not the signatures needed to spend the money. Like, the process of moving that from the coordinator on your laptop or on your phone into the seed signer and then adding the, keys to the device and then adding the signatures to the PSVT and then going through the process of passing that back to the coordinator that's gonna interact with the protocol.
I have gotten feedback from people, which I love to hear that it helped them understand the basic mechanics of the process of multisig and a partially signed transaction. So it it breaks it down into steps that I think, for whatever reason, just resonate more with people.
[00:35:10] Unknown:
That's awesome. Do do you ever are there ever any, like, I know when you start getting, like, really advanced multi sig, for instance, you know, some of the data can be kind of large. Is there ever a, qual like a picture quality issue that that you see at all with either the signing device camera quality or the screen quality on your on your seed signer? So with,
[00:35:32] Unknown:
seed signer, the camera that we have, in it, like, even for an inexpensive camera, it's, it's a very capable camera. Like, I I've been impressed at the size of some of the QR codes that we've been able to import, like, in a single frame with the density that they have. With the screen that we have, you know, with the current first kind of iteration of Seed signer, it's pretty limited. So it's 240 pixels by 240 pixels. And with larger transactions where you're consolidating UTXOs or if, you know, you have a larger multisig, you're gonna be holding the seed signer screen in front of your webcam, like, for a little bit longer period of time.
I personally have so for our development fund for the seed center project, we have a 4 of 6 multisig that, you know, I myself have a couple of the keys and then 4 other contributors have keys. And when we have done distributions from that, like, I sign everything with the seed signer. And so, it's been such that, you know, it's like I said, I'm I'm holding the screen up for a little bit longer. But once you get it dialed in, it it's it's a reliable process. It works back and forth. We've tried to improve the user experience as much as we can in terms of, being able to adjust the brightness of the QR codes as they're displayed on the screen.
Sometimes at full brightness, it creates a glare that your webcam doesn't like. So you can reduce that. But there are some other what I'm gonna get at here is, like, it's software, and the user experience is gonna improve over time, as well as I'm super bullish on us getting into, supporting multiple different displays, especially a touch screen, because the larger the screen gets, the fewer QRs you have to pass back and forth because you can pack more information into them. What I've noticed is, from my experience,
[00:37:24] Unknown:
is the integrated webcam on my laptop, has trouble. It's, like, not, it's not as high quality. Right. So, like, obvious and, also, it's just a little bit awkward trying to use a integrated webcam on a laptop to actually scan the QR code. Ways around that is, like, having a USB webcam, like a cheap USB webcam that you can actually, like, hold in your hand and is separate from the screen is higher quality. Also, just in general, like, the like, a new gen phone with BlueWallet tends to be a much more user friendly experience in terms of of
[00:38:05] Unknown:
scan and Yeah. Broadcast. And we've, there's a couple, in addition to the brightness, which helps with a lot of those webcam issues, we've also implemented some QR density settings. So if you wanna reduce the, reduce the resolution of the QR so that they each frame takes a little bit less data, but it's a little easier to scan. That's an option that helps a lot of people. And, also, on webcams, you're right that the integrated webcams on some laptops, just for whatever reason, whether it's the drivers and the software implementation or if it's just the hardware itself isn't able to capture a good enough resolution. But, I've found, especially on Linux, there are some kind of, like, secondary driver packs where you can tweak, the ambient light settings and tweak the, the focus settings. And I've been able to get it working on some some fairly like, I have a $250, like,
[00:39:02] Unknown:
Netbook that I was able to to get scanning working, but it it can take tweaking. Yeah. Have you looked at any of the projects that kinda do, like gift based QR codes? So like the QR code just cycles through, multiple like it scatters the data across Animated QR's. Animated QRs. Yeah. I think Chris Round has, like, like, a project utilizing it and trying to do that in the Bitcoin space. It seems promising because there's also, like, like, data error handling and and check sums too. So so you make sure you're not, like, getting some bad packets of data that gets scanned. Have you looked at any of that at all? No. That's
[00:39:34] Unknown:
absolutely implemented. So, for, like, transactions, usually, when you're passing a PSBT, there's at least 3 or 4 QR code frames. So we we do implement animated QR codes and, the standards that Christopher Allen's working on. For some of the coordinators that we support, we use those standards, and I I look forward to those being kinda, like, once we figure out what the best practices are in terms of, you know, error handling and how to how to handle those animated QRs. I look forward to just, like, not saying that we support these 3 coordinators, but we support any coordinator that, you know, is consistent with whatever standards emerge.
[00:40:15] Unknown:
And just to, like, add back in there in this in the scanning discussion, there is there is something about on the it's not even just well, first of all, I am using Linux, so that probably has something to do with it. Like, I imagine if you have, like, a, like, a new gen MacBook or something, it'll have a better camera, a better software, whatever in terms of scanning. But there's something about, like, actually because when you're using a phone to scan it, you're actually using the back camera, which is a better camera. Right. And you actually can, like, point and aim. Like, you see you see what what the screen sees rather than, like, blocking your screen trying to use the inter it's just something about the integrated web cam is just, like, it's it's just physically more cumbersome in terms of trying to use it. I, like, I I see and and let's be honest. Right? Like, the majority of people that are coming in, to Bitcoin over the next 5 years, 10 years will probably just be using a mobile phone as their primary device anyway.
[00:41:15] Unknown:
So I don't really think it's if if anything, like, that should be the UX that is targeted. Right? Yeah. And especially, like, in developing parts of the world where people maybe their first, you know, experience with Bitcoin is with, like, a hosted lightning wallet. And then as they accumulate a little bit more Bitcoin and they start thinking about, seizure resistance and security issues, they're gonna, they're gonna want to, you know, set up something with, like, a a more secure kinda signed device or hardware wallet, and then they're gonna start to think about multisig. And what I'm super bullish on, like, hats off to BlueWallet for, like, being right now, they're kind of the only game in town in terms of a a mobile based coordinator. But I'm also looking forward to other wallets that will implement more flexible, multi sig kind of implementations on mobile so that people in parts of the world where, laptop computers and desktop computers are kind of more the exception than the rule, like people who are operating in a mobile first environment, like, they'll have access to more tools while at the same time being able to keep their private keys off of their phone. Like, that's that's just a a security no no for secure for security larger amounts of Bitcoin, as I'm sure you guys know. And,
[00:42:30] Unknown:
yeah. Unless you have $4,000,000,000,
[00:42:32] Unknown:
then you can just keep it on your cloud storage. Yeah. Then you bypass the phone and you go straight to the cloud. Yeah.
[00:42:39] Unknown:
On that note, you know, what would you say, like, the suggest the suggestion should be for just, like, a user to just get started with with Seed signer? Like, what should be the the the very basic beginner flow for it, is it using Seed signer, using a piece of paper and then using BlueWallet or like kind of how like if you were to say like how to get started in like the easiest way possible just to, like, you know, throw maybe a $100, you know, just to spending money on it. Right. No. I'm, like,
[00:43:07] Unknown:
as much as I love Bluewatt, I I hope they can get to a test net implementation because I am, like, super big on test net. Like, even before you put $10 that you're gonna move around or whatever, like, people need to practice with their storage system and be comfortable with it. And, like, test net is perfect for that, and it's something that even, you know, your average Bitcoiner can get up and running with, Sparrow, like, in less than 10 minutes with a with a Testnet set up. In in terms of, you know, getting that kind of independent custody, savings set up in place, I'm super excited about an independent custody guide that I'm working on, and I kind of have the first rough draft finished. And I'm I'm selectively letting a few other Bitcoiners I know look at it to give me feedback.
But I I anticipate that's gonna be done within, like, the next few weeks, and I'm bullish to get that out because I realized that, like, I've done some walk through videos on how to set up, like, a simple 203 and stuff. But in terms of a proper guide that people can follow kind of step by step, as well as a guide that explains some of the, security choices and some of the implementation choices that we've made with Seed signer, something that spells those out so people can understand those. I'm excited to get that out just so people can have like an exhaustive go by it. Kind of, I realized that we didn't have anything like that. And it was an obvious gap in our our ecosystem. So I'm I'm excited to get that out there. But, currently, if somebody's excited to jump into it, on Citadel Dispatch I I'm sorry, on bitcointv.com, I believe I have a simple, 2 or 3 setup demonstration that people can kinda use as a go buy, and we're gonna have more stuff coming out on the way. That's awesome. That's awesome. Yeah. What what are you excited about,
[00:44:55] Unknown:
besides that coming down the pipeline, if if you wanna if you wanna share any of that? Yeah. Bunch of stuff. Like, very near term stuff for those metal QRs that we talked about.
[00:45:04] Unknown:
I'd anticipate those being available, like, within the next month or 2. But beyond that, our 2 developers, especially Keith Hokai, is deep into what I would call, like, the 3rd full, the second full rewrite of our software. So kinda like the 3rd iteration of seed signer's basic code structure. First being the proof of concept that was kinda hammered out by me, and then big props to Nick, who's our other kinda lead developer who came in and took my sloppy, ignorant spaghetti code and turned it into something that was much more performant and much more structured.
And now Keith, who's kind of like a Python native, first language kinda guy, is doing a complete rewrite that's gonna, increase the quality of the underlying structure of the code, make it more performant, more to where other developers familiar with the standards can step in and use kinda, like, modular portions of it to implement new features or change things. But what is also coming with that kind of, like, new rewrite of the code is an entirely new user interface that we have, I wanna give a shout out to. He's a NIM on Twitter. B c one easy is his, his NIM, and he is, as I understand, like, a user interface designer. That's his daytime gig. And he has, like, been super generous with his time and expertise to help us overhaul our user interface to make it much more graphically driven, to make the the user flows more intuitive, And to make Seed signer, like, when this code comes out in our next, like, major version release, like, it's gonna transform the device in its current form as something that almost looks, like, DOS like when you look at it because you're selecting, like, these, you know, text based options on a screen. It's gonna make it look much more like a device you would buy as opposed to something that you would build yourself. So I think I'm excited to get people's reactions to that and for just people seeing that to make them more excited to take the plunge and, like, maybe consider building one themselves.
So new that's gonna be in our 0 dot 5 dot 0 release. I'm super excited about that. And, also, coming down the line, like, 2 other things that come to mind are, multi language support. So Keith was the one who led the multi language support charge with Spectre desktop, And he's he's Alright. Has experience in that. So I'm eager to get like, we have a lot of people have reached out that are not English first speakers in different parts of the world who know enough English, and our menu is simple enough that they can kinda navigate through it. But I think also getting versions of SeedSigner out to where once you, you know, power it on, you select your native language, and it becomes a much more intuitive, approachable device for maybe less technical Bitcoiners.
So I'm super excited about multi language support. And then there's also a, another contributor in our Telegram group and that I've interacted with who has we've already gotten it into proof of concept. If you follow me on Twitter, you've probably seen it. But we are going to be moving away from building on top of, like, a stack a a stock version of the Raspberry Pi operating system to a custom, build route Linux implementation where it it's gonna be a much smaller footprint, and it only contains kinda, like, the necessary building blocks that we need.
And a couple, like, great things come out of that. I'm gonna screw up his name. But on Twitter, he's called Desobediente Technologico. Like, he's
[00:48:52] Unknown:
You wanna spell that for us?
[00:48:56] Unknown:
But he he's super, super sharp guy. And kind of the possibilities that open that that the custom OS opens up for us is, first and foremost, it makes it such that there's a static OS image that when you power on the device, the static OS image gets loaded into memory in the Raspberry Pi. And once it's fully loaded in the memory, you can pull the micro SD card out. So what that does just kinda right off the top is it creates an additional security assurance for users that if for whatever reason you still had suspicions that your private key might somehow be making it onto the memory card, Being able to remove the memory card now, like, gives people that additional level of insurance that there's no way that my private key can somehow be making it onto the memory card if it's physically removed from it. And a couple other possibilities that that opens up are, number 1 is it makes it it's going to make it much easier to verify your software installation.
So if you've set your seed signer, up with your, like, long term storage and maybe you haven't used your SeedSigner in 6 months. And in the back of your mind, you're like, what if someone got access to my micro SD card and put, you know, some sort of unwanted code changes on there or something? It's gonna make it much easier to where you can just pop your memory card, into, like, your laptop or whatever and hash a range of sectors on the memory card that are that static image that's loaded into memory. And you'll be able to get, like, an additional level of assurance that you're running, you know, the verified version of the software that doesn't have anything malicious, inserted into it.
And whereas, like, you're you can currently do that with seed signer, but it right now, it's it's a process of, like, writing a new 3.5 gigabyte image to the memory card to know that you're getting, like, a clean version of the software where whereas with, like, this update, once it's implemented like, with the current version of ours, you can't hash it because it's a live operating system. So it's gonna change. Like, there are changes that are happening on the device after you boot it. So you can't go back and rehash it and try to verify that against our our verified release image. But with the new OS, you'll be able to do that. Also, it opens the door to, being able to move PSBTs with a micro SD card.
Now we're gonna have to be very careful about implementing that, and I think best practices is still always gonna be air gap QRs. But there are some people that you seed signer that have asked about being able to move PSB Ts via, micro SD. And for, you know, larger, more complicated transactions or where you're consolidating a bunch of UTXOs or you have a larger multisig, like, I get that it's more convenient. It just has to be something that, that is done the right way on our end, and that people just understand that there's an additional level of of risk that comes with, you know, removing the memory card,
[00:51:56] Unknown:
and putting in another one that has data on it. Like it's again drifting into tinfoil hat territory. But like we just have to keep all these things in mind. So that's high level view. Those are kind of the near term ish things that I'm excited about. That's awesome. That's all really exciting. Yeah. I was gonna ask about the micro SD card, like being able to just pop on transaction, but what would be the risk though in just, like, popping on, you know, an SD card with just, you know, a few PSBTs that you're trying to sign? Like, what would be the, like, in your tinfoil hat mind, like, what would be the I'm I'm really curious. Like, what what would be the, you know, surface
[00:52:31] Unknown:
layer there? Right. When when so when you and there are ways to mitigate this with Linux in terms of manually mounting and unmounting, storage media. But, like, let's just say with, like, a Windows system because, obviously, it's less secure. When you insert a memory card into your Windows desktop, like, it automatically runs some code that recognizes that as a removal of storage volume and automatically mounts it. And there's, like, there's some just inherent security risks associated with that process. So, depending on how you're moving that PSPT around, like, it just becomes riskier. There's there's, room for some sort of malicious code to be able to execute
[00:53:14] Unknown:
when you're moving that device between because it's like a 4, 8 gigabyte micro SD card. You can fit a lot of malicious code on there, meanwhile, like a QR code, and you can't really just stick a whole
[00:53:25] Unknown:
program script on on the QR code Right. And that execute. And the so I think you can now, can't you? Maybe. Oh, you could. You probably could, but So there's, like, there's one thing I wanna point out is that, like, it's important. So for your private key to leak or for malicious code to be introduced by a seed signer, practically speaking,
[00:53:44] Unknown:
seed signer as well as the coordinator you're using would have to be colluding. But and, like, to if you wanna go full tinfoil hat, like, if you want to be, you know, and everything has trade offs. Right? And if you wanna be on the more secure side, like, your coordinator, so whether that's your phone or whether that's, a computer running Sparrow or Spectre Mhmm. It should be it should be a dedicated device. Right? Like, if you if you're using a a if you're using your everyday computer, we'll go back, like, your everyday Windows computer. Right? And, you know, a lot of people are, like, playing games on it or looking at porn or something like that. Like, there's a bunch of different, threat vectors that open up there because you're using your everyday computer. Right? So, like, best practice was, you should you can mitigate a lot of these risks if you're using a dedicated machine as your coordinator. And for larger amounts, if that's negligible cost to to just have a dedicated machine to do that, or an old phone or something that is that is dedicated, wiped.
Ideally, you know, use one of these non Google Android Forks, and just use it only as your coordinator.
[00:54:50] Unknown:
Right. Right. And even, like, you know, if you set up a laptop that, like, once you set it up, maybe it never talks to the Internet, and it's, like, an additional buffer between between you and your, your coordinator that's actively talking to the Internet. But one kind of, like, security thing that that I wanna point out, I I tweeted about this the other day because you see, like, Trezor, has their own, like, you know, application portal that you use with their you can obviously use Trezor with Electrum
[00:55:16] Unknown:
or Specter or other things, but Trezor has their own software portal that I would suspect that a lot of users just end up being funneled. 99% of users are probably using, like, Trezor Web Web Suite or Ledger Live. Right. Ledger Live,
[00:55:28] Unknown:
I think I saw on Foundation's website that they're gonna implement some sort of, like, front end coordinator capability. Like, it's a security best practice to have what they call separation of duties. So you don't want the entity that is, writing the software that you used to interact with the protocol to be the same entity that is writing the software that you used to interact with your private keys because there's that natural opportunity for collusion between the 2 parties. So best practice not even collusion at that point. It's just the same party. Yeah. Yeah. Exactly. So, like, yeah, you want you wanna have, like, that that separation of, entities so that there's just less likelihood of some some sort of malicious
[00:56:09] Unknown:
process. Right. Like and and then if they're tracking, you know, user balances, which which they basically are That's too. Yeah. You know, they can basically associate an address that ordered from their website to to their transaction. They say they're not. But They say they're not, but they are.
[00:56:24] Unknown:
But they are. They could. They they are. And and just to add on top of that, I think I think, Ledger Live just added support, but just by default, you know, you those aren't using your own node. You're using their node. So you're trusting them with validation, and you're you there's an additional privacy trust there.
[00:56:47] Unknown:
Absolutely. Cool.
[00:56:51] Unknown:
One one question I was curious about. I'm I I like lightning a lot, and there's this lightning c sorry, lightning signer project, which is kind of like a way to be able to take the light, the the the seed and private keys that are, like, on a lightning note typically, and we're able to extract that away and have a different device or a different process, you know, manage all the all the keys there so it's not just in the node. Mhmm. Have you have you looked at that at all and, like, you know, possibilities of being able to integrate it with something like seed signer?
[00:57:24] Unknown:
It's just probably still very early ages for that to be even, like, a possibility, but, I'm curious of your thoughts on that. I am probably woefully under, educated about the nuts nuts and bolts of lightning. So I obviously, like, use lightning and understand the high level stuff. But, my first thought about that would be is, like, with lightning, a part of the security model is that you need high availability of keys. Right? Because if you need to, for whatever reason, like, close a channel quickly to to make sure that you don't, you know, somehow lose funds. You have to have availability that's used to a hot wallet. Yeah. It basically has to be a hot so I'm curious about, like, Or Watchtower too.
[00:58:03] Unknown:
You know, you can offload some of that to a Which is like a third party, basically. Right? Yeah. Or it could be, you know You can run your own Watchtower on a separate server or something. Yeah. It doesn't have to have the keys on that, you know, 3rd party or watch tower. Right. I
[00:58:16] Unknown:
I, I'm I'm curious about, like, potentially use cases, but I honestly don't know enough about it to be able to comment. I know that there's been 1 or 2 people over at Lightning Labs that have, I don't even know if it's it's related to Lightning who have been in contact and kinda like playing around with seats. I'm curious about some of the the possibilities with it. But, yeah, I what I love about Keith's rewrite of the code that he's currently going through is that it makes it much more modular and makes it much more to where you can insert different functionality. So it potentially opens the door to where you could build a version of seed signer that is PGP compatible to where you can use it to encrypt and decrypt messages,
[00:58:56] Unknown:
by swapping out some of the functionality while maintaining kind of the the same UI elements in the same hardware set. So maybe, you know, depending on the opportunities with lightning, something like that as an opportunity as well. I guess we'll just have to kinda see. Yeah. That that's kinda awesome. With with the device specifically, do you see any other you you mentioned PGP. Do you see any other, like, know, maybe it's not on your road map, you know, but maybe some hacker out there, you know, wants to just, you know, have fun with something. Do you see any other, interesting non Bitcoin related projects that you could like use the same model for?
Because, you know, maybe it's just PGP, but do you do you know of any others that come to your mind? Other people like we spoke a little bit before we went on air about, like possibly a password manager.
[00:59:37] Unknown:
I'm not entirely sure what that implementation would look like, but like I that's the beauty of FOSS and open source. Right? If somebody else has, like, an opportunity they see and they have, like, the skills like it, The code's out there, and we're happy to, like, see other people working with it and building with it. So, yeah, we'll just kinda keep an eye out. That's awesome. And it is, it is a MIT license, I believe. It is. That was that was one of the things that, like, I I I think I talked to Matt a little bit about when We literally talked about it on air because we were about to make the decision, 30,000 blocks ago. That was like a that was probably the hardest decision I've made with regard to SeedSiner that, like, I I feel good about in retrospect, but I don't feel great about the process that we got there with
[01:00:23] Unknown:
about that.
[01:00:25] Unknown:
Because when so when I, I were kind of a community community oriented project, and when I when it was time for us to pick a license, like, we didn't wanna keep going forward, just kind of like in the gray area. We wanted to pick a license. I kind of solicited some opinions on Twitter. And I got like a lot of, very we'll call them forceful DMs. Just kind of like people Very strong opinion. Very strong opinions and even, like, to the point of I wouldn't call it, like, extortion, but people saying, like, you know, I was thinking about contributing your project. But if you don't go with MIT, like, well, I just can't do it either because, my employer doesn't allow me to contribute to things that aren't MIT or it's just not consistent with what I think software should be.
[01:01:09] Unknown:
So, like, the two choices were basically so MIT, just unpack it here. MIT license is a unrestricted free open source license. Anyone can modify the code Right. Distribute the code, sell the code, use it for however they wanna do. Then I guess your other choice was GPLv3, which anyone can modify, distribute, or sell, but they have to keep that code GPLv3. With MIT, they can they can relicense the code however they wanna do it. They can they can even make it closed source if they want to. Right. Some people refer to GPLv3 as copy left Right. Well,
[01:01:46] Unknown:
and I like, I'm sympathetic to that licensing scheme, and it, like, ultimately, it comes down to choices and trade offs. What what could happen with, with MIT is that somebody could take our code and, like, monetize SeedSigner out from under us to where they build, you know, some sort of, commercially, available product that uses our code, but that's that's just kinda like that's that's the nature of the beast. Like, we're so focused on
[01:02:17] Unknown:
Well, they could do that with GPL too. But in that case, they could do it and, like, not contribute back upstream and keep keep their contributions restricted or Yeah. No. You're absolutely right. Source viewable, but they can change it so it's just source viewable, so you can't even use the changes that they do even if they don't contribute upstream. Or Or they could just take our code and go completely Go completely with the closed source. With yeah. Closed source too. And, like, a lot of people would say, I mean, you should just never use a closed source hardware wallet.
But meanwhile, you know, Ledger is probably the most successful hardware wallet in the business, and they are closed source, so or partially closed source.
[01:02:52] Unknown:
Right. It's it's, you know, props to the other projects for being, open source. We talked about this a little bit at the meetup last night, but I kind of see seed signer as and and some of the DIY projects as, like, kind of a new generation of hardware wallets that are the 2nd the 2nd generation is kind of these, secure element enabled USB connected, purpose built and designed devices that are, you know, sold by companies. And when they first were made available, like, I don't wanna knock them. Like, they were huge security,
[01:03:28] Unknown:
like, leap forward improvement. Right? I I people don't remember, like, new people, like, it used to be before Reddit completely died, like, r/bitcoin. It was just, like, every day, you would see,
[01:03:40] Unknown:
a new post about someone whose computer got compromised and their and their keys swept. And they hadn't even added, like, you know, any sort of encryption or anything to their keys, you know, in their in their core storage. So, like, when, Trezor came out and when other hardware wallets started to come out, like, hugely forward, that gave people a ton of security, but, like, security is an evolution and it's a process. And I think, like, a few things falling into place are creating this, like, new evolution of the security process that has an emphasis on multisig.
Because, frankly, a lot of the the current wallets, I've heard feedback that they're not created with multisig, first in mind. So an emphasis on multisig and emphasis on, like, publicly available components, I guess you'll say. Building you can build a signed device from non Bitcoin specific components so you don't have to give your information to a distributor or hardware wallet so you can maintain that degree of privacy. Right. Like, we saw with Ledger,
[01:04:41] Unknown:
their customer database got Right. Got got compromised, and then all of the any all the custom a bunch of customers,
[01:04:49] Unknown:
like home addresses and email addresses, were all exposed in that. Yeah. It's horrible. And that's something that doesn't get talked about enough because as the value of Bitcoin grows, like, it's just a huge kinda, like, honeypot
[01:05:00] Unknown:
that, is sitting out there for people. And you can't even buy a ledger. I'm pretty sure you can't buy a ledger with Bitcoin. So, like, you're also using your credit card, which is your credit card. Is literally just corporate surveillance card. Right. So I see, like, multisig first.
[01:05:14] Unknown:
I see, like, people being able to DIY and leverage open source code, and I also see air gapping as, like, a huge step forward. I I think that over time, most of the major hard hardware makers are gonna get away from that USB connected device because it's like, again, you know, is something gonna happen if you have a USB connected, hardware wallet? Like, in great likelihood, their security precautions are adequate. But as we reflect Like, I don't think we've seen a single
[01:05:41] Unknown:
like, I think your concerns are valid, but I I'm pretty sure, at least for the majors, like the ledgers and the treasures, we haven't seen a USB style attack Like a USB. Actually executed in the real world. Right. Now what I would throw out, like, this is my,
[01:05:56] Unknown:
kind of spook warning is like, as someone who previously worked in law enforcement As a previous spook. You can trust me now. See you see you later. The the federal government like has and I've, you know, during my career had access to it, like they have for like the Android platform, for the, iOS platform. And there's nothing to say that they don't have access to 0 day for 1 or more of the commercially available hardware wallets that we just don't know about. Right. That could leverage either, USB connectivity or that could just be getting your hands on the device and taking it apart to exploit the hardware.
[01:06:36] Unknown:
That's why I would I mean, we're being a little, like, I think rightfully so. There's criticism leveled at Ledger here throughout this discussion, but they do deserve props for their Ledger Don John security team where they basically are just taking these commercial hardware wallets, their own hardware wallets and other hardware wallets, and they're trying to compromise them. They're spending 100 of 1,000 of dollars trying to compromise them and releasing their findings rather than which is which is what you wanna see. You wanna see, you know, good actors in the space. You wanna see positive actors in the space trying to compromise all these things. So we know, you know, what kind of vulnerabilities are out there rather than getting surprised by 0 days. Or Yeah. That's a great service just to leverage that kinda, like, white hat adversarial thinking to expose vulnerabilities
[01:07:27] Unknown:
and disclose them before bad actors do.
[01:07:31] Unknown:
That's awesome. Yeah. Is there, like yeah, have have you or anyone else, like, done like, what are the analysis here? Like, basically, once you unpower this device, like, the the seed is gone, the seed is wiped, right? Right. But in theory, like, what if someone, you know, were to get their hands on it, like, while it was on, right? So like, basically, the model here, like, we can assume like, you know, someone gets the ledger and someone gets the treasure like some people in this space will say, assume that if someone gets their hands on it, it's compromised and and you know, those are completely powered off, you know, in their default state. So assume it's compromised, but like I love this model because like, you know, assume, once you unplug it, like, there's nothing to be compromised. Right? Like, it's it's it's safe. Right. So the way it's engineered is that, when you enter your private keys into it, they're stored as temporary Python memory
[01:08:21] Unknown:
sorry, temporary Python variables that just live in memory. So and we've gone to additional lengths to make sure that, like, through virtual page file or swap file, like, your keys don't somehow get involved in that and end up being written to the memory card. Like, we we disable virtual paging. But, yeah, your keys exist in RAM, and RAM is by nature, a volatile memory, meaning that once power is removed from the the media, like, the information that's stored on it just dissipates and goes away. But you you still,
[01:08:53] Unknown:
you want to keep your seed signer physically secure because, you you still have, like, evil maid attacks. I know maids get a bad rap, because of that term. But if someone, like, gets access to your device, they could they they might not be able to pull the seed from it, but they could compromise it and load up, like, a malicious version of SeedSauna. The next time you put the seed in, they can maybe store it or take it, or they could even there could be a a physical attack where they add, you know, some kind of transmission mechanism. So, like or it looks like they just swap out the device. So, like, they take your device and put a compromised one that maybe has Wi Fi in it, and then they can just transmit it out. So you wanna keep it physically secure. You want it you don't want it to be out in the open where someone can get access to it. And that that goes for all hardware wallets. But, I would say particularly, probably particularly, the seed signer because it, you know, doesn't have a secure element on it. Right. I'd I'd kinda compare it to that private but not secret
[01:09:55] Unknown:
sort of framework that we use for, like, extended public keys and wallet descriptors. It it it doesn't require the absolute security that you would give to your private keys, but, like you're saying, you definitely don't wanna leave it out, you know, for any sort of mal intended third party to interact with it because they could jack with, like you said, creating some sort of mechanism that does capture the private keys, or they could jack with your PSB Ts, or they could, like you said, with the hardware, put something else in there. Yeah. Just to go back to, like, the the mitigator for that is, obviously, if you feel like you left your seed signer out or somebody used it that you don't feel is, like, a trusted third party or anything like that, then the solution is just to zero out the memory card and write a new fresh version of software, and that's gonna mostly counteract,
[01:10:46] Unknown:
what could be done. Open up the case. Look at it. Right. Right. Or, you know, if it's it's $60, just build a new one.
[01:10:53] Unknown:
Right. Right. Right. Never be too paranoid. I agree.
[01:10:58] Unknown:
Yeah. I mean, I thought that was a good question because I wanted to actually I was I was gonna frame it a little bit differently because seed signer used to be the person who's sitting in front of us, used to be, like, a digital forensics guy for, the police, for the cops. And, he would literally go in and and, you know, look at computers and stuff that criminals had, to try and see what kind of information was there. And I I thought it's kind of an interesting dynamic that, like, whoever replaced him, there's some, like, young young seed signer replacement. And he's, like, going into he he's, like, he's seeing a seed signer on the table, and he's trying to compromise it. Right? He's for It's come full circle. He's like, WTF is this first.
What is this nest controller? Exactly.
[01:11:44] Unknown:
Yeah. And, just to strike back on the the points you guys brought up with hardware wallets and the the PIN security on them. Like, that's something I've seen firsthand from my time in digital forensics is, unfortunately, people don't use, really secure pins just as a habit. Somebody who has, like, either had knowledge of or had to, like, brute force, like, pins on people's Android phones or their iPhones. Like, people use the most brain dead stuff. Like, they're you know, it's always their date of birth, last four of their Social Security number. Or 1111? Yeah. Or 1234, you know, whatever. And that's actually like some of the, some of the tools that are created to exploit, like, iPhones and stuff, they have, like every time they crack, like, a a a pin code, it gets added to a database. And the next phone you try to crack it, the first thing it runs through is the database of busted pins with the theory being that, like, we're all human beings, and we tend to think alike. So if one person used a particular pin, be it because it was a certain visual pattern on their phone or whatever, like, somebody else might have thought of that. So it's a game of is terrible entropy.
[01:12:54] Unknown:
I mean, that's why it's important that that all these hardware wallets that use pin codes have rate limiters or, I mean, a lot of phones have settings where, like, 10 wrong pin codes wipes the device or
[01:13:06] Unknown:
And some of that can be exploited,
[01:13:08] Unknown:
through, like, various workarounds. But yeah. Yeah. It's all about just mitigating risk. You're never gonna eliminate risk completely. Right. And that's why I think it's always important to remind the freaks, that, like, don't get overwhelmed with this stuff. It's it's, you know, you're never gonna have a perfect solution. It's always gonna be a constant learning experience and evolution. You're you're really just trying to do little steps to continually, reduce that risk, of coin theft or or privacy. Bitcoin q and a has a good question, in the comments. He goes, notoriously difficult for false projects, but does Seed Signer have any alternative revenue stream plans just to ensure project longevity?
[01:13:49] Unknown:
Is that question coming on behalf of Foundation Devices?
[01:13:53] Unknown:
Or I'm just messing with it. You're taking business model. Open source. For the freaks that don't know, Bitcoin q and a is working for Foundation.
[01:14:00] Unknown:
And, like, even, like, the work he does for them and all of the open source, like, openly available walk throughs he do are awesome. Like, I I give a little bit of trouble about the foundation stuff, but, like, he is an amazing resource and somebody that I personally keep in touch with. So So what are you thinking about revenue? I mean, it is it is this is something that is,
[01:14:21] Unknown:
you know, a a very important aspect of of keeping the open source community robust and growing is is this funding issue. And a lot of times, it comes from grants, whether or not it's donations or individual donations, or if it's corporations giving donations, or if it's these foundations like HRF or Brink or OpenSats, which I cofounded. Like, how do you how do you look at revenue? And do you do you have, like, a business model that you're trying to attach to this, or is it gonna only be donation funded? So just in terms of the the larger funding question, I kind of view that in terms of a problem
[01:14:59] Unknown:
that is in the process of being solved, and it's not, like, solved yet, but we're getting there, just to give people kinda, like, some insight into, like, how we've historically been funded, and then we can talk forward from that. First off, like, we have a, I think I mentioned it before, a jointly managed multisig wallet that is what we call our develop development fund. And so I tried to give a lot of thought to how we compensate people who contribute to our project, and I tried to approach it from, like, an early stage venture kinda model to where every time we release kinda like a major version of the software, we have essentially a scoreboard that scores people's contributions and awards new points to, like, a scoring pool based on, like, new features that are added and stuff like that. It's not a perfect system, but it it's intended to be, like, some way of, like, rewarding people for, what they're doing for the project. So when we release a new version, we take some funds from this development fund, and we basically split them up according to the proportions of contributions as they exist on the score board. So people accumulate points over time.
The the challenge with that is just raising, you know, donations at large from, you know, our user base. And some people, you know, have been very generous. I'm sure there are other people that use it and haven't donated yet. But, it has been a good mechanism to provide some sort of reward for open source developers, especially people who are doing this kind of in their spare time, not as their full time gig. We recently had, like, the opportunity at the beginning of the year where Keith, previously had, like, from what I understand, like a non Bitcoin related job. He primarily works contracts, and so he's contracted by a particular company for a set period of time to provide development services.
And he had a contract that was expiring, and he was looking for a new gig. And, Spectre desktop took him on for about 3 months, as a contract gig. So he did some, like, very cool development work for them. But as of the beginning of this year, like, his contract with them was up, and he was looking again for a new gig. And so we started just kinda, like, raising funds based on the idea of his previous contributions and some of the great, innovation that he brought to our project. And there were, some very cool companies, individuals that reaped up reached out, some of which were anonymous, but some of which, like, coin ATM radar. And I'm I'm gonna do a horrible job at remembering specific people that that contributed to this, but Keith has done a great job of acknowledging them.
And the the if you think of those as donations to our project, they've actually been donations to Keith that I don't have a handle in. It's between Keith and the people that are gifting that money. And, generally, those gifts have come without strings attached to where people, you know, are super excited about the possibilities that he brings to seed signer, and they're willing to give him kind of open ended money just to focus, a lot of his day to day work on SeedCenter. After that, he set up a BTC pay server and said, like, hey. I'd really like to focus on SeedCenter for the Q1 of 2022. Would any people in the Bitcoin ecosystem be willing to, donate some funds to allow me to do that? And like much to every one of the community's credit, there were smaller donations that came in, and then we actually had, like, a 12 or $13,000 equivalent donation in Bitcoin that came in.
That's an anonymous donation, but, like, it's it's amazing. So Keith will be working on SeedSigner full time through the end of Q1 2022. Moving forward, like funding is a general question, I can't totally close the door to creating, you know, a purpose built retail available version of SeedSigner, but what I can tell you is that the open source source off the shelf ethos of our project is very important to us. And regardless of anything that we would do with some sort of retail available device, like, we are still going to maintain and build new functionality into, the the do it yourself version because, like and huge credit to Alex Gladstein who,
[01:19:21] Unknown:
love Gladstein.
[01:19:22] Unknown:
Yeah. Gladstein who was, like, one of the earliest supporters of our project and willing to kind of put a vote of confidence in the project for recognizing kind of the value of SeedSigner for people in parts of the world where Bitcoin use is either discouraged or even outright banned. People who want to use Bitcoin as a way of just preserving their savings ability or even to fund dissident activities, like seed center or something that's available to them that they can build privately in secret without the self off the shelf components to be able to store their Bitcoin in a more secure way.
It doesn't involve them having to try to source a hardware wallet or anything like that. And having that ability out in the world, you know, the the attending the HRF conference last year was a very eye opening experience to me. That's a great event. To get a glimpse of, like, things going on in other parts of the world that, you know, myself as an American don't have a lot of exposure to in the media and just in, you know, news sources or, persons that are within my circle. So it's a long winded way of saying that functionality and that ability to privately and secretly build a seed signer is extremely important to me personally, and it's something that I will not steer the project away from. Like, I've had people who live in the Middle East that have reached out to me privately, that, you know, talk about why they love the device because they can build it in private and not have, you know, anyone knowing that they're saving with Bitcoin when they would otherwise have trouble obtaining a hardware wallet and don't wanna use their phone because that's inherently less secure, yada yada yada. So,
[01:20:56] Unknown:
what about, well, first of all, to the freaks that are considering supporting SeedSigner, and you should consider it, it's seed signer.com/ donate. I mean, I have a couple thoughts here. First of all, I mean, dispatch emulate kind of what open source projects have to deal with in terms of funding. So we don't have Azure sponsors. It's all community funded. I consider it a free and open project. People can cut it up. They can torrent it. They can do whatever they want, with dispatch. So seed signer.com/ donate.
One thought is, first of all, like, on the splash screen when you first load up the seed signer Right. Like, you should just tell people seed signer.com/ donate to support the project every time they load it up. Like, I feel like just a nice reminder, like, this is a community funded project. A lot of people wanna support it. They just they need a little bit of a reminder. Right? So I think that's kind of a cool idea. The second thing is, I'm I mean, I know we've talked about this privately, and I'm curious if your thoughts have evolved. Like, what are the thoughts on in terms of, like, ads or sponsors or something? Like, is is is that a thought, like, to on the on the splash screen? Yeah.
Show a sponsor logo or something like that. That's something that we're
[01:22:18] Unknown:
opposed to at all. We would have to give careful in terms of a corporate sponsor, we'd have to give careful thought and consideration to the values of the company that was offering the sponsorship as well as, like, the the level of sponsorship that they'd be, offering to be able to get the splash screen. Another interesting kind of idea that came up was the screensaver on SeedSiner, which I think initiates after a minute or 2 of of device, device inactivity. So one idea that came up was, like, for plebs or people in the Bitcoin e ecosystem Clubs. Damn it.
[01:22:54] Unknown:
That that there's a debate there, but it's clubs. Hell, I've stumbled into that.
[01:22:59] Unknown:
For people who are just like, you know, everyday Bitcoiners who would like to develop in, like, a a meaningful way, we thought about when the screen center, screen saver comes up, like, what if it every time it bounces off? Because we have if people haven't seen it, like, it has a very classic, like, Microsoft kind of screensaver feel I've been staring at it the whole year. Where you stare at it waiting for it to bounce, like exactly into one of the corners and you feel like excited if it gets close to that. What if every time it bounces up against like one of the perimeters, it were just display a different, NIM or identity that was chosen by the person who donated or some sort of message? And maybe That's cool. Maybe that was, something that just lasted for a given, like, major version release, and then we'd kinda reset it, make it a new version of so Contribute this amount and your message or you can get a in the screensaver kind of thing. And this I like that idea. I like that idea better than an ad or sponsor. This this kind of stuff is, like, what I'm talking about. We're, like, you know, we're in the process of gaming these ideas out, not just us, like anybody working open source just to creatively come out with ways of incentivizing people to make support and to recognize people that make support, like in the way that they like to be recognized. It's just we'll get it figured out over time. And I think this is one of the things that, thankfully, like, Bitcoin really does fix this, like, beyond the meme, like, the ability to, send censorship resistant money in flexible dominations anywhere in the world to anybody you want to, like, No middleman.
Yeah. This this, like, this can fix open source and the open source funding problem. So I'm I'm bullish on, like, finding solutions moving forward.
[01:24:41] Unknown:
That's amazing. Besides, besides funding, are there any other ways that, like, people can get involved in the project or, like, you know, maybe some of the needs that you're specifically looking for right now, whether if it's, you know, Python developers or, you know, you know, people that, you know, manage projects or documentation, things like that. Like, what are your, like, more specific, needs right now that people can help out with? I am, like, forever looking for,
[01:25:06] Unknown:
people to make demo videos, especially in alternate languages, especially as we emerge into, excuse me, multi language support. I I'm always excited to have people do walk through demos and videos or people who create documentation. But, like, the ways that people have found to contribute to the project have been amazing. There's a a guy from South America who people have seen, like, the baseball baseball card style, QR cards that we have where you can manually transcribe your QR code that way. Like, that was created by a guy who does graphic design on the side in Brazil. Or our website was built and maintained by a guy from the Philippines who just saw Seed Signer, was excited about it.
And he's actually recently, launched also, like, a, a sales portal to where, like, it's tough for me or people in Europe to ship devices or to ship hardware kits to people in Asia. So now, like, people in Asia have a source where they'll be able to buy a kit. People who just generally, like, you know, it it it sounds like, you know, not trivial, but, like, people would just tell other people about seed signer. Like, that's we don't have any kind of advertising budget. We don't have, like, you know, I I'm on Twitter, but it's not like we have a social media offensive or anything. So, like, at meetups, just people Bitcoiners talking to other Bitcoiners, that is our primary way of spreading the word about what we're working on is, like, people just saying, hey. Like, I'll talk for a few minutes at a meetup about seed signer and point people to, like, the website and the repo and stuff.
That's such a it's this is, like, truly a grassroots thing. I that term grassroots is, like, overused to some degree, but, like, we are just people that are trying to build, like, a kick ass little sign device that, provides value to others in the Bitcoin ecosystem. So there's, like, a myriad of different ways to contribute to that.
[01:26:58] Unknown:
Awesome. You got any more questions for him?
[01:27:02] Unknown:
Not personally. No.
[01:27:04] Unknown:
So, I mean, you're relatively new to open source. You kinda just dove in. What's it been like running a being a maintainer for an open source project? This is like the second iteration of that question that I didn't answer well enough in the first I'm giving I'm giving you a second I'm giving you a second chance. I asked him 30,000 blocks ago, and he froze up a little bit. So, And a lot has happened since then too. So I feel like you're more experienced now. And the repo is, like honestly, the the repo, we've gotten more contributions. There's probably,
[01:27:35] Unknown:
I think, 4 or 5 people other than, Nick and Keith who were eligible. By the way, shout out to Bitcoin Magazine and for you for organizing the, open source tickets develop 100%. Tickets for open source developers is what I'm trying My pleasure. To get out. We had a few contributors that, like, when that came out, I made sure to DM them and send them a link to their PR and, make sure that they were aware of that program. But the experience of managing a repo, like, has been probably a reflection of, like, the amazing, collaborators that I have Because me being you know, it went from me being the only contributor to, when Nick came in, like, I was reviewing his PRs, but his code was quickly, getting to the point that, like, it wasn't something that I could review at a glance. I really had to sit down and dig in because I'm not, like, a coder by trade, and I'm not, like, a Python native thinker.
So then as Keith has come in, like, it has become more about me responding to issues that are raised and me kinda, like, creating the new repos and kinda, a big part of what I do is assembling the prepared releases, and I control the private keys that are used to sign those releases. I I become a little bit more like an administrator, but the developers do a great job of playing off of each other to where when there's, like early on, I offered Nick, like, admit some degree of administrative rights in the repo and much to his credit, like, he totally declined it. He was like, I like having, you as a check against the things that, like, I'm writing. And even if you can't review the code, like, it's trivial just to load it onto, like, a development, seed signer where I can swap code out real quickly? I can test, like, is it doing what it it's supposed to? Does it crash? Does it not crash kind of a thing?
But Keith and Nick do a great job of kind of, like, thumbs upping each other's code. So when somebody does a pull request, they they do a great job of looking deeply at it, and, I rely on them, heavily on that just for, like, checks and balances, as we move forward. But, I am super bullish on, we've been doing this for a year, and I am super bullish on as the the project gets a little bit more exposure in the Bitcoin space, like, getting more experienced Python developers involved. And just like we need like every project, we need more eyeballs on our code and, people being able being interested rather to fix, like, little pain points that they see or little opportunities to tweak it or to, like, build a new functionality. Like, I I'm excited for that, and that just helps me. Like, as a maintainer now, I'm kind of, like, I feel like my role is less than what it was, because we have more people looking at the code.
[01:30:27] Unknown:
And I'm kinda just the guy. Love to see it. Yeah. Yeah. It's been That's like the that's the power that's one of the main powers of open source projects. Right? It's that they're bigger than any individual,
[01:30:39] Unknown:
and they can they'll outlive any individual. And the the incentives, like, frankly, are all aligned to where people are incentivized to collaborate with each other and to produce the best version of of what they're collectively trying to work on. Like, it's it, like, is this great, like, collaborative brings out, you know, usually the best in people kind of thing. I it's that aspect of open source has been something that I had no exposure to, you know, in my previous life journey. And it has been just an amazing, almost rejuvenative, aspect of, like, my experience with it. Like, you you see the just the the beauty in people and their goodness, and they're willing to just pitch in and help out, like, when you need stuff. Like, it that's just been a mix.
[01:31:26] Unknown:
Yeah. That's I think, like, being able to that's what I love about open source and open source communities, like, the ones that are ran really well and are really successful. It's, like, being able to foster an environment, being able to create a community, sharing vision, getting people, like minded individuals to believe in that vision as well and and then, you know, kind of, you know, dedicate, you know, time and effort to, you know, once you find, you know, other people, that that share the same vision, you almost wanna, like, you know, work together and, like, make sure that you guys can come together. I don't know if you have any, like, other other advice for anyone maybe thinking about, not only just contributing, to you guys, but also just, like, creating their own, like, you know, how to find and create an open source community. That's, like, that's one of,
[01:32:15] Unknown:
that's kinda one of the tongue in cheek reasons why I put myself out there is, like, you know, I used to be a cop. Like, I I was not a developer by trade. I had a little bit of, like, exposure to coding in college and stuff like that. But, like, I am the perfect example of somebody who is not, like, a native coder. It's not, like, something that I've done for 5 or 10 years in, you know, some sort of professional capacity. But what I want people to come away with when, you know, I talk to them or they asked me about a project that they have in mind, like, it is so important to, in the best way you can.
There's a highly underrated skill in this world. It's just effectively communicating a vision for something you have, an idea you have that you would like to see come into existence, being able to
[01:33:01] Unknown:
Sorry about that, freaks. We got our audio cut off somehow. I don't know where you lost us, but, SeedSiner was giving a very inspiring, tale of of how of how welcoming the open source community can be and not to be afraid of jumping in. Right?
[01:33:23] Unknown:
Absolutely. Just, like, put your idea out there.
[01:33:26] Unknown:
100%. Well, I appreciate your time. I appreciate your time as well, Tony. Absolutely. We've been ripping for an hour and 40 minutes. It's time for some lunch. We got a rabbit hole recap in 2 hours. Final thoughts.
[01:33:46] Unknown:
I'd like final thoughts are just gratitude. Like, I appreciate the opportunity to come down here. The the, BitKite, who's the organizer of the Nashville meetup, has been, like, an amazing host. Like, logistically, just in terms of, like, the meetup that he leads and everybody else who helps with that meetup. If anybody's out there listening and you're, like, anywhere near Nashville, it's worth, like, a it's worth a weeknight of your time to to come in and experience it and, just the opportunity to sit here and talk with you guys. And and for everybody out there who's built a seed signer or talked about it, like, much love, much gratitude. Like, I this if you would have told me, like, a year and a half ago, I was a guy listening to Bitcoin podcasts, like, who had just kind of like stepped away from his career as a stay at home dad. And I, like, was just tinkering with 3 d printing and different things.
And, like, to be here, like, 18 months later, never would have believed it. Like, this is this has been such an amazing experience, and I'm thankful to everybody out there for. Well, we appreciate you. Thank you.
[01:34:45] Unknown:
Yeah. I love it. Yeah. Thank you so much for I mean, you know, and the Nashville, Bitcoin, you know, you know, we don't record anything, and I just wanna say, like, your, your your panel with Rockstar and Matt, like, that was, like, as an audience member, I loved it. There's a lot of really good questions and a lot of good answers, and the the back and forth was amazing. So thank you for taking the time to, like, come here and then the conversation today as well, was amazing. So, yeah, my closing thoughts just, you know, along the same vein, you know, just just do it, you know, just go to a meetup, you know, if if just dive right in, you know, if you have a project, just just do it, and, you never know where you're gonna end up. If you've never used Seed Center before, just just, you know, buy 1 and just start playing with it. Like, you're it sometimes just seems intimidating going to a big Bitcoin meetup or or using a new device that, like, you never used before, especially if you've already gotten used to something. So, yeah, just just dive right in, start playing with it, start going to meetups, and, you know, you never know what's gonna take you. I think that's a great final thought.
[01:35:45] Unknown:
Just a reminder to all the freaks that are interested in the project, that's seed signer.com. If you wanna support the project, that's seed signer.com/ donate. Every sat counts. I think I can speak for them that they'd really do appreciate all of your support. I will see you freaks for rabbit hole recap in 2 hours. I'll see you for dispatch next week. I got some of the Spectre team joining us on on Tuesday, and, I I love you all. Cheers. Thanks, guys.
[01:37:05] Unknown:
Twisted faces in the cloud.
[01:40:22] Unknown:
Love you, freaks. See you next week. Don't forget to try and support seed signer, seed signer.com/ donate. Stay humblestack sets.
Problem with inflation
Tightening and Fed's role
Introduction to Seed Signer
Updates and improvements to Seed Signer
Comparison with other DIY hardware wallets
Use cases and security considerations for Seed Signer
Getting started with Seed Signer
Upcoming features and updates for Seed Signer
Security considerations and risks with Seed Signer
Potential integration with Lightning Signer
Funding and revenue streams for Seed Signer
Ways to contribute to the Seed Signer project
Keith and Nick's code review process
Importance of more experienced Python developers
The power of open source projects
Creating an open source community
Importance of effectively communicating a vision
Gratitude for the open source community
Appreciation for the conversation and panel
Encouragement to dive into Bitcoin projects
