pull down to refresh
102 sats \ 9 replies \ @aljaz 2 Jul \ on: We are BitBox, makers of the open source BitBox02 - AMA! AMA
what do you think is the biggest issue with current state of self custody?
A big problem with self-custody is that there always remains one thing (like the backup) that gives full and immediate access to all your coins. This piece of information must be kept secure, but should also be easy to recover.
It's hard to keep the backup secure, and as long as users at home have immediate access to all their funds, that can make them targets for the $5-dollar-wrench-attack.
A few options that try to fix this:
-
Encrypting the backup --> not a good idea, as then you need a backup for your backup password. Makes inheritance hard, and basically creates a 2of2 scheme, where you lose either backup or password, your backup is useless. (The BitBox01 had an encrypted mSD).
-
Multisig --> still quite technical for normies and needs multiple signing devices and backup locations. Powerful, but UX should improve. Backup complexity (preserve xpubs etc) is quite high).
-
Bitcoin script solutions --> I have high hopes that we will see more "intelligent" bitcoin wallets soon, e.g. degrading multisig, timelocked backups, or other "not-instant" recovery paths that preserve full user sovereignty.
Not having instant access to your full stash should be normalized, so thieves can no longer assume that a "friendly visit" at home will pay off.
reply
reply
What about Shamir Secret Sharing?
It’s getting some tractions since we don’t expect to see covenants in the near future.
reply
SSS is an interesting approach, and even a weaker redundant seed split (aka "poor man's" SSS) can help secure the backup.
A downside (e.g., compared to multisig) is, that it only secures your backup at rest. You still need to bring the full backup together and input it into the hww, creating a single point of failure. I'm more bullish on a simple multisig implementation, as this allows to sign a PSBT sequentially, geographically distributed, never all less in one place.
Probably more of an apples/oranges comparison, though... : -)
reply
reply
I appreciate your stance and understand that it can make sense in certain cases. For this, the optional passphrase can act as an indirect encryption, as it's never stored on the device itself or the microSD card backup. Or you just skip the microSD card backup and roll your own manual backup solution based on the recovery words.
Just an option being available might create doubt in users' minds that they should use it "just to be sure". We've seen that with the optional passphrase, which is horribel UX-wise and was our support issue #1 for a long time (now fixed by forcing users through a mini-education to make sure the concept is clear).
In the end, if you build a product for everyone, you build it for noone. We decided to focus on simplicity, and that involves not encrypting the microSD backup.
reply
The general lack of motivation to self custody. 90% of people get onboarded to bitcoin exchanges without ever taking self custody of their coins.
It's unfortunate but exchanges have an incentive to discourage self custody.
/Joko
reply