What Bitcoin Did - What It Really Means to Be Sovereign | SeedSigner
Episode Date: November 12, 2025SeedSigner is an open-source Bitcoin signing device. In this episode, SeedSigner breaks down why trustless hardware matters and why Bitcoin security is a journey, not a destination. He explains how ...hardware wallets have become a “cat-and-mouse” game of exploits and firmware trust, why he chooses to trust math over manufacturers, and how SeedSigner gives users a verifiable, DIY alternative to commercial wallets. We discuss the evolution of Bitcoin custody, from paper wallets to multisig, and how SeedSigner empowers users to hold keys without relying on opaque supply chains. SeedSigner also shares lessons from his years in digital forensics, why most people’s threat model is themselves, and how open-source sovereignty could become Bitcoin’s last line of defence against capture. THANKS TO OUR SPONSORS: IREN RIVER ANCHORWATCH BLOCKWARE LEDN BITKEY FOLLOW: Danny Knowles: https://x.com/\_DannyKnowles or https://primal.net/danny SeedSigner: https://x.com/SeedSigner
Transcript
Discussion (0)
I think it's important to think of security as a journey and not a destination.
With Harbor Wallets, there's this, because they've created the easy button,
you don't really understand what is going on behind the curtain, so to speak.
Be skeptical and go into that with your eyes open and think around the corner
as to the implications of some of the information you're sharing
or the trust you're putting in a firmware update.
The nature of security seems to be the sort of cat and mouse thing.
I wanted to put my trust into the math that underlies the Bitcoin protocol rather than a third-party device.
It's just not quite the same.
It's nice, looking into your glasses.
How you do, Mr. Seatina?
I am well today.
Bitcoin's teasing all-time highs.
I know.
What are we at right now?
Above 125, barely.
and I'm here talking to you, so if I'm nervous as shit, it's still a good day.
There's no need to be nervous.
This is a safe space.
But yeah, Bitcoin's absolutely flying.
It's great to see.
I think we're in for a good end of the year.
It's all the stars are aligning with the usual kind of, well, you probably follow this stuff more than me,
but November and December are typically, October, November and December are typically pretty bullish.
So it's, even the shutdown, I guess, is bullish at this point.
100%. Bitcoin doesn't shut down, right, even if the US government does. No, I'm excited.
October is real. I think cycles are broken, maybe, maybe. But we don't need to talk about
price. That's not why you're here. I mean, we can talk about price. The views will be better
if we talk about price. I'll never turn down some, yeah, bold child. But no, I think October's
definitely a thing. I'm excited to see where it goes. But anyhow. So let's start off by,
you've not been on the show before new or old and who are you so I am a NIM on the internet
I go by initially I went by the NIM seed signer now a lot of people just refer to me as
seed when they seem in public but I was let's see been a bickoiner for about 12 years
as a police officer for 15 years and I created this little open source software project
called Seed Siner that's kind of been my introduction as a public
bit corner so that's uh that's me so we're going to get into the seed sign of stuff today but i do want to
talk about your background because it's pretty interesting um you were a police officer but not just a
normal police officer by the end of your current at least um so why don't we start with with that whole journey
like how did you go from being a police officer to working in forensics yeah so um my background
you know bachelor's degree in english literature minor in philosophy when i studied management information
system some during my undergraduate career and kind of bounced around between a lot of jobs
when I was younger. I was actually a flight attendant for a year in 2001, so I was in the air on 9-11,
and after that was laid off. I worked for an airline called TWA that no longer exists.
What was it like being in the air in 9-11? So we were, it was as crazy as you would think it be.
We were close enough to St. Louis, which was where I'm domiciled out of, that we got to land in St.
So I didn't end up stranded in another city,
but I flew out of Atlanta that morning on the busiest airport
in the country.
And then once we landed, I think one of the towers
had been hit by the time we landed.
And it was just more confusion after we got on the ground.
At first they wouldn't taxi to the gateway.
And then we did taxi to the gateway, but you weren't permitted
to leave the plane.
And then you had to leave the plane, but you couldn't leave the terminal.
And it was the same confusion that,
everyone else, I'm sure, experienced.
That's insane. That must have been pretty wild.
Where were you meant to be going, or were you meant to be going to St. Louis?
No, it was back to St. Louis.
I probably had a turn to go somewhere else, too, that day, but, yeah, wasn't meant to be.
That's pretty scary.
Yeah.
What a scary time to be in the air.
Sorry, I interrupted you there, though.
No, not at all.
So after laid off from TWA, I had worked some private security jobs when I was younger
and ended up working at a university in St. Louis as a basically
a campus security officer. And it occurred to me that it wasn't in a great neighborhood. It occurred to me
I could make more money and have a safer working environment if I just went to the police academy.
So I figured out how to do that and got admitted to the academy and got hired on by a local.
I'm from St. Louis, so a small municipality in the county around St. Louis. And for the first three years,
I was just a road cop, like writing tickets, answering calls, you know, domestic fight in progress.
that kind of stuff.
And by virtue of my background in information systems,
the chief of the department where I worked,
knew that I was a little bit of a geek.
And this would have been in, what, like 2006, 2007.
So digital forensics was still a young and growing part of law enforcement.
And there was a task force or a working group in the area
that was looking to add people.
And they asked me if this is something
that I would be interested in.
and looking into or potentially joining at the digital forensic lab.
So I worked over there part-time for a few months,
just kind of learning the super basics about digital forensics
and I guess perform well enough that they offered me a full-time,
you know, a full-time assignment, I should say.
I stayed with the same police department the whole time,
but was assigned, you know, every day from nine to five
during business hours instead of driving a police car,
I'd go to the forensic lab and was assigned casework
where I'd take apart computers or try to obtain data acquisitions from cell phones and, you know,
data recovery from thumb drives and all sorts of, like, digital media type stuff.
Okay, so you're basically looking for information on a crime. What was it, what year was this?
This would have been 2007. Okay, so you would have been working there, you did that for a few years,
I assume?
The next 12 years, so until 2019. So you would have been working there during, like, the Silk Road days
where people were sending drugs around. Did you ever encounter any?
of those cases? So that was actually my introduction to Bitcoin was a case that, I guess, more than tangentially
touched on the Silk Road. It wasn't actually my investigation. It was another examiner at the lab,
who I was talking to, I don't know, in the break room or water cooler talk or whatever. And he had
been assigned a case that involved a local high school kid who had been given a nice gaming
computer for Christmas that had two decent GPUs on it.
And this, I don't remember if it was late 2012, early 2013,
but you could still competitively mine Bitcoin with GPUs at that point.
FPGAs were probably in play, and A6 were coming soon.
But anyhow, this kid was mining a decent amount of Bitcoin,
and he would buy marijuana on the Silk Road.
It'd be shipped to his house,
and then he'd break it down at a dime bags
or whatever smaller divisions.
He'd take it to school and was making a nice little hustle
as an entrepreneur selling weeks.
at school. Of course, like a teacher or somebody found out and they called the police,
and that's how his computer ended up at the forensic lab. But I had never heard of Bitcoin
before talking to this coworker about it. So that's what sent me to Google and down the rabbit
hole of just trying to figure out what was this thing, what did all the compute that was
associated with it? What was that good for? Why did it need that? And, you know, the white paper,
and I joined Bitcoin Talk and, yeah, just started learning about it.
You know when you have cases like that,
it was like a young kid selling weed at school,
like kids shouldn't do that because they're going to get in trouble.
But do you also think, like, kind of cool.
He's a bit of an entrepreneur.
Yeah, I mean, I definitely didn't have that kind of sense of opportunity
when I was, you know, a kid mowing wands at his age problem.
Mowing lawns is a better option, kids.
No kids listen to this, but if you do, don't sell weed, mow lawns.
So that's the first time you found.
Bitcoin. Like if I think given the context, if I was you in that situation, police officer,
find this through a guy who's selling weed at school, I would probably, especially back in
2012 whenever it was, I would jump to the assumption that this was just money for criminals.
Like many people are even still falling into this pit trap. What did you think of it?
No, that was probably becoming the predominant narrative at the time. I think Bitcoin was probably
transitioning from quirky nerd money to
a tool for money launderers and drug sellers on the darknet.
But they say, I don't know if it was D++ or somebody else, I think it was heard of
who said Bitcoin kind of hits you where you're at at a given stage in your life.
And at that point, you know, I was a young father with a big mortgage and I was, you know,
trying to pick stocks and make investments in different things.
I was looking for a way to make the money that I earned through my employment work harder for me.
And so I tended in the beginning to see Bitcoin as an investment.
I saw the permissionlessness of it.
And what really resonated with me was the scarcity of it, the hard cap on supply.
And so as I started to think about the market cap of Bitcoin, it really seemed like it could potentially be significantly undervalued.
So that was probably, you know, number go up.
in that day and age is what drew me into it. But at the same time, that was, you know,
the original generation of alt coins, you know, light coin, feather coin, all that kind of stuff.
And so it wasn't, Bitcoin was the top dog, but it wasn't, Bitcoin only wasn't a thing back then.
And so it was this opportunity to speculate and make money that probably first brought me in.
This episode is brought to you by River, and they've just launched a very cool new product
where you can automatically buy every price dip. Their zero fee recurring buys are a proven way to
build wealth with Bitcoin, and you can now supercharge them and buy up to 100% more Bitcoin
if the price is dipping at the time of your order. It's a great tool to buy more Bitcoin at
lower prices, and while your cash is waiting to be deployed, you earn 3.75% interest on it,
paid in Bitcoin. River is built to last with security at its core and is the only Bitcoin
exchange in the US with proof of reserves. To open an account, go to river.com forward slash
WBD and earn up to $100 in Bitcoin when you buy.
That's river.com forward slash WBD.
What if you could lower your tax bill and stack Bitcoin at the same time?
Well, by mining Bitcoin with blockware, you can.
New tax guidelines from the Big Beautiful bill allow American miners to write off
100% of the cost of their mining hardware in a single tax year.
That's right, 100% write off.
So if you have $100,000 in capital gains or income,
you can purchase $100,000 of miners and offset it entirely.
Blockware's mining as a service enables you to start mining Bitcoin right now without lifting a finger.
Blockware handles everything from securing the miners to sourcing low-cost power to configuring the pool, they do it all.
You get to stack Bitcoin at a discount every single day while also saving big come tax season.
Get started today by going to Mining.blockware Solutions.com forward slash WBD.
Of course, none of this is tax advice, speak to your accountant or tax advisor to understand how these rules apply to you,
and then head over to Mining.blockware Solutions.com forward slash WBD
and you'll get one week of free hosting and electricity with each hosted miner purchased.
What Bitcoin did is brought to you by the massive legends, Iron,
the largest Nasdaq listed Bitcoin miner using 100% renewable energy.
Iron are not just powering the Bitcoin network.
They're also providing cutting-edge computing resources for AI,
all backed by renewable energy.
We've been working with their founders Dan and Will for quite some time now
and have been really impressed with their values,
especially their commitment to local communities
and sustainable computing power.
So whether you're interested in mining Bitcoin
or harnessing AI compute power,
Iron is setting the standard.
Visit iron.com to learn more,
which is iri-n.com.
I mean, I think that gets everyone, right?
It's number go up first.
Everyone thinks it's a get-rich-quick scheme,
and then you learn it's a don't-get-poor-slow scheme.
Right, but you, so,
but I also had those misgivings,
given, you know, my role in law enforcement and stuff,
And somebody, the majority of my work in forensics dealt with crimes against children.
And so the possibility of Bitcoin being used to sell illicit material online.
And that sort of thing.
Like that was a part of how I viewed it.
And there were like, I remember being a bit conflicted about it.
There was a Bitcoin podcast at the time called Let's Talk Bitcoin.
And it was, I think Adam B. Levine was the host.
And Andreas into like a network of podcasts, right, I think.
It grew into a network.
But originally it was that Adam B. Levine, Andreas Antonopoulos and another person, Stephanie Murphy.
And they were actually a daily Bitcoin podcast for a while.
And I remember Andreas bringing up the whole boogeyman factor of child sexual assault material being sold for Bitcoin.
And I really wrestled with that a lot early on.
because Bitcoin is permissionless and to a degree depending on how you use it private.
And so it was something that you eventually realize like cars are dangerous too
and cars kill a lot of people around the world.
But the value we get from cars above people dying in car crashes dramatically exceeds,
you know, the number of sad deaths that occur.
So the possibility of it is just so much bigger than the people who misuse it
or, you know.
I think I actually saw this stat recently.
I think it's 40,000 Americans die every year through traffic accidents.
And like as society, we've decided to accept that that's a worthwhile trade-off.
Obviously, people are doing everything they can to bring that number down as much as possible.
But it is a harsh reality that you have to face when you actually understand what Bitcoin is.
Bitcoin is freedom money.
It's permissionless.
It's money for enemies.
People are going to use it in ways you don't like.
And you have no ability to stop that.
You just have to come to terms with it.
And again, weigh up the benefits against the negatives and realize that it's a worthwhile tradeoff.
Yeah, same story with firearms.
Obviously, that's an analogy that people make a lot of the time.
But, yeah, guns are dangerous and they kill a lot of people.
But they also protect a lot of people's homes and serve as a deterrent and help people defend themselves.
And yeah.
So when you discovered Bitcoin, you saw it as an investment first.
Obviously, I'm sure that's changed since then.
Well, it is still an investment, but it means certainly more to me, and I think more to you than that.
Did you manage to hold on through all the hype mania phases?
Yeah.
Yeah, I alluded to this briefly when we were talking the other day in preparation for this.
So I had a severe weekend's incident in 2017.
Not that I was a Bitcoin barren or anything by any means, but I had in early 2017, so
the majority of the Bitcoin I acquired early on were like in 2013 and 2014. I remember buying
Bitcoin for as little as like 65 bucks on Coinbase in the summer of 2013 as they were
was kind of crashing before the run up in the end of that year. But after the peak in 2013,
the Mount Gawks incident happened and there was just a long, brutal bear market through 2014 and
2015. And that was, I think everybody's first bear market is like the worst one. And that was a bad one.
Yeah. And you don't, you don't have the experience of Bitcoin resurrecting itself after it falls.
You know, it comes back up. So you think like maybe I'm the idiot and I bought close to the top and,
you know, I'm, you know, I'm the greater full. So I'm dealing with all this kind of uncertainty through
2014, 2015, 2015, 2016. And in late 2016, I don't remember the timeline exactly, but the price
started to perk up. And it got past the peak of 1,200 or in that neighborhood. And then the Bitcoin
price is approaching like $2,000, $2,000 and $2,500. And with the mortgage we had on our house,
if at that particular moment I sold all of the Bitcoin and legitimate,
paid the taxes, which were a gut punch, I was at a point where we could pay off the mortgage
of our house and be completely out of debt and kind of have a fresh start financially in life.
And at the same time, in early 2017, what's going on is actually remissant of what we're going
through now.
There was the four cores were kind of in full swing or coming to it at that time.
And I had this anxiety or worry or whatever you want to call it that.
You know, the conventional wisdom is that Bitcoin forks, no big deal.
You just hold all the forks.
And eventually, when everything sorts itself out, you know, which one the winner is.
You're, you're, you know, you're not hurt.
But I was concerned with the number of forks that were happening that if the network fragmented too much, the whole concept would lose, lose its perceived value.
So people might actually not remember the history of that.
But that would that have been things like Bitcoin Unlimited and Bitcoin Gold?
Bitcoin gold.
And Bitcoin Cash.
Yeah.
And, you know, all of those at the time.
And another factor of it is like I'm a modest means coming from the middle class kind of guy.
And when you've put, you know, I don't know what I put into my initial investment of Bitcoin, whether it was like probably between $10,000 and $20,000 of money that we had saved up when we were bringing in his revenue.
My wife, God bless her was very understanding about.
buying Bitcoin and some of the, like, I was on the, like early on when A6 were just becoming available,
if you wanted to buy one, it was never just like buy it off the shelf and they ship it to you.
It was always some kind of like pre-release or funding campaign where you sent in money
and it was a pre-order for something that would hopefully come through a few months later.
And then when you got it, it wasn't efficient.
Yeah, and because so much new hash is coming online, it didn't produce maybe what you'd expected it to
when you'd initially ordered it.
So at one point, went to my wife and I was like,
I'd like to buy this magic machine
that makes Bitcoin for $3,000 or something like that.
And she's like, oh, okay.
Anyhow, so in 2017,
given what the Bitcoin I was holding,
what it was worth, and what did it started from,
I think people who have, are from modest financial means,
they're just not mentally equipped
for that kind of financial gain.
In your mind, you start to second guess,
whether it's real, and there's this huge temptation to very binary thinking where you don't sell a little bit.
If you're going to sell, you just get out and sell it all.
And there's, I was, I guess the best way to say it is I was very financially unsophisticated.
At that point in my life, not that I'm super sophisticated now, but even more so back then.
And so one day I remember being in the forensic lab and it always seemed like I had on my computer that was connected to the internet, which is a separate computer.
had like a price ticker or a exchange chart or something up.
And I see the number kind of like fluttering around my magic number of like get out of debt.
And I remember that day very clearly.
Like I just got up told my boss I was going home for the day.
It was still like mid-morning.
And I went home and I was started, I just started pulling out.
I didn't have a hardware wallet at that point.
We can talk more about that.
Was that paper wallet area?
It was still paper wallet.
When I set it up initially, it was definitely still the paper wallet era,
but Harder wallets had subsequently come out.
But it was...
Yeah, Trezor must have been around then,
and Ledger probably was in its early form.
I don't know when...
Trezor, I think, was like late 2013 or late 2014,
if my timelines right.
But when I had set things up initially,
hopefully I don't blank on the...
I had used a web wallet,
but it was like a web paper wallet.
It was an open source project, and I'll think of the name of it.
It wasn't like a lectern wallet, something like that was it.
No, no, no.
So it was basically a website.
And it was a GitHub repo.
All of the code that underlied the website was published in the repo.
And what you would do is basically download the HTML, you know, an associated code that
makes up the website from the repo, and they provided an authentication hash.
So you could, if you're trusting the person who publishes, you know, that website, what they
was supposed to be, and you would, this was actually a forensically sound process, you would
boot up a separate computer offline, not connected to the internet, with a fresh Linux
installation, and you would use that to generate new private keys, and it's called bitadress.org,
people who have been around in Bitcoin, I'm sure, recognize it. The guy who created it,
his first name is Peter. I won't say his last name because he's kind of private, but super
great Bitcoiner. He's actually known as
Bici Curacao, who's promoting Bitcoin adoption there.
But anyhow, went through this very methodical process
using an offline computer that was completely in line
with my forensic training and bought an inkjet printer
that I used to print out the private keys for the paper wallets.
Never used that inkjet printer again for anything else.
It was a USB-connected one, so it never touched the internet.
Went through this very carefully thought out process.
But in the end, what am I doing?
I have a list of private keys printed on eight and a half by 11 computer paper, you know, that's in my underwear, I drew at home.
Yeah.
Because when I first put it in there, it was worth like a few thousand dollars, you know, and over time as Bitcoin started, appreciate more.
You know, my security setup, I think is eventually what was part of the genesis of Seed Center because of all of the contributing factors to this, you know, weak hand experience, which, you know, you know,
I'm not in the league of Laslow, the guy who bought pizza for Bitcoin way back when.
But when you think about the amount of Bitcoin you previously owned before you sold everything,
it's not an easy memory.
And so to tell this story in 2017, like, and I awkwardly sold the Bitcoin.
It wasn't even like set a sell order.
Like there's probably, I was, I had an account on Gemini that day,
and there's probably this awkward like blip on the chart of Gemini that day from me just market selling.
a bunch of Bitcoin.
I didn't even know Gemini was around by then.
2017, yeah, they were still pretty small.
But yeah, it was on Gemini.
And so went home, you know, started sweeping all of these paperwallets,
awkwardly dumped everything on Gemini and then had this big dollar balance,
which I didn't really believe it was real until I'd moved it, you know,
did the wire transfer into my personal bank account and was making preparations to pay off the more
but but boy did I not want to hear about Bitcoin for the rest of the year I bet like in 2017
because like the the price rise you know was pretty dramatic from 2200 or whatever that I sold that
up until 18 or 20,000 so I mean even in that year alone you could have basically 10xed it yeah and it's like
you know even if I hadn't held on to the Bitcoin if I had had better timing when I sold it would have
meant a much bigger.
Like I said, I wasn't very financially sophisticated,
so it is what it is.
And for the rest of the year,
I didn't want to hear about Bitcoin.
Like I decided me, being able to pay off our mortgage
was kind of the first step to me thinking about
stepping away from my career in law enforcement.
And so I started focusing on that.
My wife has always been better at bringing money home
than I had been as a cop.
So we started to talk more about me being
stay-at-home dad with our kids. And I kind of went on this self-improvement spree. I started
reading a lot of self-help books and trying to improve things about myself that I thought were
suboptimal. So I'm, you know, I deleted Twitter. I got off a Bitcoin Reddit and, you know, all the
other ways I'd been following Bitcoin at the time. And I just started to focus on making sure that
I was a good enough person to retire early from my job and not end up.
like Mr. Mom where I'm sitting on the couch, like watching TV and drinking wine at 2 p.m.
Yeah, exactly. So for the rest of 2017, like I'm reading myself help books, getting up in the
morning and, you know, going through my miracle morning routine and stuff like that. And in 2018,
I don't remember what the catalyst was, but as painful as it was sometimes, I started peaking at the
Bitcoin price. And in 2018, you know, it started to come down. I bet you were the only person
happy to come down that you. One of the few. And like Bitcoin gets its hooks in you. It's like the
meme from the godfather. Like once you think you're out, they pull you back in. I don't know if
that's good fellow is the godfather. And so I started paying attention to the price again.
I probably created a new Twitter account because I deleted the old one. And as the Bitcoin price
got to like, I didn't catch the absolute bottom, but I was like kind of good.
I started buying more around $4,000 as it had come down from 20.
And this is like in 2018 and in 2019.
So I started accumulating more Bitcoin and this is like Bitcoin's different for me now.
It's not, it's still an investment to some degree.
But if you think about 2017, 2018, 2019, that is really the time when the US national debt
starts to ramp up.
And my kids are getting a little bit older and maybe I'm maturing a little bit, but I'm
I'm starting to think about what world am I leaving for them?
Where is this debt going?
What kind of country are my kids going to be left with?
And so Bitcoin took on additional significance beyond just being an investment for me as I was
starting to re-buy it.
Again, still love number go up, especially relative today to where it was then.
But my Bitcoin journey was different at that time.
And after I'd started buying more Bitcoin, I started.
started to think about cold storage.
And I was still at work in the forensic lab.
And I started to think about the reasons why I just so awkwardly had the lettuce
hands experience.
Well, I understand it, though.
I think one thing that's probably true for almost all Bitcoin is, well, there's a few
things in what you said that's true.
One that it gets at its hooks in you.
Probably from the first day I ever read about Bitcoin, there's likely not been a single day since
that I've not read more about Bitcoin.
But the thing that I think people aren't prepared for
and never can be when you first buy Bitcoin
is the fact that you have to consider
what you will do when it 10X is
because at some point it's going to 10X on you.
And that comes down to both psychologically
what you do with getting that much wealthier.
But also, when you're thinking about
how you secure your Bitcoin,
you need to think about securing 10X the value of today.
Right.
And like, luckily I've had no mistakes
that meant I've lost Bitcoin in that way, but I've had very janky setups compared to what I should have had.
So I guess for you going from using paper wallets back then, like it's interesting just to hear,
like it's easy to think since 2017 to now, not that much has changed.
But when you actually think about the infrastructure side of Bitcoin, the hardware that's available,
it's a world apart.
So when you were thinking of like your initial paper wallet setup and you came back to Bitcoin,
How did you view sort of the hardware wallet market at that time?
Right.
So I had consciously avoided the hardware wallet market.
And part of it, you know, to be candid, was that I already had a setup that I was reasonably
comfortable with.
It turned out like I think as I bought Bitcoin and started to think about what I could, what
my preferred setup for long-term cold storage was.
I started to think about my background in forensics
and what about my background might inform an approach
or a strategy that would make sense for me
and kind of calm my unique sort of anxieties.
One thing I can say about my time in forensics
is I grew up in forensics during a very unique period in time
where initially when I started doing forensics,
it was all what's called deadbox forensics,
where you take a computer that's been powered down,
you basically remove the hard drive from it,
and that's your primary, almost your only exclusive source
of information about that computer
and what it was used for.
But early on in my career, you know,
at first we started seeing flip phones,
and then, you know, the rise of cell phones occurred.
The iPhone, I think, came on in 2006 or seven.
Maybe it was a little bit before that.
And so I got to watch mobile phones
start from these awkward devices that you flip open and press the number three, eight times to get a lowercase E or whatever it is,
grow into these supercomputers that we all carry in our pocket and we rely on for not just being able to call people,
and not just browsing the internet, but like personal authentication and accessing our bank accounts and all sorts of, you know, payments and other things.
I mean, they've replaced computers for a massive amount of the population.
Yeah, and over that time, like forensics in terms of the workload that the average,
digital forensic examiner sees,
it was actively transitioning from desktop computer
to laptop and then to phones and tablets.
Mostly phones, but you still see some tablets.
And so the mobile phone industry,
the first kind of smartphone you can think of
is a Blackberry.
You can remember when President Obama took office,
it was like he kind of said something effective,
you can pry this Blackberry out of my cold dead hands,
because iPhones were becoming more popular,
but we're all creatures that happen.
People like the buttons.
He really liked his Blackberry.
And Blackberry had some pretty crude security measures
in terms of what's baked into the device.
And so some of the earliest forensic challenges
that we had in the forensic lab were getting a device
like a BlackBerry and trying to figure out
if it was pin enabled.
How do we get into this to observe, you know,
observe, you know, at that point, there weren't apps per se. You're just trying to get into somebody's
call history and Blackberry. You could get some emails off of it potentially. But shortly after
Blackberry came the iPhone and then Android, not too long after that. And as the smartphones grew up,
you know, Apple and Samsung and the other companies, they want to sell more smartphones. And they
They really wanted to get access to government and corporate markets.
And government and corporate markets had a certain threshold of security requirement
that they needed Apple to be at before Apple could, you know,
before they would buy, you know, 5,000 iPhones for distribution to government employees or whatever it was.
So Apple started adding security features that were basic and clumsy at first,
but that got increasingly sophisticated.
And what I observed as someone doing forensics over that time period was this ongoing cat and mouse game between Apple trying to up its security game and then an increasing number of researchers and then startups who would examine, you know, the underpinnings of iOS and Android and come up with security exploits that could be used to get around the gold standard, or what you really try for is being able to.
to authenticate to log into the device,
whether that's, now it's face ID,
but at the time, you know,
it was a lock pattern or a pin code or whatever it was.
And so Apple would implement a new security feature.
Six months later, an individual who's doing research
or as it became more likely,
a company that contracts with federal government
and other local governments would develop an exploit
to get around what Apple had done.
Apple would do something new, six or nine months later.
And it's this cat and mouse game.
So with my experience with mobile phones, you know, I got a lot of phones that were locked when they arrived to me at the forensic lab.
And as a rule of thumb, if you could either turn the phone off or keep it powered and offline for a lot of phones within 12 to 18 months, if you just waited it out, you know, and court cases take a long time anyway.
the criminal justice system isn't fast.
So if you were willing to wait it out, a lot of times,
an exploit would be developed that could defeat a given security mechanism
that was in place on a phone that you were starting to work with.
So to circle back around the Bitcoin,
harder wallets, as I saw them emerging with the mobile phone industry
and then harder wallets, when I saw harder wallets,
I thought I've seen this movie before.
I kind of understand how this is going to work.
And when you consider, you know, the,
Apple has, you know, it's a, I don't know, is it a trillion dollar company or whatever the market cap of Apple is, the amount of money that they spend on these security exploits and they're still not practically able to keep government contractors out of their phones.
I don't know if that's contrived, if that's a real thing or if it's, but the nature of security seems to be the sort of cat and mouse thing.
And so number one, I just had ambivalence about hardware wall.
It's because of that that cat and mouse game that I observed with mobile phone security.
And then at the time, it's changed since then.
But at the time, most harder wall, it's required that you connect them to your laptop.
Yep.
And those USB connections, I just never felt comfortable with that.
Because if you have the wrong software conditions in place, like, you know, bad things can happen over that wire.
So never trusted USB.
And so I just, that during that period of my time as a Bitcoin,
and that's why I stuck with the paper wallets.
If you already self-custody of Bitcoin, you know the deal with hardware wallets,
complex setups, clumsy interfaces, and a seed phrase that can be lost, stolen, or forgotten.
Well, BitKee fixes that.
BitKee's a multi-sig hardware wallet built by the team behind Square and Cash App.
It packs a cryptographic recovery system and built-in inheritance feature
into an intuitive, easy-to-use wallet with no seed phrase to sweat over.
It's simple, secure self-custody without the stress,
and time named Bitkey one of the best inventions of 2024.
Get 20% off at bitkey.world when you use the code WBD.
That's B-I-T-K-E-Y.
Dot World and use the code WBD.
This episode is brought to you by Anchor Watch.
The thing that keeps me up at night is the idea of a critical error
with my Bitcoin cold storage,
and this is where Anchor Watch comes in.
With Anchor Watch, your Bitcoin is insured with your own A-plus rated Lloyds of London insurance policy,
and all Bitcoin is held in their time-locked multi-sig volts.
So you have the peace of mind known your Bitcoin is insured while not giving up custody.
So whether you're worried about inheritance planning, wrench attacks, natural disasters,
or just your own silly mistakes, you're protected by Anchor Watch.
Rates for fully insured custody start as low as 0.55% and are available for individual and commercial customers located in the US.
speak to Anchorwatch for a quote and for more details about your security options and coverage.
Visit anchorwatch.com today. That is anchorwatch.com. Do you wish you could access cash without selling
your Bitcoin? Well, Leeder makes that possible. They're the global leader in Bitcoin back
lending and since 2018 they've issued over $9 billion in loans with a perfect record of protecting client
assets. With Leiden, you get full-costly loans with no credit checks or monthly repayments,
just easy access to dollars without selling a single sat.
As of July 1st, Ledon is Bitcoin only, meaning they exclusively offer Bitcoin back loans with
all collateral held by Ledden directly or their funding partners.
Your Bitcoin is never lent out to generate interest.
I recently took out a loan with Ledden.
The whole process was super easy.
The application took me less than 15 minutes and in a few hours I had the dollars in my account.
It was really smooth.
So if you need cash but you don't want to sell Bitcoin, head over to leaden.io, forward slash, WBD,
and you'll get 0.25% off your first.
loan. That's leaden.io forward slash WBD. This episode is brought to you by Bitcoin Meena.
On December 8th and 9th, I'll be in Abu Dhabi for Bitcoin Mina along with 10,000 other Bitcoiners.
There's an amazing lineup of over 200 speakers sharing Bitcoin insights and innovation from
all over the world. And if you're looking for the ultimate VIP experience with
exclusive networking plus premium food and drink, then grab the whale pass and the whale night party
even include surfing, so you know I'm going to be there. Tickets are on sale now. Use code
WBD to get 10% off at checkout on all past types. The website is mina.b.t.c and use code WBD for 10% off.
So what do you think then of the hardware wallet industry now? Because as far as I know,
all the major companies don't require you to plug your hardware wallet into a device physically.
And I wish I had someone who was more technical on this than me. Maybe you can explain. But like,
I don't know the implications of like the secure elements on all of these devices and what that
means in terms of the cat and mouse of security.
So this is, for me, this is disclaimer time.
Yes, I was a forensic examiner for 15 years, but I am not super deep into security research
where I'm the person who's evaluating secure platforms and a secure element platform in terms
of being able to develop exploits for it.
I was someone who learned and executed exploits that other people did.
So in terms of the harder world industry right now, I can't comment on specific modules
that one company's using versus another one.
It's more kind of the general adversarial landscape
and my experience with mobile phones
who are able to spend,
even at this point, a lot more money on security audits and stuff
than the hardware wallet makers are.
So maybe then, like, just for context,
I've used basically all the major hardware wallets.
I feel very secure in my setup using them.
Do you necessarily have an issue with the hardware wallets today?
Because I can believe that this is going to be a cat and mouse game.
There's no way that people aren't going to be trying to exploit these.
And like Ledger, for example, have their dungeon where they continually test all the devices,
trying to find exploits and then disclose them.
And they found, like, a number of them.
But even still, even with the cat and mouse game that will happen with this,
that's the place that I feel comfortable to store in my Bitcoin.
fine. Why do you not? Because you can assume that maybe you have to update your hardware
every few years. Like there is going to be improvements and changes and things that need
addressing. And when you say update, you mean refresh to hardware. It's not just a firmware.
Yeah, well, yeah, maybe both. I mean, definitely the firmware. And I think at some point,
hardware is going to get better and you might want to upgrade to superior security.
So part of it for me is, well, to tell, you know, a little bit of about my time in forensics.
So very frequently when you're dealing with people who are storing and accessing contraband information,
and they know that there is some possibility of them being caught by law enforcement,
their computers being seized, like people take countermeasures,
whether it be activating Bitlock or on their computer or using some kind of software encryption or whatever.
So when I think about the two sort of,
two sort of avenues you can go down.
One is trusting a hardware device
and physically some sort of access controls
that are on a hardware device,
like a pin code or like facial recognition
or a fingerprint or whatnot.
I would call that you're putting
more of your trust in the hardware.
And in my experience in forensics,
if I let that hardware sit there for 18 months,
there's a good chance I may be able to get into it.
However, I also had a number of cases
where, you know, people in an attempt to secure information that could have led to their, you know, indictment and prosecution, read child porn into that, they would use encryption, like, you know, some of the kind of gold standard encryption tools that are out there that are software encryption, but still, so I had some of the gold standard encryption tools that are software encryption, but still, so I had.
certain cases that someone used true crypt, say, just to throw one out, someone using a good
version of true crypt with a sufficiently complicated password unless something happens with
quantum computing, like, it's going to be the heat death of the universe before I'll be able
to guess the password that they set up with their particular version of true crypt and the
encryption algorithm they used versus this iPhone that's totally, you know, supposedly secure
that if I wait 24 months, I'll probably be able to get into.
So I can appreciate what you're saying about the harder wallet industry.
I think a lot of that comes through as marketing.
And I think they're absolutely, I don't want to be a complete naysayer.
I think there are absolutely use cases and places where harder wallets can deliver value.
But for me, I wanted to put my trust into the math that underlies the Bitcoin
protocol rather than a third-party device.
Okay, I do want to get into that because I have questions around that as well.
But just to be fair here, like you're talking about the most adversarial environment
possible.
This is like law enforcement having access to your devices.
And you also, like this is assuming there's a reason they want access.
Like if you have just lawful Bitcoin on a hardware wallet, your risk isn't really,
isn't that.
It's a different risk.
Well, to me, the number one risk is always used.
screwing yourself in terms of...
Yes. I totally agree.
I think I would imagine that's the most likely way
that anyone ever loses their Bitcoin.
So there's one part of it, which is you want to keep these things
as simple as possible while retaining as much security
as possible.
But also, like, what's the real risk?
It's that someone breaks into your house and steals the device,
if the device is at your house, or breaks into wherever the device is and
steals it.
And it's not necessarily thinking about law enforcement having access to it.
No, not law enforcement.
akin to law enforcement,
we could also think of, you know,
a dedicated adversary
who knows how much Bitcoin you own
and has some amount of resources
to spend on that.
Someone breaking your house is definitely a concern,
but what I worry more about is,
let's say I set up a hardware wallet
and I use it,
I set it up using a private key
that wasn't generated with sufficient entropy
that was somehow guessable
or predictable by someone else,
and you think you've got X number of sets in your wallet,
and then one day you wake up and go to check your balance.
And because someone else owned your key before you did
or was able to guess it somehow, your Bitcoin's gone.
That is a nightmare scenario
and something that some people have experienced.
This is escaping me right now, but you may know.
Isn't there a case of that happening right now
with a wallet, like an old Bitcoin wallet
that was generating stuff with poor,
entropy in Bitcoin is being taken.
Was it, it's something
Bleed, is the name of the
exploit. I don't know if it was key bleed or something
similar.
I can't think of the name, but it was some sort
of online software wallet where
it wasn't anything malicious, just technically there was not
enough entropy. It was using like a poor
random number generated. The RNG was
insufficient or who knows what.
But that sort of thing.
But it also,
For someone who's not sophisticated, that problem can manifest itself with harder wallets.
With some harder wallets, you can roll dice a number of times to create a private key.
And there have been sadly instances where some of the platforms did not require enough dice rolls.
And people not really understanding what they're doing, they might roll the dice a half dozen times and think that's great for a private key.
only to, you know, as soon as they make a deposit, there's some bot out there looking to sweep
a particular number of known addresses and poof, the money goes.
I mean, this is one of the things that I think is really important for everyone to, like,
have a good understanding of is that, like, I love that these devices have products like that,
and you can do, you know, 100 dice rolls to create your entropy.
But done poorly, it's more dangerous than just not doing it at all.
And I think people sometimes overcomplicate their setup when they don't really have to.
And I know Odell's on this all the time, but like the idea of multi-sig is great for people,
especially if you're like maybe a public figure in Bitcoin or you're a corporation or
whatever.
But for a lot of people, just a simple single-sig setup is okay.
It's okay.
But I think it's important to think of security as a journey and not a destination.
So maybe we were talking before about your Bitcoin 10xing, you know, from where it is now.
So maybe right now you're comfortable a single-sig.
but after a three or a four X,
you know, it's like that meme where multi-sig
is walking down the street looking pretty hot
and single-sig's like,
where you checking him out.
Yeah, I think of security as a journey,
and I also think we need to be careful about addressing
those nagging concerns in the back of our minds.
Things that, you know, when you're laying in,
in bed at night, you think about your sats and what you hope they're going to be worth and how you're storing them.
What are the little things, if any, that make you a little uncomfortable that maybe you haven't thought through or maybe you don't understand completely about your setup?
I think it's important to pay attention to those.
And multi-sig, for me, so admittedly my vantage point is a little bit different.
Having been someone who's actually helped execute search warrants and gone into people's houses and businesses looking for things on behalf of government,
I just naturally have a more adversarial take on things.
But multi-sig was like a through-the-looking glass moment for me
when it finally started to be available to everyday Bitcoin.
Originally it was like BitGo and some institutional service providers.
But when Specter wallet came out, was really, to my knowledge,
the first bit-coiner, average-bit-corner-facing tool that made Multisig possible.
Because if you have a single-sig wallet,
like you got to keep that wallet at your house.
And then of course you have to, you know, back up your seed phrase, right?
So it wouldn't make sense to keep that with a wallet.
So you got to find a second hiding place whether that's a bank deposit box or your best
friend's gun save for under a tree in your grandma's backyard or wherever it is.
And if someone finds the seed phrase, you know, if they know what it is, game over.
If they find your harder wallet, like there's also the issue of people are really bad at choosing pins.
Like, I've got into more mobile phones than I think I should have just by, you know,
there's like five or ten things that you go through last four of Social Security number,
birthday, spouse's birthday, you know, the numerics of the street they live on and all this kind of stuff.
People are just bad at choosing pin numbers.
So if you can get into that person's house and either find their backup or they're hard a lot,
I mean, they could be cooked.
But with multi-sig, like even if you have a nation-state level adversary who has significant resources
and it turns it from just going to your house and finding that one thing and potentially
trying to exploit that one thing to maybe, first of all, you don't know, is it a two of three?
Is it a three of five?
Is it a six of seven?
Who knows?
And then it becomes this treasure hunt of figuring out where the pieces to the puzzle are hidden
and how many of them you need to be able to get access.
So Malteseek was really when I had reaccumulated some Bitcoin, I was looking for that level
up for my cold storage.
Multistake for me was where it was at.
And that is a big part of the journey that I took eventually to Seed Center, but just
my initial journey and trying to resecure, you know, the business.
Bitcoin that I bought.
Yeah, the thing that I would, like, reiterate there is we kind of touched on it already
is the fact that you're most likely to lose your Bitcoin, not have it stolen from you.
And like, the thing that people need to be fully, fully confident in is that they can
access that Bitcoin if anything goes wrong.
And sometimes I think multisig maybe is a step too far for right now for some people.
But like you say, this is a journey, not a destination.
It's one of those, for me, with great, with great power, with great power comes great
responsibility. And it's the same with even with your single SIG harder wallet, you know, if you choose
to add BIP 39 passphrase to it. So you're effectively with that creating a two of two multi-sig
because if you lose either the passphrase or the seed phrase without the both of them, you don't
have access to your funds. So same with multi-sig. And we talked about this a little bit beforehand as
we were discussing, you know, this conversation that there are tools like cars and firearms
and knives that if you're going to use and you're not going to cut yourself or shoot yourself,
you have to invest a basic level of training into understanding what is powerful about that tool
and what's dangerous about that tool and how to properly use it.
And multi-sig is definitely a level up from single-sig in terms of,
the information storage requirement because you have to,
I don't want to get too technical,
but you have to keep versions of all of the public versions
of the private keys.
You have to have those on hand to be able to make the threshold spend,
unless you have all the private keys.
But to dumb it down a little,
there's some additional information that you have to keep.
That information, I think, can be classified as private
but not secret, which is confusing
because we say private keys and not secret.
keys, but if someone gets the information about your wallet set up, they can see your money,
they can see your balance in the transactions you made, but without the private keys, they can't
steal your money. So enhanced information storage threshold, but it's a diminished requirement
in terms of the private versus secret thing, so you can secure that a little differently.
Like I think for a wallet descriptor, maybe we're getting a little technical here, but for a wallet
descriptor, you know, encrypted in cloud storage is potentially okay if you're, you're
if you're comfortable with the trade-offs,
or keeping multiple copies of it.
But anyhow.
But I think it obviously is getting a little technical there.
I think the important thing for people to know, though,
is that, like, there are different products out there
for people who have different needs.
And so, Bickie, your response to the show.
But I think that's a perfect sort of entry-level thing
for people to be using who may not,
this might all be going over their heads.
But something like that is a great option.
And then if you want to do multisigigmite,
there's, like, a ton of hardware out there.
And obviously, the seed signer, which we can talk about now.
So when did you first come up with C-Signer?
Can I take a step back?
Absolutely.
So in terms of, I do think Bikki is potentially a great solution.
And I think what people, kind of the paradigm is how much of the easy button do you want?
If you, I keep going back to this Knives metaphor, but if you want to dice an onion,
you can use one of these auto dicing things that you just tap on it a few times in it.
But you may not like the way it dices your onion.
So you may want to invest in learning how to use a knife properly and how to dice an onion properly.
And it's always this trade-off in security of, we'll probably keep coming back to this, but in security, it's always a trade-off.
And so that easy button means that you're giving up a certain amount of trust with the people that create the easy button.
So for people or privacy.
Yeah, yeah, or privacy.
So for people who are comfortable with the increased trust or privacy threshold, those kinds of
solutions maybe are great for them. But for people who aren't comfortable with the tradeoff,
there are other options for them as well. But to jump back to your question about Seed
Siner. And just one thing on that, it's like I think the important thing as well is that, like,
in my opinion, at least, everything's a step in the right direction as opposed to just keeping it
on an exchange or with an ETF or anything like that. At least, at least you're making a step in
the chain. Yeah, no. Even, you know, you wouldn't want to put a huge
amount of money on a hot wall. But even a hot wall is better than Coinbase or, you know, BlackRock.
Yeah, 100%. Okay. Let's go on Seediner.
So Seed Siner came about as I was reestablishing my new cold storage setup. And like I said before,
I became aware of a wallet called Spector Desktop. And I don't know if you're familiar.
If people listening would be familiar. It was very similar to what Sparrow.
is right now if people are familiar with Sparrow. Sparrow is kind of the gold standard of
wallet coordinators that you can use on a laptop or desktop computer.
So I discovered Spector desktop and Spector had kind of a companion project that is called
the Spector DIY, which is kind of a single board computer device. It's a handheld computer
that's microcontroller based that you build from off-the-shelf parts.
And with this one device, you can actually use it to create and manage multiple private keys.
And so as I was really enthusiastic about Spector desktop and Spector desktop supports multiple hardwallets, even not at the very beginning, but after on, Keith McKay did a bunch of work to implement Harder Wallets and Spector Desktop.
This Spector DIY was this super powerful tool that,
resonated with me because it applied some of the foundational concepts that I'd learned about
while using digital forensics. Like it was completely offline, you know, didn't connect to Wi-Fi,
didn't connect to Bluetooth. And you could use it in such a fashion that it didn't store your
private keys after you'd use it to create one or more private keys. It didn't persistently store
them, which is a technique that we often use in forensics to conducting an examination of a computer.
And so I'm enchanted with Spectre desktop. I build one of these Spectre DIYs, and I'm getting my new
multi-sig setup, and it's so awesome. I started interacting with his name Stepan Snigerev, who was
the primary architect of Spector. And I also dabbled in 3D printing. And at the time, they didn't
even have, like it was just a circuit board that you bought and you held in your hands kind of
awkwardly with a scanning module attached to it. So I had done a little bit of stuff with 3D printing,
so I designed a very simple, rudimentary enclosure for this thing and offered to send them one,
and I started interacting with some of the people who were behind that project. And that also
put me in touch with a Bitcoiner called Michael Flaxman, who's, I guess he would call himself
a cryptographer. But he wrote this.
this guide for Bitcoin Cold Storage called the, I believe it's called the 10X Bitcoin Security Guide.
It's actually, it's hosted on GitHub.
You can just Google that, and it's evergreen.
It's still completely applicable.
But it's about making upgrades to your security posture in different ways where you get the most bang for your buck.
And I started interacting with him, and he was telling me about an idea he had to use a Raspberry Pi, a specific version of a Raspberry Pi that didn't have Wi-Fi, didn't have Bluetooth, as basically.
a private key generator. It's this naturally very isolated environment where you could create
private keys and then you'd write down the seed words and you wouldn't have concerns that the key
was leaked or had a chance to be on any other device. So it's a very secure way to create private keys.
And I stepped away from work. I don't have a background as a programmer, but I like projects. And so I
bought this hardware that he had told me about the Raspberry Pi and just a simple screening.
controls to put on it. And this is before, you know, AI or chat GPT or anything. So I had to
U-D-Me Python videos for a week just to relearn enough programming to be able to do it. But I wrote
this very simple proof of concept that showed with this Raspberry Pi setup, you could do basically
what the Spectre DIY thing could do. But it, you know, a fifth of the cost or something. It was
a super cheap thing, like less than 30 bucks. And I started sharing that on Twitter. And then I realized
if I attached, you know, $5 camera to it, I could fully replicate all of the functionality, again,
from the Spectry DIY. And so being a cheap skate, that was satisfying to me. And I started posting
about it on Twitter and people seem interested. And it was in, let's say, April or May, I guess,
of 2021 Bitcoin Conference in Miami. Not sure if that was the first year they had or no. Anyhow.
They had this fostome in the tent that Medodale had done a great job of organizing.
And I contacted them ahead of time and asked if I could have 20 or 30 minutes to talk about Seed Siner.
And just as serendipity kind of happened, there were a few people in the audience that day
who listened to my kind of high-level explanation what Seed Senter was and subsequently began contributing to it.
So in the beginning, it was just me with this horrible spaghetti code proof of concept thing.
And then shortly thereafter, other people started discovering the project, people who are
much better programmers than me.
And it just kind of started to take on a life of its own.
It really started to improve rapidly, both in terms of the security assurances and the user
interface and the usability of it.
And so that was kind of, that's how seeds.
are kind of be.
So I've never actually used a seed signer.
I was given one about six months ago,
but I've never,
never used it.
So maybe it's worth explaining how they actually work.
Because you're creating your private keys on there
and then presumably incentivizing people
or asking people to put them on steel
and then you put them away safely somewhere.
Right, right.
And you can differentiate a seed signer
is I refer to it as a signing device
rather than a wallet or a harder wallet.
because it doesn't persistently store the private keys.
You can use it to create keys.
Once it's powered on, you can load keys onto it.
But when you remove power from it,
all of the software is running in RAM.
And the nature of computer memory,
at least random access memory,
is that when you remove power from it,
it loses its state.
That's where the term stateless comes from.
So it loses its state,
and it resets to its natural beginning point.
So that's kind of the basis of seed signers,
instead of obtaining a device that is used as kind of this mini digital Fort Knox
that puts access restrictions around your private key and tries to keep it stored persistently
over time as well as tries to keep prying eyes away from it,
we kind of flip that on its head with Seed Siner and intentionally operate the device in such
a fashion that it doesn't store the keys at all.
So that, as you allude, puts onus on the user to really take ownership of the analog copies
of their keys and think very carefully about do I use this in, do I use this in the context of a
multi-sig?
Is this a wallet that I'm going to be spending from multiple times a month or maybe a long-term
savings wallet that I'm only going to visit once or twice a year?
If that, am I storing my keys in paper or metal?
And am I keeping them, where am I keeping them in terms of who has access to them?
Am I going to use a bit 39 passphrase?
And so it encourages you because you're not relying on the security assurances of the device.
It really encourages you to lean into the game theory around your cold storage setup,
especially, I can't say this enough with multi-sig in mind,
because that's a key part of the whole project.
So where my hesitation from that would come from and where a lot of the criticism at Seed Sainer comes from
is the fact that you do have to be able to constantly access your private keys if you want to spend.
Like with a normal hardware wallet, you can put your backup in a safe in a different location, in a safety deposit box, wherever it might be.
And you don't have to access that unless you lose access to the wallet.
With this, you need to have them on hand to spend.
So why is that trade-off worthwhile to you?
Because it allows you to forego all of the trust that's wrapped up in the commercial hardware wallet sort of space.
Do you sell these devices whole built like this?
I do.
So how do people who buy it not know you know that you've not tampered with it?
So there's this, again, we talk about tradeoffs all the way down, and that's another tradeoff.
So all of the information to build a seed signer is published in the repo, all the software, even the designs for the 3D printable enclosures.
If someone is going to purchase a seed signer, I always encourage them to buy it as a kit.
And when they receive the devices, you know, just compare them with photos online.
A Raspberry Pi 1.3 has a small amount of firmware that's permanently
etched into the board of the factory.
But if you compare the device that I or someone else who resells seed signers has sent you
with what you've seen online, you can get a pretty good degree of assurance that the device
hasn't been tampered with because as we've yet to discover anyone who has or can describe
a way to change the firmware that's burned in at the factory on those Raspberry Pi's.
Now, what I think is in terms of, we're kind of jumping forward to what if you bought a seed center from somebody else, but what I think is more of a risk when you buy a seat center particularly from another person is them steering you in a direction that would cause you to allow them to exploit your wallet in terms of pointing you to an unofficial software repo, because that's another thing with the seed signer that, you know, is dangerous like a knife is dangerous.
It's off-the-shelf hardware that does not have
software authenticity assurance built into it
so that you can run any code you want to on there.
And so if someone tricks you into going to,
you know, a counterfeit software repository
that doesn't contain our sanctioned version of a given release
that contains something potentially with malicious code in it,
you can get hurt that way.
And that's why, you know, this is this constant process of people who are interested in seed signer.
It has to come with a good degree of education in terms of the risks and the parts of the process that you absolutely have to pay attention to.
So I think somebody who buys a seed center, buys a seed signer kit is more likely to be tricked via the documentation into doing something stupid rather than I'm sending you malicious hardware kind of a thing.
Obviously, if someone's selling seed signers, we never recommend that the software that gets loaded onto the microSD card is shipped with the device.
People need to be absolutely comfortable sourcing software from the right place and then verifying cryptographically that it's a sanctioned release.
So they need to be going to your GitHub and getting the official open source release.
They either go to the SeedSenter GitHub repo or this is drifting into technical.
but the seed center releases are what's referred to as reproducible software.
So if you don't download it from us, it's actually a more simple process than you'd think.
But you can build the software release yourself from source code and open source repositories
within a few hours with a laptop computer.
But again, because it will run any code that you load onto it, you just have to make sure
that you're loading good code.
And once you learn that process, you realize it's not that big of a deal.
And anytime you want to deploy new software to it, you can,
but it's all comes back to that educational process.
Okay.
So that makes sense.
And like you say, security in any capacity like this is tradeoffs.
But I kind of interrupted you on your point there about having the private keys
like in an easily accessible place and what the tradeoff there is.
So we know.
that there's going to be a backup with harder wallets, I won't say no matter what, but with
most people with a harder wallet, either whether they're using it a single sig or a multi-sig,
they're going to want to do a backup casa, I think, gets around this a little bit by doing
health checks to make sure that, you know, the devices that are storing keys still have
them. But most people are going to want to absolutely put their seed phrase, which for people
aren't aware, your seed phrase is just a human readable version of your private key. You're going to
want to keep those in paper or metal.
Metal.
Yeah. Metal.
Although with multi-sig, like you can make an argument for paper storage because they're
in different geographically distributed locations, but we'll go too far down that road.
So with a harder wallet, you're going to be storing your key in an analog format somewhere
else.
So if this is a long-term cold storage use case, like this is the money I'm setting aside for
my kids' tuition or to buy a house in 10 years, or just
to leave to my heirs. You're not going to be touching those private keys very often. You can get around
the trust that's tied up in harder wallets and all those copies of private keys that you have to keep
around with instead of instead of, instead of, so if you have a harder wall with a backup, you have
two copies of your private keys. You have the analog version that's stored at the safe deposit box
will say, and then you have a digital version that is on the harder wallet that's in your desk
drawer, your gun safe at home, or wherever it is. But you still have two copies of the private keys.
So even with a simple two of three setup, you kind of have to come up with six hiding places,
right? Because you have for each member of the quorum, you have the digital copy that's on the
harder wallet, and then you have the analog copy. For long-term cold storage, we're not going to be
accessing the keys, especially in multi-sig. I think it makes sense to just forego the digital
copy of the keys and just focus on those analog copies of the keys and keeping them private,
safe, redundant, tamper evident, protected in whatever ways you think are appropriate.
Because you're going to have to store the backups anyway for your long, long term savings.
I think that got to your original question, did it not?
Yeah, yeah.
No, that makes sense because if you are putting Bitcoin away for 10, 20, 30, 40 years,
It's like, who knows if the device even going to turn on in that time.
So that does make sense.
But you do still have the additional redundancy.
I don't know if that's the right word of the actual physical hardware wallet.
So if you're thinking of this as like a multi-sig solution, do you still need six hiding
places, essentially?
You want a backup of a backup?
Well, I mean, the alternative is, and like a lot of, this is another whole avenue that
we can talk about, but a lot of people don't even understand what those seed words represent.
Like when I do talks or, you know, individual walkthroughs of seed center, I'll say, you know, most, not most people, but a lot of people end up keeping their, because when you set the device up, write down these 12 words, write down these 24 words, or whatever it is.
And most people end up writing them on the card and then storing that card with the harder wallet, not even understanding that those are, that's the holy grail.
That's what the whole device exists to protect. So a lot of people don't even understand that anyway.
But with what you allude to, so if we're going to store the analog version of the private keys, the seed words with the device, and the devices over the long term, let's say, you know, two, five, 10 years, the device just by virtue of it being a digital storage medium is more prone to failure anyway. Like, why are we even messing with it?
When, you know, there are some tradeoffs that I'd like to talk about that a lot of people sign up for that maybe they don't realize they're signing up for when they decide to use a retail hard wallet.
So I probably break those down into three broad categories, like supply chain risk, trust, and then privacy.
So when you use a retail harder wallet, there's this issue of supply chain risk, meaning that
from the earliest time that the subcomponents that are going to go into that thing,
it becomes known that they're going to be used in a Bitcoin product.
That is where risk begins, and risk lasts the entire time until that device is delivered
to you in your home or you buy it from the store, wherever you take delivery of that device.
At each point in the journey, there's the potential for exploits to happen.
And I think, you know, exploits at the hardware level are sophisticated, they require a sophisticated actor.
But as Bitcoin 10xs, I think we're going to see some wild stuff.
If presumably the Moss can get into the supply chain of Hamas and make a bunch of pagers explode in someone's pocket all at once, all over, you know, different geographic locations, I think infiltrating the hardware at supply chain.
is well within the bounds of reason,
given how much money that the hardware wallet ecosystem
is intended to safeguard.
So there's this issue of supply chain risk.
There are ways that some hardware wallet companies
have got, at least in my knowledge, around that.
So with Cold Card, for example,
it comes in a tamper-proof bag,
which has a string of numbers and letters
that has to match the hardware wallet.
So you know that it's not been interfered with
between Cold Card and you.
Right.
And what you're describing is what some people refer to as a fake Rolex sort of challenge with hardware wallets.
And there are some ways that you can authenticate the hardware.
But I would argue that if you've taken delivery of a box in the mail and you've opened this up and you're following the documentation that's come with a device, like the opportunity to capture you has already happened.
Because if you're reading the instructions that are packaged with a cold card, they can say, scan this QR,
are and go to this website and now enter these digits and will help you determine that this is,
you know, truly a genuine device. That's obviously a social engineering attack, but that's
frankly like probably a more likely attack than someone, you know, being able to infiltrate the supply
chain. I mean, yeah, you've probably seen them on Twitter, the Trezer devices that show up and
they're completely fake on the inside. Like they crack them open and compare them to a standard
treasure and it's very obvious that it's just different hardware components. That's like the classic
fake Rolex thing. But I think they're also nuanced exploits that, like there are hardwoods that
show up with a seed phrase, you know, printed on a card and people don't understand what they're
doing. And it says enter the seed phrase during the initiation process to set up your card. And
of course, someone else already owns that seed phrase. Yeah, I think though with things like that,
I don't mean to minimize it, because that is a risk.
But people who are, as you said earlier, an example,
putting their seed words with the hardware wallet
or are going to fall for a trick like there being a card in there
with your 24 words ready for you.
Like, they're the people that should be using Bikki.
And I don't mean this as a shill,
but they've obviously pushed this seedless version of hardware.
They don't want you to know your seed word.
And I think for people who are that, you know,
early in their journey of learning about this,
it's just a better option than trying to overcomplicate it too quickly if you don't already
understand the very basics like that.
It's a better option.
But when you're when you're just starting out, I would tend to agree with you.
It's a better option.
If you're that desirous or needing the easy button and the trust issues aren't as important
to you and you just want to get it done, that's fair.
But Bitcoin works on you as you own it.
You probably experience this too.
there's a certain amount of cypherpunk ethos that's embedded in Bitcoin.
And so as you buy some Bitcoin, you put it on your BitKee, you start to think about, like,
who has access to these different shards of my private key?
What if, or you see something online about what if the BitKee app no longer becomes available?
Am I going to be able to recover my funds?
And I don't remember the circumstances exactly.
I'm not super versed in Bikki, but Bikkii has.
acknowledged that at some point the recovery process may require an on-chain transaction.
So for somebody like me, if the recovery process of me taking custody of the coins requires
an on-chain transaction, like that's already a deal breaker. But I'm someone who has,
you know, a more advanced view of the environment, I guess. I won't argue with you that
for a beginner, it's a great onboarding tool and it's a first step, but I hope that it's a first
step in a larger journey. I don't want to get too far because of the three things I initially
brought up, there's the supply chain risk that Seed Center helps you get away from. Then there's
the overarching issue of trust. So when you purchase a retail harder wallet, you're putting a fair
amount of trust that, say, Bitkey has implemented their system in such a way that sophisticated
attackers won't be able to, when you get into keys being stored online or remotely accessible,
which as I understand it, they are with Bitkey, that opens the doors up to larger scale exploits
where not just somebody coming into your house and stealing your harder wallet, but like lots of
private keys could be potentially stolen all at once. Now the Big Key people would argue that
they have a belt and suspenders model and that this is not possible, but
I mean, unless you're super versed in the underlying mechanisms and have a thorough
understanding of them, we've heard that story before that it's just not possible until it becomes
possible.
Yeah, I think this all comes down to, like, it's come up over and over again, but it's tradeoffs.
Because I think the, don't get me wrong, I'm not trying to have a go at C-Syton
here in the slightest, but like I think it's where you put your trust.
And do you trust, you know, Ledger and Trezor and Coinkai or Bikki or whoever?
to build this in a more secure way than you could yourself.
And there'll be a lot of people, and I'd include myself in that, that would say, yeah.
But if you feel, you know, confident in yourself to go out, verify everything, build this yourself.
Then, like, it seems like a worthwhile trade-off.
It's just the access to private keys, it obviously can't be a spending wallet in that way.
I wouldn't imagine.
What do you mean that?
You know, so I have a hard world that I use multiple times a month.
I wouldn't want my private keys lying around in the sense that I could access them to send Bitcoin, you know, 10 times a month or whatever it is.
And in that particular use case, I would argue that it's a fabulous use case for a conventional retail harder wallet because you want the accessibility of the keys nearby.
You're not going to be storing your life savings on there.
So the trust tradeoff makes sense.
And you have the convenience of the access controls in place in the device that are going to restrict, you know, if it does fall into someone's hands at home, regardless of where you're going to.
keeping it unless, you know, they have a knowledge of the credentials that you put in place.
I'm not going to argue with you that that's a perfectly valid use case.
Again, which is why we frame Seed Siner as this is for your long-term life savings, the money
you're going to hand down to your kids or that you're saving for something on the horizon.
That makes sense.
Okay, so I interrupt you before you got to your third point there.
Yeah, yeah.
So supply chain risk, trust, and I do want to say a little bit more about trust.
you're trusting that they've implemented the secure modules or whatever's baked into their particular
hardware device.
You're trusting they've implemented that in a secure way, that there are no low-hanging fruit kind of exploits to it.
You're trusting that whatever firmware updates that they deliver are going to be authentic
and that no one has gotten access to the firmware signing keys that are associated with that company
because malicious firmware could be released and properly signed
and it would still run on the device
and it could be released in such a way
that no one knew it was compromised until months or years later.
I mean, then there's another reason
to not necessarily rush to upgrade firmware in any device.
Yeah, 100%.
And that's a good segue in terms of
the trust that's baked into
this trust is linked in with the third reason privacy.
So let's just say offhand,
most people who purchase a harder wallet
probably do it the exact wrong way.
So they go to the manufacturer website
or some sort of authorized reseller.
There's not a big problem with that.
But then when they order the device,
they typically will enter,
a lot of people aren't sophisticated.
They'll use their real name.
They'll have it shipped to their home.
they'll enter payment information
and they'll enter some sort of email address
that's their regular email address.
And then when you give that information
to the company, you're trusting that they'll behave
responsibly with it and safeguard it,
which we found not always the case,
especially with Ledger, but some of the other
not just hard-to-wallet companies, but service providers
have gotten themselves into trouble with this
because then the motivation,
Motivations of that company are to sell you as many devices as they can sell you.
They're a for-profit company, and that's just their natural inherent motivation.
So they're going to email you about firmware updates, but they're also going to send you
marketing emails about their latest products and new features that they've implemented in the
latest versions of their software or trying to potentially point you to partners that they work with
and this kind of stuff.
So you just don't know who that information is going to get handed off to.
and especially with the ledger disclosure that, you know, myself and a lot of others, I mean, like,
people's real home addresses got out in there. And there was trust in that company to, you know,
keep your private details private. So if you do buy a harder wallet, and I can acknowledge there
are absolutely some legitimate use cases for them, do it the right way. The best case scenario is go to a
Bitcoin conference or some other event and buy it from the vendor's booth so you can,
in the easiest possible way, just hand cash over or buy it with lightning and not have to provide
any personal details whatsoever. But if you do have to buy it through the mail, you know,
consider using a disposal email address.
P.O. box. Right. Use a P.O. box to have it shipped to buy with lightning or use some other
enhanced, you know, privacy with your wallet. And yeah, do it in a more, a more secure private way.
So that's one element of the privacy issue.
The other aspect of harder wallets that I have a challenge with is a lot of them try to, as the default, if you get that device and you start to set it up, a lot of them try to channel you into their companion app.
So with Ledger, it's Ledger Live, with Passport, I think it's Envoy, with Treasor, it's Treasor Suite.
They all kind of have their own thing.
And first from just a theoretical security perspective, that's just bad practice.
Because the company that makes the device and software that's interacting with your private keys
really shouldn't be the company that's also making the software that interacts with the larger Bitcoin network and, you know, the internet itself.
It's theoretical, but there is this opportunity for collusion if someone who has fingers in both of those different aspects of the tech stack wanted to exploit.
something enough said about that.
But the other thing is, and we've especially
seen this with Ledger.
The important thing to point out there, though,
is that you don't have to use Ledger Live
or Treasure Suite or any of these things.
Like, you can go and use Wasabi Waller or Sparrow
or any of the other, like, completely separate desktop apps.
You don't have to, but as you've pointed out,
a lot of people are looking for that easy,
but they're going to do what the recommended workflow is.
I have no idea what the percentages would look like,
but I wouldn't be surprised it with 90 plus percent.
Yeah, which is, you know, as Bitcoiners should rail against that.
And then the other thing is when you use something like Ledger Live, and this is something that's been documented, there's ways in which Ledger has sought to surveil balances and transactions and they do the sharding thing with the private keys.
They don't do that by default, I don't think.
So I don't own a ledger so I can't.
But I have been told by multiple people that if you were using your ledger with Ledger Live, you got to a point where you could not use the device anymore.
unless you updated the firmware.
And the update of the firmware included the new sharding feature.
Oh, interesting.
I didn't think that was the case, but I actually don't know.
I apologize, I'm wrong, but...
I'll put something on screen if that's not correct.
Right, right, right.
But anyhow, so I have to give props to Coin Kite
in that they claim to delete customer information,
even if people buy it the wrong way
and give them personal information,
information. They claim to delete it. You're still trusting them to delete it, but at least
they're- You get the email saying it's been, provenably deleted things hard, but if you trust
the company, you can trust that. I don't hear any other companies making that noise, so I have to
give them props for that. And I also have to give Coincut honestly props for they haven't to date
produced a companion app, whereas all of the other big wallet companies appear to have. So
I always said for a long time, if I had to use a harder wallet, if Seed Center wasn't a thing,
it would be a cold card or a coin kite product.
So, yeah, props to them for those decisions.
Yeah, they, I mean, MVP is great.
I know you guys don't necessarily get along,
but he's built some cool stuff.
They've actually, they've just brought in a couple of new features.
I don't know if you've seen this,
but you now can use like a traditional authenticator
with your cold card.
Oh, like a UBK or something?
Or, yeah, or like an authenticator on your phone.
which I think is quite cool.
And as far as I know, I actually don't 100% know how this works,
but I can only assume that if you lose access to that authenticator,
you can just restore the wallet from the seed,
and that won't be the case.
But I think that's kind of an interesting additional security feature.
Yeah, I wouldn't argue with that.
I think, you know, if I'm going to critique Cold Card
where they get themselves into trouble,
is sometimes that, like, feature creep,
that unless you're a supervisor,
sophisticated Bitcoin and you truly understand the features that you're using.
Like there's a guy in our telegram chat for Seed Siner who was using, I think BIP 85 is the one I'm thinking of where you can create child keys from a parent key.
And they, you know, one night they were setting some working on their Bitcoin setup and got two generations deep into BIP 85 derivation.
and like could not, and they were doing, you know, not just the first child,
but some subsequent child derivation and somehow lock themselves out of their Bitcoin.
So I think keeping it simple, yeah, there's, you know.
I agree with that.
I don't think that's CoinCite's fault.
I think it's cool that they give you access to as many advanced features as possible.
People just need to be aware of what they're actually doing.
And they do hide a lot of those features in the advanced settings.
I think there's like, you have to be careful with guardrails.
Like where I was talking about before where someone, you know, rolled the dice five times
and set up a wallet with that, that was on a cold card.
Yeah.
And so you can give people a lot of power, but I also think there's, you know, it would be,
it's very simple to require a minimum number of roles that would prevent that from happening.
And you can say like, ah, you know, the person has to know what they're doing.
But at the same time, as someone who is architecting that defined,
advice, you also can put some reasonable guardrails in place to, you know, help people out if they
come to own themselves.
I obviously can't speak for MVP, but I'm pretty sure he's said numerous times that, like,
these features aren't for everyone. Like, maybe don't use them unless you absolutely know what you're
getting yourself into. I mean, like, this is cyphopunk technology, right? I think people should
be able to do everything possible if they want to. And understand that in general, for most people,
just keeping things simple is the best way of doing it.
Simple.
Well, we have different versions of simple.
Like simple and bit key or simple in terms of,
I personally think.
I mean like if you're using a cold card,
like just understand where your technical limits are.
You should know the consequence of every action you take on it.
And sometimes like things like creating your own entropy with dice rolls
might be to advance some people and just know what you're getting yourself into.
Right.
Yeah.
There's a balance,
I think.
there's a balance.
Yeah, there's a balance.
I don't want to get into too much.
It's too much tradeoffs.
I don't want to get into too much nanny stuff
because I do believe that people should have the freedom
to burn their hand on the stove.
Yeah.
You know.
I mean, it's the best way of learning, that's for sure.
Yeah, painful as it is sometimes.
Okay, so with Seed Siner, like,
what do you want people to know about it?
So Seed Siner, again, DIY cold storage.
We, the kind of secret sauce of seed signer is that we take a very careful selection of hardware components and then a very kind of thoughtful selection of software features to create a highly secure system using very inexpensive off the shelf.
components. Do you have the components? Can I see that? I do. So I have some assembled here and then I have
the components. I can kind of just show you. The version I got looked nothing like the ones you have here.
Well, that's another part of the beauty of open source is that, you know, all the sort of,
they're all kind of the same skin or the same core components with different skin around them.
So that is just the simple display screen and buttons.
There's...
It's funny, the guy who gave me, I mean, first of all, shout out, I don't know if he...
I'm curious to know who, like, gifted you a seat.
I don't know if he's private, so I wouldn't want to necessarily say.
But he, like, the reason that I wouldn't use it, though, is because, like, it was the first time I'd met him.
I'm sure he's a lovely person.
I have no malintent, but it makes me a little bit nervous to use anything like that.
Maybe I should just play around with it with like a little bit.
I mean, just as a matter of like, I'm curious and open to learning about this.
It would be a good test.
I'll put some Bitcoin on there and see if he robs me.
But anyhow, the components you have there are that's just a simple Raspberry Pi compatible camera.
There's the Raspberry Pi, the green board that you're holding in your hands,
which is a very specific version of Raspberry Pi called a 1.3.
And all that designation means is that it doesn't have wireless.
communication capability baked into it.
So no Wi-Fi, no Bluetooth, no NFC.
And then the display hat on it is just how you interact with the device.
The USB ports on there, one of those ports, which with most of the enclosures is the port
that we leave exposed, is hardwired for power only.
So you could even plug it into your laptop and have assurance that it's not leaking
any information because data can't even travel through that port.
But so it's this very simple, very isolated, private little environment where the only way that it can receive input from the outside world is through the camera and then the buttons on the front of it.
And the only way it can output data to the world is through the screen.
So it creates this very naturally constrained protocol by which you can move data in and out of it, which is intentionally so.
because it would be really challenging to move enough data to execute some sort of exploit if you're doing it with QR codes.
You just can't pack a lot of binary data into them.
So that's a natural part of the kind of almost friction of the device.
It forces you to slow down and think about what you're doing.
Okay, cool.
If I received this from you, like looking at it, apart from comparing it to another one,
Like, there's, the only way to know this hasn't been tempted with is by comparing it to another one.
Is that correct?
Right.
For me, at least physically.
The bar is pretty high to add some sort of, you know, hidden or undesirable functionality on that device without changing the way it looks in some way.
Like adding an additional module or something would be out of place.
And it's a very simple board with a minimal amount of firmware on it.
So that's relatively trivial.
Right.
And then this, I assume here, the SD card runs the firmware.
The SD card runs the firmware.
Which you load yourself.
To be precise with the language, it's a combination of firmware and software.
Okay.
So running on that device, it's basically a small handheld single board computer.
You've heard how some core developers have talked about, people are initially going to think of Luke, of course.
But people talk about I wouldn't use a hardware wallet.
I would just have a Linux laptop that I have removed the communications,
the wireless communications capability from,
and I would just keep that in a safe.
This is kind of a version of that because it's a simple handheld computer
that we're using it in such a way that it doesn't remember anything.
So there's high-level firmware and software on the memory card.
When you apply power to it, you turn it on.
And then as soon as the user interface comes up,
you can actually remove the microSD card
because as I said before,
all the software and firmware is running in RAM.
Okay, so everything's loaded as soon you turn it on,
then you can pay that out.
You remove the memory card
so you can have that additional assurance.
Of course, our software doesn't run anything
but settings information to the memory card,
but because you're physically removing it,
you're going to have that assurance
that my seeds aren't somehow being leaked onto this thing.
And at some point,
I should probably talk about, like,
there's probably four target audience.
for Seed-Signer in terms of the type of bit-o-o-o-ointers who it makes sense for.
Because I'll grant you like it's not for everybody.
And it's probably not even for most people.
But one group is just geeks like me, people who like to build and tinker with things,
people who might want to experiment with a new feature or a new aspect of the protocol
and they're savvy enough to be able.
Our code is highly, most of the,
our app level code is written in Python and it's a very simple language to work with. So you can
prototype things and there are other forks of our project that implement different features that we
choose not to implement. So it's a device that you can, you know, play with if you're a technologist
kind of person. Second would be people who live in parts of the world that are less free
and that for whatever reason, like in Russia right now because of the Ukraine war,
because most of the harder wallets come from countries that are associated with the West
that are, you know, manufacture and ship them, it's really hard to get a harder wallet in Russia right now.
But I'm in contact with people there who can get the parts to build a seed signer,
and there are some number of Bitcoiners who really like seed signer and use it because they
they don't have access to commercial harder wallets.
In other parts of the world, let's say,
and I've been in contact with Bitcoiners in Iran,
there's a Bitcoiner called Zia Sedir,
who was in the custody of the Iranian regime,
and he's, I think, in exile now.
Bitcoiners in that part of the world
may not even have access
just because of commercial restrictions to hardwaltz.
Or if you wanted to get a harrow wallet,
you'd have to buy it from a black market source,
which...
And you really can't verify what you're getting in.
which is really like not the way you want to buy,
kind of a security critical piece of hardware.
And then in some place like China,
where harder wallets are legal,
you can get them.
But if you're going to buy one through the mail,
it's like,
males routinely searched, as I understand it, in China.
And you're not worried about the Chinese Communist Party
like coming and taking to the Gulaug
because you're using Bitcoin.
There you're more worried about,
so I've been told local police departments,
that are to some degrees corrupt and might know that you're using Bitcoin because you ordered
a treasurer in the mail or something.
And with that information, they would come to you and try to invent some sort of crime
that you'd committed to try and shake you down to seize your Bitcoin.
So Seed Center allows you to have secure Bitcoin cold storage with parts that are not, you know,
if you order these parts, you could be building a mini retro gaming console or you could be
doing any one of, you know, other sort of DIY.
software projects.
So it helps people who can't get access to harder wallets or who, for whatever reason,
are trying to fly into the radar.
So that's like group two.
And then group three, I would say are people who are really concerned with, as I've
already talked about, the amount of trust that goes into using a retail hardware wallet.
You know, maybe we're wired a little bit differently.
maybe we're like freedom and sovereignty maximalists or whatever tinfoil hat types or or whatever.
But the model of using a seed center, the mental model of understanding what the components do is something that once you've learned it, for whatever reason, it's very grockable for people.
With hardware wall, there's this, because they've created the easy button, you don't really understand what is going on behind.
and the curtain, so to speak.
So I've heard this from multiple people
to where when they're looking to make a spend
using their harder wallet
and they set the transaction up,
they've entered the recipient address in
and the fee and the amount
they're going to send in everything.
Right before they click the send button,
there's this apprehension
because they don't know what they're going to do
if it doesn't work.
Because they don't have confidence
that they understand what's happening under the hood
or that they would be able to reconstitute
their wallet and get access to their funds
if they were just, just had the source material, the seed words in their hands.
With Seed Center, the way we take you through the process of setting up a Bitcoin wallet
and because every time you make a spend, you are dealing with the seed material,
you have a much higher understanding of what the process looks like
and if something were to go wrong with your laptop where you had Sparrow.
Or if you're using Nunchuk or Blue Wallet on your phone and your phone
you dropped it in the pool or it got stolen from you on the street or whatever.
You have just a higher degree of confidence that with the key material and your wallet backup,
you'd have access to your funds much more quickly.
That makes sense.
I think this is cool.
I need to have a play around with the one I've got and see what I think of it.
Like I say, what I don't want this to sound like is an attack on hard all this.
Because I think, like you say, I can understand why someone want to use this.
I can understand the reasoning.
I think the audience is not everyone.
It's not every Bitcoin.
And I think people should still feel confident in using hardware wallet.
So I don't want anyone to go away from this, like freaking out that their hardware
wallets compromised.
But it's a cool project.
And I would, just to push back on that a little bit, because I don't want to deter people
from solutions that could potentially do them good.
But I would encourage people just to go into that relationship of purchasing a hard
of while and using because that's what it is.
It's a relationship.
Be skeptical and go into that with your eyes open and think around the corner as to the
implications of some of the information you're sharing or the trust you're putting in a firmware
update or any of that kind of stuff.
Just trust don't verify.
We talk about that in Bitcoin, I think, right?
Absolutely.
Trust don't know.
Don't trust verify.
Yeah. We do talk about that in Bitcoin.
I think the key theme of this interview is probably it's just all trade-offs,
figure out what works for you best.
That's fair.
You should think adversarily and make your own decision on this stuff.
But it's been cool.
Anything we didn't talk about that you want to?
One kind of aspect that's sort of squishy is just my experience with Seed Siner
and being the lead and the facilitator of an open source software project
and experiencing kind of this as a community-driven project
of how I referenced before as I started out early on,
not being a coder and writing this horrible code,
but producing enough of a proof of concept
that other people stepped in and built it,
it has just been for me super satisfying
to interact with Bitcoiners in that kind of way,
building something together that provides real value
and something that,
because we have to have different strokes for different folks,
we have to have tools for everybody.
And we don't want to have a Bitcoin ecosystem
where we only have just one thing, not the other.
We don't want everything to be a DIY,
and we don't want everything to be just commercial
and retail solutions that are available.
So we serve, Seed Center serves as this kind of ideological counterbalance to some of the other things, not just, you know, Harvard Wallet Boogiemen, but just in terms of what if there was some sort of aggressive nation state maneuver to co-opt Bitcoiners and attempt to maybe not go full out 60102 and seize Bitcoin, but to try to just start to encourage people to register and declare whatever amount of Bitcoin that they own.
It's been important to me to be involved in something that kind of is a bulwark to tyranny and pushes back at all of that.
And just the camaraderie of, I would be remiss if I did not give shoutouts to some of the people that have helped build Seed Siner to what it is.
Like our lead maintainer who was the first external contributor to Seed Sinder and I love how he found it.
Like I, when I made this proof of concept and I'm all on Twitter, like posting videos of how it works and, you know, the richness of the concept or whatever, like he just goes on to GitHub and searches Bitcoin wallet and is not active on social media.
And that's how he found our project and started contributing to it to our lead software developer who's called Keith Mukai, who's a good friend of mine as well, who I mentioned before is the one who his initial open source.
contributions were to Spector Desktop and integrating Harder Wallet support into Specter Desktop
because it didn't exist. And he was a technical guy and wanted to have it there. And so he just
stepped up and built it. And then I mentioned people who saw that initial presentation I made at
Bitcoin Miami, there's an amazing UI-U-X designer. He's a NIM who goes by Easy or Easy UXD.
and he was one of the people that saw that first presentation and then circled around and contacted me.
And his daytime job is a UIUX designer for, I don't want to give the field he works in,
but he works on a national level with products that millions of people have their hands on.
And in his spare time with no expectation of financial reward has leaned into seed signer
and really turned it from this clunky thing
that feels like an almost DOS-like interface
to once you build it,
it's kind of one of those,
the sum is greater than the parts kind of thing
because of the magic and the software and the UI.
We really have a first-class UI
if you haven't worked with a seed signer.
After you've built one,
it feels more like something you've bought
than what you've built.
And that's feedback that I consistently get from people all the time
is just the beauty of the UI,
the simplicity of it, the graphic-driven nature of it,
and we've really put a lot of thought into the decision tree of using a seed signer
in terms of what we give access to and what we, as you talked about with Coin Kite,
what you kind of hide and make available under advanced settings.
But we really try to pare down the decision tree and make it to where using the device
is as much of a process of securing your Bitcoin as, you know,
when you're initially using it, it's also an individual.
education process because it teaches you how to, you know, how you collect entropy to create a
private key and then how you create the public version of that private key that you need to
set up a wallet. And then when you import a partially signed Bitcoin transaction, what the elements
of that are and what you need to pay attention to to verify that your coordinator's not trying
to trick you into doing something you don't want to do. So I just encourage anybody who hasn't
used one. Seatineers a grassroots thing. And that's okay because it's generally passed along from
one Bitcoin or to another, primarily at meetups. And it's like you, people who build one and use it
gets so excited about it that they want to build one and give it to a random podcaster that they've
never met before. Like it's just, it's one of those very Bitcoiny Bitcoin things that you get
excited about. So I'd encourage people to, maybe it doesn't end.
up being your go-to cold storage device.
Maybe you keep using harder wallets, and that's totally fine.
But if one day you wake up and you plug in your hard wallet and says bricked,
you're going to be super glad you have that seat turn around that you can type your seed words into
and prove you have access to your funds still.
So yeah.
Very cool.
I mean, Bitcoin is building things is always good.
So where do you want to send anyone to find you on Twitter or find out more about seed trainer,
contribute to the project, anything?
Yeah, no, just at SeedSiner on Twitter is kind of our marquee social media presence.
We're on Nostra as well, and you can find a verified seed signer account on Noster.
SeedSigner.com, please don't go to any.edu.edu.
That variance, just SeedSigner.com.
And from there, you can find a link to the GitHub repo, which is where we provide documentation.
We've also, within the GitHub repo, I've written an independent custody guide that kind of
explains in probably a much better, well-thought-out format, some of the issues that we've
been talking about throughout this conversation and lays it all out in terms of making
a case for our vision of cold storage. Yeah, through the, and we also have on the dot-com website
a link to all sorts of explainer videos made from everyone, from BTC sessions, to all sorts of
other people who do educational Bitcoin content in a variety of languages that feature Seed Siner
and explain the value of one and how to use it, how to build one, how to set it up and all that
kind of stuff.
Yeah, I've not seen it, but I can be almost positive that Sessions Setup Video is probably
the best one out there.
He just did a refreshed one within the last couple months.
So, yeah.
Nice.
Well, thank you for this.
It's been great.
Appreciate the time.
Yeah.
Appreciate the invite.
Thanks so much.
No, thank you.