591 sats \ 10 replies \ @benthecarman 16 May 2023 \ on: Seed Phrases are Sharp Edges bitcoin
The only people that seem to complain about seed phrases are the ones that understand them. I think they are perfectly fine, just write down the 12 words. There's no way to abstract out private keys without compromising security. Users will have to learn what they are and that is fine. If you told people in the 1950s all the things they'd have to learn to use the internet people would say that it'd never get mass adoption, but my mom has a password manager and knows how to change the wifi password. Once people have enough bitcoin, they will learn to secure it properly because they have to.
Also the problems with seed words cannot be so easily dismissed. It is a horrible onboarding experience for a wallet. And, it is not as simple as "just write down the 12 words." You then have to figure out what to do with those. And if you don't create an elaborate design, you have a ton of security holes.
reply
Yes, it requires users understanding that the seed holds all their money. I think that is fine, it's not the best UX but the alternative is giving up custody which as we've seen time and time again means losing all your money.
reply
"There's no way to abstract out private keys without compromising security."
Can you expand on this? This is where I think the discussion gets interesting with some of the ideas from the Bitkey team.
reply
At the end of the day the user will need a private key they posses if they want true custody. Whether it be the actual key to their bitcoin or a password that is used to derive an encryption key to a backup of the real key.
There's no real way around it.
reply
The way around it is to use multisig.
Using a variety of signing devices provides additive security. A lost or old device can be rotated out of the quorum, no seed phrases needed .
reply
No this is a terrible idea. You still need a backup of a lost device so you can generate the redeem script.
reply
Yes, there is data to back up.
No, it doesn’t require a seed from every device.
This has been the value proposition of Casa for over five years, it’s not some obscure theoretical concept. It’s surprising how misunderstood multisig still is today, especially within the bitcoin dev community.
reply
Yeah if you want a trusted 3rd party in your multisig to back it up then that works. However you have massive trade offs for that.
reply
I provided an example of a product that’s been on the market for half a decade to illustrate the absurdity of the claim that multisig is useless as a redundancy solution.
This redundancy+security model is built on Bitcoin primitives. Nothing about it requires a third party.
Regardless, for 99% of the population, granting a third party access to view their transactions in exchange for self custody of assets (and the possibility of having them assist in disaster recovery), is a huge improvement over giving up custody to a third party, which is the default in most cases (fiat banking/investments, Bitcoin held on exchanges).
reply
Actually, for the long term, you need more than just the words. You also need the derivation path, passphrase if used, redeem scripts. The search space for these added variables in significant. For now, we have walletsrecovery.org, but who knows 20 years from now.
reply