591 sats \ 10 replies \ @benthecarman 16 May 2023
The only people that seem to complain about seed phrases are the ones that understand them. I think they are perfectly fine, just write down the 12 words. There's no way to abstract out private keys without compromising security. Users will have to learn what they are and that is fine. If you told people in the 1950s all the things they'd have to learn to use the internet people would say that it'd never get mass adoption, but my mom has a password manager and knows how to change the wifi password. Once people have enough bitcoin, they will learn to secure it properly because they have to.
reply
20 sats \ 1 reply \ @moneyball 17 May 2023
Also the problems with seed words cannot be so easily dismissed. It is a horrible onboarding experience for a wallet. And, it is not as simple as "just write down the 12 words." You then have to figure out what to do with those. And if you don't create an elaborate design, you have a ton of security holes.
reply
10 sats \ 0 replies \ @benthecarman 17 May 2023
Yes, it requires users understanding that the seed holds all their money. I think that is fine, it's not the best UX but the alternative is giving up custody which as we've seen time and time again means losing all your money.
reply
20 sats \ 6 replies \ @moneyball 17 May 2023
"There's no way to abstract out private keys without compromising security."
Can you expand on this? This is where I think the discussion gets interesting with some of the ideas from the Bitkey team.
reply
10 sats \ 5 replies \ @benthecarman 17 May 2023
At the end of the day the user will need a private key they posses if they want true custody. Whether it be the actual key to their bitcoin or a password that is used to derive an encryption key to a backup of the real key.
There's no real way around it.
reply
0 sats \ 4 replies \ @031ef7d322 17 May 2023
The way around it is to use multisig.
Using a variety of signing devices provides additive security. A lost or old device can be rotated out of the quorum, no seed phrases needed .
reply
0 sats \ 3 replies \ @benthecarman 17 May 2023
No this is a terrible idea. You still need a backup of a lost device so you can generate the redeem script.
reply
10 sats \ 2 replies \ @031ef7d322 18 May 2023
Yes, there is data to back up.
No, it doesn’t require a seed from every device.
This has been the value proposition of Casa for over five years, it’s not some obscure theoretical concept. It’s surprising how misunderstood multisig still is today, especially within the bitcoin dev community.
reply
0 sats \ 1 reply \ @benthecarman 18 May 2023
Yeah if you want a trusted 3rd party in your multisig to back it up then that works. However you have massive trade offs for that.
reply
0 sats \ 0 replies \ @031ef7d322 18 May 2023
I provided an example of a product that’s been on the market for half a decade to illustrate the absurdity of the claim that multisig is useless as a redundancy solution.
This redundancy+security model is built on Bitcoin primitives. Nothing about it requires a third party.
Regardless, for 99% of the population, granting a third party access to view their transactions in exchange for self custody of assets (and the possibility of having them assist in disaster recovery), is a huge improvement over giving up custody to a third party, which is the default in most cases (fiat banking/investments, Bitcoin held on exchanges).
reply on another page
0 sats \ 0 replies \ @Gar 17 May 2023
Actually, for the long term, you need more than just the words. You also need the derivation path, passphrase if used, redeem scripts. The search space for these added variables in significant. For now, we have walletsrecovery.org, but who knows 20 years from now.
reply
418 sats \ 5 replies \ @ek 16 May 2023
I didn't get what they are doing differently now. I understood they are offering multisig solutions. But don't they consist of seed phrases, too?
reply
825 sats \ 2 replies \ @moneyball 16 May 2023
Most (all?) hardware wallets today have customers write down the seed phrase and re-enter it as part of onboarding. This in an unusual experience for most people. It is time-consuming. And of course then customers have to understand and appreciate how sensitive this material is that they've just written down and devise a plan both to never lose it and never let anyone else see it even for just a few seconds (a quick picture away from losing all your money).
Imagine instead an onboarding experience that takes a minute and doesn't involve any of this?
reply
528 sats \ 0 replies \ @samsamskies 16 May 2023
Casa also recommends seedless setup for their customers https://blog.keys.casa/seedless-security-model/
reply
24 sats \ 0 replies \ @nerd2ninja 16 May 2023
With the huge ledger backlash going on right now....like I don't know maybe because you're doing this from the start its different but (and also its only one of 3 keys and not a split of 1 key)
Did you look at the Liana wallet? Anything inspiring from that design you think might be useful for what Spiral is trying to accomplish?
reply
519 sats \ 0 replies \ @nerd2ninja 16 May 2023
https://bitkey.build/losing-your-keys-without-losing-your-coins/
"Wallet is made up of three parts - a mobile “App”, a specialized “Hardware” device, and our backend “Server” - with each controlling one of 3 keys" using a 2 of 3 multi-sig. You know some people do this with unchained capital so they're sort of making that model streamlined.
I don't really like it myself. I mean just take the marketing from Liana wallet: https://twitter.com/raw_avocado/status/1658099154571218949
Gives the user all the power to make all the decisions they want.
I don't know sometimes with these companies I'm reminded of Maralyn Manson.
"Some of them wan to abuse you, some of them want to be abused"
reply
51 sats \ 0 replies \ @k00b OP 16 May 2023
I suspected they just aren't exposing them as part of the UX. They can't prevent an encoding from existing, but they can prevent users from knowing it exists.
reply
124 sats \ 3 replies \ @designsats 16 May 2023
Multiple seed on paper/steel on two locations, passphrase in head and separately in inheritance with instructions for family.
I find this easy to implement and good backups storage scheme. Resitant to discovery of seed (passphrase in head) and remote theft because you only use a good hardware wallet. Than you can have a spending LN wallets in your phone with lower level of security (and amount) and even smaller amount on mobile or web based custodial LN wallet.
There is no usafe custodial - only too many sats at risk. Keep only necesary minimum for zaps on custodial solutions.
Your custodial LN wallet might be more secure than your physical fiat cash wallet.
reply
352 sats \ 2 replies \ @moneyball 16 May 2023
Agree this is a strong design but it is 100x more complex and unlikely to be implemented by most people.
I'd also be curious which security vulnerabilities would be of concern to you relative to the design Bitkey is proposing and the setup you describe?
reply
0 sats \ 0 replies \ @031ef7d322 17 May 2023
It seems like you have a lot of work ahead, helping people understand the advantages of multisig.
reply
0 sats \ 0 replies \ @designsats 16 May 2023
I dont know how to evaluate their proposal.
reply
20 sats \ 0 replies \ @03bebce944 17 May 2023
ok.....then what's the alternative? sending encrypted shares of my private key to all the Block subsidiaries?
reply
10 sats \ 0 replies \ @ek 16 May 2023
I see, 12 times bacon has not been established as the seed words to go for examples yet, lol
reply
11 sats \ 0 replies \ @k00b OP 16 May 2023
Even if you think "hiding" seeds is bad, this does suggest they aren't taking anything for granted. It makes me much more confident we'll see a differentiated hww from them, which if they're right means more self-custody.
Maybe we'll even be able to argue about hww features more than their source licenses.
reply