Bitcoin QNA of Bitcoiner.guide joins me on the show to talk about Bitcoin Seeds and a new Seed Tool created with SuperPhatArrow. In this show you’ll learn a little bit about how your bitcoin wallet works in the background:
- Bitcoin and entropy
- Seed Words
- Passphrases
- Bitcoin wallets and addresses
- BIP85
- BIP47 Stealth Addresses
- Education for newcoiners in the space
Links:
- Site: https://bitcoiner.guide/seed
- Twitter: @BitcoinQ_A
Sponsors:
- Swan Bitcoin
- Hodl Hodl Lend
- Braiins.com
- Unchained Capital (code LIVERA)
- CoinKite.com(code LIVERA)
Stephan Livera links:
- Show notes and website
- Follow me on Twitter @stephanlivera
- Subscribe to the podcast
- Patreon @stephanlivera
Podcast Transcript:
Stephan Livera:
Q_A, welcome to the show.
BitcoinQ_A:
Hey Stephan, real pleasure to be here. Looking forward to diving into Seed Tool with you. And yeah, I’m excited for the conversation.
Stephan Livera:
Fantastic. So let’s start with a little bit on the Why. So what was the impetus behind your decision to go and make this particular tool?
BitcoinQ_A:
Yeah, so we’re blessed with a plethora of great wallets out in the ecosystem now in 2022, a lot of which are really great at hiding the complex stuff in the background, which is great for onboarding people. But I had, I suppose, a personal itch to try and understand a little bit more around what was going on. The typical flow is: you download a Bitcoin wallet off the App store or the Play store and you create a new wallet or generate a new seed, and the wallet does it for you—and that’s great because it’s quite complex what happens in the background. And then you’re just given a list of what we call seed words, and you’re told to back them up, and then you go on your merry way and you use that wallet. So it came from a personal itch to say, Well, that’s great and it’s great for onboarding, but what’s really happening underneath when I hit generate seed or create wallet—however the wallet badges that? So I started to poke around with some of the great tools such as the Ian Coleman tool which has been around for a few years now, which this tool takes heavy influence off of and it’s used a lot of the libraries that he used to build his tool, which is really great at showing you more of the nuts and bolts of what happens when you do create a new wallet or generate a new seed. It shows you more of the complex stuff that goes on behind that. The problem that I saw with tools like Ian Coleman’s—as great as they are, and it provides fantastic usability—was: it’s just a little bit scary-looking, even for people like me that have been in the space a little bit longer than others, maybe. It’s just a little bit less approachable and there’s not that many explainers there, so it’s more of a power user tool. So I thought there was a happy medium where we could offer this functionality to newer Bitcoiners like myself to understand the nuts and bolts of things that go on under the hood a little bit more, but be able to present that in a more approachable way so that you still have most of the same functionality. I’m sure we’ll get into that in a sec, but there’s also really useful explainers there where we guide you along the way to say, This is what’s going on under the hood, and this is why you might want to take this approach with the passphrase, for example. And so just to offer that helping hand for people that want to dig a little bit deeper into entropy seed generation and wallet creation and things like that.
Stephan Livera:
Right. And this is interesting for me as well, because there are times where I have been coaching somebody who’s new—or Ketan and I, when we’re teaching people—and we would sometimes pull up the Ian Coleman tool just to give them a bit of an understanding of, Hey, here’s what’s actually going on in the background when you’re setting up this Bitcoin wallet—really what’s going on underneath the hood. And so it’s really a useful idea because there’s all these things that are happening on the front end, but without understanding a little bit of that in the background, it can make it more difficult from a security or a privacy point of view, or even just understanding what you’re dealing with. And so I think it’s an interesting tool, so it’ll be good to just talk through a little bit about how that works, how Bitcoin wallets work, just to make it accessible for a person who’s trying to learn a little bit about Bitcoin and how it actually works. So yeah, I guess breaking it down for that beginner, if you could just offer a bit of an explanation about how entropy is used to create these wallets? Like, what’s the point of all this entropy stuff?
BitcoinQ_A:
Yeah. So when the typical user would download a wallet—again, from wherever they choose to download it from—when they press Generate Seed or Create Wallet, what that wallet is doing is generating a really long random number. And when I say really long, we’re talking here that—if it’s 12 words—it’s 128 bits or 128 characters long, or if it’s a 24-word seed, then it’s 256 bits of entropy, as it’s colloquially named. So it’s an almost unfathomably large number that is generated at random, generally speaking, using a random number generator that’s contained either within the software or on the hardware or within a browser or whatever software that you’re using. Computers are really, really good at being quite random, and they’ve had quite a lot of time to perfect not having any sort of bias towards the number that they pick. And this randomness is really quite crucial when you’re generating your Bitcoin seed, because if there is some bias or a hole in the method that this number is being generated—and it’s not actually that random—then there is a chance that an attacker or somebody else may actually use a similar method and stumble across your Bitcoin wallet. So that’s why randomness is really, really important. Once the wallet has generated this really long string of random numbers—which is terrible for humans to read—even if you try to write it down, the chances of you making a mistake are incredibly high. So we have in Bitcoin something called BIP39, which is basically a standard as to how Bitcoin wallets—which 99% of wallets have adopted this standard—get from that really long, horrible string of letters and numbers that look like an absolute mess, and to encode that into either a 12-word seed or a 24-word seed that most people listening to this will be fairly familiar with. The reason that that is done is obviously: a 12-word phrase—using generally English words—is far more approachable and easier to write down and stamp into steel. Some people choose to memorize it, although I wouldn’t advise that to most people. We’re using the English dictionary at the end of the day, and it’s words that people have used their whole life, and that’s far more approachable and manageable than a 256-string of ones and zeros, or hexadecimal—it depends on how you choose to encode it. So the tool aims to show you all of that. So if you click into the entropy side of things, you’ll see the raw binary, which are the ones and the zeros, which are the raw entropy, if you like, that are used to encode the seed—without getting too deep. You’ll also see various different ways to encode it. And of course, you’ll see the 12 and 24 seed words that you’ll be familiar with. So it’s designed to show you as much or as little as you want to see so that you can either literally just load the page and just click generate, and then you can see all of the different ways that are used to encode the randomness that is used to generate, ultimately, your seed words, which you’ll be familiar with.
Stephan Livera:
Sure. So just summarizing for listeners who are trying to stay up to date or stay with us here: you can think of that like it’s this massive, massive number, and what your wallet—or most Bitcoin wallets are doing, nowadays—is that they are just representing that, in a sense, with these 12 or 24 words. And that’s what this BIP39 thing is doing for us. But actually, in the background, as you were explaining, there’s this entropy, there’s this root key, there’s this fingerprint. If you could help explain what some of these concepts are for us? So what’s this BIP32 root key? And what’s this fingerprint?
BitcoinQ_A:
Yeah. So BIP32—again, the clue’s in the name—BIP32 is another one of the Bitcoin standards, one of the earlier wallet standards that was adopted. It is another way of encoding this entropy, essentially. The BIP32 root key, which you’ll see on the page, it starts with xprv—x-private, essentially—and then a really long string of letters and numbers, which are essentially a mess, again, that are not so human-readable. But that was like an earlier standard before BIP39 as to the way that wallets were deterministically generated, so that if you pass the same entropy through the standard within BIP32 a hundred times, as long as you’ve got that same entropy, you’ll get the same result on the other side. Again, it’s not very human-readable, so that’s why BIP39 came in later on to make that more approachable. And the BIP32 fingerprint—people listening to this who have used hardware wallets may have actually seen the term fingerprint using their hardware wallet signing device and not knowing what it is. It’s essentially—well, I guess the clue’s in the name, it’s a fingerprint—it’s like a short ID for the combination or for the seed words of the wallet. So let’s just say you were to set up your signing device and generate a seed—that will generate a root fingerprint which is like a short identifier that you can just quickly check to say, Ah, yep—that’s my wallet. If you were to then be a bit more advanced and, say, add a passphrase to this wallet, that would actually change the underlying root key and essentially create a brand new wallet. The result of that would be that you would get a new root fingerprint, which again, because it’s so short—it’s six or seven characters long—it’s just a really quick identifier to say that, if you have multiple wallets protected by different passphrases, they will each have their own root fingerprint, and it can be like a quick reference so that when you’re switching between these wallets, you can just have a quick look at that root fingerprint to see that you’ve entered your passphrase correctly, for example.
Stephan Livera:
Yeah. And so we can think of the passphrase—like, it actually does change what the addresses will be. It’s creating another whole account. And I think this is an important point just for people to understand that difference. So a seed—a 12 or 24 word seed—a passphrase, and then you might have a device PIN, or some kind of control at that level. And that’s distinct from the passphrase. So that’s just an important point for people to understand, because people can sometimes confuse passphrase with PIN on the device, as an example.
BitcoinQ_A:
Yeah, exactly. So if you were to load the tool up and just hit generate and get yourself a 12-word seed, you can then open the BIP39 passphrase section of the tool. And if you were to enter anything into that box—literally just the number 1—you can see the BIP32 root key change so that you can see the impact that adding just a single character essentially creates a brand new wallet. Now these passphrases can be as short or as long as you like, and one of the things that we added to the tool was a bit of assistance on generating a passphrase. So in the example that I used—just using the passphrase number 1—is a terrible passphrase. And because it’s so short, it’s obviously really easy for a semi-sophisticated attacker that’s got some brute-forcing software to try multiple iterations of common passphrases would stumble across that passphrase in a matter of seconds. So we have a little tool in there where you can actually roll dice to generate a more secure passphrase—that’s using the Electronic Freedom Foundation’s Diceware list, essentially. So all you would need to do here is tick the passphrase box, roll dice, keep rolling dice until you see the words pop up—all you have to do is pop the results from the dice rolls into the tool and it will map that to the long Dicewear list that the Electronic Freedom Foundation provides to generate a fairly good random passphrase. And a neat little tool that we’ve added is that, if you just add one word, the tool will give you an estimation for how secure that passphrase is in terms of how long would it take an attacker, as an estimate, to break that passphrase. And you can see the difference between a three-word passphrase that might take a day as soon as you go to a four-word passphrase: it jumps up to centuries. So that’s the sweet spot for anybody looking to explore passphrases is: four words seems to be the sweet spot for going between something that is very likely to be hacked if somebody was to discover your seed words, and something that’s almost unfeasible, given the current technology, to break into.
Stephan Livera:
Yep. And probably just one other point, just rewinding back just for listeners to help make sure everyone’s following along: the whole point with HD, or the hierarchical deterministic wallets, is this idea that those same 12 words or 24 words will always generate these addresses and these private keys and these public keys—meaning, once that wallet has given you the 12 or 24 words, if you were to lose that phone, as an example, you could get another phone or another hardware wallet, and you could basically put in that same 12 or 24 words and guess what? It’s gonna generate the same public key, private key addresses, et cetera. So I think that’s an important point for listeners if you’re new just to make sure you understand that. So that way you are more familiar with manipulating these different tools and devices. But at the same time it gets complicated because if you’re thinking from a security point of view, you don’t want to enter in the 12 or 24 words into an online-connected device. It’s best to do that into an offline device. Like into your hardware wallet if you can or into an offline computer, that kind of thing. So just so people are aware.
BitcoinQ_A:
Yeah, definitely. So I see two sides to this tool. There’s the online version which you can visit at bitcoiner.guide/seed—obviously that is connected to the Internet. It’s hosted on my server. And I see that side of things as the playground where you can go in, just generate an unlimited amount of seeds, have a play with some dice rolls maybe to generate a seed and/or your passphrase, or you could maybe even use coin flips or cards out of a deck. And obviously that’s on an Internet-connected device, as you correctly said, Stephan, and that potentially may have some malware on your computer or your phone, and so it’s obviously not desirable to be using this with seeds that you’re gonna generate with live phones. The absolute best way to do that, again, as you said, is on an offline hardware wallet or signing device that literally has no way to connect to the Internet—that’s obviously the most secure way to do it. You can, of course, use this tool offline. There’s a download button there and advanced users might want to add that to Tails OS, which is an operating system that runs off a USB stick and forgets everything every time it’s powered off. Or you can just use it on a laptop that’s got either the WiFi switched off or the WiFi card removed, depending on how far you want to take it. Of course that’s more of an advanced feature, so I see the main value here is more of an education piece where people can go in, generate seeds, passphrases, look at the impact that that has to different addresses and accounts and child seeds and stuff like that.
Stephan Livera:
So it’s definitely very valuable from an education point of view, even if you’re not planning to use this seed tool in practice—it’s useful even from an educational point of view just so you can understand a little bit about, Hey, what happens when I have no passphrase? And what happens when I put a one-word passphrase? What happens when I have a five-word passphrase? And so then you can see what that does and how that changes your addresses. And so then this is useful for us when we’re learning about how to use those addresses. Now, of course, we understand that maybe for the total beginner, this might be a bit overwhelming, but it’s useful for us as you’re learning, as you’re going from beginner to intermediate, or intermediate to advanced, to try to understand a little bit about what’s actually going on in the background. Because it can be useful for those who are trying to do more advanced security setups, and obviously for people who are in an education role, just so that you understand what you’re talking about before then you go to try to orange pill your friends, so that you’re giving them the right guidance. Also, on security as well, sometimes we can get a bit like really going into all kinds of nuances before a person’s ready for that. So it’s also important just to understand what level is this person at so that you’re giving them the right information, choosing the right tool for the job. But there’s some other points we should touch on in the tool as well. So you’ve got a BIP47 here. So do you want to just give a bit of an explanation: what’s BIP47? And how’s that represented in the Seed Tool here?
BitcoinQ_A:
Yeah, so BIP47 is a Bitcoin improvement proposal that offers what’s known in the space as private stealth addresses. So wallets that adopt BIP47 are able to generate unique wallet addresses between a sender and receiver that are only known to the sender and the receiver. So currently the only two wallets that have implemented this are Sparrow Wallet and Samourai Wallet—who’s had this functionality in it for years. So one of the main benefits of BIP47 and why people might want to use it—I think the donations piece is a really great example—so we saw the unfortunate situation that unfolded with the Canadian truckers where the same addresses were used repeatedly for multiple donations, which made it trivial for governments, chain analysis firms, et cetera, to monitor the flow of funds into the addresses that were controlled by the people who were collecting the donations for the truckers. If that cause and that same method was followed using BIP47, every time that a new donation was sent from a new person, that would’ve automatically gone to a brand new address in the receiver’s wallet, so that it would be far more difficult for anybody who’s surveilling the chain. They don’t have that one single address or collection of, say, 5 or 10 addresses that they have to watch to see all of those funds flowing in. And in the Canadian truckers [example] we’re talking millions of dollars here, so it wasn’t small change. So to flip that back to BIP47, it’s just a method of automatically deriving private addresses that are only known between the sender and receiver. So to tie that into the tool: of course at the top of the tool, you’ll have the opportunity to either generate seed automatically using the inbuilt random generator, or you can provide your own entropy to generate your own 12 or 24 word seed. And derived from that master seed is essentially the BIP47 standard of what we call a payment code. So a payment code starts with PM8T. After that—again, Bitcoin has a habit of doing this—it’s a really long string of letters and numbers that looks like an absolute mess. With that payment code, I could combine that with, say, your payment codes, Stephan, that let’s say I wanted to send you a tip for your podcast. I could use my payment code and combine it with your payment code to follow the standard that is defined within BIP47 to generate an address that only you or I know so that I could send however many sats I wanted to into BIP47. So with the tool, obviously you get your own payment code, which is derived from the seed words. And then I can paste in your payment code in the counterparty details, and that will give me a list of unique addresses—again, only known to me and you. So let’s say I don’t have an Android phone and I also don’t have access to Sparrow wallet, but I wanted to pay to your payment code. I could actually use this tool to generate a private address to send to you and then send that using any wallet, essentially. Obviously, this is a far more convoluted way than just downloading Samourai Wallet or Sparrow Wallet, but essentially it opens up the ability to send to BIP47 addresses to anybody that’s willing to use this tool and go through that process that I’ve just outlined.
Stephan Livera:
Right, yeah. And so I think one of the main barriers so far has just been that not a lot of wallets have this—obviously, I’m supportive of more wallets having it, but to date it is only two. But hopefully, if more wallets were to implement this then it could become a very quick and easy way for a person who needs to take donations under more adversarial conditions where maybe they do not want those addresses all tied together so easily. And so this is where a person could—even if they’re at a protest—they could literally have a QR code with their PayNym on it, or with their QR code of their payment code. And so even though it looks like a QR code, actually encoded into that is the PM8T et cetera. And then anyone who sees that even on TV could literally pull out their phone and scan it and pay and donate in that way. And I mean, that could be really useful, right?
BitcoinQ_A:
That was a great example, what you said: these truckers could have just had a QR code on the side of their truck and that would be all they need to receive BIP47 donations. The flip side to that to be able to do it properly using the other tools that are available right now would be to run something like a BTCPay Server—which, again, includes in the name—it requires a server that’s always on that will generate a fresh receiving address for every new visitor that wants to go and send that donation. Obviously that’s a significantly higher barrier to entry than just downloading Samourai Wallet or Sparrow Wallet and printing out your QR code and sticking it on the side of your truck. So the benefit here is massive in terms of barrier to entry versus the alternatives, which, as great as BTCPay Server is, it’s just we’re not gonna get absolute new beginners going through that paying process to receive donations—initially at least, anyway.
Stephan Livera:
Yeah. And so I think for now it seems like people are just going to use static addresses—I’m not supporting that, but I’m just saying that’s what typically people are doing today—but hopefully, over time, technology improves and we find ways to make that smoother and slicker and easier rather than everyone just doing one single address. And then it does also bring in an implication from a privacy point of view, because then if people are using static donation addresses—they’re taking all those donations into one address—then it becomes a lot easier to trace what’s happening on-chain afterwards, unless they are privacy-conscious and they know, Okay, I’ve received all these funds into this static donation address. Now I’m gonna start using a CoinJoin and other privacy-preserving techniques to then remove and break that link. But again, that’s getting a bit more into the advanced side of it. So before we move off the tool, I also want to talk a little bit about BIP85 as well. So what’s BIP85? And what’s the treatment in the seed tool today?
BitcoinQ_A:
Yeah. So BIP85, again, is a Bitcoin standard—I’m a huge fan of it. It’s called deterministic entropy, but essentially what it means is it’s a way of taking your master seed words and generating an almost unlimited amount of what’s called child seeds from that master seed. So let’s say I go into the tool and I generate a 12-word seed. And I write that down and that’s gonna be my main wallet seed let’s just say, for example. I can open up the BIP85 section of the tool and specify that I want to generate what’s known as a child seed from my master seed that will then spit out another 12 or 24-word seed that is what we call deterministically linked to the master seed. So there is a repeatable way that I can go from my main seed to that child seed. So what this means is that I could generate an unlimited amount of these and give one my wife, one to my brother, one to my mother, and they could all have their own wallet seeds. And if I was to know my family like I do, the chances of them listening to my warnings and saying, Make sure you write this down, make sure you keep it somewhere safe, this is your Bitcoin—it’s crucial that you write this down. If they were to not do that and then they lose their phone and they’ve got no backup, because BIP85 provides a way to deterministically regenerate those same seeds all over again, all I’d have to do is use a BIP85-compatible hardware wallet or this tool, and I would know that I gave my wife BIP85 child seed number one, I gave my brother number two. I could regenerate that as many times as I want—I could do every day for the rest of my life if I wanted to. So it’s that extra level of backup without actually needing to back anything else up. All you need to know is the index number of the child that you gave, which, if you start from zero and just work your way up, then it’s trivial to work out which is which. So it’s a really great way that you can be Uncle Jim to your friends and family without having to be awash with 10 or 15 different seeds that you need to back up on their behalf, knowing that they won’t do it themselves. The other flip side that you could do is that you could use this to actually populate the seeds of different mobile wallets. So let’s say that you use your secure offline hardware wallet to generate your main master seed that you’re gonna back up and potentially protect with a passphrase—you could then use it to generate these child seeds that you then populate in your Samourai Wallet, your Blockstream Green, your BlueWallet. Again, if you choose to do so, it removes the need to back those up. I would always advocate to back them up, but I understand why people might not want to do that. So it just provides another great bit of optionality where, thanks to this deterministic standard, we can regenerate those seeds without the need to back them up.
Stephan Livera:
Yeah. And like you said, for people who are intermediate or advanced-level Bitcoiners, they probably have multiple wallets, right? They might have a Lightning wallet on their phone. They might have another one that they’ve got for their LND or Core Lightning. Or they might have something for different hardware wallets in different states. They may have like a warm hardware wallet and a really deep cold hardware wallet. They might have all kinds of different setups. And so this BIP85 style allows you to just have one seed to rule them all, per se, and different indexes to specify for all of these different child seeds off of that. And that can be handy—instead of having to have all these different sheets of paper all over the place—to specify for this. And I mean, as another example, you might even have a BTCPay Server with a PayJoin seed, and you might have that there as well—that’s like another seed. So it’s just a useful way to keep all of these things in one way. I think it is still a relatively new technology and standard, so it probably needs a bit of time before people are familiar with it just to actually use it. I mean, for now I think people would still just have this situation of different seeds, but the option is there, so that’s the important part. I also wanted to talk with you a little bit about some of the different approaches and the ways things are going in the space. So while it’s true that the BIP39 seeds seem to have won in the marketplace for ideas and products, at least for the most part in terms of hardware wallets and the typical Bitcoin mobile wallets and even some of the typical desktop wallets—the Electrums and Sparrows of the world are using these kinds of seeds. There are still other kinds of seeds, right? There’s like the OG Electum seed style. There’s the LND aezeed style. And there’s even, like as an example with Muun Wallet, it’s not using the typical 12 or 24 word seed that most people are used to—it’s doing this output descriptor approach with a different backup style. I’m curious your view on that just also as an educator in the space? And obviously I’m sure you’ve played around with many of these different wallets and setups yourself. Do you have any thoughts there around the potential confusion that this can create with all these different seed standards and styles?
BitcoinQ_A:
Yeah, I think, as you correctly said, BIP39 has won as it currently stands today. And I’m a big fan of simplicity: telling somebody to write down 12 words and knowing that that is almost universal across the whole space is a great position to be in, especially, like you say, from an educator perspective or just from an Uncle Jim perspective. I do worry a little bit around wallets forking off, if you like, and taking different approaches. But only from a standpoint of—I think you covered it on a previous podcast quite recently of: we’ve got too many standards, so I’m gonna introduce a new standard to rule them all. And then all we get from that is just another standard and then the problem snowballs. That’s not to say that wallets like Muun Wallet in their approach is bad—I’m all for people, wallets trying new things. I think experimentation is a good thing, but I don’t personally see much of an issue with BIP39 seeds currently, so I’m not one of these that’s trying to move us off that standard. I think it’s widely adopted—it’s got the legacy acceptance. And yeah, that’s not to say of course that there’s [not] gonna be new Bitcoin standards that might come out that will completely blow BIP39 out the water—that might be output descriptors, particularly from obviously a multisig perspective—but I think BIP39 is king. And I think it’s here to stay for the time being.
Stephan Livera:
Yeah. And look, I’m probably with you there in terms of long-term security, multi-signature. And the educational aspect is probably for that reason why so many people are using BIP39, because there’s a certain Lindyness, if you will, to them because people have just used them for so long and they’re used to recovering them even from one particular hardware wallet type into another hardware wallet type and recovering the same coins just into another hardware wallet, because it is typically using the same BIP39 style. I think the difference may come in the future when there’s more advanced things. Or I think in the example with Muun—to steelman for a second, even if I personally do still think the BIP39s aren’t going away anytime soon—the steelman would be something like, Well, we’ve got new things coming: we need Lightning, we need better multisig, and for this reason, the ecosystem is gonna have to go to output descriptors anyway, so therefore we’re just gonna have to get used to this new approach where the backup isn’t literally just the 12 or 24 words, but rather it might be different backup standards that let’s say Muun Wallet is doing, as an example, where they e-mail you this recovery page and you have a separate password and you need those two pieces to recombine them into regenerating and recovering your coins, whether that’s using Muun Wallet or some recovery tool or some other thing.
BitcoinQ_A:
Yeah, I think that was a really great example of: Muun, in the happy path where you’re just generating a wallet within Muun Wallet and you’re just happily transacting with it—and Muun is still around—and if you lose your phone, it’s trivial to repopulate that into a new Muun Wallet. That’s absolutely fine. But the fallout from that is: because they’re out on their own, they only have a command line tool to recover that, which most Muun Wallet uses probably—I’m gonna go out on a limb here and say they don’t even know what the command line is, let alone feel comfortable enough to try and recover a Bitcoin wallet in there. So I think that’s the danger where we’re getting to that crossover period where new standards might be emerging, but because it’s not widely accepted that most Muun users without Muun would have a difficult time recovering their Bitcoin—and that’s not a great place to be. And again, that comes back to why BIP39 is so great because of that wide acceptance where it’s, Okay, I’ve got my 12 words—Samourai Wallet’s disappeared. They’re nowhere to be found. I’m just gonna throw that into BlueWallet and Oh, hey, press that—I’ve got my funds back. So I think obviously we’re always gonna get that position where new standards are emerging and one wallet’s gone off on their own to adopt that. And again, time will tell as to what the best approach is. And that’s going to play hand-in-hand with the new standards that are emerging—again, like you say.
Stephan Livera:
Yeah, for sure. And even from a recovery point of view, I know Luke Childs wrote a recovery tool and that later became a part of Electrum, I believe. And I actually believe there’s something similar now in Sparrow Wallet as well, where it basically will use the known pathways and go check all of those if you type in that seed. So I suppose that’s something also important to know for listeners if you’re thinking about, Oh, how do I recover? Like let’s say your father was a Bitcoiner and he passed away and he’s left this seed and you don’t really know how to do anything with it—what’s the safe way to recover? Firstly, how do you check whether there are even coins on this seed?
BitcoinQ_A:
Yeah. I mean, again, most wallets do use the standard derivation path, which makes recovery great. But then as wallets add different functionality like CoinJoins within Samourai Wallet, obviously they choose to segregate their accounts out to provide an easy best practice for users to segregate their coins—it’s done for them. Sparrow Wallet does exactly the same thing, and I’m sure there’s other wallets that use different derivation paths as well. Obviously you have to have a minimum amount of awareness that that exists so that if you were to take your Samourai Wallet seed that’s got funds in various different accounts because you’ve been doing CoinJoins and then throw that into BlueWallet, that you’re not gonna have a real shock when you only see a third of your funds. So obviously there’s websites such as walletsrecovery.org, that detail all of this, but understandably most new users aren’t gonna be aware of that. So I think that comes back again a little bit to education around the space, and particularly for the tools like Samourai Wallet and Sparrow that do adopt these different derivation paths that are non-standard, if you like, that users are made aware of that so that if the worst was to happen and they do need to recover their funds elsewhere, that they have a method to do that. And like you said, Sparrow Wallet does an auto-scan of those commonly used non-standard derivation paths. So I think it’s a combination of education and tooling that are gonna make this easier as time goes on, yeah.
Stephan Livera:
Yeah. And the other big one is just around multi-signature. So it may be that, Okay, people have a small spending amount in some hot wallets and things, but really what you really care about is that you are able to successfully recover the multisig part—like the big, deep, cold multisig—let’s say you pass on or et cetera, you need to make sure you have that information. And maybe that will be handled by the Specters and Sparrows of the world having their recovery sheet. And that recovery sheet or information being readily available for the family and the heirs, so they know what to do and at least know the public keys of the different components of that multisig. I’m just curious if you have any thoughts on that? Or anything you want to elaborate on there?
BitcoinQ_A:
Yeah. So you rightly said the tools have taken it upon themselves here to slowly convene towards a standard. So if you use Specter or Sparrow, when you create a multi-signature wallet, they will both give you the opportunity to say, Do you want to save this what we call public information so that you can recreate the wallet elsewhere? It’s not security-sensitive information, it’s more privacy-sensitive information, so that somebody could look into the wallet but not be able to spend from it. This is one of the main reasons why I tend to steer new users away from multisig for as long as I can. Again, often the most secure setup for new users is the simplest one, because more people lose their own coins than they do get them stolen from them because their 12-word seed was stolen. So simplicity is almost always the best approach for most Bitcoin users, because when you start talking about output descriptors and xpubs and fingerprints and things like that, you start to baffle brains a little bit, and that’s where people get confused, and that’s where most losses occur. So again, the tools like Sparrow are making this really easy. So it’s just: download this PDF or save this text string. You could put it in a password manager or write it on a piece of paper or take a photo of it—whatever you want, because it’s not, per se, secure information. So they’re making it a one-click exercise, but it comes back to the knowledge of your heirs—if you’re not around—do they know what to do with that information? And that’s where the added complexity of multisig comes in and why I keep harping on about keep it simple for as long as you can.
Stephan Livera:
Yeah. I think that’s some very good advice. And so while you, the more competent Bitcoiner who really wants to do all this stuff, I think for listeners you have to make sure that you are thinking about how your heirs would be able to recover that. And that might mean keeping this recovery information on some USB sticks that you leave in certain locations known to the family or things like that, where obviously it’s not the private keys, but it might be the public key information, or it’s this recovery information that’s held for them. And then in terms of your guidance that we are giving as an Uncle Jim, as an educator, you’re telling them, Hey, keep your setup simple. Don’t overcomplicate these things, don’t try to do something fancy, stay on the well-trodden pathways like the typical 12 or 24-word seed. Or if you have a passphrase, make sure you have a backup of that passphrase. And actually something I typically do when I’m coaching a newcoiner is I’ll basically say, Don’t use a passphrase at the start—just learn just as it is. And then in the future, you can look at upgrading or changing your setup once you’re comfortable, or once the number has gone up enough that you now think, Okay, I need to improve my security standpoint.
BitcoinQ_A:
Yeah, that’s definitely sound advice. I’ve had conversations with a lot of people that have screwed themselves with passphrases and whatnot. And I think this is where the tools like the collaborative custody come into play a little bit, the value that they can offer if you’re less worried about being super-private when interacting with Bitcoin. And tools like Casa and Unchained offer that helping hand and high guiderails in terms of putting your super cold storage or setting up a super cold storage with their help and them holding one of the keys in a multisig quorum so that they can help you but not steal your funds is a really great proposition for people who—you know, most people don’t come in and ape in with thousands of dollars worth, but there are people who do that and they might need more of a helping hand that a 12-word seed on a mobile while might not be suitable for because they’re a high net worth individual. So there’s so many different approaches that you can take, and combinations of different approaches that you can take. And I think, yeah, the best advice I can give is to start really slow—and this is for most people who are coming in maybe with a couple hundred dollars worth—start with a phone wallet, then look into maybe a desktop wallet that’s got some more functionality, and then look into a hardware wallet signing device. And only then once you feel really comfortable using all of those different tools and you’ve tried out the different wallets and got comfortable with the one that resonated with you, then look into the more complex stuff like multisig, et cetera, or collaborative custody. So there’s so many different approaches. Just take your time and don’t get overwhelmed in the early days.
Stephan Livera:
Yeah. And I’m curious as well in terms of—let’s say you’re at a Bitcoin meetup or a newcoiner is asking you questions and saying, Hey, Q_A, what Bitcoin wallet would you recommend? Does that play into your mind about if that wallet is BIP39? So as an example, would that change your decision if a beginner wants just an easy Lightning wallet? Would that change your mind about whether you point them towards Breez or Phoenix—Phoenix has the 12-word seed, but Muun doesn’t—would you be more likely or more inclined to send them down that pathway of, Hey, start with Phoenix because you get the 12-word seed, and then later that’s gonna prepare you for when you get your hardware wallet and you get the 12 or 24-word seed. Whereas if you go with Muun, it’s like another whole paradigm to learn.
BitcoinQ_A:
Yeah, exactly. I’m a BIP39 maxi if you’d like to say that. So I always gravitate towards the simplest approach—I keep saying simple in this podcast, but it’s really powerful. So yeah, I always gravitate towards wallets that adopt that standard purely because the guides that I’ve written are all geared towards that. And like you said, I don’t have to go and explain, Okay, well if you use this wallet, it’s gonna give you a 12-word seed. But if you use this wallet, then it’s gonna give you a 10-character number, it’s then gonna send you an e-mail—here’s what you need to do with those things. Oh, and by the way, if they disappear, you have to use this command line tool to do it. Whereas the easy way is, Okay, download BlueWallet, download Samourai Wallet, write down those 12 words, keep them super safe outside of anybody else. And if they disappear, you can put that into pretty much any single wallet on the market today. Obviously, when you add Lightning into that, the whole backup situation becomes a little bit more complex, but thankfully we’ve got these hybrid models like Breez and Phoenix that obfuscate that away each with their own trade-offs. But from an onboarding perspective they’re great so that people can get exposure to both on and off-chain with minimal exposure to the technicals while still only being backed up by that 12-word seed.
Stephan Livera:
Yeah. And if you’re keeping it simple for a newcoiner, that’s probably the value there of using the BlueWallets and the Samourai Wallets of the world, because they are giving that typical 12, 24 words, and with Samourai Wallet, it’s 12 words plus a passphrase. And so generally it’s all in that same paradigm—you’re not having to teach them an entirely different paradigm now once they’re trying to upgrade into hardware wallets or into multi-signature at a later point.
BitcoinQ_A:
Yeah, exactly. They’re already familiar with the terminology of seed words or mnemonic phrases. It’s a process that they’ve gone through before so that they might have a mobile wallet that they’ve got comfortable using. They’ve sent a few transactions in and out. They’ve stacked a little bit more Bitcoin now. You don’t have to re-explain the paradigm of seed words if they were to go and buy a hardware wallet, because when that hardware wallet shows them those words on the screen when they generate it, they go, Oh, I’ve done this before. Okay, right—I know that these words are crucial. I need to write these down. I should probably stamp them into steel, maybe. But these are the crucial bit that I need to back up for this cold storage wallet. So it’s just: you don’t have to reinvent the wheel every time that they take the next step up the learning journey, if you like.
Stephan Livera:
And so then, yeah, maybe in practice for our newcoiner friends, it’s: start on a mobile wallet like a BlueWallet or a Samourai Wallet or a Phoenix or something and get your 12-word seed and have that. And then when you’re ready, it’s time to upgrade to a hardware wallet. Now, okay. Yeah, you’ve got your 24-word seed—it’s a similar kind of paradigm. So you just have your two different seeds—of course it depends if they want to do BIP85 or not. But I mean, whether they do or not, if you’re just having two seeds, it’s probably manageable. And if one of them is only for smaller spending wallet money anyway, it’s not as much of a problem if you lose that one. The really important one is obviously the cold storage hardware wallet, or multisig, if you’re going that way. So I think those are probably a few useful tips there. And Q_A, I don’t know if you have any other thoughts around writing guides in the space, because this is something you’re known for. You’ve got the website bitcoiner.guide. So do you want to just share a little bit of an insight? What kind of content and stuff people can find on bitcoiner.guide? And what was your thinking around making some of that?
BitcoinQ_A:
Yeah. So bitcoiner.guide has been the culmination of a couple of years’ worth of work, really, that started mid-2020. I was going down the rabbit hole myself—and I still am, of course—getting involved in various different Telegram communities and learning a lot off people that were kind enough to spend their own personal time to teach me the different tools and concepts and how to use different things. And it got to the stage where I slowly turned into that guy that was helping other people that were coming into the space. And I started to notice the same things as you would expect come up time and time again. There’s certain concepts that people find difficult to understand. That’s when I started to—rather than copy-pasting the same Telegram response over and over again, I started to build out this website with guides to using the most common wallets, guides to how to interact with Bitcoin privately, how to obtain Bitcoin via no-KYC methods such as HodlHodl or Bisq. And pretty much if there’s a wallet on the market that was pre this year, you’ll very likely find a simple guide on how to get started with it. Most of the guides on my site are generally quite short and to the point so that it’s more geared towards: this is what this all does, this is why I think it’s great, and this is how you can get started with it. So most of it’s short-form stuff because that’s where I find most of my value when I’m reading guides. So I think there’s a lot of great long-form articles in the space that go into the how and the why of Bitcoin and why it’s great and why it’s gonna be the next global reserve currency. And that’s not my schtick—my schtick is: these tools are great, they’re only powerful if you actually use them and understand them, so let me help you with that. So yeah, you can find anything from multisig, various different hardware wallets, privacy, no-KYC, Lightning. If there’s a Bitcoin concept out there, there’s probably a guide for you on there as well. So yeah, if anybody wants to check it out, obviously there’s plenty of content there for people to get stuck into and it’ll probably take you a good few days to read through all of it back-to-back.
Stephan Livera:
Fantastic. And so yeah, for listeners, just in case you’re not aware, I do recommend you check out the website. You can think of it kind of like a quick-start guide for a lot of different things in Bitcoin Land, whether that’s privacy, multisig, buying non-KYC coins, securing your coins, all kinds of things. I have even included links to that even inside other things when people ask me—I’ll send a quick link here. There are times where I point people to your work there. So probably a good spot to wrap up there. But just to summarize and talk a little bit about, Okay, what did we learn in this episode? So, the Seed Tool is this educational tool and it teaches some of the key concepts around seeds, BIP39, passphrases, and some of the different concepts around what addresses are generated by this. I think probably some of the key points, as we’ve been talking about, are to generally keep it simple, keep it accessible, whether you’re learning about Bitcoin yourself or whether you are a listener and you’re trying to help educate your friends and teach the newcoiners and precoiners out there. Q_A, any closing thoughts for listeners? And of course, where can people find you online and on Twitter as well?
BitcoinQ_A:
Yeah, great summary of the tool. I’d just like to see it as a bit of a playground where you can go in, generate an unlimited amount of seeds without fear of losing any funds or anything. It’s also a great tool for generating a seed, maybe adding a passphrase to it, and just make a note of the first couple of addresses that are generated, then reload the page, start from scratch and just practice recovering that with those 12-word seeds and that passphrase and see if you can do it and get the right addresses regenerated again—that’s essentially when people like Stephan and I talk about, Check your backups, Practice recovering from seed words—you can do that with this tool and just get comfortable with that process without actually having to do it with any live funds. So just use it as a playground, just click buttons and see what happens and learn and just use the tools, as Diverter would say. If you want to find my website, you can go to bitcoiner.guide, and if you want to follow me on Twitter, I’m @BitcoinQ_A.
Stephan Livera:
Fantastic, well thank you for joining me Q_A.
BitcoinQ_A:
Thanks, Stephan