
Nick Neuman and Jameson Lopp, CEO and CTO of Casa join me to talk about updates at Casa, the world of multi signature, hardware wallets, personal security and personal data in the age of increasing statism.
Time zone: Monday 15th June 3pm PT, 6pm ET, Tuesday 16th June 8am AEST. It will be broadcast on YouTube Live at the link below, and on my twitter periscope @stephanlivera.
Nick and Jameson links:
Prior episodes:
- SLP26 – Building Bitcoin services to last, with Jeremy Welch of Casa
- SLP43 Jameson Lopp, Cypherpunk and CTO of Casa
- SLP107 Jeremy Welch & Jameson Lopp – Casa Wealth Security Protocol
Sponsors:
Stephan Livera links:
- Show notes and website
- Subscribe on YouTube: @stephanlivera
- Follow me on twitter @stephanlivera
- Subscribe to the podcast
- Patreon @stephanlivera
Podcast Transcript:
Stephan Livera:
I’m just going to bring in my guests now. So Nick and Jameson. So thank you guys for joining me. And so Jameson, I think my listeners are already very familiar with you, but Nick, you’re the new CEO of Casa, I think maybe just tell us a little bit about yourself,
Nick Neuman:
For sure. And thanks for having us Stephan. I started out my career actually in finance doing investment banking and private equity, and eventually, you know, kind of merged that with my excitement about tech and that’s how I really got interested in Bitcoin. I’ve been at Casa really since we began at the beginning of 2018 and have been running product that whole time. And then for the last six months, we made the announcement in January that I was taking over as CEO. And so since then, things have been going super well excited to continue building, you know, the future of self custody for the Bitcoin community.
Stephan Livera:
That’s great. And I really I’m a fan of Casa. I think you guys are doing a great job in terms of making it easy for people to use Bitcoin but in the way where you are holding your own keys and that’s a very important aspect of Bitcoin. So I think it’d be good to just chat a little bit about some recent updates. I saw you guys recently put out the Casa wallet. So can you tell us a little bit about that and some of your thinking around why you’ve introduced the Casa wallet which is distinct, I guess, kind of distinct from the keymaster product. Can you just tell us a little bit about that?
Nick Neuman:
So Casa wallet is actually part of the keymaster app and it is just the free version of that. And so,you know, people can actually, if you’re an existing keymaster user, you can use the Casa wallet as a really easy Bitcoin wallet on your phone to hold a smaller amount of Bitcoin. So the idea behind the Casa wallet is that we wanted to give people a very easy way for them to get started with holding their own keys. People don’t quite understand, you know, somebody who’s on Coinbase. It doesn’t necessarily always click for them what holding your own keys means. And so we’ve actually built a lot of features into keymaster to help people better manage and understand private keys. So you can do things like do a health check of a private key to make sure that it’s still on your phone secure element. And these are the types of things that we think will really help people start to educate themselves better about how to hold Bitcoin. And we’ve tried to make it super simple, easy as really a first step on that journey towards self sovereignty with the Casa wallet.
Stephan Livera:
Great. And so I think many of my listeners are probably more kind of savvy themselves, but they’ll want to know this so that they know what to recommend for their friends. Right. And so let’s chat a little bit about the seedless approach, right? So Casa are famous for the the seedless approach. Can you tell us a little bit about your thinking on that and how that’s implemented into the Casa wallet?
Jameson Lopp:
Yeah, so we’ve made you know, a number of interesting trade offs and decisions over the past few years, some of which have been controversial. We’ve been trying new things that haven’t been done before in this space. And really one of the foundational principles that we landed on when we were originally architecting the multisig three of five Casa product, was that when we tried to think through secure storage of that seed phrase, and, you know, how would we get users to be able to back this up in a secure, robust manner that was also user-friendly. It was just adding an incredible level of complexity and friction to the entire user experience. And this, is something that has always really been taken for granted of, Oh, you have to write down your seed phrase and keep it in a safe place. But when we started thinking outside the box and thinking, well, what if we could somehow completely get rid of this aspect of maintaining your own funds, then we can simplify the whole model enormously and get rid of a lot of potential threats and attack vectors.
Jameson Lopp:
So within the multisig setup, we created this idea of being able to rotate out your keys and your devices natively within the app with a very simple workflow. And once we were able to do that, we realized that you know, if you can rotate out the keys with just, you know, a few taps of your finger and going and getting hardware devices, then this means you have essentially created a self healing type of setup where you don’t need to go dig out a seed phrase from somewhere and reconstitute your particular hardware device. But rather you can just replace it completely in a secure fashion by creating a Bitcoin transaction, taking that a step further when we were trying to figure out, well, how do we do seed list for a single sig set up where you can no longer do that rotation? We basically landed on, well, how do we create a backup that is kind of like multisig?
Jameson Lopp:
And essentially we encrypt the seed phrase and put it in your, the user’s iCloud or Google drive, you know, whatever native data stories they have on their phone and have the encryption the part that would actually decrypt that then stored securely on Casa’s server additionally encrypted with our hardware security module. So what that essentially does, it creates like a two of two type of multisig, if you want to reconstitute that seed phrase. And it means that, you know, Casa still never has the private key data. Apple never has the private key data. Google never has it, you requires essentially two factors in order to reconstitute it securely on your phone.
Nick Neuman:
Yeah. And what we realized around seedless was that taking big coin from the current core community to the next, you know, million people, the next hundred million people eliminating seed phrases as a point of friction is one way to really help with that. Because if you think about, you know, or if I think about my mom trying to use a seed phrase, for example, she can barely keep track of her passwords. So how is she going to keep track of this 24 word phrase that actually protects her money? And if she loses that phrase, her money’s gone forever. That’s just not gonna fly. And so figuring out how to take down some of these barriers for people is one of the reasons that Casa exists.
Jameson Lopp:
And part of the friction there of course, is it’s just, it’s IT data management techie stuff is that if we consider private keys and seed phrases to be kind of like a hazardous toxic waste, the vast majority of people don’t have the skills or the time to figure out how to handle that correctly. There are a lot of people in the Bitcoin space who have put in a lot of time and they have the skills to be able to do that. But we’re looking beyond, you know, the current nerds who are willing to go through a lot more effort in order to do things on their own. And, you know, a good example of this is actually just last week, but this, happens all the time. Someone who was using a hardware device to secure their funds as is best practice, lost everything they had because they unfortunately got tricked into putting their seed phrase into some malicious software and, you know, that malicious software stole all of their money. So, you know, the ability to be able to handle that data is a very tricky thing to do, especially when we consider that a single mistake can result in financial catastrophe.
Stephan Livera:
Right. And so I think that’s an interesting example where if you were trying to teach your friend, okay, be careful what browser extensions you install, you know, so be careful what other, you know, X, Y, and Z, and you’d have to try and coach them through all of these different aspects where potentially, yeah. Maybe there is an opportunity to simplify. So can you just walk us through a little bit of the, Casa wallets in terms of how like, what it looks like from the user perspective when they’re trying to recover, for example?
Nick Neuman:
Yeah. So if they let’s say somebody has the Casa wallet on their phone. Let’s say they’re using an iPhone and they actually lose their phone. All they need to do is get a new phone during setup, they’re going to log in their iCloud account. And so that provides one piece of the key, and then they’re going to download the Casa app, login to the Casa. And that provides the second piece, the decryption key, and then seamlessly in the background, the Casa app’s just going to pull down the app for the key from iCloud decrypt it using the key from Casa server and then immediately store that decrypted private key in the phone secure element. And so the decrypted private key is never actually held outside of the secure element of the phone. But from the user’s perspective, it’s a very seamless, simple process using accounts that they already have and are already keeping track of.
Nick Neuman:
And so this is a lot less scary than having their seed phrase on a piece of paper where if they realize they lost their phone, now they’re suddenly thinking, Oh man, I hope I have my seed phrase saved in my sock drawer at home or whatever it is, you know? And so it just takes away some of that anxiety and this isn’t, this wallet is really, it’s a beginner wallet, or’s a very easy to use kind of, you know, like literally the, the wallet you would keep in your pocket. And so it’s not meant to store a huge amount of funds. That’s why we have the multisig side and that’s why this is all put together in one app. And so we really expect this to be for new Bitcoiners. This is the first step on their journey, where then as they acquire more Bitcoin or Bitcoin goes up in value and they need more security that can really easily move up to having a multisig account to secure that Bitcoin.
Stephan Livera:
Gotcha. And I presume then the transition from single signature Casa wallet version into the two of three is just like a smooth transition up and they would basically buy a hardware wallet and then become a gold member. Or can you just talk us through that process?
Nick Neuman:
Yeah, sure. So let’s say somebody is currently using Casa wallet for free. They decide they want to upgrade the multisig, they’ll buy a hardware wallet. You can either you can buy one directly from Trezor Ledger or cold card, or Casa actually is a authorized reseller, of both Trezor and ledger. So you can buy one from us if you want. And then the process is, you know, you sign up for the gold membership, upgrade your account, you’ll see that new multisig key set in the Casa app. And you can simply send, you set that up with your, a hardware wallet, which is a really easy process and the app guides you through all of that. And then you just simply send the funds from the Casa wallet, single signature to the new multisig that you just set up and you’d still, at that point, you still have access to the Casa wallet. So let’s say you want to store the majority of, your Bitcoin
Nick Neuman:
In your multisig savings account. And then the Casa wallet is just like your checking account for when you want to, you know, put some money into that poker game or something like that.
Stephan Livera:
Right. and also there was some discussion online about the question of Wallet as being open source. So did you guys want to address any of that and just discuss how you’re thinking about the question? Of closed source vs open source in a Bitcoin wallet.
Jameson Lopp:
Yeah. I mean, this is something that we’ve talked about, you know, ever since we started the company the various trade offs between what you can accomplish with free open source software versus, you know, a for profit company that may not open source all of the software that it’s writing. And when you’re looking at the multisig product that we’ve built, that is actually a very well diversified product because you end up using open source software, your firmware and hardware from a variety of different companies, which helps you both increase your level of security from a variety of different threats and decrease the likelihood that, you know, all of those different actors out there have been compromised and willing to coordinate, to work against you. It gets a little bit trickier, you know, when we’re talking about a closed source, single sig hot wallet, I mean, this is a riskier threat model.
Jameson Lopp:
There are more ways that you could lose the money there’s, you know, more, more potential catastrophic threats. And that is why it is only really meant for small values. But, you know, the trade off is you have a much more user friendly experience because the user doesn’t have to go get any specialized hardware. You know, it’s all just, there on their phone. Now, when we’re talking about open source versus closed source in the context of mobile apps, then it gets even trickier because it is difficult if not impossible. And in fact, we have not yet really found a way to verify the build of a mobile app that is on the Apple store or the Google play store. The way that these mobile app stores work is that they require the applications to be cryptographically signed by the developers in order to get pushed out to the store, but the actual build process for the app, the actual you know, attestation of what the code that’s that’s being run on the app is not really a part of the experience that Apple and Google provide.
Jameson Lopp:
The only real option, if you wanted to be sure of what the actual code was running as would end up having to build the mobile app yourself and load it onto your phone. This is, theoretically possible, at least with Android, but it requires a fair amount of technical experience. It’s really not, the people who have the ability to do that. We are not really targeting them for this experience. You know, this is meant to be for nontechnical people who are very early in their Bitcoin life cycle. So it really seems like from a free open source software security side of things, that it’s more of a feel good idea of having open source mobile apps, if you can’t actually verify. I mean, we are all familiar with the mantra of don’t trust verify, and if people could, you know, verify that the code we open sourced was the code that was out there on these stores. Then I think it would make a stronger argument for us to be open sourcing it. The other downside is that, like I said, these apps require a cryptographic signatures from the developers to be on the store. There’s also various functionality that we’re using such as some of the pieces of the seed backup that also require that. So even if you built the app on your own, you would not have a fully functioning Casa wallet, you know the user experience that we really intended. So there’s trade offs Yup.
Stephan Livera:
Yup. I think that’s a totally fair point. And I’ve seen some discussion amongst the community about things. So you might seen that project. I think it’s wallet scrutiny. And so the idea is, okay, it’s not verifiable, but I think for the same, for those same reasons that you mentioned, it might be, it might not really be such a fruitful exercise if you can’t really verify anyway, because of certain things that are getting in certainly inserted into the process either on Google’s Play store or on the iPhone or Apple app store also. So I think that’s a, that’s a fair point. I suppose. The other concern is more just around being able to recover. Right? So as I understand for the paid product with Casa, you have sovereign recovery, does such a system exist or can it exist in the single signature version? Or is it more like only keeps small amounts on this wallet? What’s the thinking there?
Jameson Lopp:
Yeah. So we actually do have, you know, sovereign recovery process for the single signature mobile wallet. It is a bit different you know, instead of having various public key data that you store ahead of time or get out of the app and use to recreate your wallet using other software, we actually have the ability to export that seed phrase and under normal conditions. If you go in and you tap on the key and you go through the process to export the seed phrase, from your Casa wallet, we will actually mark it as compromised because we assume, you know, we can no longer be sure that that seed phrase has not been taken by an attacker. And so we no longer allow you to use those keys within the Casa wallet. If, for example, Casa blew up and our service ceased to exist,
Jameson Lopp:
as long as you still have the app on your phone, we also have, you know, offline login ability. So you would still be able to authenticate locally with the Casa wallet login and go through that seed phrase export process. And, you know, we have the instructions available on walletsrecovery.org and also within the app, you can actually get these sovereign recovery instructions emailed to you that give you a step by step guide of how do you recreate your wallet without using Casa software without using our service and be able to recover from even an extreme disaster scenario where we no longer exist.
Nick Neuman:
Yeah. And just on the point of, you know, where we actually mark that key is as compromised. So the point of that is actually just to give people a heads up that, Hey, this key was exported and you should generate a new key if you’re going to continue using the Casa wallet. And so that’s all that that does. And so then let’s say you say, I’m going to export my seed phrase to use a different wallet, but then you change your mind or something like that. And you say, I’m gonna keep using Casa wallet. Well, you can just generate a new key. The app walks you through that, and then it’ll let you just transfer the funds from that previous key to the new key. And so that then lets you fully use that key again and is a key that is ensured that the seed phrase for it, isn’t floating around out there somewhere. And obviously, you know, if you, if you didn’t want to continue using the Casa wallet or you export at the seed phrase in order to use another, a different wallet, you would have full control over those funds once you imported that seed phrase into another app.
Stephan Livera:
Gotcha. And also so I mean, you mentioned earlier that this is basically it’s all happening encrypted, but is there any sort of concern that you know around things being stored on Google Drive or an Apple iCloud or is it just more like you think that that was kind of the best way to balance that trade off there? What was the thinking around that?
Jameson Lopp:
So all that a Google or Apple even see’s is this, I believe it’s 128 bit blob of data that it means nothing to them. Like they cannot interpret it as anything sensitive because it has been encrypted. The potential adversarial scenario is okay, well, you know, what if Apple and Casa colluded to, you know, come together to decrypt this data, you know, that could be a potential adversarial scenario that people are thinking through. And it’s, you know, a good, another good reason why, you know, you should really only be keeping, you know, pocket money in this type of setup. It is not as robust against various types of loss as the multisig hardware backed offerings that we have.
Stephan Livera:
Yeah. That’s a fair point, go on Nick.
Nick Neuman:
I was just gonna say that. Yeah. And to add on that, we obviously don’t collude with Apple. I’m not going to be calling out my, my buddy Tim Cook and saying, Hey, I need to get this mobile key man. You’ve too help.
Stephan Livera:
That’s right. Also I think, I guess just for my listeners as well, they want to be thinking, okay, I want to select the right tool for the job. Right. So depending on what if they’re trying to help a new Bitcoiner or they’ve got to think, what are they trying to do? Right. So if they want to set up a BTCPay and they need like an Xpub to go into that will then Constable it’s not the right choice for them. But if they’re trying to set up a person who’s just huddling, right. They just want to start holding a small amount then potentially that is the right user in this case thrive like the right tool for the job. Would you say that’s kind of the right target that you’re going for here.
Nick Neuman:
Yeah. And actually though you can actually use the Casa Wallet with BTC pay because you can get from within the Casa app, you can get the xPub for every single key. And so you can take that and then go put it into BTC Pay and use that to protect funds that you get through your store or whatever you’re using BTC Pay for. But for the most part, the way that we think about this is this is somebody who is so non-technical that right now, you wouldn’t feel comfortable referring them to most of the self custody wallets that are out there because you’re worried that they might lose their funds by making a mistake. And so instead you’re saying, well, you’re only doing a couple hundred bucks of Bitcoin, so just use Coinbase, you know, that’s easy and they won’t lose it for you. This is for that type of person who really wants to take that first step into self sovereignty. But there’s so far at the beginning of their Bitcoin journey, that it doesn’t make sense for them to go into this super long technical rabbit hole. So we’ll guide them through that. They will learn over time and then they’ll be able to take more and more control as they actually learn what’s going on.
Stephan Livera:
Yeah. And I think this is an interesting point as well, because obviously within Bitcoin, we love to have a good debate, right. And so one of the big debates is around sort of purity testing and how hardcore are you and are you doing it literally every step on your own? And then it’s, sometimes we have these kinds of internal debates amongst our kind of Bitcoin world of Oh, this is not fully opensourced and you’re not fully doing everything yourself. And then the person who’s trying to provide a sort of ramp up for, let’s say, newer Bitcoiners, they can get attacked a little bit. Right. And so we sort of have this almost like a spectrum of like fully self sovereign and then leaving it all on a large exchange. Right. And so the people trying to offer an in between to try and bring them along that pathway, sometimes they get attacked a little bit. Is that, is that some, is that sort of a tension that you face or is that’s essentially the position you’re trying to guide people through.
Jameson Lopp:
Everyday. It’s interesting, you, to see, I think one of the more interesting aspects of entrepreneurship, and I don’t know if this is more limited to our industry or what. But it’s very interesting to have lots of people coming to you and explaining to you why they are not your target market. That’s essentially what it boils down to is that we realize, the capabilities, that Bitcoin makes available to people, especially if you have additional skills or you’re willing to invest additional time to gain the skills required to essentially do everything on your own. You know this works, for both the privacy aspects and the security aspects of like, you’re never going to be able to be, you know, beat the maximum level of privacy and security. If you spend a ton of time doing everything yourself, the trade off there is that who’s going to help you.
Jameson Lopp:
You know, if you screw up or if you need to understand some obscure thing, you end up having to use community resources. If you’re using free open source software, the level of support is community based. There’s no one out there who owes you an answer to anything. And so it’s a much a trickier type of environment. If you’re trying to improve your understanding. And I put a lot of resources out there to try to make it easy for people to improve their understanding. But at the end of the day, I think that a lot of people find value in having some experts that they can just call on the phone or shoot an email to, and very quickly get a response back so that they don’t have to go searching through a whole bunch of knowledge that’s spread all over the internet.
Nick Neuman:
Yeah. And just thinking about that ramp of getting people to the point where they’re fully self sovereign, you know, the, even the people in the existing Bitcoin community didn’t start off their Bitcoin life, unless they’re just, you know, the most hardcore of the hardcore, maybe Adam Back or something like they didn’t start off their Bitcoin life as the fully self sovereign version. Right. You have to start somewhere. And so in order to bring Bitcoin to the rest of the world, we have to make some interesting trade offs. But like what we’re, we don’t compromise is on people hold their own keys. And we aren’t trying to track people or sell them ads or trick them into doing strange things with their Bitcoin. We just want to give them a safe place where they can learn how to be their own bank. And that’s our goal. And so on our way there, we may kind of rub some people the wrong way, but in the meantime, we’ll do our best to keep building.
Stephan Livera:
Right. And I think that’s, a good goal and a good way to proceed. And I think that makes a lot of sense to me. Also wanted to chat a little bit about the focus this year with Casa, as I understand the focus really is on, you know, this wallet and the keymaster aspect, as opposed to the node. Could you just outline a little bit around that and what your view is around the node products that, which was quite popular, but it seems to me like the focus with Casa is more towards the Keymaster and the multisignature part because you want to sort of nail that part down first. Is that how you’re thinking about it? Yeah.
Nick Neuman:
Yeah. So, we really, at the very end of last year, beginning of this year, we sat down and said, okay, we’re still a small company we’re still growing. How do we have the best impact for the Bitcoin community as a whole? And we realized that this problem around people, self custodying their Bitcoin was still not fully solved. And it was big enough in that every single Bitcoiner has to deal with this. And so let’s focus all of our attention on making this as easy and as doable as possible for everybody. And then we can move on to solving other problems in the future. Like, how do you run your own node? How do you you know, the other steps that you can take kind of along the Bitcoin journey, but this, we really identified as a need for every single person who has Bitcoin. And so that’s why we just wanted to focus our full team’s efforts on that.
Stephan Livera:
And I presume then the idea is that in future, you would look at ways potentially to try and have it all sort of connect back to your own node Is that something that you would explore?
Jameson Lopp:
So there’s multiple tiers of sovereignty, right? And so, you know, the first step, which is what we’re doing with Casa Wallet is just getting your keys off of third party services, and taking custody. You know, I would say the next step is starting to use hardware devices, you know, create air gaps so that you’re protected from a variety of online threats. The next step is using multisig and you’re geographically dispersing your keys so that you’re getting additional robustness, both against attack and against loss and disaster. And really like the final step in, being self sovereign in Bitcoin space is you’ve got an extremely robust set up for your private keys. And then you’re validating whatever transactions you’re receiving to ensure that you have that model of trustlessness, where you’re not having to ask anyone else what the truth is. You know, what the actual value is that you’re receiving. So it’s definitely, it’s always been a longterm thing. We may have jumped the gun a little bit trying to get there a little too early, but it’s definitely still something that we hold dear as a value.
Nick Neuman:
Yeah. And the whole team is excited about offering people, the ability to connect their keymaster to their own node. I mean, that’s something that everybody has wanted to do from the start. And so, as we think about this, you know, whether it’s still important for us and we want to give that to our customers. And so whether that’s with the Casa node specifically, or maybe it’s just connect to any Electrum node or something like that, like we want to figure out how to get this done. And it is something that we’ll work on. So that’s like Jameson said, that’s kind of the apex of fully sovereign Bitcoin. And so we do want to help people be able to do that.
Stephan Livera:
Fantastic. I think that’s a, yeah, it makes a lot of sense to me. Also I was keen to discuss what you guys thought about. Well, I’m sure you have some thoughts on this, the Trezor aspect. Well, I mean, it’s not just Trezor. It was the, I guess just the detail and background for the listeners. There was a, basically a bug in BIP, 143. And I think it was first actually noticed by Greg Sanders in like 2017. But the recent aspect of this happened when Saleem Rashid hardware, wallet, researcher disclosed a bug in it, like basically exploiting that bug in a way that could essentially be a problem for hardware wallets. And then as I understand that, cause kind of like these downstream impacts because Trezor on their end, tried to fix it up, but the way they fixed it up, made it more difficult for other players in the industry such as BTCPay and potentially for yourselves. Did you want to just comment a little bit on that and whether that was made more difficult by using the seedless approach, but yeah, essentially. What was your thoughts on that?
Jameson Lopp:
We were certainly affected by the changes. I mean, whenever firmware changes happen, there are potential impacts there. Seedless is not really so much of an issue. The only time that sometimes becomes an issue is firmware updates that are so major that they’re like rewriting all the data on the device, and potentially wiping it out. And In those cases you would actually be able to use our key rotation mechanism in order to update a device that was completely out of date. But no really like the bigger impact that it had with us was that Trezor was making some changes without, you know, talking to the rest of the community and you know, potentially breaking changes. We have some other issues as well that were actually unrelated to, the vulnerability in question. My main problem was that this vulnerability is an extreme edge case.
Jameson Lopp:
Like it requires that your wallet software be malicious in the first place in order to try to get you, to resign the same UTXO multiple times. So like it re it actually requires, your multiple types of attacks to happen at the same time. At least if it was going to affect like a Casa multisig that is on multiple different hardware devices. So it just seemed like pushing out potentially breaking changes for such an edge case was not really warranted. As far as I’m aware, like we’ve never seen any attack like this actually be executed in the wild, but that is part of the fun and dynamic security space that we’re in is that, you know, people can make decisions that affect other players in the space, especially when you’re essentially building a platform and that other people are building on top of.
Jameson Lopp:
And I think that’s what has created a bunch of contention here is before recent times Trezor was probably more of a monolithic entity where, you know, they’re creating their hardware and their firmware and their software apps. Basically the whole stock was mainly Trezor, Trezor, Trezor but now as Bitcoin ecosystem has grown more people, more entities such as ourselves are using these base level, your, hardware devices as platforms. So it actually kind of becomes like Bitcoin protocol development, right? Is that you have so many potentially like unknown consequences to your decisions and your actions things that may be affected by changes that you make, that you, if you don’t want to piss people off, you need to start being a lot more conservative and conscientious about every little change that you’re making.
Nick Neuman:
Yeah. And the Trezor team has been talking to us about this and talking about how we can get some of these, the issues that cropped up fixed. And so they’ve been helpful there and you know, like Jameson said, it adds a whole lot more into their development model when they have to start thinking about everybody that’s building on top of Trezor in the ecosystem which on the one hand is great because it shows the adoption of Trezor and that they’ve built something great that a lot of people use. And then on the other hand, it’s kind of a tough situation for them. So definitely understand the place they’re into. And the thing that I come back to though, just thinking about hardware vulnerabilities in general is that you, this is one of the reasons why you want to use multisig, because if you had a vulnerability for a Trezor, and that was your only key securing your funds, then maybe you’re in trouble. But if you have a vulnerability on a Trezor, that’s one of five keys, two of the other keys are a Ledger, a Coldcard, you know, you have actually a lot more redundancy and a lot more security just from having a more diversified hardware model like that. And so that’s one of the things, one of the reasons why multisig is such, an interesting and important way to secure a large amounts of Bitcoin.
Stephan Livera:
Yup. And are you also looking at any other hardware wallets out there? Are there any other ones that you’re interested in potentially adding as an option or is it sort of like none of them are really mature enough yet? What’s the thought there?
Jameson Lopp:
It is a dynamic space for sure. And you know, we’re constantly staying on top of these things. I mean, I’m aware that there are a number of projects out there that we’re hoping we’ll see drop basically before the year is out. And, you know, as these new hardware devices come out, we’ll be evaluating them, trying to figure out, you if we can use them to increase the security, increase the usability of our system. So I am definitely excited to see new types of hardware come out because I’m sure that they are going to make new decisions on various trade offs and we’re gonna get to play around with them and figure out, you know what can we leverage in order to make a better Bitcoin experience for people?
Nick Neuman:
Yeah. And one of the interesting things that we’ve been talking about is some of the wallets out there are working on like a fully air gapped, QR code based on a screen, way to sign. And so, you know, instead of plugging in your Trezor or Ledger directly to your computer to sign something, you can actually transfer transaction data between a mobile app and a hardware wallet using QR codes. And I, that like one team that’s working on this is foundation devices. And so like, there’s some really interesting models that are starting to come out around there, which we will definitely be looking into and figuring out how to integrate with Casa.
Stephan Livera:
Right. And yeah, I presume with most of these things, it just takes time for the wallet and the method to be established. And I think, for example, with Coldcard there was enough of a community around people who wanted Coldcard and I suppose that was also part of the driving factor to try and bring them in. Also I think an interesting point is just around coming back to when you’re doing a rotation or if there is a vulnerability or if there’s some kind of firmware update, I guess the important point to understand for listeners there is order of operations matters, right. That you might want to let’s say check all of your keys before updating one of them. Right. Could you just expand on that idea?
Nick Neuman:
Yeah. So we have the ability within Casa where people can do a health check, like I said earlier, and what this lets you do is say, okay, is the private key that matches this wallet still on this device. So like, I can sign with it. It’s good to go. And you can do that for every single one of your keys. And so what we recommend is if somebody is going to do a firmware upgrade on one of their devices, they should do health checks on the other devices to make sure that they have at least three that they can be signing with in case that a firmware update wipes, the device that they’re doing it on them. And so then that just, you know, from an order of operations perspective and it’s like practicing good hygiene of just making sure that you’re fully healthy before you go undergo an operation to update your firmware. And then you know, after that happens. If it did wipe the key, then, you’re totally fine. And you can just use the other keys to rotate that out and create a new wallet.
Stephan Livera:
Yeah also I guess just more broadly in this space, I mean, we I think some things happened this year that most people would not obviously things happen this year that most people would not have predicted. So one example and in the Casa model is multi location. But obviously with coronavirus and the lockdowns and so on, did that change because people were obviously locked inside, they weren’t able to go to visit all of their keys. Was that something that came into your own, obviously I’m sure it did come into your own thought process around how Bitcoin people should be thinking about multisignature and management of their keys?
Nick Neuman:
Yeah. So this is one of the reasons why multisignature combined with multi location is helpful because we’ve had people who were, you know, maybe their key was inaccessible in a safety deposit box somewhere that was closed because of all the COVID restrictions. Well, if they really needed to move funds, they likely had access to some of their other keys or could utilize the Casa recovery key and rotate that key out. And so then replace it with a key that’s actually under their control. And maybe they can put that in a different location that isn’t closed down. And this is one of the times when having support actually really comes in handy because we were talking with some of our platinum and diamond clients and helping them evaluate their security model and think about their key distribution. And some of them said, Oh, you know, I think it would be really helpful if you could decrease the amount of time that you wait to sign with the Casa recovery key for me during this period. And so that’s some of the things that we can do just by having this really hands on customer support team that you wouldn’t necessarily have backing you up in a scenario where you’re doing it fully by yourself.
Stephan Livera:
Awesome. and I guess, yeah, just kind of more broadly just around, you know, personal security. I know that’s a big focus for your Jameson in this age of you know, surveillance as well. Are there any other kind of tips or things you’re thinking about that people should be thinking about when they are looking at okay, how do I, you know stay kind of a little bit more secure or potentially against try and stay a little bit more private?
Jameson Lopp:
Really. The only thing that I think has changed in the past few months is now it’s a,lot less socially awkward to walk around while having your face covered. And of course I recommend doing that as much as possible. And hopefully this will be something where, you know, we’ll see a culture shift to be more like, you know, Asian cultures where it is not frowned upon or considered odd to be walking around with a mask.
Stephan Livera:
Yeah. Did you have any tips for the listeners out there, Nick?
Nick Neuman:
You know, I tend to leave the opsec to Jameson because I go to him for all of my opsec questions. So you know,I don’t have too much to add there,I’d say.
Stephan Livera:
Sure. I think part of it is also just once you start on that journey, right? Because I think people can be a little bit too, what’s the word like disheartened or not willing to even start, but if you least try and take one step at a time, you can slowly regain or at least try to reduce the impacts to your own privacy and some of your own security. And I think that’s another thing to your credit as well with the cost of team you’ve got the the security updates. So tell us a little bit about what you’ve been sharing, in the recent security updates.
Nick Neuman:
Yeah, so we we have a security newsletter that goes out every week and talks about not just, you know, Bitcoin security. It talks about lots of data breaches. It talks about privacy and general cyber security problems that may be coming about due to the situations in the world or decisions that companies are making. And so the way that we view that newsletter and you can sign up for it on our website is just a really helpful of the most important security news from the week. And there’s not a lot of the these out there, you know, you might kind of catch stuff here and there, but we’re trying to really just compile this for our subscribers. And that comes with our quick bullets of, Hey, here’s what you should be thinking about with regards to this specific story. And so you know, that’s something that not everybody knows, what’s like, they may, they may see an article that talks about a data breach and they may not actually know what to do after that to ensure they’re safe. And so we’ll put a few bullets in there that it’s like, well, you can go check on, have I been pwned to see if yours was your information was included as part of a data breach, that kind of thing. And so it’s just, an extension of what we do with helping people manage their keys and their Bitcoin security into helping people manage their general personal and cybersecurity Yeah.
Stephan Livera:
And I’m also, I think some of the focus now I’m slowly starting to, I’m starting to get more awareness myself on some of these other projects of things like, so for example, instead of having Google drive and Google documents, you can have something like nextcloud, right? Like a self hosted, you know office, things like that. Are these also aspects that you at the Casa team would be looking at talking about or trying to teach your subscribers around those elements as well?
Nick Neuman:
Yeah. And one of the things that we, so we like these services, one of the, the problems with them right now for, especially for some of our user base, is that they’re still a bit hard to use. And there is definitely, I mean, we see this with Bitcoin key management as well. There’s a significant convenience barrier. So unless you can make it as convenient or more convenient than the existing services it’s gonna be really hard to get people to switch. And so what we are really excited about though, is seeing these types of services like next cloud, get better over time and iterate on themselves. And it’s kind of like Bitcoin, you know, they’ve got this early community of hardcore adopters, that’s very technical and willing to go through the extra steps they need to take. And then as they grow, they’re actually able to build out a better user experience and get a lot more of the, you know, later adopters who don’t want to mess with all of that early stuff.
Nick Neuman:
And so, I mean, a good example of a product that I think is really interesting as the helm, it’s a personal email server and it was, it came out like actually right around the same time as the Casa node, if I remember right, but I’ve got one sitting behind me on my little desk. And it was a really, it was a much simpler way to set up your own personal email server than anything I’d found before. And it’s all stored on a device that’s sitting locally in my house and that’s something to me that is, you know, a really interesting step along this path and something that we really like to see at Casa. Cause we really envision this more kind of distributed and decentralized future where people have a lot more control over their own wealth over their own data. And they can do that by using some of these products like Casa or like next cloud or like the helm.
Stephan Livera:
Right. Yeah. And as I understand, as well with email, one of the difficulties is like you can run the email server, but then the other difficulty is not getting picked up in the spam filters of other people’s email clients. Right?
Jameson Lopp:
As someone who spent the first 10 years of his career, actually working at an email service provider, it’s a whole hot mess beyond just the technical issues. There’s actually a lot of social networking that goes on between ESPs and ISP is and, and spam lists. It’s definitely its own network and trying to become a provider on that network is it’s not as easy as running your own Bitcoin node.
Stephan Livera:
Maybe someday we’ll get there. I think some of this stuff also reminds me of the typical conversation you might hear when someone says, Oh, everyone should use PGP. And then the reality is not many people actually use PGP and then.
Nick Neuman:
Really hard to use even for somebody that knows what they’re doing.
Stephan Livera:
Right. And so I think the equivalent is like trying to build something like Signal, right? Something like it’s kind of, it’s accessible to the typical consumer level and therefore will get more use. And therefore, in some ways you can get a lot more scale with that. Although it’s not the purist option.
Nick Neuman:
Yeah. And maybe, maybe one day, you know, Signal’s like a good example of a stepping stone, maybe one day signal, we’ll figure out a really easy way for people to actually manage their encryption key. And that’s something that is a really interesting and, but it’s definitely not something that the majority of people are ready for right now. And so signal, I think is doing a great job at being one of those intermediate steps of, yeah. Okay. We’re getting you off of SMS where anybody can read everything you say and getting you on to something that’s a little more encrypted and it’s even better than something like WhatsApp, where it’s all totally flowing through their servers and readable by Facebook. So I think Signal is a great example of somebody that’s bridging the gap there.
Stephan Livera:
Yeah. I wonder if you guys have explored any these other messaging apps like the riot matrix? Well, I think Riot is the client and Matrix is the protocol. I’m not sure if you guys have explored any of that is also
Jameson Lopp:
Yes, It is one of our favorites. Actually.
Nick Neuman:
We actually use it as a company.
Stephan Livera:
Yeah. Oh, there you go. Okay.
Jameson Lopp:
I’ve been using it for several years .As you know, it’s great for, you know, small team internal communications stuff. Our member at BitGo, you know, we, we were looking for an alternative to get off of Slack as soon as possible. And it was great when matrix, you know, became stable enough to use.
Nick Neuman:
Yeah. And the interesting thing about matrix and riot is that you can tell that as a small team, it’s definitely usable. And so we use it and we kind of deal with some of the quirks, but for every new person that adds your kind of, or that joins your matrix server. If you’re fully self hosting this, like we are to be, to keep everything fully end to end encrypted, then they have to verify every other person in the company that they want to talk to. And every person in the company has to verify them. And so when you start to talk about companies that are hundreds, thousands of people, this gets way harder to do. And so I know that Riot’s been working on a bunch of improvements to this, and even in the two years that we’ve been using it’s become way easier to verify keys with people. But getting to that next step is just another example of like, it’s gonna take some time before they can really make that jump into a mass audience.
Stephan Livera:
So I guess with many of these things, I guess part of the theme here is taking stuff that used to be kind of out there in the open and trying to find ways to bring it back where you have a little bit more control or in some cases full control. So I guess different things will be at different places in the journey, right. So I think, you know, with, in terms of Bitcoin, you know, it’s becoming more and more easy now to hold your own keys. But perhaps a little bit more difficult to do multisignature on your own. And you know, so we’ve got, you guided providers and then similarly with things like email and other things.It’s they’re all kind of on this journey. But at the same time, there’s kind of tension kind of pushing the other way. Because as an example, there might be some new feature that comes out and, you know, everyone wants the convenience of that. So how do you, how are you thinking about that? Do you think people are nowadays slowly waking up to that aspect of like, okay, I need to actually take some more control over this or are people just kind of sucked into convenience?
Nick Neuman:
I think it’s, it’s a really difficult question because it’s very easy to think of this from the perspective of our Bitcoin Twitter echo chamber, where we believe everybody in the world wants to be fully self sovereign. And it’s challenging to go outside of that bubble and even talk to your friends who aren’t Bitcoiners and hear that they don’t necessarily care about that. So that’s part of what we view as Casa’s job is actually to tell that story in a way that helps people understand why it’s important. And I think that it is aided by the fact that our governments and world in general is kind of falling apart in some areas right now. And so people that accelerates the process for people to kind of wake up, as you say. And so we are seeing more people saying, I want to hold my own keys.
Nick Neuman:
I understand the, you know, the dangers of not doing that. I think I saw an article last week, maybe talking about how there’s a big spike in signal downloads. So people who were actually going to protests wanting fully end to end encrypted messaging. And so that’s, it’s definitely accelerated by what’s going on in the world right now, but I think we’re still at the very beginning of this. And as a community, we really have to think about how we are going to spread this and tell this story in a way that’s accessible to more than just ourselves, because that’s how we’re going to make some of these important trends and, and ways to think about life, like in a self sovereign manner where you have real control over your wealth and data. That’s how we’re going to help that grow is by, is by really thinking about that from outside of our normal box. So to answer your question succinctly, I think it’s being accelerated, but we’re still early stages.
Stephan Livera:
Yeah. Great comments. And look, I think that’s just about all we’ve got time for. So Nick and Jameson thank you very much for joining me. I’ve really enjoyed chatting with you. Where can my listeners find you guys online?
Nick Neuman:
Yup. So check us out at @CasaHODL on Twitter. Our website is key’s that Casa and our blog is blog.keys.casa And of course personally, you can always follow the inimitable lop at lop on Twitter. My Twitter is @Nneuman.
Stephan Livera:
Fantastic. Well, I think that’s pretty much it, so thank you for joining me guys.
Nick Neuman and James Lopp:
Alright. Okay.
Stephan Livera:
See you guys in the citadels