SLP152 NVK – CK-BUNKER and Bitcoin Backups

Posted in: bitcoin Posted on Posted in: , , , ,

NVK (Coinkite) joins me to talk about a new project, CK-BUNKER, a DIY co-signer. We talk about what this is, how it could be used by bitcoin businesses or service providers. Separately, we also talk about backing up your bitcoins and making sure they’re safe for the years to come. We talk:

  • CK-BUNKER
  • How to use it
  • Coldcard and secure elements
  • Opendime
  • Bitcoin Backups
  • Stablecoins

NVK links:

NVK prior appearances:

Sponsor links:

Stephan Livera links:

Podcast Transcript:

Stephan Livera:

Rodolfo, welcome back to the show.

Rodolfo (NVK):

Hey man, thanks for having me. Again.

Stephan Livera:

Yeah, this is your third appearance. So you’re definitely getting up there in the league tables. I think Vijay and Pierre are leading at four times each, so we’ll see.

Rodolfo (NVK):

I’m a pretty competitive guy, man. We’re going to have to record a second one right after this.

Stephan Livera:

That’s right. Well we’ll have to wait. When Coldcard Mk4 comes out, that’s when we’ll get you back on. But look, we’ve got the Coldcard Mk3 and we’ve got the CK-BUNKER product and a couple other things to talk about as well. Let’s just start with CK-BUNKER. Can you tell us what is CK-BUNKER?

Rodolfo (NVK):

Yeah, so CK-BUNKER is not really a product. It’s actually a free open source project that people can fork and do whatever they want with it. I’m sure all their hardware wallets are going to end up forking and just making it work for them as well. It’s more along the lines of a BTCPay Server kind of deal. It’s just, we’ve been waiting for somebody to make it and nobody did it. Sort of like, Hey, you know, fuck it. We’ll just make it ourselves, right? So CK-BUNKER is a roll-your-own BitGo. So you have an easier UI—and the server—to have an automated Coldcard. So let’s say for example, you want to use Multisig. And you want to have another entity co-sign your transactions, because you don’t trust yourself or you don’t trust your position or whatever. So CK-BUNKER essentially allows you to have a secondary Coldcard connected to a computer somewhere—ideally a safe place—running completely automatically with some policies, like velocity: you can only spend 1 BTC per day and you only co-sign transactions for you in that matter. So just running through an easy example there: you have this thing running, you access it via Tor or in person. But let’s say it’s remote. So you access it via Tor, you have it in an address, it does all that stuff for you. You go to this page, you log in and then you’ll start your transaction either on your Coldcard or Electrum or whatever. And then you just upload your PSBT file for this to co-sign and then it can even broadcast the transaction for you.

Stephan Livera:

Excellent. So let’s talk through who are the people who might use that. Off the top of my head, small Bitcoin businesses might have a use for this kind of product. An individual who wants to use it as part of his Multisig setup might think about using this as part of his product. Who are some of the typical users for this product, or software, that you might think of?

Rodolfo (NVK):

The initial low hanging fruit people, right? Definitely small businesses like Francis Pouliot has already integrated this stuff in Cyphernode so that they can use it for Bull Bitcoin. It took them a couple of days. They’re already almost there. Most small businesses have this need where they need a separate machine to either co-sign or just run their hot wallets. And you can automate exactly, so you have your time of the day, you have your quantity, all that stuff. You can add users to it so that each user also has a policy. So you can empower your employees to do stuff, but you don’t have to trust them fully kind of thing. One of the reasons why we made this is I got a lot of requests from people wanting to be the co-sign service for family and friends. They’re the only one out of say their 50 people circle, the social circle, who have the technical chops to do anything really Bitcoin. But they don’t want to hold the bags for friends and family either. It’s not a nice place to be in especially if something happens to you. You don’t want that kind of responsibility. So what this does is it really empowers you to be that co-sign bank, that co-sign service for your friends, and then you show them how to do their part. And then you essentially run this co-signing for them. Another thing this provides is privacy. Because you’re only really doxxing your xPub Keys with yourself. So if you’re running this for yourself, you’re not sharing your addresses with anybody else or any other service.

Stephan Livera:

Okay. So we could think of it like the more privacy focused Bitcoin businesses might have a use for this kind of service or server or this CK-BUNKER, as you say. As I understand, you can set up like a Multisig. For example, you might have two partners in a Bitcoin business and they want a third key, and then they could set up CK-BUNKER as their third key and they could set it up so we need some kind of special spending policy where let’s say one of the partners plus the CK-BUNKER can sign the transaction. Is that one way to think of it?

Rodolfo (NVK):

That’s exactly it. For example, let’s say me and you, we’re running a small Bitcoin brokerage. And let’s say we’re not even in the US right? So we don’t even really use BitGo because you don’t want to deal with a US company, in that case. So let’s say that me and you being partners we can move the total balance of the wallet. Anytime. But, being proper business people, we want to make sure our partners cannot either be coerced by themselves, be at risk of being coerced by themselves, or have to trust in each other to that level either, just to keep things simple. So what we do is we can each do transactions up to a certain amount per day or per week, whatever it is, your time and amount. Without each other. So we would use CK-BUNKER to co-sign, but let’s say we decided that we want to move all the money to a new wallet, the two of us could co-sign and ignore CK-BUNKER to get it out. So that would be a two of three.

Stephan Livera:

Gotcha. So it could be useful in scenarios where one of the partners is away on a holiday or something like that, and you still need them to co-sign to pay some business expenses. But you could have set up in advance the CK-BUNKER so one of the partners can spend in line with the spending policies set up in advance with CK-BUNKER such that they can pay the suppliers and do those day-to-day things, so long as they’re not spending the full balance, let’s say. This is just a hypothetical.

Rodolfo (NVK):

That’s exactly it, you totally got it. That’s the idea. This thing is like a robo-signer. It gives you all the flexibility you need with as much or as little trust as you want to give it. So that’s very helpful. Another big thing is just having geographical separation. So you can have a box that can co-sign in a different city or a different country. That’s super powerful because you’re not beholden to local coercion or local issues or let’s say you have an earthquake or whatever. And you have to leave and you lose the wallet and you can have somebody else co-sign with that box in a different place. Having geographical separation, it’s not just for actual security. It could just be redundancy too. You can even have two co-sign boxes. So you can have two CK-BUNKERs co-signing each other in different places too.

Stephan Livera:

Right, I see it. So you could have one in your country and one in some other totally different country.

Rodolfo (NVK):

Yeah with different users. We support different levels of what we call remote-hands. So we have different trust levels for the box itself. So you can have a local user that doesn’t necessarily have the PIN for the machine or anything, but he has a special PIN to co-sign only. But he doesn’t have access to the actual private key of the device.

Stephan Livera:

Sorry let’s take it a step back and just talk about the setup then. So just to understand, for the user who is thinking, Okay, I want to use CK-BUNKER, how do I do it? Let’s say I want to do a two of three Multisig. Let’s say that’s the example. Like you and I want to go in on a business together and we want to have CK-BUNKER as our little online setup. How do we do the two of three Multisig setup in that scenario?

Rodolfo (NVK):

So you install CK-BUNKER on your computer. Right now it’s a Python package, but it has a UI and everything. It’s fairly straightforward. I’m pretty sure within no time this stuff is going to be a one-button install on say BTCPay Server or myNode or Fully Noded, that kind of stuff. It might already be a one-button install in Cyphernode. So let’s say you have the thing there, it’s installed. So what you do is you plug in a Coldcard that’s going to be the master for that instance. And then you plug in the other ones and you create the Multisig setup. You create the Multisig wallet between them.

Stephan Livera:

Gotcha. So for clarity, we would have three Coldcards in that setup. You would have one, I would have one and then the CK-BUNKER has one. And then we would jointly together have a two of three Multisig.

Rodolfo (NVK):

Exactly. It doesn’t have to be a Coldcard, by the way. For the CK-BUNKER itself, it needs to be a Coldcard for now until somebody else builds for other hardware wallets. But the co-signing parties don’t have to be, they just have to be capable of doing the same type of Multisig wallet.

Stephan Livera:

Gotcha. And they would have to have PSBT basically.

Rodolfo (NVK):

Yeah. They have to have PSBT but they don’t even have to be a hardware wallet. It could be Electrum.

Stephan Livera:

I see.

Rodolfo (NVK):

Yeah. It’s very, very flexible. That was the whole point of this.

Stephan Livera:

So as an example, you could have a Coldcard wallet and I might have an Electrum wallet. And then the CK-BUNKER obviously has a Coldcard because that’s what it is. And we can jointly sign that and I might have, say, an offline Electrum computer, and I bring a PSBT file to that laptop to do the signing, and then I would bring it back online to do the broadcast aspect, something like that.

Rodolfo (NVK):

You don’t even need to do that. You can go to the signing address that it creates and then you just upload the PSBT file there. And that’s it. It’s all web-based, but it can be offline web or online web. It’s like a web UI.

Stephan Livera:

I see. And it would host a Tor service. And so for the listeners who aren’t familiar, can you just give them a very basic background on how they would use that? I mean, you would fire up Tor browser and the CK-BUNKER would give you a Tor onion address and you just basically paste that address. You go there and it’s basically just a website on Tor.

Rodolfo (NVK):

Yeah, that’s it. That’s all. Because, see, the beauty of Tor for this—more than the privacy stuff—is that it gives you a SSL tunnel between your browser, and remote, and the device. It’s fairly secure. It’s like a closed tunnel there. So your last concern about man in the middles and all that stuff. You really get a lot of security for free. What’s really cool is that the private key for that Tor server is stored in the Coldcard too. Well not really, it’s kind of encrypted. I’m not going to get into the implementation of it, but the cool thing is that there is an extra level of security there for the Tor server.

Stephan Livera:

So that is the Tor online setup. What if we wanted to do a local setup? Let’s say we’ve got a friend and we set up the CK-BUNKER at his place. Like he’s got a garage or something and he’s a trusted friend between you and me. And then we wanted to do a local setup. How would that work?

Rodolfo (NVK):

It’s the same. You get a computer, you set up a CK-BUNKER on it and you can just use it offline. You just have to bring the files there and you put it in the UI of it and it’ll co-sign for you.

Stephan Livera:

In terms of what you have to install, I was just looking through some of the docs I saw ckcc-protocol, which is the same thing that you install if you’re on Linux and you want to use Coldcard with your Electrum, that’s the same thing you install. And that’s basically the main thing that you would have to install.

Rodolfo (NVK):

That’s it. You just install ckcc and you install CK-BUNKER which is going to have all of its dependencies. There’s a few, and we run the whole show for you there. It’s all fairly plug and play with a little bit of command line right now, because you’ve got to get it there.

Stephan Livera:

It’s early days.

Rodolfo (NVK):

Exactly. I mean, somebody is going to have a one-button for this, you know, in a week or two.

Stephan Livera:

Yeah, I do think it’s an interesting idea. Let’s talk now through the setup of it. And if you want to set up spending rules, users, derivation paths. So let’s talk through spending rules first. What are some example spending rules and how would you configure these spending rules?

Rodolfo (NVK):

Essentially you create users, and these users are actually stored inside the policy file inside the Coldcard. And then each user, you’re going to choose how these users authenticate. Is it a user that’s just the Coldcard itself? Like no people, no human input. Is it a human input? And if it is a human input, is it Google Authenticator or is it a password? We give you full flexibility there. So what’s really cool is you can have remote-hands. So let’s say you don’t want to fully trust the Coldcard to just co-sign 1 BTC per day automatically. You still want a human to go and look at the transaction on the screen. This user, you can force this user to use Google Authenticator for a one-time password or you can just have a standard password for them. It’s also numeric. And they’ll just type it in on the screen. And what’s nice is we give you full review of all the transactions on screen so you can review everything before you sign. And then we also give you different levels of security on the device. There’s security considerations of course, because Coldcard is open source. And we only use a secure element to store the seed when it’s essentially off. When it’s unlocked, the seed is in memory of the MCU, essentially the less secure part of the device so that we can do everything in open source. The problem with that is there are very extreme possible side channel attacks and things like that. So this is a $100 solution for a $50,000 problem. So if you want to get a proper HSM that has all the proper physical properties that you need in all the automation and all the certification and all that stuff, we’re talking about a $50,000-$100,000 machine. Now if your physical considerations are not somebody with side channel attack capabilities coming to your facility, you can solve that problem with a $100 device, which is quite nice for a business.

Stephan Livera:

Yeah. And I think the other thing is one important, perhaps neglected factor with Bitcoin and things like that is the first factor is if somebody even knows you have Bitcoin. That’s probably the first part. So if they don’t even know you’re using this kind of setup, well that’s already a big factor.

Rodolfo (NVK):

Exactly. And you can do things to sort it out. One is that the Coldcard doesn’t have to be plugged into the computer at all times. You can unplug it during certain areas of the day or whatever. You can also have a power isolator. And you can put this inside a locked metal box that’s EMI shielded and that’s it. So essentially think about it like a a properly altered small little gun case, gun safe that you put in a drawer. You can have that stuff wired in and sitting in there. And then you have the employee or the person that needs to put a PIN to go in to change. Or if it’s fully automated and you don’t need a human input, then you can make that even more secured in something, even a battery maybe. So even if you have a power down or something.

Stephan Livera:

Okay. So if we’re talking about attack costs. This is something I think you’ve mentioned before as well, around How much would an attacker have to spend to try and break it. And we shouldn’t think of things in binary like it’s unhackable or it’s hackable, it’s more just like how much should someone spend or how much technical expertise is required. And I think you’ve mentioned for the Coldcard rough figures as well there. Would you think of it like, don’t secure more than X number of Bitcoins or X number of money on a CK-BUNKER style device? Or is there any kind of guidelines that you can share for the listener?

Rodolfo (NVK):

I don’t think there is a lot of guidelines because remember, if you’re doing Multisig, let’s say costs $50,000-$100,000, maybe more to attack the Coldcard CK-BUNKER location, plus time, plus know-how. It’s quite an advanced attack. This is not your average run of the mill stuff. But let’s say somebody has the capability of getting to that. They still don’t have the other leg of the Multisig, which is you. So this is quite robust in terms of single point of failure. So even if they get to it it’s not a big deal. Now let’s say you’re using this to run a hot wallet and it’s single-signer. Then now maybe you want to consider what’s your trust level there and how much you want to keep in it. Because you could, this can run it as a single-signer as well.

Stephan Livera:

I see. So in that scenario, let’s say it’s a single-signer scenario, then would you say don’t keep more than $50,000 on it?

Rodolfo (NVK):

Let’s say you live in a very safe country and you’re very comfortable with your physical security. I mean then it’s not a big deal. Because if somebody is going to cut steel doors and get through all that and then shoot some security guard and then know how to do side channel attacks. Do you know what I mean? It’s like this stuff starts becoming very Mission: Impossible. So as long as you have the layers and you think this stuff through, it will become very obvious to you, what’s your risk management in terms of amount of money you keep in it?

Stephan Livera:

Yeah, no, that’s fair. That’s fair. And I think in practice, most people who would want to use this would be doing Multisignature on it anyway. So they might be doing two of three or three of five or something similar based on how many people are in that Bitcoin business. And so as you mentioned, you set up the users and they could either be using Google Authenticator or some other kind of TOTP like the one-time password or just a set password. And then we’ve got derivation paths. So from watching the video, I think there is a way to lock it into certain specific derivation paths. So can you tell us about that and why would somebody use that?

Rodolfo (NVK):

So for example you could whitelist a single derivation path, which is really cool. So you can only send to a certain derivation path of a certain xPub. You can only sign a certain derivation path as well. So you can say lockout other parts, other accounts of the same private key, the same seed. To me that’s very powerful to be able to set that out on the policies.

Stephan Livera:

Sorry we might clarify just for listeners who are unfamiliar with that. Check out episode SLP99 with Andrew Chow. But I guess the high level way to think of that is you’ve got your seed and then off of that you can generate an xPub and then from that xPub you can generate all these different addresses in different accounts. And the quick way to think of it is the derivation path is like a folder structure, a folder location for a specific setup that you have. You can think of it like, this way of locking into a certain derivation path is to say, only spend into this specific account structure. Would that be a fair summary?

Rodolfo (NVK):

Yeah. The idea is you’re just saying, you can only spend from this account, not from this other account off of that same seed.

Stephan Livera:

In terms of other policies. So can you tell us a little bit about that? I think I saw there were some other ideas there, like PSBT warning. What was that about?

Rodolfo (NVK):

So let me just open my docs here. I’m starting to forget all the options that we have for the policies. So you can choose to have a confirmation message. And then we can check for absence of stuff too. So in the absence of say the log not having a microSD for the log don’t sign. We can check, for example, if you want to sign a PSBT that’s nonstandard to our heuristics. So we do some sanity checking on outputs. So in case somebody is trying to do man in the middle on the PSBT or something, we can do it so that if there is a warning it doesn’t sign, period. Or if there is a warning that you have to OK the warning, you choose. So you can really break this down to your level of need there. And then you have the whitelists. You have the time, you have the max amount, you have the users, you have the minimum amount of users. So for example, you can have a single Coldcard in an office. And say you are the boss. So you are not in the office you want to co-sign a transaction, but you don’t want to trust a single employee. So you can have it so two employees have to put two PINs.

Stephan Livera:

I see. So it’s like a way of getting Multisig without doing Multisig, if you will.

Rodolfo (NVK):

Or on top of Multisig.

Stephan Livera:

I see. And let’s talk through that process then. So if you try to sign, but you have not met the policy requirements, what happens then? Does it show you the error? Does it say “We require X, Y and Z?”

Rodolfo (NVK):

No, so this is the cool thing. We give you the option of having privacy and not having privacy of policy. So in one choice we show you the policy file in the UI of CK-BUNKER, so you can see the policies there. In the other option it just fails.

Stephan Livera:

I see, because you don’t want to reveal exactly the spending conditions.

Rodolfo (NVK):

What’s your maximum? Exactly. So we give you the two options. And then we have the more nuclear option—because we like nuclear options—where you can lock the policy file on the Coldcard forever. So essentially it can never be used again as a normal Coldcard or anything. Once it’s set, it’s set forever and that’s it.

Stephan Livera:

So we’re using the Coldcard Mk3 as a normal wallet. And then we can turn it into an HSM. This CK-BUNKER idea. Can you tell us a little bit about how you switch between, what are the main differences that we should think of when it’s in HSM mode?

Rodolfo (NVK):

It’ll become quite obvious. Especially going to the HSM menu and once the Coldcard is set up and connected to the CK-BUNKER. It goes into HSM mode. It has the Nightrider little bar going side-to-side on the bottom of the screen. And it’s got this dashboard, the tiny little screen, showing you how many transactions went through and and the time period. So we show essentially how many approved, how many refused and the time period left. And we have a little thing for the PIN.

Stephan Livera:

Yup. And for clarity, for the listeners, this is a Mk3-only feature, correct? They can’t use Mk1 or Mk2 with it?

Rodolfo (NVK):

So we actually tried to make it work on the previous models because we wanted people to be able to use their old models as this stuff. Reduce some e-waste. But the problem is there’s simply just not enough memory. There’s a bunch of stuff we need to run there and there’s just no room. We’re talking about, we count bytes, like we literally go through menus to remove spaces to fit more code in. That’s the kind of memory management we have to do there.

Stephan Livera:

So let’s talk a little bit about this idea of the storage locker. So just from looking through documentation, I saw this idea that it’s like another way of storing some sensitive data into the secure element on that Coldcard—and now it’s a CK-BUNKER Coldcard. Can you tell us a little bit about that and what might people use that for?

Rodolfo (NVK):

So when you have a remote server or something like that oftentimes you have to store a few things. Say your Tor private keys, right? They’re not necessarily Bitcoin-related or Coldcard-related. But they have to be stored somewhere. You can also store your server SSH keys, you can store whatever you need to store for that server to run. And then we give you a way to have a policy in which, say for example, you only give the CK-BUNKER access to that sensitive data once, at boot, or more times. You choose how often you need to see that data. But what’s nice about that is if there is a physical attempt at that computer, some of the sensitive data is no longer available to that computer because oftentimes you just need to see that stuff once a boot to set up something and then that goes into memory and then you’re done. You can hide it.

Stephan Livera:

I see. So this is like a security architecture point to talk about there. There was also this question on the documentation around a possibility of not using the master xPub but using a derived path instead. So can you first just explain for the listeners who might not be familiar, what’s the difference there between the master xPub and the derived path?

Rodolfo (NVK):

So it’s essentially like an infinite tree there. You can have your xPub, like your first xPub out of derivation path there. But you can also derive another xPub out of that xPub. So you can have a secondary derivation path there. And that really just helps segregate things and give you a whole other set of rules you can have instead of, again, segregation of funds without having too many seeds, for example. The people that have the need for that, it will become very obvious for most people, it’s a little bit out there in terms of feature. And one of the main reasons why we wanted to keep this thing so loose in terms of features and very flexible is because, as people try to do Lightning network HSMs or they’re trying to do, eventually, confidential transaction stuff or they’re trying to do mixing services or just JoinMarket or whatever, right? Some of that stuff is not baked into Coldcard yet. But people are thinking of clever ways. I just saw on Twitter today, some kid managed to use a Coldcard as their Lightning channel private key holder, which is pretty awesome.

Stephan Livera:

Yeah, I believe c-lighting has that function now where you can open the channel from a hardware wallet and then close back into the hardware wallet.

Rodolfo (NVK):

So what’s nice is, as you make some glue, you can have a automated hardware wallet doing your Lightning channel stuff. So that’s pretty powerful. One of the biggest issues with Lightning is having a hot computer with a private key in it. So if you can just take that out of the computer, it is a huge gain already.

Stephan Livera:

And I think you were experimenting and researching into this direction as well of potentially having a Coldcard and potentially using CK-BUNKER as your Lightning hardware wallet. And yes, it’s not going to be fully cold, cold, but it’ll be more like a warm wallet and that’s a bit more secure than just having the keys straight hot on the computer. So can you tell us a little bit about that?

Rodolfo (NVK):

Yeah, that’s exactly it. It really comes down to that idea of security in depth. If we can add some more layers, any layer counts. Because it’s one more thing an attacker has to figure out, the attacker has to get over it. So I think that’s a biggie for Lightning. The idea of having hot keys on computers, it makes me feel uncomfortable. So I hope that eventually somebody who knows and understands Lightning way better than I do can make some of that glue work.

Stephan Livera:

Yeah. And now one other comment, and you mentioned this as well around the flexibility of CK-BUNKER, but I’ll tell you one thing that I’m seeing even for me when I was trying to research this, I was almost like There’s too many options and I had to try to think up examples to try and make it real for the listener because sometimes when people are given almost too much choice, they don’t know what is this actually good for, what is it actually usable for? And again, this is early stuff. I appreciate that. But maybe one direction that this can develop is to have a few kind of stock standard setups. So there’s two or three examples that we were talking through that might be an easy, common, stock-standard setup that people might use CK-BUNKER for. Do you have any other ideas on what would be a typical use, a typical stock-standard setup?

Rodolfo (NVK):

You know, us, right? We’re terrible at making stuff that’s noob-friendly. So one thing was really cool, Peter D. Gray, my co-founder, he went on a rampage on Twitter and started giving examples and we added those to the homepage of the CK-BUNKER project, so you can see those there. So I guess some ideas, and these could be automated, right? Or they could be a software wizard by either users or us—this stuff will get easy. It’s already easy, it’s just that you’ll have to read the manual. Hopefully soon you don’t have to read the manual, you just press buttons and the stuff is done for you. The examples from the actual homepage right now are: geographic separation, you’ll have a Coldcard at another site and he co-signs for you. Another one is to have your warm wallet doing some spending for you to a whitelist. Say, this is your in-between removing funds from an exchange, and you need an in-between you and your very cold storage to go through to your operational wallet. Businesses understand operational wallets. You do need one. You take, you earn the BTC, and then you need to figure out how much I need for bills, how much I need for that, and then how much is going to go to cold storage. Right. So this is very good for that. You can have one that’s like, say Meet me in the CK-BUNKER ATM (automated teller machine). So it’s like a three out of five Multisig and maybe two of them don’t actually have Coldcards. They just have Google Authenticators to co-sign—this is super useful: to have people that don’t actually have to Bitcoin-sign—they’re just password-signing—because it’s less wallets you have to set up, so it’s very good for managers. You can have a very good way to do message signing. It’s just easy for people to do it in general now because there’s a Web UI for it. And then you have your storage locker. Maybe it’s your server keys or your database keys or something like that. And then you have your classic, “I am the person who co-signs for the whole family.” So you create different derivation paths for each person, and that’s how you do it. Maybe you have multiple instances of CK-BUNKER running for each person as well. I’m sure somebody will come up with a nice little Raspberry Pi solution for that eventually.

Stephan Livera:

That could be a business model for them as well. They can say, Hey, I’ll set up CK-BUNKER for you and then you and your family can have your own little CK-BUNKER thing going.

Rodolfo (NVK):

And you don’t even have to trust them, which is really cool. I mean, the worst that can happen is they have one of the keys out of the Multisig so they can’t really rob you. So that’s where it’s at now. I think once there’s some videos, there are some people using it, it’s going to become a lot more obvious. We didn’t want to pigeonhole this into a single solution sort of thing because this is already for advanced people anyways. Not super advanced, but this is for people who can run their own BTCPay Server kind of deal. So might as well give people the flexibility and wait for them to start pigeonholing some solutions out of this.

Stephan Livera:

Yeah, for sure. I think that makes a lot of sense to me. Let’s change it up a little bit. Let’s talk more now about the Coldcard. So, recently you were just telling me that you made the Coldcard documentation public as well, and you’ve got the GitHub page going for that. What was the thinking there?

Rodolfo (NVK):

So you know, we have good technical documentation. But I think our documentation can definitely be improved in terms of more noob-friendly language or examples or things like that. So we decided to move all the documentation for all our current projects into a single repository and make it public. So that people can help. It’s like, if you don’t like the documentation, well then make a Pull Request and help us improve it kind of thing. So if people want to help we’d be very grateful. It’s github.com/coinkite/coinkite-docs. But there’s links everywhere and it’s on our Telegram as well.

Stephan Livera:

People have different ways that they’re doing support channels as well, right? So some Bitcoin projects, they’re big on Telegram, so it’s kind of go to the Telegram and ask the questions there. And other people are just firing off questions on Twitter, on Bitcoin Reddit and elsewhere. So there’s all these different places. And then some people are just not even in that world at all. And they’re just literally going to the website coldcardwallet.com or coinkite.com and expecting everything should just be there.

Rodolfo (NVK):

That’s right. And I think people also ask questions differently. They use different language. So sometimes just having the same answer or the same question asked differently helps a lot. The way you ask your question helps. And we hope to add search at some point soon as well to the docs and that should make it a lot easier. We also needed to document CK-BUNKER, which had a quite a bit of docs. So there was also motivation to finally move all this stuff into some place that other people can contribute.

Stephan Livera:

Yeah. And I think if anyone is the sort of person who is often helping answer questions, then if they’re starting to answer the same question many times it starts to make some sense for them to do a Pull Request, put the question and the answer and put that into the documentation. And then whenever they get the question they can just link them to that exact right point where they’ve already answered the question.

Rodolfo (NVK):

It’s very efficient.

Stephan Livera:

Yeah. So that’s something people can look at. Also I wanted to talk about secure elements. A lot of back and forth. I don’t want to get too toxic or whatever, but I think it might be useful to talk about just the facts. What are the ways of thinking about keeping your keys secure in Bitcoin and some people are more adamant about the use of secure elements and then you’ve got other people who are more—and trying to be neutral, trying to be fair to their point of view—they might think of it more like, Hey, everything needs to be open source, otherwise I don’t know if I can trust what’s inside that secure element. What’s your thought on that?

Rodolfo (NVK):

So that’s a false premise. Unfortunately hardware is a very deep technical rabbit hole. But aside from a few projects, they’re not really out there yet—I don’t know if they will ever ship. There really is no fully open source hardware. Unless you have your own electron microscope at home and you can check the die of the microchips you’re using, you are trusting somebody. So then the question is how can you minimize that trust as much as possible? And there are ways. I mean there is our approach, there’s the Trezor approach, there’s the Ledger approach. So secure elements are essentially a purposely made microchip to keep secrets secure. That’s it. That’s its purpose. And then there are many flavors of that, many ways to go about it, many ways to do it. And then you have general purpose microchips. They’re essentially like Swiss cheeses. They just have holes everywhere, they were not meant to do security, they’re just doing their job, running a toaster, running a microwave, running a hardware wallet. It’s the same microchips that are in your microwave—they’re in your hardware wallet. What’s cool about simple MCUs, the simpler microchips that Trezor and Coldcard use—that are open—is that they have a lot less complexity, so less attack surface. But they’re still completely full of holes. So what we do—Coldcard—is we have a very dumb secure element. The secure element that we use, it’s actually fixed function. Essentially you can’t run code on it. What this secure element provides to us, it’s essentially a storage locker. It has, of course, a few crypto calculators in there. We call them crypto accelerators, but let’s call them crypto calculators in there that can do crypto for you. They don’t do the Bitcoin core, so we’re not doing any Bitcoin stuff with those closed source calculators. We’re only using the secure storage locker off that chip, which is very good. Is it infallible? No, there are ways of attacking it and it costs hundreds of thousands of dollars essentially. The point is, it’s very expensive to attack. And then what we do is we actually keep your seed encrypted with the open source code in the secure element. So the secure element doesn’t actually have visibility to your seed either. So say if there is a backdoor by the manufacturer of that secure element. They still cannot see your seed. They would have to get the other part from the MCU to be able to decrypt that. And we use one-time pad, which is the only known cipher that’s essentially unbreakable. To break that they’d have to attack the other chip as well. So in our case, you essentially have to attack two chips and you have to have a success rate of 100% for both or you can’t marry them together and get that key extracted and also decrypted. So it’s a very, very, very, very advanced attack. And that was our solution to find the right sort of compromise, the right set of trade-offs so that we can have a fully open source device. All the code is verifiable and because it’s a very dumb secure element, no code of ours in there. You can actually buy that secure element from Digi-Key. You could de-solder it, take the one that we provide you with, put a new one in, reload the firmware, and prove to yourself that we don’t have any shenanigans running because we did not provide you that chip. In the case of Trezor, they have no secure element. There’s essentially zero physical security. That device⁠—I don’t know if they designed it this way⁠—but now the literature on it, the marketing on it, really, says: there is no physical security, this is essentially a layer against computer malware—use your 25th word. We advise everybody to use the 25th word. Everybody should use a passphrase regardless if it’s for real HODL but there is, again, multiple levels of needs. So you don’t want to have a 25th word for your operational wallet, but you also may want this to be secured against an evil maid attack or against some basic physical security. That’s what we personally wanted to achieve: just raise that cost of attack to a certain degree, and we think Mk3 is there, in a very good spot. And then there’s Ledger. Ledger has a true and tested approach to this. It’s a very known approach in the chip-and-PIN security industry. It’s a very fair approach, but there is no choice. It has to be closed source because they’re using a bunch of the libraries of those chips—probably—I don’t have full visibility to it, but I assume that’s because they’re using a lot of the vendor libraries and probably part of their certification. Who knows? Their apps could be all open source, but the base layer of their solution, let’s call it the chip OS, because they’re running everything inside the secure element, is fully closed source. I don’t know if they have pull with the vendors to maybe change that one day or maybe—listen, it’s a lot easier to do security products being closed source. That’s the honesty about it. I would love if I could get away with being closed source. Because I wouldn’t trust it myself, I didn’t do it, but it’s a lot nicer because all the script kiddies, all the lower level researchers, they’re not going to be able to find a lot of your problems because the source is not there, you cannot just go read the bugs.

Stephan Livera:

It is a bit of a challenging thing because as I recall, Ledger came out with their Donjon Ledger blog post talking about the unfixable seed extraction attack available on the Trezor One. That was a little while ago. And then more recently Kraken Security Labs—disclosure, my podcast is sponsored by Kraken but—Kraken Security Labs came out with basically some of the details around how to actually do the seed extraction attack against both the Trezor One and the Trezor Model T.

Rodolfo (NVK):

Yeah, I was a little bit annoyed about that post because to me it felt like just reusing the knowledge of somebody else. I got to give it to the guys from Ledger. At least those guys are doing all this stuff from scratch. I have had many back and forths with them. They are trying to attack our stuff too. They were successful with some stuff—not with everything. They’re trying to work on the Mk3 now—I’m still waiting to see if they manage. They’ve managed to find flaws in chips that suppliers get. If somebody is putting that kind of effort and money into it, there is a level of wasted time for very obscure expensive attacks. But at least we get something out of it. You have professional people trying to attack stuff. Part of what annoys me is the PR cycles out of this stuff, because it’s FUDing this industry. It’s making everybody make stupid decisions. People hear about some attack and they immediately try to move their HODL somewhere else and they might screw themselves. So I think it’s important, but the whole trying to snipe the competitor with attacks is getting old. And there is diminishing returns there. I really welcome—especially—very advanced stuff that costs a lot of money that you might not necessarily even be able to afford as a vendor. We’re talking about million-dollar equipment plus time plus know-how people—it’s serious stuff. And this is just to do research on hardware. This is not people actually making anything. So there is a lot to be gained by the industry for that. But what I really got tired of is lower-level research done with research of somebody else for blog posts and PR. I think that’s detrimental to the industry, just creates more paranoia and it’s not helpful.

Stephan Livera:

Right. I can appreciate that. One of the important things that we’re always talking about with Bitcoin: “Not your keys, not your coins.” And I wouldn’t want to have users be scared out of self-custody. I wouldn’t want them to think, Oh, I’d rather leave it on the exchange, because I think that’s way worse. I think they should take those steps and though we’re kind of living in this world where it can be confusing for a person who is a newcomer to the industry, they might think, Oh no, I thought that thing got hacked or I saw some blog post or I heard a news article or whatever. So as long as the message is that you should try to progressively take steps towards bettering your self-custody.

Rodolfo (NVK):

Yeah. You have to do your own research. There’s no way around that. If you want to be your own bank, you have to be prepared to be your own bank. There really is no alternative to that. Again, even for me: I was in this space, I had other products, other services going on, and I did my own research and I was not happy with the available options. So we made our own solution and we ended up making that into a product. But I can only give my personal set of preferences with my own biases. To me, if you don’t have a secure element, it’s a problem. It really is. Because you’re not getting some very basic set of defenses. Listen, any hardware wallet is going to be better than a computer infested with viruses. That is true. But I think that’s a very low bar to expect from a hardware wallet. I think that you have to be able to survive a certain level of attacks before spilling out the beans. Being closed source is something that I just personally can’t live with for my HODL. Especially for seed generation. Seed generation, you shouldn’t trust even the trusted, the true random number generator on a secure element. That’s one of the reasons why we put the dice feature there. If you’re going to hold real money or if your money is going to become real money because Number Go Up, you have to invest. It’s like having a $10 bike lock for your $3,000 bicycle. Why would you do that? All these hardware wallets are very cheap for the kind of money that people hold in them. People like to make fun that we keep on making new hardware, but I’m not going to stop. The security bar is going to keep on getting higher and we’re going to keep on making new hardware. And that’s it. That’s my personal view of how this thing needs to be done. Until I have something that meets that bar of that period in time, I’m not happy, I’m going to keep on making new ones. It’s your choice to buy it from us and have the stuff that we make that will have a new version in year two. If you don’t want that well then get something else that’s been around forever and has the holes that you expect to have. What’s nice is that there are options.

Stephan Livera:

Yeah. I think we have to recognize that this is a cat and mouse game and it’s constantly shifting and so it’s just difficult to expect that a product from four or five years ago or whatever will stand that test of time rather than you having to continually up your game and everyone has to just continually up their game.

Rodolfo (NVK):

Before Bitcoin, even the security industry never had to hold actual secrets of this level at consumer devices. Not like this, nothing like this—in open source. I was talking to a manufacturer that actually makes this stuff for the last 50 years that puts chips in cars and all kinds of stuff and tries to keep things secure. They just never had to deal with an industry like this. They’re not used to people spending half a million dollars trying to break their chips—just to break their chips. It’s a whole new world. And Bitcoins are new. All this stuff is new. The Bitcoin curve is not supported by a lot of stuff. So I don’t think we’re going to get away with just not making changes to the hardware. I think that it’s just not possible. If you don’t care about that, then get a laptop, drill out the radios and the microphones and all that stuff and use that. Just remember to destroy the memory once you’re done with it with a drill or a gun because you just never know what kind of information that machine could have linked to itself. And it’s just the reality of it. It’s much easier to do that with a hardware wallet because it’s so simple—the attack surface on a computer is ludicrous.

Stephan Livera:

I think the other thing with that is also looking at things like Multisignature as well. But again, there’s complexity with that, so the user has to trade-off with that. In fairness, there is also complexity associated with changing hardware wallets every year or two. Because you might screw something up with changing over and things like that.

Rodolfo (NVK):

No we made that easy. You just do the MicroSD backup, and you move it to the next one and then you just import it in. That used to be a pet peeve of mine, because I used to have to move hardware wallets and it’s like, No, this needs to be easier. So now you do the MicroSD thing and it’s done. It really is done. But yes, I take your point. None of this stuff is simple, and everything is in flux until this industry has 30 years on its belt. We’re 10 years in, it’s much better now.

Stephan Livera:

Yup. And this is a theme that I’ve seen you speak about before as well, which is: a lot of people screw themselves out of their own coins. And so it’s important to talk about backups and how you secure them. And also this topic of segregating your coins. So do you want to just open up on some thoughts on ways to segregate your coins? Some examples I can think of are KYC coins versus non-KYC coins, you might have a separate stash for that. And then you also want to think about it from a day-to-day spending. So let’s say you’ve got $100 worth on your phone, but that shouldn’t be the same as a warm wallet. And then that is different to having a cold wallet. And then you got to think about, well, do you want to do Multisig on that cold wallet as well? So can you tell us a little bit about how to segregate Bitcoins?

Rodolfo (NVK):

Yeah, so you can’t just have one single device and that’s where all the stuff is and that is just the end of it all. You really have to think it through because again, Number Go Up. So there’s a lot of people who had, say, 50 coins in their phone back in the day, and then they forgot that they had 50 coins in their phone back in the day and that was $10. So then the time passes. And then now we have $500,000. So now you can’t even cross an airport thing anymore without possibly getting arrested for the end of your life. So it is again in constant flux. Price, security, and everything else. So the same way you check your investments, you go in your investment account and you look at your stuff, or you do your accounting once a year to do your taxes. Why don’t you do a security review once a year? Look at your stuff. Again, people screw themselves out of their coins more than they get screwed out of their coins. So the chances of an advanced attack against you are much lower than you just screwing up your coins. So make sure you have backups for all your wallets. Make sure these backups are appropriately segregated, distributed in different geographical locations. They’re encrypted if they have to be encrypted, they’re un-encrypted if they don’t have to be encrypted. And if you have encryption on backups, do you have a backup of the backup? Do you have a backup of the decryption key of the backup? Make a little tree: get a piece of paper. Make a little tree in a flow chart: here’s my wallet, here’s my seed, here’s my backups of the seed, here’s the encrypted backup of this seed, here’s my encryption key of the seed. Do I have backups for that? Just draw it out. And then you’re going to have there also your phone wallet. Your say for your business you might have your BTCPay Server wallet, your cold wallet, your trading accounts. So just chart it out. In paper, off of a computer, please, because you might have a hacker watching your computer and then you’ve just described all this stuff you have. Obscurity on your backup setup is very important. And then you want to look at your tree of Bitcoin security back up, and see, okay, these are single points of failure. If I get coerced, if I don’t get coerced. Should I split this into two? See when you do Multisig and you have two wallets, now you have to think about two backups too—really, four backups, because it’s two backups for each, maybe. It’s very important to draw this stuff out. Have a full picture, see where you stand, see if you’re comfortable. Make sure that if your house catches on fire, all the stuff on the tree doesn’t catch the fire with the house. Because as much as it’s nice to have a metal thing, you just never know if the thing is going to melt in the house? You could have failure. So do you have an off-site backup somewhere? Maybe it’s in a different jurisdiction. Maybe it’s a different country? And it’s encrypted in there. It’s very important to think this stuff through. I could give you a bunch of examples, but odds are they are not going to be right for you. I really, really would like to encourage people to just draw this stuff out, do research, set it up. You don’t have to do all the things initially. You just slowly improve your setup. And then you do your once a year audit right after the taxes, or in opposite of the taxes. And make it a thing, make it my yearly security review. And also what’s nice about that is you might start finding coins that you forgot you had in some places. It’s like pocket change. But because number went up and it’s been 5 years or 10 years, you never know. You might find some very interesting pots of gold in your setup. So let’s not forget those coins to begin with. Make sure you have very good notetaking of which exchanges you have accounts in, how much coin you have there, the passwords for that stuff. And you have backups of that stuff. Because say an exchange goes down, let’s say there was a lawsuit, they might need you to provide some proof of how much you had or it’s just, you just never know tomorrow. So just make sure you have notes of everything and you have a very good picture of your security setup. It’s that kind of preparation that really if anything helps us to sleep at night.

Stephan Livera:

Yeah, for sure.

Rodolfo (NVK):

It’s a big one. And then you can also think about now the next step, which is super hard still, which is inheritance. You have to figure out if I got hit by the bus, which is the ultimate attack, right? I think it was Vijay who said that. Do you have the means to pass on access information of recovery? Continuation of business for businesses or, pass on wealth to your family and children. Do you have all this stuff available to them? All the exact information, derivation paths of everything. So there is a lot to it. Listen, being your own bank, it’ll be definitely easier than it is now, but it’ll never be as easy as just deferring all that stuff to somebody else and taking an IOU. So definitely do your own research and try to figure out all the scenarios slowly. Like you don’t have to freak out, but go through it.

Stephan Livera:

So let’s talk through just a basic example. Let’s say somebody is, they’ve left their coins on an exchange and now they’re like, Okay, I’ve just heard Rodolfo say, Hey, I should take my keys off the exchange and I need to keep that backed up. So for example they could get a Coldcard, and they might have a passphrase let’s say four or five words passphrase and they would want to have a steel like Cryptosteel or BillFodl or CypherSafe product—disclosure: CypherSafe is a sponsor of my podcast—but you could be using one of these steel products and have maybe one for the Coldcard seed and potentially one for your passphrase and you could keep them in different locations, obviously.

Rodolfo (NVK):

Another thing I highly recommend is—and this is one of the reasons why we made this thing—use the microSD backup. Okay. It is not fireproof. It is not nuclear proof, but we have these industrial grade cards. They’re fairly good. You still have to still have cleartext backups, on your steel plates in different locations and all that stuff. But those steel plates should be very hard to get to. So say you have hardware failure. You want the means to restore your operational stuff, your backups, much easier without really dealing with cleartext backups. So make two, three, four microSD backups that are encrypted. And then the nice thing about that is the microSDs could be off site somewhere, but they’re encrypted. So it’s not ideal if somebody gets hold of them because eventually one day they could try to break it. I mean, the encryption on them is quite decent. So it would take quite some time and you’d know by then you have moved the funds. But, you have this non-cleartext backups somewhere more accessible. Say safe deposit box. You don’t want to leave clear backups in safe deposit box because if a banker gets in there, they can see it. So you have those encrypted backups there, or for your Multisig or whatever. It doesn’t have to be single points of failure and then you can have the passwords for that, for the decryption of those microSDs very available. Like in your password manager, it doesn’t really matter because the cool thing about those is that those don’t have money. So you can’t do anything with those. But you break your hardware wallet or you lose it or something happens. You have the means of very fast, very safely restoring access to your funds without dealing with your more complicated wealth transfer plates in the moon to somebody else. You can deal with all this stuff a lot more reasonably and safely without touching computers, without doing any of this stuff. I find that a very overlooked issue around this stuff. Just being able to operate again. And this is one of the most common case scenarios: somebody breaks their wallet, somebody loses their wallet, they need to quickly—if they lost a wallet—simply transfer to a new one. That means they have to be able to transfer to stuff. They have to have access to it without going to two different countries to get their plates.

Stephan Livera:

Right. Just to summarize that, it would be something like, Okay, my Coldcard went up in a fire or I lost it or someone compromised it. Then in my password manager I’ve got the encrypted backup password and I’ve got the microSD backup in the safety deposit box somewhere. I go pick that up and I would use my password to the encrypted backup to unlock those funds. And then you might need to have a couple of hardware wallets just on hand so you can have something new to put it into. So that’s something people need to think about from a practicality standpoint.

Rodolfo (NVK):

Exactly. Have redundancy, depending on how much money you have. Or like how much funds you have or how many segregated wallets you have, have multiples of it. Make sure they’re appropriately safe. For example one good thing that I highly recommend to people is have a initiated hardware wallet, like an extra backup of one kept with the seed. So if you ever need—because one broke—or you want to pass it on to family, instead of having them have to figure out how to load that seed, the correct derivation path and all that stuff, you already have a hardware wallet ready-to-go there with the PIN written right on the screen. Because it’s with the seed anyways. So it’s just nice to have redundancy and ready to go. You can’t emphasize that too much. So that’s one of the parts. And then for example, if you have Multisig—especially for Multisig—wallets are complex. The derivation paths, the scripts, however you set up your Multisig, make sure that you have proper backups that are ready to go for each of the signers. Again, maybe set up a second wallet at the same day that you’re doing this set up that you have your Faraday cage, tent and your hat and your underwear, you’re already all set up, right? So just do it twice or three times and have that stuff properly set up and just make sure you don’t have those things lying around or like make sure that the backup redundancy is properly stored securely and all that stuff. That’s very helpful.

Stephan Livera:

And one point I think it might be a good reminder for people as well is that if you’re feeling uncomfortable by some of these things when you first set up your Coldcard or whatever, whichever hardware wallet, whatever setup, test doing the recovery then. So you might send $5 into that wallet just to have a small amount there. And then practice deleting and recovering into your backup just to prove to yourself, yeah, my backup works.

Rodolfo (NVK):

That’s right. I forget that always when I’m giving people advice. But that’s one of the best things people could do. Just go through the process of essentially screwing yourself. Make sure you go into the menu, destroy the seed and now you have a Coldcard without the seed, and then try putting the seed in back again and make sure everything works. And you see those funds again in whatever thing you’re going to use, like Electrum, whatever you’re going use. If you see the funds again you can spend them. I mean, you know you can recover from backup. That’s essentially testing backup recoverability which is very important.

Stephan Livera:

Yeah. So that’s a good tip. I can understand some people who just leave their stuff on the exchange and well, I mean they might think I’m too scared about using a hardware wallet and this is one way to prove to yourself you can recover it with these 12 or 24 words. You can recover it. And that’s what you need to prove to yourself using this kind of idea of, set it up and spend, $5 or just a small amount there just to prove it to yourself.

Rodolfo (NVK):

Pretty much all businesses fail eventually. Even if it’s not nefariously. Exchanges go out of business, right? And then funds can get entangled in legal battles. That’s the cost of doing business. If you’re not trading, don’t keep it there. Figure out how to do this stuff yourself, or pay a service to, use CasaHODL, use Unchained, get the funds out of single points of failure. They’re just giving you an IOU. But if you’re trading, you have to have the funds hot. That’s just how it works. Just figure out your risk assessment and threshold that you’re willing to go.

Stephan Livera:

Yeah. And obviously minimize the amount you leave on the exchange. So people should be periodically flushing it out into their own holding rather than leaving it on the exchange. A couple of other broader things: just with the Opendimes, one question and discussion I’ve seen is around, what’s the failure rate on Opendimes and how careful should people be with people putting money onto an Opendime and using that for peer-to-peer trading or whatever.

Rodolfo (NVK):

So I hate the idea of telling people how much they should risk their money kind of thing. So Opendime doesn’t have a backup. It was not designed for that, it’s designed for you to do trades of risk-appropriate amounts, whatever that is for you. Think in terms of cash in hand. You have to figure that out yourself. Opendime was designed to fail forward. In most cases, if it’s going to fail, it’s going to fail before it allows you to deposit any funds. Essentially if it gets destroyed in shipping, if you see how customs handle packages, you will have devices that fail and we do replace those. When you put it in the computer, it’s going to check itself. The way it’s built is that, if there is minor failures in it, it’s just going to fail and it’s not going to give you a deposit address, which is nice. It just means you have a dud. But at least there was no funds lost. It’s still a manufactured device. The numbers right now are about 1 in 10,000 that we will have a failure post-deposit. It’s a pretty small number. And of those, we managed to recover 100% of them. So these are people who sent us the device either because they—if you see the things that people have done to these devices, I mean, Jesus Christ—you have people who carry them in keychains with amounts of money that you would not believe, I do not want to dox people but we’re talking about real wealth amounts. The thing is dangling and it was not designed for that, and it’s destroyed. You know, people flew over, we took the device over, we took it to our lab and we managed to get the funds out. There are ways of taking this to even more expensive labs depending on the amount that might be worth it. The point is, the chances of them failing and not being recoverable are pretty tiny, but still there—there is no backup. So they were not designed for HODL. They were designed for commerce, they were designed for privacy. So if you want to have your mixing bucket party where everybody brings an Open dime or a few Opendimes with the same amount of money in it and everybody mixes it in a bucket and then have a physical mixing party, great. If you want to use it to buy a car or if you want to use it to buy stuff that you don’t want to have to wait for confirmation, it’s a great device for that. It’s not for you to HODL long-term. If you want to HODL long-term, either use Coldcard or at least initialize the Opendime and backup the private key.

Stephan Livera:

Gotcha. Also, you had some comments around stablecoins recently. Are they something that people should fear or are they something that people should just accept that they’re just going to happen anyway and they might actually help people get into Bitcoin, eventually?

Rodolfo (NVK):

Bitcoin is still in the very early stages, of the stock-to-flow, if you want to look at it that way, or of the adoption curve, if you want, whichever orthodoxy you subscribe to, it’s still early. So Bitcoin is going to be extremely volatile. And it’s very hard for you to do basic everyday business operations with an extremely volatile currency, That’s the reality of it. So people are going to have to hold—especially businesses—are going to have to hold some stablecoin. That might be the US dollar. That’s why we have bank accounts with some of that stuff. Very toxic stuff. My belief in that is, I never could really get into the stablecoin stuff because of the Ethereum underlying technology that’s garbage—it barely works and all that stuff. People understand my love for Ethereum already. So I think Liquid and I think there are a few other ones going on right now, technologies. What they do is they essentially allow us to have some of that stuff. They’re still federated, but at least they’re using Bitcoin security. So they’re pegging some of that stuff back to a Satoshi on the chain or whatever it is. The source of truth is Bitcoin. So that gives me a lot more—peace is not the best way of looking at it because, all stablecoins—you have to have a counterparty. So there is always counterparty risk, but at least now it’s not on JavaScript. We’re not going to have a stupid bug that caused everybody to lose their money, then you have to roll back the chain. So I think what we’re going to end up having in the future, or at least the near future, is you’re going have your gold, which is your Bitcoin and you’re going to have your USD, which is going to be a stablecoin. And what’s cool about stablecoins is you could use Bitcoin futures as some of the counterparty to stabilize the actual underlying asset, which is going to be that stablecoin. You can have USD deposits, you can have all kinds of stuff and you can have mixes and baskets of that stuff. So you can de-risk it by having a lot of different stuff underlying it. And I think we can’t really get away from that. One of the biggest features of the US dollar is its stability—we can argue to death on what stability is, where the US dollar is going, the shitshow that it is and all that stuff—but to the average person looking at the bank account, $1 is pretty much that $1 with, say, -10% of purchasing power per year. If you want some average thinking about that, but at least that’s—Bitcoin moves 10% in five minutes, right? So it’s a completely different universe. Aside from having a central point of failure, I think one of the main reasons why the US government went after Libra is that Libra was going to be the US dollar, based on a bunch of currencies, that competes on the stability feature. Bitcoin doesn’t compete on this stability feature, at least not for now. So I think all the stablecoins in different jurisdictions are going to cause so much grief to governments, because it’s going to be impossible for them to curtail all of them. And then you can have all kinds of jurisdiction arbitrage with them and you can have other coins on top of other coins. It’s such a cat and mouse game for governments. It’s going to keep them very busy. And while all these people are busy with all the stablecoins, Bitcoin wins. So I really liked this idea. And another very cool thing is even though they have this counterparty risk, they are not as secure. You can still self-bank the stablecoins. So you’re going to be able to have your hardware wallet have your Bitcoin and then you have your confidential transaction-based coin, like Liquid. So that’s aside from all the privacy features you could have in the stablecoin. So we don’t have to make too many compromises on Bitcoin to gain a lot of stuff, by having side chains. That’s why I always liked the idea of side chains. For them to be done right, it took a long time. Liquid still has a lot of downsides, but I think it’s the least worst of the solutions this far. So that’s my thinking with stablecoins.

Stephan Livera:

With stablecoins, it can also be that the US government might not necessarily crack down so hard on Bitcoin because people might just use the stablecoins. And in some limited sense for a limited amount of time, it might help the US dollar’s dominance in the short to medium term because more people will dollarize instead of going to other currencies because they will just go to the US dollar stablecoins. And so in some sense, the Eye of Sauron might not be trained on Bitcoin for a little while longer because it can stay under the radar for a little bit longer.

Rodolfo (NVK):

It’s similar to Tor. Think about it this way. The US government created Tor. They want Tor to remain Tor because they need Tor, too. It’s very hard for you to kill something you may need that helps you too. So it’s tricky. As long as it doesn’t take too much of your pie, you’re willing to tolerate it, and you might just not be able to kill it either. Because you can have a US dollar that’s based on euros.

Stephan Livera:

Right. And the other thing that comes to me is, one of my recent interviews with Eduardo Gomez (@Codiox) from Venezuela. One of the questions I asked him was how come people aren’t using stablecoins in Venezuela? One of his answers was around education as well. So maybe it is actually that over time more and more people will use stablecoins and Bitcoin becomes like—if you really push it to the extreme—if everyone just uses stablecoins where they need the US dollar, Bitcoin really does become the savings technology and that is where it has that unique advantage that nothing else can really beat.

Rodolfo (NVK):

Well, we get to a point that you’re essentially financializing Bitcoin. You add more counterparty risk because of whatever you’re trying to do. But what’s nice is that we go back to a gold standard in a way-ish, it’s just financialized. The ultimate settling asset is going to be Bitcoin and Bitcoin wins. Like either way you want to play this out. But I think it’s important not to try to pigeonhole people into a volatile currency for their stable needs. People have stable needs, especially people who actually need their money. They don’t have extra money. So if you are in a poor country, it’s going to be a lot harder to use Bitcoin as a currency because it’s volatile. So if you have a little money in Bitcoin—it moved a lot that day—you might have extra little money now and you don’t have a buffer. You just don’t have enough capital for you to play out volatility. Like us in developed countries have. I mean, we can deal with some of that up and downside risk because we just have more money available. We have credit. So credit is a huge facilitator of playing out this kind of risk. If you are in a foreign country, you don’t have access to credit, or if you do, the interest is just insane. I remember credit cards in Brazil, it’s essentially unusable. And you can’t build a business without credit. People forget that. It’s like you just don’t come out with a pot of gold and that’s how you start your business. You actually need to borrow or you need net 30 net 60 days. And that 60 days—in Bitcoin—you don’t know what the price going to be.

Stephan Livera:

Yeah, that’s a good point. The trade credit aspect I anticipate will still exist. Whereas the business lending that exists today will be a lot less in the Bitcoin world. But it’ll take some time to get there. You’ve been around for a while, obviously, you were doing this Coinkite stuff back in the day, even before doing this current round of stuff with hardware wallets and so on, you were doing payment processing back then. So you’ve been around for a while. You’ve seen the cycles and the ups and downs come. Do you have any suggestions for listeners who are a little newer on how they should think about these cycles that are just coming and going? Is it just, you just have to have patience? Is that the main message?

Rodolfo (NVK):

It’s, “Bitcoin took 30 years to deliver groceries to me.” It promised groceries on the first day, it took 30 years. So I think improving money—substituting money—it’s going to take longer than it did to substitute, improve information. I honestly think that the Internet was a much simpler problem in a much less—there’s a lot less inertia. There was a lot less inertia. Because it’s not like the libraries were trying to put you in jail because you were trying to write an essay on the internet. When you’re doing money stuff, you’re fighting inertia. And that’s a much harder problem. So I think it’s going to take a lot longer than people think it’s going to take. I think that if you’re early you’re going to make a lot of money for yourself in this whole thing. It’s the nature of being early and incurring more risk. It’s just how it works. If you’re earlier on a stock, eventually if that company does well, you make good money. So Bitcoin has a lot of that. I’m very binary in terms of Bitcoin. It’s like, Bitcoin either does extremely well, or it goes to zero. There is no place to go with a deflationary currency and listen, it’s possible that something better comes out. Ethereum is not that, that’s why it’s funny because conceptually yes, there could be way better stuff out there that comes out that does the job better, it really hits the spot of the market in the way that it needs to, and it overtakes Bitcoin. It’s just that all this stuff that says that it’s that right now is none of that. They don’t really do anything that needs to be done. So I don’t think we could ever be complacent in that. This is a—it is a fight, kind of system. I mean, you are trying to take value from another system. So that’s where I am at in terms of thinking of Bitcoin in the future. It’s just, if you want to partake in this, you’re going to have to understand risk, and understand risk well. Otherwise you’re going to lose your pants.

Stephan Livera:

Right. Great way to summarize it. So look I think we’ll finish it up there. Where can the listeners find all the information? Off the top of my head here we’ve got ckbunker.com and we’ve got coinkite.com and your Twitter as well: @nvk. Anything else you want to point out?

Rodolfo (NVK):

No, that’s it.

Stephan Livera:

Oh make sure you use code: LIVERA when buying your stuff. But anything else?

Rodolfo (NVK):

Yeah. Well, just try out CK-BUNKER and let us know. And join the Telegram. The Coldcard Telegram is great. There is a lot of help there. And help us improve the documentation. That’s it.

Stephan Livera:

Fantastic. I’ll put all the links in the show notes, but thank you again for joining me, Rodolfo.

Rodolfo (NVK):

Thanks for having me. I need to win this and get in one more time.

Leave a Reply