SLP526 Don’t Lose Your Coins with NVK

How do you prevent loss of your coins? What are some critical steps that are commonly missed? NVK and I discuss a recent case of a HODLer losing 25 BTC, as well as talk about updates in Bitcoin security.

Links:

X: @NVK
Nostr: npub1az9xj85cmxv8e9j9y80lvqp97crsqdu2fpu3srwthd99qfu9qsgstam8y8
Site: CoinKite.com

Sponsors:

Swan.com (code LIVERA)
CoinKite.com (code LIVERA)
Mempool.space

Stephan Livera links:

Follow me on X @stephanlivera
Subscribe to the podcast

Podcast Transcript:

Stephan (00:02.828)
Hi, everyone. Welcome back to the show. The Stephan Livera podcast, a show about Bitcoin and Austrian economics brought to you by swan.com. Today, my guest rejoining me is NVK from CoinKite. Welcome back, NVK.

NVK (00:15.67)
Hey man, thanks for having me back. It’s been a while.

Stephan (00:18.595)
Yeah, been a while since our last chat on the show. And of course there’s always, you know, new people learning about Bitcoin. And sometimes the listener base is sort of churning over a little bit. So obviously there’s lots of things. Right. Yeah, that’s, that’s true. I think it’s, it’s funny because people sort of comment online like, Oh, I didn’t listen to podcasts anymore. I’m kind of like, yeah, it’s a cycle. Like not everybody, you know, people listen when they’re new and then sometimes they listen to specific episodes and you know, that’s okay. That’s, that’s, that’s normal.

NVK (00:28.962)
The cycle always restarts.

NVK (00:40.878)
That’s right.

Stephan (00:49.103)
I think it’d be interesting to start with your reactions on. So there was a recent, well, incident where a hodler unfortunately lost 25 BTC. Now I know you commented on this. The objective of this is not to, you know, is to not to attack or criticize that person, but just to as an educational story for people. There was an individual who posted on X.

that he had lost 25 BTC. And I know you commented on this also. So do you have any reactions to share?

NVK (01:22.002)
Oh, absolutely. And I’ve talked to him privately a little bit. You know, I think it was it was quite brave of him to sort of like talk about this publicly. You know, like nobody wants to be the quote unquote idiot who lost a bunch of Bitcoin. Right. Like it sucks to be in his position. And it’s very unfortunate. You know, there is some developments that maybe save his Bitcoin. But that’s besides the point.

Anyway, so I’m thankful that he talked about it publicly and hopefully like everybody learned a little bit about it. The story really is he had his seeds, well first of all he was using paper wallets, right? Because his coins predate harder wallets. They were a very old setup. And he had his seeds on the password manager.

Stephan (02:00.496)
Yeah.

NVK (02:17.794)
which is an absolute no-no, right? And I think this was a great example of don’t bake your own security setup, even if you’re pretty smart about it. Don’t ever have private key material on general purpose computers, right? Contrary to some commentary by…

by folks online. Don’t take your Bitcoin security advice from Twitter. So essentially, don’t use general purpose computers. They’re not designed to hold secrets. Even if you’re an ultra smart person using cubes OS on your specific vintage of IBM ThinkPad or whatever, just don’t do that. Because see, time passes and you forget stuff. Maybe you pass and your family has to recover.

And another thing too is that maybe you do have a perfect setup and maybe you broke up with your girlfriend that day and you’re in a pretty sort of like disjointed mood and not paying attention and you accidentally plug in the wrong USB drive on the computer and then money gone. So anyways, so that’s I guess like the biggest take from this is like here’s like another example of don’t use computers for Bitcoin.

NVK (03:43.891)
And, you know, we do have harder wallets. I can speak for a cold card and, you know, you don’t hear people losing money using a cold card. It’s a whole different thing. It forces you to have good security hygiene. It forces you to make backups. Ideally, you use it air gapped. And, you know, like, it’s just an astronomical improvement in security.

Stephan (04:12.523)
So the key, I think, in this case is, as you said, this individual was keeping keys on a password manager, which was also an online connected password manager. And I can understand in one sense because these keys were from 2012, I believe, and that predates BIP39, you know, and the current hardware wallets or hardware signing devices model.

But I guess maybe there’s also a question around updating of setup as well. Like, no, it’s not to say that you shouldn’t be updating your setup super often, but maybe that’s also a question that, you know, perhaps, again, not to attack this individual, but it’s something that, you know, yeah.

NVK (04:50.611)
Mm-hmm.

NVK (04:58.85)
There is no attack. He’s very aware that like, you know, he is now the poster child of Don’t Do This, right? Like, he was pretty cool about it. Like, you know, like, don’t feel shy about it. Like, he understands that we’re going to use him now as an example of Don’t Do This.

Stephan (05:16.535)
Yeah, yeah.

NVK (05:16.77)
And so to touch a little bit about the upgrade is, you know, say, for example, you bought your coins on an exchange, right? And, you know, don’t move fast and break things, right? Like we’re not saying like immediately go, withdraw everything into your cold card. The first move you do don’t do that. Okay. You know, we draw 50 bucks worth of Bitcoin to a phone wallet, learn how to send and receive Bitcoin, you know, learn how to make backup of the seed.

Learn how to recover the seed on the phone wallet. Play a little, get comfortable with the primitives of how Bitcoin custody works. And then you set up your code card, read online. We have lots of manuals on our website on how to do this right, depending on how much money you have. You’re going to probably set up a passphrase. You’re going to have a nice little key ceremony, where you’re going to go and stamp your keys into metal as well.

You know, you’re going to send a little bit of money to it. You’re going to task recovering the backup. You know, you’re going to maybe play a little, and then you send the rest in, right? Like when you’re absolutely comfortable doing so. I think it’s very important for people not to rush, but also for people to move their asses. Right? Like, you know, be somewhere in the middle.

Stephan (06:30.255)
Hahaha

Stephan (06:34.719)
Right. And I think this is another angle because there are some people where when they’ve just started, when they’re new to Bitcoin and they’ve not learned the lesson of not your keys, not your coins, as we always say, there are people who have not learned that lesson and they don’t have that urgency to at least go and buy a hardware device and to learn how to use it. I think have urgency to get a hardware device and to learn how to use it, but don’t have urgency in terms of like, oh, I need to constantly change my setup.

It’s something that you might change, you know, maybe once a cycle, if you even do, you know, that often, right. And that might be something that, you know, you see, oh, okay, maybe there’s like some better technology and it’s now well battle tested. And I’m, you know, I’m sort of comfortable with that. Now is the time, or maybe I’m now better. Like I know how to do multi-signal as an example, right. Like, and, and then, you know, you’ve been playing around and you’re comfortable with how to do this and okay, now it’s time to upgrade to multi-signature. That’s sort of, uh, where you might.

NVK (07:07.38)
Mm-hmm.

Stephan (07:32.051)
do this, but it’s not something that you take lightly. I think that’s the other thing that I’ve found when I’m trying to teach people how to self-custody coins and things like this. Sometimes the actual biggest problem I find is that the person doesn’t understand how seriously they need to take it. They just sort of lackadaisically write down 12 words, 24 words, but then they don’t take it seriously and keep them safe. It’s like, no, you need to treat this…

NVK (07:53.833)
Mm-hmm.

Stephan (08:01.039)
like you treat your passport, like you need to just explain that to people, the importance of this, because there’s no bailouts here.

NVK (08:09.942)
Well, it’s not like a password, right? There is no reset. It’s just money gone either because it got taken or because it got forgotten, right? I mean, there is no redo. So, self-custody comes with a lot of responsibility.

But I really think it’s fairly straightforward. It sounds scary, it seems overwhelming, but it’s not. I mean, like Natalie Brunel just did on her show, like totally new, just set up a code card and got it going, right? Like it’s totally able to use it. So people who are a little bit less technical can totally do it, right? It’s just a matter of putting a little bit of effort, trying to understand what’s going on.

and get it done, right? Because like we can’t, if we make the setup too much easier than whatever it is now, it means you’re now trusting some other part of the system. And each abstraction that we do causes another level of complexity and trust, right? So this is for example, one of the reasons why we don’t have an app or a computer wallet, right? Because for example, it just happened now,

right, that there were a fake Electrum, a fake, fake blue wallet, a fake foundation wallet, a bunch of fake wallets on the App Store. I might be getting some of the names wrong, but there were a bunch of fake wallets on the App Store and Apple approved them and a bunch of people lost money. Right. So, you know, it’s important for people to sort of pay attention, stay on their feet, but still do it.

Stephan (09:56.611)
Yeah. And so I think the other challenge for people is maybe they’re looking online and they don’t know who to trust, right? They sort of don’t understand who’s a reputable person and they just sort of see random comments online. Do you have any thoughts on how people should deal with that? Who should you look at as who’s offering, you know, good security advice, and who’s offering bad security advice? Do you have any advice for people there?

NVK (10:19.394)
I yeah, I mean, that’s a tricky one, right? Because like in Bitcoin, you know, we don’t have like a cathedral, right? Like it’s not like there is a official source of truth. Um, I think that’s where knowledge comes into play. That’s why it’s important for you to read and come to your own conclusions. But you know, reality is, you know, there is a three major hardware wallet providers, right? Like.

you know, cold card, treasure ledger, right? Like there is, you know, like some podcasts that have been around forever, right? Like there is some Lindy in some of the opinions in this space, right? So you can use the Lindy that these people have, right? The history and the reputation that some of these people have in this space as a heuristic of like, okay, you know what, like I should take this person’s opinion seriously. You know, I don’t only listen to one person, maybe I have a few.

that I want to sort of like listen and have my own conclusion from. Right. But I think it’s, you know, like there is enough and good enough out there that like we’re safe. Right. Like most people don’t lose money. So start from that premise.

Stephan (11:34.191)
Right. And I think it’s important to point that out because like nowadays, it’s social media can blow up one example and make it look like, Oh, wow, everyone is losing their coins out here. And I think that’s not reflective of reality, but it can be, it can present a view that’s not representative and that can trick people as well. So I think, you know, the key points are look for things that have been around for a long time, things that are battle tested, things that are have some level of, you know, popularity, although it’s not.

NVK (12:03.086)
Professionality, you know, like, right? Like, like or dislike reality is commercial products, like they do come with some assurances, right? You know, there is people to sue, there is, you know, there is money being injected into like improving the product, right? There is reputations to be had, right? And profits to keep.

Stephan (12:03.863)
Yeah, right, right.

Stephan (12:27.887)
Right, there’s a customer support team.

NVK (12:30.154)
Yeah, I mean, it’s like classic capitalism, right? I mean, you make something good, you create a reputation, and the free market will sort of push it to the top, right? Because it’s good. So that’s something to keep in mind, right? Like, don’t go fiddling with things when you’re talking about real money, right? Try to find things that are sort of battle-tested and market tested.

Stephan (12:55.235)
Yeah. And so ultimately, I think it’s just coming down to just getting started and understanding and just following some of the guides out there, right? I think I might actually do, this is one of those things where I should probably do a video guide myself of, okay, here’s how you set up a code card. Here’s how you do these kinds of things. So yeah, so that’s out there. Obviously, there’s well-known people out there, people like our friend Matt O’Dell, our friend BTC Sessions. They’re all out there doing great work in terms of showing you like…

NVK (13:09.922)
Please do it. Absolutely, people need that.

Stephan (13:23.703)
Literally, here’s a video, here’s how you set it up, here’s how you write down the 12 words, here’s how you generate a receive address, here’s how you receive the coins into it. Those are the key sort of steps to take. And let’s now talk a little bit about, as you mentioned, a little bit about the space, what’s going on and what’s evolving and changing. Let’s talk a little bit about the Q, the new device that you have, which I understand is coming out soon.

NVK (13:48.242)
Yeah, it’s kind of funny, right? I always come on to talk about the painful things, right? I work in security, therefore, I’m here to always talk about that. So yeah, so now we have a new device coming, the CodeCard Q. It’s Q for QWERTY. So it has a full keyboard on it for people who want to type passphrases and passwords and things. It’s going to have a QR scanner, secure QR scanner.

It has two SD drives, it has like a big screen now, so you know, my friend, my boomer friends can read better on the screen.

Stephan (14:27.727)
Yeah, and you’ve got even like standard battery charging as well, right?

NVK (14:30.578)
Yes, yes, we have three AAAs, USB-C, and NFC. There’s like a lot to this device. This whole thing started as me and Doc Hex really wanted to build a mountain man device, like the device I wanna take to the woods with me and do my Bitcoining.

And then like there was enough demand. They were like, okay fine Let’s just refine it a little bit and make it into a product because everybody wants one. I’m actually quite surprised That the people want like a big harder wallet, but you know, it does feel great to the hand It does feel like you know what your money is safe in it few is an important thing and Yeah, so it should be coming hopefully early next year We’re pretty much done

The main thing is just sort of like some plastic iterations and unfortunately plastic suppliers move too slow But aside from that, it’s like we’re there It’s pretty exciting

Stephan (15:34.439)
Gotcha. And so also, this has a bigger screen. So I presume you’re going to make use of that bigger screen for the users. So as I understand, it’s going to be some similarities with the code card, like the Mark IV, but with new features and things like that. But you’re going to make use of the bigger screen in some other ways.

NVK (15:50.957)
Mm-hmm.

NVK (15:56.458)
Yeah, so we are, see security was still sort of like paramount, right? Main reason why we don’t choose a touchscreen, because touchscreens can’t really be secured in the way that people think they can. And we, the way we designed it, right, is very rudimentary, so that like lowers complexity and lowers attack surface. So it’s not going to be like, you know, a Windows like sort of UI on it, right?

it’s still gonna be fairly sort of like code card like UI on it, but bigger fonts and like, you know, you’re gonna be able to type in things and it’s a lot easier to use because of that bigger screen. And you’re gonna be able to see full addresses and, you know, as we have multi-sig, tap script scripts and other things too, you know, you’re gonna be able to have more visibility over things and the QRs are bigger on the screen for you to scan and

That sort of stuff, right? It’s a huge upgrade in legibility. Let’s put it this way.

Stephan (17:04.771)
Right, and then also for the more advanced users who want to verify more things, bigger screen might make it a little bit easier. So as an example, when you’re setting up a multi-sig quorum, you might want to be able to quickly read what are the other Xpubs in this quorum, things like that you can scroll. Now you can do that on the code card now, the Mark IV, but I presume with the bigger screen, it’s gonna be a little bit easier to do these things.

NVK (17:16.407)
That’s right.

That’s right.

NVK (17:23.646)
Yeah, I mean, it’s much nicer, right? The Address Explorer is much nicer already on the bigger screen. And now we have this, we’ve sort of started switching things a little bit. We have this new concept of a seed vault, right? So Mark IV already has this update, where you can keep multiple seeds in the same device. And you can even store passphrases as a seed in the device as well. And you can also store XOR parts in them.

Stephan (17:37.212)
Gotcha.

NVK (17:53.202)
It’s just like more flexibility. It’s this idea of like, this is a device to handle secrets, right? That may be multiple seeds. That may be some passwords. And you can sort of like handle all that safely in a secure environment, right? And then when you lock it down, it’s like locked down.

Stephan (18:10.815)
So it sort of, it allows you to use these more ephemeral seeds, let’s say. And that might be useful in the context of like managing, you know, other people’s or other setups. If you’ve got multiple setups, or let’s say you’re being Uncle Jim for your mom or something.

NVK (18:22.846)
Yes, that’s right.

NVK (18:28.682)
I mean, realistically speaking, most people have multiple seeds, right? And they need to be able to handle that. Not everybody is using BIP-85, which is deterministic seeds. So they might need to be able to load some seed QRs to recover a broken raspberry pie or something. They might need to essentially manipulate seeds.

And we wanted to make that as safe as possible and also make it either temporary, so read only, or make it so you can store it and you can do both. Cool thing, too, is that, like, you know, you can have one device and then maybe you say you don’t want to have the two seeds on the same device, you can get a second device migrated over just that seed securely and then delete on the previous device. It’s just flexibility because the main issue is like people should not be handling seeds.

right, unencrypted around their house, right? Like that is a really bad thing. And so we wanted to make it so that you can handle all the seeds that are around in a secure environment.

Stephan (19:36.527)
I see. So that means like in the vault environment or in the secondary or third location, that’s where you can be manipulating the seeds and doing this sort of thing as opposed to in your house with everything there. And I guess while we’re here, we should chat a little bit about the QR codes, right? This has evolved a lot over the years. I think just a few years ago, you had to do everything either plugged in or with a microSD.

And only recently, I think the QR codes have become a lot more popular. And we’ve seen support for the QR codes in things like Inspector Desktop and Sparrow and Nunchuck and things like this. So do you want to just comment a little bit on where QR codes are and where you’re seeing that with the cold card queue?

NVK (20:23.086)
So, like, I still, like, personally, I am a fan of the sneaker net for very cold operations because I don’t necessarily want the hardware wallet close to the computer where I’m broadcasting a transaction, for example. So, you know, I want to travel to the location where the seat is, do the transaction, take the micro SD out with me, and then travel to some other place and then broadcast it, for example.

But that’s just me. Like, you know, that’s like going very paranoid and like it’s a whole other sort of ball game of security, right? But you know, like having a QR scanner is a nice thing to have. It’s just that like up until now, all the hardware wallets, what they’re doing is they have a general purpose camera sending all that unfiltered data to their processor, right, where their CD is in memory. It’s terrifying.

You know, like you could try to have a buffer overflow kind of bug there. There’s all kinds of things you can do. So we spent quite some time trying to sort of like understanding one, you know, if it’s worth doing it and to how to do it safely, right? And what we arrived to is we got a, it’s a QR scanner, right? It’s not a camera, just a camera. It’s a scanner module, right? And this module will read.

the barcodes or QR codes or a few other things. And you will return over serial, which is almost like a firewall just because it’s so simple, just the string that you’re looking for, right? So it’s not sending all that data to the processor of the wallet. I know it’s a little technical and people are gonna gloss over, but it’s important. So essentially like we have a very, very sanitized piece of data coming in.

And that’s how we do our QR on CodeCardCube. And I think it’s really good. And my personal preference for this is it’s for address double checking. So for example, in your computer, when you’re receiving money, you can scan the screen and double check that address that Sparrow generated is correct and is not like a virus QR or something. That’s right.

Stephan (22:41.231)
Yeah, as in that you truly hold the private keys associated for that address. It’s like checking, it’s like, it’s known as checking your receive address. Yeah.

NVK (22:47.062)
So exactly. So that’s a great use case, I see. I really dislike the current animated QR. We might support it. We might not support it. I’m still uncertain on that. We might just put out a new spec. Because you see people trying to scan those animated QRs. It’s like, it’s horrific, right? It’s a pain. So we’re trying to sort of like.

Stephan (23:07.623)
It’s a pain, yeah.

NVK (23:13.254)
put some real thought into it, come up with some good standards. And if we do, then we’ll make it easy for people to sort of implement and stuff. That’s still up in the air. And we’re also going to support seed QR, so people can import those seeds. And yeah, so there’s a bunch of different stuff.

Stephan (23:30.935)
Yeah. And so just to clarify for people, so there are QRs. I mean, you can use all kinds of things to, you can encode all kinds of things into a QR code, but in the Bitcoin context, there’s different things that you might be encoding. In some cases, as you mentioned, there’s seed QR, which relates to the, you know, the 12 or 24 words, or you could be doing PSBT, partially signed Bitcoin transactions, or you could even be doing something like the multi-signature configuration file, you know, the output descriptor file, that could be encoded into a QR.

And then there’s the other angle of like you’re scanning it and then you’ve got to read it back because you know, if you’re in Sparrow or Spectre or something you might be scanning it back out of the device because that’s now the completed PSPT. So these are some of the different ones. I understand maybe that’s a little bit of jargon if you’re new but these are some of the different types that your device together with your software or the client can be

And so I guess one other thing just kind of thematically, this is something I’m seeing now is people are sort of talking about how they want to bring a certain level of UX, a certain level of experience to make it easy for the customer. But at the same time, you’ve mentioned NVK, just earlier you were mentioning there’s only a certain amount that you can simplify. So could you just elaborate there for people, why is it that there’s a certain level to which you can go with that, but going beyond that actually creates

security risks.

NVK (25:01.354)
Yeah, so for example, I highly discourage people having, for example, CQRs around the house, right? Because you just made it easier for a camera to see a seed. You know, your computer has a camera, your TV has a camera, you know, your phone has a camera, everything has a camera. So like, you know, things like that. Everything is not without trade-offs. I just think that people need to put some real thought into it.

Stephan (25:27.791)
Right. And as an example, it’s like people are talking about, you know, maybe not as much in Bitcoin land, but in Altcoin land, there are people who are sort of talking about these, you know, NPC style setups where maybe they don’t necessarily know what are the underlying seeds. And so then they can’t necessarily go and recreate that. Right. So it makes it more difficult from a reproducibility perspective or a verifiability perspective. Even if it makes it easier, it, you’re sort of making trade-offs in other ways where that user cannot

now verify things as much. And so that’s where this notion of having 12 or 24 words and doing a multi-sig setup or doing some of these setups, that’s where I think that’s where you’re seeing it, right?

NVK (26:01.857)
Yeah. Yep. Oh, I think you got cut off there, Levera. Hang on.

NVK (26:10.966)
Sorry, I got cut off there. I think the internet got a little murky there.

Stephan (26:16.151)
Oh, right. Okay. So basically, I think the point is that some seed or some having seed phrases, as you I think you’ve mentioned, the way you said it is like having seeds are a superpower, right? Like this idea that you can take seeds and there’s a certain level of reproducibility and verifiability to what you’re doing with that, as opposed to other contexts where maybe you don’t know if it’s custodial, you don’t know if it’s like NPC, but you don’t really

NVK (26:29.299)
Yes, absolutely.

Stephan (26:46.071)
And so then you’re not as able to confidently understand what you’re doing or the user is not able to confidently understand what’s going on. And it’s also not as portable. So it’s like, you can’t take the seat out of this device and put it into another. And it still works as part of the multi-sig. I think these are some of the things that are maybe subtleties of Bitcoin and multi-signature and security that are not so clear. And I think what we’re seeing now is a whole bunch of people who are

NVK (27:01.079)
That’s right.

Stephan (27:14.703)
you know, maybe builders or developers and designers in the space. And they’re coming in saying, yeah, look, see, oh, look how bad it was in the early years. I’m here to make it better and look at my new setup that I’ve really simplified for the user. But maybe there’s an element there to which you can oversimplify things and the user is not aware of kind of what’s being given away from a security perspective.

NVK (27:39.622)
Yeah, I mean, you know, again, trade offs, right? More complexity could give you more security, but it also gives you more complexity, you have more room for error and room for problems. I don’t think there is perfect answers. And you know, maybe there will never be perfect answers. I think people are just gonna have to sort of like find the solutions that work for their needs. I think most people need different solutions at the same time.

Right. So for example, you want your phone wallet for Lightning. You want your phone wallet for small amounts of Bitcoin. Maybe you want a little bit more Bitcoin on your phone to travel with a tap signer and nunchuck. Right. And then, you know, and then you have your code card with passphrase. Maybe you have a code card without passphrase. And then maybe you have a multi-sig for like some deeper sort of colder storage. Right. And then, you know, I’m not even going to get into MPC and all that stuff because it’s so early there. Right. We don’t even know what that looks like yet.

But it’s going to happen. You know, one of the purposes of the SatsLink is for people to create like coordinators for MPCs and for, you know, try to experiment with Frost and all that stuff. So, you know, again, it’s early, right? You know, the banking industry have been doing this for, you know, 50 years, 100 years digitally. And, you know, we have been doing this for 12.

Stephan (28:54.033)
Yeah.

Stephan (29:04.235)
Right. We’re trying to speed run security in Bitcoin. I mean, in fairness, there’s some things that Bitcoin, Bitcoin is and Bitcoin companies have innovated. And I think some people say, oh, it’s too hard to self custody of Bitcoin, or it’s too hard to manage it overall. But at the same time, they neglect all the security failures that are happening in normie fiat finance world where maybe people are losing their banking credentials or, you know, they’re losing your people’s

NVK (29:07.544)
That’s right.

Stephan (29:32.635)
data is getting hacked and lost. And we’re hearing about the Equifax hack where so many Americans had their private information hacked and stolen. And for better or worse, we’re all going to have to learn to manage some of these cryptographic secrets and learn to use password managers and things like this for better or worse. And so I think this is also showing why people have to just fundamentally spend a little bit of time.

learning at least the basics of doing Bitcoin security in terms of your self-custody, at least if you wish to be self-sovereign. So one other area, so you spoke about the tap signer a little bit, could you just explain a little bit about the tap signer in terms of how you’re, how are you seeing people using that now in terms of November, 2023?

Are you seeing more and more people trying or playing around with that for multi-signature or is it maybe more like they’re using it as an in-between instead of like fully phone hot wallet, they use it as like a somewhat more secure device than just the phone hot wallet.

NVK (30:44.334)
I mean, we’ve sold like piles and piles of this stuff. It’s fairly affordable, right? So like people are really experimenting, but I really think the two sort of main use cases really shine so far that we see people using a lot. One is for travel, Bitcoin wallet. So say for example, you wanna take a non-trivial amount of money, not your savings, right? But non-trivial amount of money with you when you travel, say, you know, five, 20 grand worth of Bitcoin, right? Like, because I don’t know, maybe you wanna buy a car when you arrive.

place. Who knows what people are going to do with it, but they do it. And what we see people doing is they will have the funds on Nunchuck with a tap signer either as the signing key or as a co-signing key for that amount. So that if they get stopped by say border agents or somebody like that, or even a robber on the street, they don’t have to be worried that they can be forced to give the money out. So we’ve seen a lot of this.

so far. And the other thing that we see a lot is people using as long-term, like, multi-sig quorum kind of HODL, right? So they’re using the Nunchuck 2 out of 3 or the 3 out of 5 kind of thing. You know, they have a code card. They have a co-signing Nunchuck. They have the tap signer. And they use it that way. We’ve also seen people do that with Sparrow on the desktop with the reader.

This is very conducive to enterprise, right? Enterprise is okay having little readers around and they do use it that way. I guess the third other case, that’s right, right? People are used to sort of storing a card, right? And I guess the other thing that we’ve seen that’s really cool is people using it as a two factor authenticator.

Stephan (32:22.383)
And it can be stored in people’s wallets even. Yeah, be going.

NVK (32:36.862)
you can use it as that, right? So you can use it to log in into your company systems and not sort of like trust some backdoor UBI crap or any of that final stuff that we all know it’s, secure quote unquote.

Stephan (32:52.955)
Yeah. And when it comes to tap signers, I guess one area people might be a little bit hesitant, it’s just this idea of a blind signing device. Now, some of that is, of course, the trade off here is the cost, right? It’s a cheap device and it’s accessible in that, but then it doesn’t have a screen. So there’s kind of a trade off there of course, maybe that gives people a little bit of pause there.

Do you have anything any comment there on the aspect there of it just blind signing so you don’t necessarily know what it’s signing.

NVK (33:25.398)
Yeah, so it doesn’t know. It’s just blind signing. It’s a message digest signer. It just challenges you for the pin. It’s meant to be that simplistic. So that, again, it’s one of the keys. It has trade-offs. One of the trade-offs is that it doesn’t have a screen. But it does give you that insane sort of extra security if you’re using this in a quorum. Because now we have an extra key that is on hardware and is a different hardware. It’s a different vendor.

for this chip, then we use it for on a code card, for example. And it’s very cheap as well. So you do gain a lot in that sense.

Stephan (34:07.313)
Gotcha, OK. So let’s talk a little bit about the Sats Link. I know you did a demo of this at Nostrasia. And as you mentioned, the idea is this is like an experimental device. And could you just explain a bit about where you see people using the Sats Link?

NVK (34:22.954)
Yeah, so right now, this first iteration is for nerds. I’m just going to put that out. It’s like, stop here if you’re not a nerd. So essentially, it is a ESP32-based device. We are adding a secure element to it. It leverages the same case as the code card queue. That’s how we made it economical. It has a QR scanner. And so the device.

is essentially designed to be a sort of like a embedded general purpose computing device, right? So kind of like a Raspberry Pi or something like that, but a little bit more restricted. And it’s very low battery use as well, which is kind of great. So anyways, it has Wi-Fi, you can connect peer to peer to others. So you could use it for communication. I do a demo of that on Nostrasia. The video is out on the on the SatsLink Twitter account.

And you’re going to be able to say, for example, build a Frost coordinator. You’re going to be able to use, you know, to do a lightning wallet because it’s connected. Right? So there’s all this slew of things you could do that you can’t do with your hardcore code card. Right? Like this is sort of like a warm, hot device that you can use for things. And you don’t have to trust a phone because again, phone super ultra complex device is amazing. But, you know, again.

it’s like backdoor system and all that stuff, right? There’s a lot going on in there. While this device, gonna be able to do a lot of those functions in a more sort of restricted stack that allows it to be quite secure.

Stephan (36:05.239)
Yeah, and so when it comes to Nostra uses with SatsLink, what does it look like?

NVK (36:13.878)
Well, I mean, you can chat. You know, like we can have a little chat app in there, so you can talk locally. For example, Mesh, P2P. You should be able to talk back to the internet as well. You know, it’s fairly early on Noster. So maybe this is your Noster signer. We’re working on NIP 41, which is essentially like a key rotation NIP.

And with that NIP, maybe this device has your master key. And that’s what you use to sign your new keys in case your previous key got compromised or something with a website. So at this point, it really is sort of like experimentation and trying to figure out what people need and how it’s done. And then as we sort of progress on that, then we can change the form factor, change the design to sort of pursue a path.

uh… that the party to sit on

Stephan (37:12.515)
Yeah, and you also mentioned Frost earlier. Now, for listeners who are unfamiliar, I’ve got episodes on Frost. You can check those out. They’ll be in the show links, in the show notes. But NVK, can you explain a little bit of your thoughts on where Frost is at, whether you’re interested in supporting that from a hardware perspective? Yeah, and yeah, basically, where do you see Frost and are you interested in it from a hardware perspective?

NVK (37:33.239)
Heh.

NVK (37:37.526)
Jesus, so I think we did like two episodes now on Bitcoin review pod, like about it. It’s a whole rabbit hole. So like Frost is multi-party computation, essentially, right? It’s a single signature, but you use multiple keys to create a single signature. It’s quite complex. So we’re still trying to figure out how that fits with hardware wallets.

We don’t have a good schema yet on how to do it on hardware wallets, because you do need to pre-share non-sys. There’s no perfect spec yet, so it’s early. So I don’t have good answers yet, Levera.

Stephan (38:21.859)
Yeah, fair enough. I mean, I’m just curious if it’s something you see, if you’re bullish on it in general, but you’re sort of still curious how it would work from a hardware perspective. I think those seem to be, that seems to be where people are at this point. Also, we should talk a little bit about Miniscript as well. I know, as you’ve mentioned, you’re an investor with AnchorLink, and, oh, sorry, AnchorWatch, rather. And I know that they are sort of

bullish on using Miniscript as part of Bitcoin security and for insurance purposes, we’ve got things like Liana as well. They’re sort of software and related very much to Miniscript and using that. I’m curious how you’re seeing Miniscript use and how that might evolve with hardware.

NVK (39:14.006)
It’s the same as Frost, right? I mean, Miniscript is one of those things that, like, we do have an edge release that does support Miniscript. It’s something that Rob from Anchor Watch and Trident is using already. You know, we think there is an interesting future there. You know, you can do it with a Tapsigner as well, if you’re not using Schnorr.

NVK (39:41.866)
And we sort of want to see where it goes. Right now, I personally don’t like any of the implementations, like just because I don’t like the idea of having to rotate UTXOs for all the deprecating, for the, how do they call them? Not deprecating, multi-siga.

Stephan (40:01.811)
Oh, like the degrading multi-seagull, whatever it’s called, yeah, yeah.

NVK (40:04.746)
Degrading multi-sig. Yes. I’m still not a fan of that sort of solution. It is what’s possible right without covenants I think all this stuff is gonna be very interesting once we have covenants Until then it’s kind of like not quite there in my opinion

Stephan (40:21.167)
Gotcha. And just to explain for listeners, so this is referring to things like CTV, Check Template Verify, and the idea is currently, if you want to do these sort of more fancy setups, they would require a regular refresh or cycling of the UTXO, maybe once a year or once every whatever. But in a covenants context, if we had some of these soft forks like CTV and OpVault and things, you might, you can take away that requirement for cycling the UTXO, which maybe makes it more interesting.

NVK (40:50.07)
Yep. That’s a good way of putting it.

Stephan (40:53.259)
Yeah. OK. So let’s talk a little bit about HODLers. And we’re probably, well, fingers crossed. It looks like we’re entering a ball cycle now. And

NVK (41:02.542)
And then the price just dropped to daily, it’s over. Bitcoin is dead. It’s dead.

Stephan (41:05.463)
It’s over. It’s over. All right. Let’s have another two year bear cycle. But I think this is a time when there’s going to be the questions around the life cycle of a hodler and how many people they start out on a platform and maybe it’s a custodial platform and then they learn to self custody and maybe they start with a phone wallet and things like that. How do you see that journey evolving in this coming next year or two?

NVK (41:36.93)
I don’t know man like you know like ETFs is what the suits need right? I mean like realistically speaking like we don’t have a choice on that like they need those vehicles They’re not gonna buy and hold Bitcoin You know I tweeted as a joke that like you can fit all the ETFs in a single code card You know, but they don’t get fees right so you know the I Really think that we’re gonna have

a fiat versus sovereign Bitcoin parallel environments coexisting for a very long time, much longer than what the bigger Bitcoin bulls think. I really think that there is eight billion people in the world and that causes inertia. These people use fiat, right? So everybody’s invested in making fiat work. So.

It’s a lot of inertia. It’s like the Titanic, right? Like, sure, it might hit the iceberg, but like, you can’t just turn it, right? So I think the best case scenario is actually going to happen. I think we’re just going to have a peaceful, slow move from fiat to Bitcoin as the fiat is sort of like sinking, but it’s going to be very slow. So, you know, like, I don’t, I don’t, I’m not like a doomer.

either. Like I don’t think, you know, everything is just going to collapse. You know, like if you turn off your computer, it’s amazing how everything is fine. You know, turn off your TV, turn off your computer. Like the world is just fine. You know, sure, things are not as great in some places or whatever. But like, you know, ultimately things are still OK. So so, I mean, I know it’s like a bit of a deviation of your question there. But I think it’s like.

we have to sort of like acknowledge as Bitcoiners that like, you know, things are not gonna go in how we think. Everything is gonna happen faster than we think and slower than we want.

Stephan (43:40.671)
Yeah, for sure. Will a lot of users end up stuck in a custodial context, right? If they can’t afford to go on chain.

NVK (43:47.198)
Absolutely. Yes, absolutely. Like reality is, you know, Bitcoin doesn’t change human nature. It just enable humans who want an out to have an out, right? So, you know, I still think we’re gonna have part of the distributions of like, you know, it’s gonna be 20% of the people only who are gonna be interested in real Bitcoin, right? And maybe 1% of that sort of goes and takes the Bitcoin really off the exchange.

Reality is like most people don’t want freedom. They just want a better sell, right? So, you know if they have access to number go up through their you know, a City bank Bitcoin account they might go that way. Is that horrible? Yes But you know, that’s sort of like the human sort of condition right like people will go on the path of least resistance now What’s amazing about Bitcoin is that everybody else who doesn’t want to participate in this insanity can?

can just exit, right? We can just opt out. And that’s the true power of it. Like we have a voluntary system to opt out. And the Citibanks will protect our HODL too, because they’re HODLers, and it’s in their interest that Bitcoin doesn’t break. The game theory on Bitcoin is perfect that way. So I think that the tools for self-custody are going to improve. I think the.

the self-custody or partial self-custody tools are gonna be so good that people will be in a better place than having fiat in a bank, right? So maybe they’re gonna do a Citi Bank plus, I don’t know, plus Amex Bank where each bank has one key. So neither bank can rug pull the user alone. You know?

I don’t know. That’s the majority, right? Like the majority of the people are going to be stuck in the hellhole, but they just might have a better hellhole. Now for the people who do want freedom, who do want self responsibility, who do want to, you know, withdraw from the exchange, put in their code cards, you know, that future is already here. Like we already live in that, right? So like it’s, I don’t even talk about that stuff as in the future, right? It really is now.

NVK (46:08.638)
So it’s like how many people can we wake up to join us before regulators make it harder or less private?

Stephan (46:19.395)
Yeah, I think there’s going to be a lot of people who unfortunately get a rude awakening. Of course, you help people who you can, you help the people who can be helped. But fundamentally, there’ll just be a lot of people who unfortunately, you know, hold paper coins or whatever. But at the same time, like you mentioned, there will still be possibilities for multiple institutions set up. There’ll be possibilities for, you know, Uncle Jim style setups.

there’ll be all these other ways that people can get started with hodling. And like you said, this already exists today. Even if you look at the UTXO account, I think before you looked at all the ordinal inscription stuff, it was maybe around 85 million. So that would be pretty much the upper bound on how many actual sovereign Bitcoin users there are. And in practice, we know it’s less than that because people have multiple UTXOs. And so it might only be a fraction of that in terms of who actually hold

coins, non-custodial, even today, it might be like 10 million or something like that, right?

NVK (47:24.502)
Yeah, it’s, you know, we, it’s like we don’t know, we don’t know anything. We don’t know where we’re gonna go, how it’s gonna be. It’s just a fun ride.

Stephan (47:38.627)
Yeah, I think it will be a fun ride as things go, you know, like, yeah, there’ll be some downsides too. But I think, I guess the question people might have is, if a lot of other people go custodial, does that impact those of us who are sovereign? Do you think that there’s some kind of negative externality of people just going custodial?

NVK (48:00.67)
Yeah, I mean, you know, this happened to gold, right? This is how fiat won. Remember, gold had a nice 5,000 year run and then the fiat MMT people like literally like killed gold. Right? You know, gold at like whatever, like sub $2,000 is like literally pathetic, right? It’s hilarious. Like you lost. Yeah, no, you lost, right? Like, I mean, take it out of its misery. You know, so like the thing is though, like Bitcoin is so…

Stephan (48:19.127)
Yeah, it should be way higher, right? Yeah.

NVK (48:30.166)
much more interesting, like so much more useful, you know, because it’s divisible, is a temporal, like, you know, like it’s like transmissible, like, you know, it has all these properties that like, it’s hard not to upgrade to it, right? So it’s gonna be hard for them to sort of do what they did to gold because it is better, right? Like it is better than Fiat. It’s not just gold 2.0.

It’s actually better than fiat and gold combined. So in that sense, the technology itself is good and the technology itself is open, right? So it’s very hard to contain it. Now, you know, like if you are living in some jurisdictions, you know, like, and you don’t wanna break the law, you know, it could become complicated, right? Because they’re gonna have some expectations of like, you know, KYC or whatever, you know, they might even say you can’t hold Bitcoin, right?

Totally possible. So is it like realistically enforceable? Probably not, right? But you don’t wanna be in a position where you’re breaking the law. So I think what’s gonna happen is like people are gonna move and we’re gonna have concentrations of extreme wealth of Bitcoiners in some spots and those places are gonna win and places that don’t have those Bitcoiners are gonna lose. It’s like…

You know, you look at the amount of coders that moved from like India, China, to Iran, moved to like, you know, Silicon Valley or, you know, Texas and places like that, right? And, you know, like you have brain drains, right? In these countries that have like, you know, laws that are not appealing to the people who have the brains and are productive. So, you know, and with Bitcoin, people can just like get up and leave.

Right? Like they can just take their take their seat and go. So, you know, sure, you might be breaking the law on the way out, but if you’re not planning on going back, it’s kind of like, fuck it. Right. And Bitcoin sort of gives this opportunity now to a lot of people. So countries are going to are going to first fight and they’re going to then eventually realize that there is nothing they can do except for like, you know, make it, make it better for, for Bitcoiners to be there.

Stephan (50:55.183)
Yeah. And so even in the worst scenario there, it’s like you’d still rather be holding some Bitcoin than not. Right. That even if they were to try to seize coins, you’d rather be at least in a position where you have some wealth than have all your wealth inflated away. And I think it’s also important to understand, as you mentioned, there are certain technological differences about Bitcoin that make it so much better than gold, right? With the

NVK (51:12.382)
Oh, you got cut off there again, Levera.

Stephan (51:21.947)
current fiat world that we have today, we have one central bank, we have the Federal Reserve and they just sort of, you know, every other country is just sort of Federal Reserve plus their own country risk, as our friend Safe Team says. But in a Bitcoin world, there could be tens of millions of lightning banks and there could be maybe someday with further technological improvement, maybe hundreds of millions of lightning banks, lightning-enabled banks, let’s say. And of course, if you hold enough coins, you can be fully self-sovereign and be your own bank.

right, which is something, as I’m sure you recall, that was the thing people said in the early days of Bitcoin is be your own bank. So it’s dramatically different. And it also incentivizes people doing bank runs, right? Because if they think someone’s going fractional, they’re going to start just going, hey, give me the coins or send them out to somewhere else. And so there’ll be these games where if a certain financial services provider in the future is rumored to be going fractional.

that’s going to cause this massive rush for the exit. And I think that will be a dynamic that just remains in place. Even if not all 8 billion people can self custody, I think enough can such that bank run threat is there.

NVK (52:37.43)
Yep. Yeah. You know, like, it’s I tend to not focus on, like, the, like, you know, where we’re going to go in that sense. Like, I’d rather just sort of, like, put all the energy into, like, building stuff and, you know, like, you know, shitposting on a number go up, of course. But, like, really, like, just try to create the best technology that we can.

Stephan (52:59.108)
Ha ha.

NVK (53:06.359)
So that we can enable people to sort of like go fight those fights and sort of like take us to a better place

Stephan (53:13.635)
Yeah, for sure. And of course, as you mentioned, I think people moving jurisdictions, I think that is also something that’s really going to force states around the world to actually be more competitive. And so I think that will result in a lot of better things for all of us. So, you know, I think that’s where maybe there’s a impetus for us to encourage self sovereign use of Bitcoin. Yeah, and to, you know, actually,

NVK (53:38.943)
Oh, absolutely.

Stephan (53:42.939)
Like my friend Andrew Henderson says, go where you’re treated best. Go where you can get better tax, lower taxes, less regulation, etc., or at least more favorable environment so that you can hodl your coins and run your Bitcoin node and run Bitcoin mining and all of these things. I don’t want to be too negative or bearish. I still think there’s a lot of reasons why there will be incentive for some countries and certain companies and people to really…

NVK (53:46.474)
Mm-hmm.

NVK (53:58.624)
Mm-hmm.

Stephan (54:11.279)
push this and drive this and be accepting of Bitcoin. And there’ll just be a natural pull towards those places.

NVK (54:18.718)
Yeah, I mean, I’m super bullish. I mean, reality is we have this amazing new money that enables us to be sovereign if we want to. And, you know, it’s designed for number go up. It’s it’s all happening as described. So, you know, like now is just sort of like, let it work and let’s go build stuff, right? Like it’s. Yeah, I mean, it’s a strange.

It’s a strange optimism, right? Like I used to joke this deterministic optimism, right? Like it’s just, it’s just is.

Stephan (54:55.047)
Great. Well, I think that’s a great spot to finish up there. Listeners, I’ll put the links in the show notes. You can find NVK. I’ll put his Nostra, his X-Links. CoinKite.com is the key link for people there. NVK, thank you for joining me and I hope to chat soon.

NVK (55:11.018)
Thank you, Levera. That was great. I really appreciate it.

Leave a ReplyCancel reply