Pamela covers all the basics that both new and experienced users need to know about Bitcoin security in this presentation given during Bitcoin Wednesday in Amsterdam on 19 October 2016. Her talk is full of practical information and is really a must watch.
Transcript
Transcript auto-generated. May contain errors.
So we're going to take a quick poll. You ready? Don't worry, you can't fail this quiz. Okay, ready? All right, so we talked and Andreas asked you already, how many of you have Bitcoin, but I'd like to see your hands up if you have Bitcoin? How many of you have Bitcoin? Okay, great. And how many of you have Ether? Great. And how many of you have Classic? Uh-huh. And how about Lisk? Oh, look out. Here we go. All right. So we have a pretty advanced crowd. And once again, how many of you have no cryptocurrency right now? Okay. People look around, help these people.
Okay. Also, how many of you are working in the industry? How many of you are working part-time or full-time? Great. Okay, look around. And how many of you wish you were working part-time or full-time in the industry? It's totally doable. I started doing this in early 2014 full-time, and if this is something that you want to do, it is totally doable, and it's awesome.
So I want to know just a little bit about who's here in the audience. So how many of you are developers? Coders. Great. Okay? And you can be more than one thing, by the way. How many of you are artists, musicians? Excellent. Good, good, good. We need those people. And how many of you are investors? How many of you are playing with investment? Okay, good. And designers. Do we have any user experience designers in the house? Yeah, we never do. We never do. That's why our interfaces are so tough. Oh, wait, we have one. Yes. Okay, awesome. We need you pretty much on every project we have. And entrepreneurs, how many of you are entrepreneurs? Excellent. Okay, good.
So, as you know, getting Bitcoin is super easy, right? And this is the donation address for Bitcoin Wednesday here. So if those of you who have Bitcoin want to donate, there you go. Bitcoin, getting Bitcoin is super easy. You can get it just by scanning a QR code. You can get it on Twitter as a tip. You can get it in an SMS. It's really, really easy to get. It's super hard to keep.
So, there are hackers and there's all sorts of other things that can happen to your Bitcoin keys. And the good news is that over the past few years, security has gotten much easier. It's gotten much more user friendly. So I'm going to talk today about software wallets, and hardware wallets and how to back up. And I'm also going to talk to you about multi-signature addresses and the CCSS.
So quickly, how many of you use multi-sig? Very good. So I'd say probably a quarter of you. And how many of you know you should use multi-sig, but you're really not clear on what you should be doing? Okay, good. So that's probably another third or so. Okay. We're going to talk about multi-sig and I'm actually going to walk you through a demo.
One more quick question for you. How many of you are using hardware wallets? Excellent. Okay, good. So probably half-ish.
All right, so when Bitcoin first became popularized, most people started out with a single address, okay? And I used bitaddress.org to create this. It's just a little tool. It's open source. It creates a Bitcoin address in your browser. But the thing about this is that it creates one address and notice it says don't send Bitcoin to this address because here's the address, the shared one, and the private key is the secret one. And so any money that is sent to this shared address can be spent or taken using that secret key over there.
Okay? You can imagine that key management becomes difficult, because if you have a different address and a different key for every single address you have, all of a sudden, you start doing transactions with her and him, and pretty soon you've got a hundred different keys, because we all know that we're not supposed to reuse addresses in Bitcoin, right? Yeah, address reuse is bad. And the reason is there's a number of reasons, but primarily it's because, one, it kills your privacy. So every time you reuse an address, people can just see what's happening in that address. And two, most often unless you're using a hardware wallet, you're exposing your private key to an online environment.
So, software wallets came along, and what they really do at their core is just manage the keys for you. So they create your keys so you don't have to go to bitaddress or anything like that and try to create your own key and keep your private key private. These software systems will hold all the keys, they'll generate them for you and they'll actually create Bitcoin transactions. They are available as browser plugins. They're available on your cell phone. They're on iOS and Android. There's tons of them.
I really like these three here. I also like Breadwallet. I like a bunch of them. I really am a big fan of open source, and I think that most of this community is a fan of open source. I think it's much more secure when things are open. And also, you don't have to just have one wallet. You can have a bunch of wallets and you can have them all on your phone.
Hardware wallets are specialized computing devices. You're like, ooh, what does that mean? It's just a little USB. So this is an example of a hardware wallet. This is a Trezor. This is my Trezor. I actually keep part of my Bitcoin on here and I'm going to do a demo for you and show you how it actually works, but this is a little device that plugs into a USB into my computer. It could plug into my phone as well if I had an interface. There are a number of different hardware wallet companies out there. And most of them open source their software as well.
The cool thing about hardware wallets is that I can take this device and I can take it to any computer and I can plug it in and I can do a Bitcoin transaction and I don't have to worry about you stealing my keys. You know why? Because the keys live on the device. So I can go to a public library and plug this in and do a Bitcoin transaction and I don't have to worry about someone stealing my money. That's a really, really powerful tool.
So almost all of these software and hardware wallets require you to choose a PIN. And I know this is really, really basic, and I know we all have PINs for our debit cards and all of these things, but this is just a good opportunity to remind you how to not choose a bad PIN. Like, don't choose 1234. Don't choose your birthday. These are terrible ways. These are ways to make sure that your Bitcoin and your phones will get stolen. So don't do that. Avoid strings if you can.
And one of the cool features of some of these hardware wallets is that they have a PIN scrambling feature. And again, I'm going to show this to you in a minute, but you'll see that there's a square there and the numbers are jumbled up every single time you put your PIN into a Trezor. It gives you a different screen. It jumbles the numbers in a different way. Why does that matter? It matters because that way no one can keep track of which numbers I'm actually pressing because it's displayed on the Trezor device itself. We good? Okay, all right, good.
So now we're going to move to backups. How many of you back up your data regularly? Yay. Okay, good. And how many of you have backed up your Bitcoin wallets? Excellent. Okay, good. If you haven't, your software wallet will probably nag you to death about it. And if it doesn't, then you should try a new software wallet because they should be nagging you to death. And why? Because with Bitcoin, if you lose your keys, you lose the funds.
So I'm going to talk really quickly about what a backup is, how to do it and what the best practices are. If you back up your wallet correctly, you can restore all of your funds on any device, okay? You can restart if your phone gets lost or damaged or stolen, you don't lose your money if you've backed up properly.
Also, one of the things that we do a lot of work on with Third Key Solutions is estate planning and inheritance. So just a quick question for you, for those of you who have cryptocurrencies. How many of you have done any sort of estate planning with them? Oh, good. Very good. So probably a fifth of you? Good. So you need to. If you do have significant cryptocurrency holdings, you should be considering estate planning. So what I mean by that is what happens to your Bitcoin if something happens to you. And you need to be planning for that not only from a technology perspective, but also from a legal perspective.
Backing up wallets, when we were creating our own keys independently, was a huge hassle. And the reason is because the private key is... So, what are the chances that you can copy that accurately and then actually type it in accurately? It's case sensitive, by the way. And it doesn't tell you if there's an error. There's no error checking. And so you can see why this would quickly become cumbersome. And a lot of people were losing their money.
And so, BIP 39 came into play, and BIP 39 is a Bitcoin Improvement Proposal, and it's how we make changes in Bitcoin. BIP 39 allowed us to take that big seed and represent it with English words, which is awesome, because that way, instead of writing down that big mumbo jumbo thing over there that was like XCRQ, you can write down 12 or 24 or however many words that your wallet decides that it's going to use. You can write down 12 English words and you can actually recreate your entire Bitcoin wallet.
So, how this works for the more technical crowd is basically your random key is created and then it's chopped up into bits. And each one of those 11-bit segments relates to one of the words in the library. The words importantly are not determined by the users.
So how many of you have heard of a brain wallet? How many of you use brain wallets? Okay. So sometimes people confuse seed words or mnemonic words with brain wallets. Brain wallets are defined as wallets that you, the user, create. You take your own words, okay? Like, you take 11 random words that you've selected and you make that your private key. That is a bad way to go. And the reason is because humans are terrible at randomness.
They found that after brain wallets became popular, they were actually really insecure and people were losing their money. So I'd recommend that instead of using a brain wallet, you use a traditional BIP 39 service that will create a seed for you. And then you can memorize those words. And then it's basically the same thing as a brain wallet, except it's more secure.
So how do you create these backups? Paper. Yeah, I said it. I said paper. That's right. Paper is so much more secure than holding data on your computer. It's very difficult. As we know, it's very difficult to keep data safe. And so the best and easiest way to make sure that you will actually have your seed when you need it is to back it up on paper. You can make duplicate copies, and I do recommend doing that.
When you write down your seed words, take a second and look around. So for those of you who are new to Bitcoin and who are going to set up a wallet today, take a look around and make sure that there's no cameras. Make sure that there aren't any prying eyes because those seed words that are about to appear, that is your Bitcoin key. So with those words, anyone can steal your Bitcoin. So you want to make sure that you do it in a safe environment. You want to cover your cell phone cameras. You want to make sure that you're doing it in a place where you can keep your private words private.
How do you store a backup? So once you've written down the words on your little card, all of the hardware devices come with little cards. They look like that. Otherwise, you can just print them out. Make sure that you write down your seeds in order. They come in a specific order, and order matters. Write them down exactly as they're displayed in the same order, double check. It's also a good idea to go backwards up the list if you can, just to make sure that you're reading the words correctly and that you haven't misspelled anything.
Once you have those words written down, it's a best practice to laminate them. How many of you laminate your seeds? Yeah, I know. Listen, we're in the security business. You can just go to something like Office Depot or Staples or some sort of office supply store and they have little sheets. You don't have to buy a laminator and all of that. But you do want to make sure that if there's water, if there's a flood or something, you don't want to lose your house and your Bitcoin, that would suck.
Also, you want to make sure that when you back up, you store your backup in a secure location. And what I mean by that is not under the bed. Okay. Don't put it behind your favorite painting. Those are bad ideas. And the reason is because anyone could grab those words and put them back and you'd have no idea. You'd have no way to know whether or not someone looked at your words, you'd have no way to know if they had your key. And also, there's no access control. So you want to try to make sure you have access control.
In the real world, what does this look like? Wherever you put your documents, if you use a bank vault, put a copy in there. Don't put it just blank, though. Use an opaque bag. This is a tamper-evident bag. It's not a tamper-proof bag, obviously, because you could just cut it. But once this is sealed, you can't open it without damaging the bag. So if I were to put a seed in here, I would know if someone had taken it and if the seed was compromised.
You don't have to buy those. I am just showing you best practice. So basically what you would do is you'd laminate your seed. You'd put it in an opaque envelope and you'd store it somewhere secure. For those of you that use multi-sig, and hopefully there will be more at the end of this presentation, make sure that you don't create a quorum. So what that means is if you have a 2-of-3, don't store both of your seeds in the same backup location, and I'll talk about that a little bit more later.
So, I'm going to talk a bit about passphrases. How many of you use passphrases as part of your security? Oh, very good. Okay. So I'm going to do a demonstration about passphrases because I've found a lot of people are scared of them. They're not really sure what they are or how they work, so I'm just going to show you how they work because it's way easier.
So when you add a passphrase to your words, how it works is it actually takes that passphrase and adds it to the algorithm and that's what creates your seed. So what that means is you can type in anything at all and that will create a seed. If you forget your passphrase, you will lose your money. Once again, if you forget your passphrase, you will lose your money. Finally, if you forget your passphrase... It's that important. I'm sorry I need to say it three times, but it's that important. Also, for those of you who are interested in estate planning, if you're using passphrases, you need to make sure that you've backed those up as well, because otherwise your family will not be able to access your Bitcoin.
So let's do a demo. So this is my Trezor wallet. And I want to do this for you in real time. So I'm going to myTrezor.com, and it's loading. I have a custom screen. You can do that. You can make little nerd custom screens, yeah?
Oh. I wonder why it's not working. Oh, what a bummer. Anyone know how to make this work? Very good. We'll just close the whole thing. It's still not working, though. Give me just a second. That's totally not working. It's okay. I do have screenshots. It's just less fun that way. I just got internet again. Okay. For whatever reason, it won't slide. That's okay, because I can do this this way. Can you see this? Yeah, okay, we're going to improvise people.
Okay, so, here's the Trezor. So I'm going to put in my PIN code. Okay, so I put it in, and I'm about to hit enter. All right, now it says, please enter your passphrase. So I'm going to show you what happens if you enter no passphrase. I didn't put any money in. So, what happens if you enter no passphrase? Look. It says BTC zero. Zero. So, what this means is that notice it didn't give me an error. It didn't say, hey, your money's not here with no passphrase. Nope, it just said, oh, okay, there's no passphrase. Cool. I'll take you to this seed.
Now. We're going to exit out of here. So I'm going to forget this device. We're going to try another one. Okay. Ready? Give me a passphrase. Guess. My money's on here. Think you can guess it? 1337. All right, let's see. 1337. Let's see what happens. Can you see that I have typed 1337? Yes, front row, you're going to verify for me? Okay, good. All right, here we go. 1337. Enter. And what's the balance? Zero, correct. That's right.
And so you can see that if you forget your passphrase, you could be here forever, typing in numbers, letters, none of that matters, okay? So. I did fund this Trezor in a way that I can show you. But the passphrase is... should I tell you the passphrase? I will. The passphrase is: yes, Bitcoin Wednesday. Ready? Here we go.
Oh, Wi-Fi. Why do you have to make a liar out of me? Okay. Let's try to get back on. Let's try to get back on screen. Do we think this is going to happen? Ha. There we go. Yes, Bitcoin Wednesday. And... What I did was I created "yes, Bitcoin Wednesday" as my passphrase, and I went in and it said zero. And then I selected the receive tab and created a receive address. And then I funded it. I sent some money there, and now the balance is approximately $1.50 US. So this is the transaction going into that.
So, we could go on and on with passphrases. A couple of really interesting things about passphrases. One, if you use them correctly, they can be a really powerful tool to protect your Bitcoin. Why? Because the seed words alone then are not enough to recover your Bitcoin. So if you decide to use a passphrase, you need to have both the seeds and your passphrase in order to actually access your Bitcoin.
Sometimes people use passphrases for duress. And this is an interesting concept. So the idea is if someone comes to you and they say, give me all your Bitcoin. I know you use a Trezor. You can have two different passphrases. One is your duress passphrase that you only have a reasonable amount of Bitcoin in, and you can actually show them and transfer it to them. And then you have your real passphrase, which is where you keep the majority of your funds. So this is one way that people use passphrases in order to protect themselves from things like coercion.
When you're deciding whether or not to use passphrases, please keep it simple. There have been more Bitcoin lost than any of us care to even think about due to overzealous security practices. So I'm going to use this really crazy, awesome PIN and a passphrase, and then I'm going to use 18 passphrases, and then I'm going to use these four devices, and pretty soon, you have no idea where any of your coins are and you can't actually access them. So keep it simple.
One way that you can ensure that you don't forget your passphrase and also that you can actually access your money is to set calendar reminders. I know it sounds nerdy, but it's super easy. If you set a quarterly calendar reminder, like, okay, now I'm going to check my Bitcoin. Is my backup still where I think it is? Can I still access it? If you're using multi-signature, are my signers still there? Is everything still working the way that I planned? And this will save you a lot of heartache in the future, especially if Bitcoin goes to however much people think it's going to go to.
Best practice for passphrases is try not to use more than two. If you use more than two, it gets really, really dicey. And you have a much higher chance of actually forgetting what they are and not being able to access them. Make sure, again, if you're doing estate planning, you may need to tell someone else. And never, ever, ever store your passphrase with your seed backup because then why do you have it? There's no point. If you're going to store your seed and your passphrase together, just don't use a passphrase, you'll be much happier in the long run.
So, we're going to take a little break, and when we come back, I'm going to talk to you about multi-sig. And if you want, I'm going to actually do a Copay demo, but this one's going to be on slides, so don't worry. I'm going to do a Copay demo and actually show you how to set up a wallet, what best practices are and what that actually looks like. And then after I'm done, Andreas is actually going to come back up and give the keynote of the night.
It's not scary, it's not confusing. It's very, very simple. So I'm going to walk you through what it looks like to create a multi-signature address and then to spend from that multi-signature address. Okay, are we ready? Did you guys have a beer? Okay. I'm totally having one after this.
All right. So multi-signature addresses. I'm going to cover why, when, and how. And this is not going to be everything you need to know about multi-sig, but it will be enough for you to start playing with it.
So let's start out with multi-signature addresses. Always start with the three. So most Bitcoin addresses, as I showed earlier, start with a one. A single signer address will start with a one. Multi-signature addresses, or P2SH addresses, start with a three. They all start with a three and that's just how the algorithm works.
So multi-sig today is mostly P2SH, and P2SH is Pay-to-Script-Hash. There was a multi-sig function, and it still exists, but no one uses it. Now the implementation for multi-sig is P2SH. And why that matters is because multi-sig is just one script that you could have hashed. So this is Pay-to-Script-Hash, and the script in this case involves creating a multi-signature address. But there are other sorts of more complex scripting language that you can include in this P2SH format. I'm not going to go into that today. But just know that it's out there.
So what is awesome about multi-sig? What is amazing? Why I love multi-sig so much is because it hard-codes promises. Okay? I don't know about you, but I deal with a lot of people, and being a lawyer, I'll tell you, a lot of people break their promises. And so, what I love about multi-sig is multi-sig hard-codes promises into the transaction, into the address itself.
So what I mean by that is when you create a multi-signature address, and I'll show you this in a moment, when you create it, you designate at address creation how many people are going to be signers and what the quorum is. So, for example, most of the time we see 2-of-3, meaning there are three total signers that could sign, and you need a quorum of two of them in order for the transaction to be valid.
This is a validation on a transaction level. What I mean by that is if I create a transaction that has only one signer, when the quorum is two, the network will reject it as an improper transaction. That's important because in the real world, if you have a check that requires two signers, you can just sign both lines and cash it, right? So this is transactional-level insurance. Right now you can do up to 15 keys, but that's changing, and there will eventually be layered and grouped multi-sig that you can create, but we're not quite there yet.
Some cool things you can do with multi-sig. You can create multi-factor, multi-device security, and that sounds like a lot of "multis." But basically what that means is you can actually control more than one key yourself, and you can do multi-sig without having to have someone else. So you can have a party of three for one.
One of the cool things you can do in a company is you can effectuate separation of duties and separation of controls by using multi-sig addresses within the organization, not just a single multi-sig, but I'm going to show you how you can use more than one multi-sig in order to diffuse control. You can also combine hot and cold keys. And you can use hardware and software wallets together to create multi-sig addresses.
So I think the easiest way to understand this is to look at real use cases. So this is sometimes called multi-factor. And this is where you have one person who creates a 2-of-3 signing account, where one of the keys is a hardware wallet, another is their mobile device, and a third is a recovery key that maybe they created in browser. So you can see that if one person has three keys, they still maintain full control. But if their phone is compromised, if you steal my phone, you can't take my money. Why? Because you also need either the recovery key or the hardware wallet in order to spend any funds from this address.
The next really, really popular use of multi-sig is for escrow or dispute resolution. How many of you are using OpenBazaar? Anyone? Sort of-ish, yeah. So this is really popular on OpenBazaar. OpenBazaar is like an open source peer-to-peer, eBay-ish sort of thing. It's a marketplace. And obviously, with any global marketplace, one of the primary issues that we're dealing with with Bitcoin is trust.
So when you send a Bitcoin transaction, when it's processed by the network, it's irreversible. So what that means is you can't get your money back. If you have a buyer and a seller, you may not want to necessarily send the money directly because you won't be able to get it back if the person doesn't send you the good that they promised that they would. So, many people create multi-signature addresses, where they have a buyer and a seller, and then they have an escrow agent as a third party.
Dispute resolution. I know that some of, there are some lawyers in the room, in case you didn't know. Lawyers, will you boldly self-identify? Yeah, that's right. The two women in the room. What? All three women lawyers? That's right. So anyway, oh, I'm sorry. We have another woman. Are you in law? No, not yet. Okay, so now we have four women, three lawyers. Listen, I got to call out ratios when I see them.
Dispute resolution is a big, big deal for our industry. For those of you who are operating here, you know, Bitcoin is by default borderless. You know that Bitcoin is by default identity-free, and this causes problems. It causes problems inherently in businesses because our laws are governed by national borders.
And so, one of the projects that we're working on with Third Key Solutions is called DAMN. It's the Decentralized Arbitration and Mediation Network. We also have an acronym called DARN or BLESS if you don't like DAMN. But the idea of this is to bring arbitration, which is a globally recognized alternative dispute resolution mechanism, to our industry. And one way that we can do that is using multi-sig and using a third key to allow an arbitrator to sit as a judge. So we can create and include dispute resolution processes in our transactions by way of multi-sig.
Another cool thing you can do is you can bring your investors in on the addresses, and this is something that you cannot do with traditional finance. So with this, you can actually create a 3-of-5 address. And what's illustrated here is you have two investors, two principals of the company, and then a recovery key. This is interesting because you'll notice that if the CEO and CTO want to take money from the capital account, they also need one of the investors to sign off. This encourages communication, and this also makes it more likely, at least in my experience, that investors will invest in companies, because typically, investors give the money, and then they're trying to get updates from management and figure out what's happening with that capital. And if you start using multi-sig in this way, the investors don't actually have to wait and ask. It also encourages upfront communication, which I think is a good thing.
And you can also use multi-sig within companies for project management. So you could fund a specific project and have a lead developer, the project manager, and maybe the CTO as the third key. So you could have a capital account funding an operations account, and have that operations account fund specific projects, where you would only have the lead dev and the PM access the funds that are specifically dedicated to that project.
One of the things that I love about multi-sig is it allows us to have better processes within companies, better processes that help to prevent embezzlement, that help to prevent coercion or loss of devices. Using multi-sig is a great tool to help you retain your money. Not only as an individual, but also as a company.
So now I want to do a quick demo of Copay. And I like Copay because, again, it's open source. And it's really easy to use. It has a very nice interface, I think, and it's free to download. It's available on iOS and Android. It's also available as a Chrome plugin. It also has hardware wallet integration, which you'll see in a second.
So when you download Copay and you open the app, you get this screen here and it gives you three options. You can either create a wallet, you can join a shared wallet, or you can import a wallet. And I had a question on the break about hardware wallets and importing, and I want to talk to you very quickly about that.
So the question was, you know, if I buy this Trezor and I back up the seed, what happens if something happens to this device? Do I have to buy a new hardware wallet? The answer? No. And the reason is because of BIP 39. Because BIP 39 has our seed words and those seed words are compatible with any wallet that uses the BIP 39 standard. So if I were to lose my Trezor, I could buy a new one and I could actually put those seed words onto it. I don't have to; I could instead use Copay, and I could select the import wallet function, and if I did that, it would give me a screen, and it would let me put in my words, and it would say import wallet, and if I did that correctly, without a passphrase, it would recreate my whole transaction history and all of my seeds. So I would be able to effectively recreate my Trezor on my Copay application. Good.
All right. So let's talk about how to actually create a multi-sig wallet. First, you do "create a new wallet" from the very top. And then you want to name the wallet. And you want to name a wallet something you'll remember, especially if you're going to use a bunch of them because I have like 12, and you want to make sure that you have the right ones for the right name. So name it something that actually matters to you.
Your nickname here will be the name that every other signer sees. So you want to make that something that matters. If you're using multi-factor multi-sig, in other words, if it's all you, you don't want to put your name there three times because then you'll be confused as to what device it is. So what you want to do is either reference the device or reference one, two, or three. Make it clear. The nickname needs to be clear as to what key is actually signing.
Then you're going to select the total number of signers, N, and M is how many are required. Oh, I should have told you this earlier, by the way. This presentation, I will email it to you. You can have it. You don't need to try to take notes or remember everything. If you want it, just send me a message. I'm happy to share it with you.
So you're going to go through and you're going to select the number of signers and the quorum, how many are required. And then, if you want to, at the bottom, you'll see, right above "create 2-of-3 wallet," you'll see "show advanced options." And if you were to select that, you would see this dropdown box. And notice that it allows you to enter a recovery phrase. It allows you to pair a Ledger wallet or a Trezor wallet with Copay.
So once you've done that, it'll pop up a share invitation. And I've made this inoperable because I don't want to have a bunch of people scanning and going, oh, here's a joined wallet, and then we'll end up with a wallet that we can't actually recover any funds from. But this is what it would look like. It's just a little QR code and you just send that to the people who you want to join your wallet. If it's just you, you send it to your other device. So you could scan, if you had it on your laptop, you could simply scan with your mobile device the QR code and join that wallet.
Notice at the bottom you'll see "me," which is my first-person nickname. And then it says "waiting." So it's waiting for other co-payers to join the wallet. When you get, after you select the join wallet function, what the person who receives it will see when they select "Join Wallet" is your nickname. So again, they'll select a nickname. And then the wallet invitation, which is simply a QR code, and you'll see "join."
Once you've reached quorum, it'll just say, okay, you've reached quorum. Now we have a wallet. Now it's fully functioning, it's ready to go. And what do you want to do? Test. You always want to test. Always test Bitcoin addresses, even if they're single signers, please. Don't immediately send all of your money to an untested wallet. It's a bad practice.
Instead you want to test. So, what I usually recommend is you take two bucks or less, you fund it from an outside Bitcoin wallet that you have and you start testing all of the possible multi-signature configurations. So if you have 2-of-3, that means you're doing three test transactions. You want to make sure that everyone knows how to initiate a transaction and that everyone knows how to sign a transaction.
Also importantly, process matters here. So while the technology is not going to say, hey, are you sure this request is actually coming from the person that you think it is? You should have processes in place, especially in businesses, that require you to double-check and ensure that this is a legitimate payment proposal.
So, when you create a transaction in Copay with multi-sig, it's called a payment proposal. Why is it called a proposal? Well, because you can't really do anything on your own. So it proposes that we spend this. So you're going to create a payment proposal, and it's very simple. You do it exactly the same way you would pay any normal regular Bitcoin transaction. So you scan the QR code and it says, okay.
The only difference is that one signature is insufficient to actually broadcast the transaction. So what will happen is when you put that Bitcoin address in and you create a payment proposal, it will say, okay, great, payment proposal created. And then your other signers will get a notification on their devices, and it'll say, hey, there's a payment proposal waiting for you. You can either accept it or reject it, and you have those two options. So either accept or reject.
If you accept it, you'll get that little checkmark and it'll say, yay, we sent the money, and you've got a completed transaction. If it's rejected, the proposal is rejected overall, and you won't be able to continue with that.
Any questions? That was fast, I know. What? Is there a time limit on the decision? That's a good question. I don't think so. Not that I'm aware of. Yeah, I don't think so. Now, should there be a time limit on your internal processes? Yes. Yes, you should set internal process time limits and ensure that you don't have someone just going in, maybe your third signer, maybe your fifth signer, and all of a sudden, oh, I see all of these proposals. Yes, yes, yes. So it's important to have business process in place to supplement the technology process.
Notice here that the two signers at the bottom are noted. So it's Alice Attorney and Bob. This comes from an article I wrote for attorneys, trying to convince them to stop using proprietary client trust accounts, and instead use multi-sig, because then the attorney doesn't control all the funds all the time. You can imagine that was wildly popular with my peers.
But this idea of non-custodial escrow, I think, is a really, really powerful tool. And I would like to see it happen. So that's what this comes from.
Finally, I have just one more thing to talk with you about today, and that is CCSS. It's the Cryptocurrency Security Standard. How many of you have heard of CCSS? Oh, more than I thought. Awesome.
So, full disclosure. I'm a board member of C4, which is part of CCSS. This is one of the standards that we've helped to create. But we don't create it ourselves. It's a community effort. C4 is a nonprofit, and we're dedicated to building certifications and standards for the industry.
CCSS is an open standard, and you can go online, you can take a look. Any of you that have companies that are working in the space, I encourage you to do this. It sets best practices for security. So it does things like, hey, you want to create a wallet? How are you generating entropy? What about your key storage? Do you have diverse key storage?
And this is a tool for us as consumers to be able to tell which companies are using good security practices, best practices, industry standards. And so this is an auditable standard that at some point, hopefully this year, by the end of this year, I'm not sure, maybe beginning of next year, we will have auditors that can go out and actually certify that, yes, this person has met the requirements of level one. Yes, this organization has met the requirements of level two, and so on and so forth, just to ensure that basic security best practices are being met in the industry.
These security practices supplement existing standards. So they don't trump, for example, NIST standards. They're there to supplement NIST and ISO standards in spaces where cryptocurrency is unique.
Finally, please create a recovery plan or an estate plan. If you have Bitcoin, it's really, really important for you to do that. One of the things that we like to do at Third Key is we like to create how-to guides for people. We think that it's most important that people learn how to securely store their Bitcoin. And so we've created a couple of guides that are available for free. You can just go to our website, download them, use them. They're Creative Commons.
The first one is estate planning, and it goes through a bunch of different questions that you should ask yourself about estate planning and kind of just a general overall guideline of how to actually create an estate plan for yourself when it comes to cryptocurrencies. And then the second one is developing a recovery plan. And that one is targeted specifically for businesses. So for those of you who are running businesses using cryptocurrency, things like, where are your keys being stored? What happens if one of your keyholders leaves the company? What if your CTO leaves? How are you going to deal with your key material? How are you going to deal with customer funds, all of those sorts of questions? So there's a list of questions that you can ask yourself. And it will help you to develop a good recovery plan.
That's all I have for you tonight. I want to thank you so much for your attention and I hope you enjoy the presentation. I think we have time to take a few questions, yes?
Hi, that's a very clear presentation. Thank you. Thank you. I have just a question about testing the multi-signature wallets. I understood as soon as you have brought your wallets online, so out of cold storage, then actually you have to trust your wallet on the devices. So can you be sure? Do you have a recommended practice for testing the signatures without being online?
Yes. Hardware wallets.
You still have to trust Trezor.
Yes. And I don't trust Trezor then.
Ah, very good. Okay. So, you know, this is the ultimate problem with Bitcoin, right? How do we test and keep our keys offline? One of the things that people do is they diversify their keys in multi-sig. So, for example, you wouldn't maybe use all three Trezors. Maybe you would use one Trezor, one Ledger, and maybe a KeepKey, or a BitLox, or some other hardware wallet, so that you're not actually trusting each individual device.
That's about the best advice I have for you. This continues to be a problem. The thing about hardware wallets is that, especially with Trezor, they are open source. And so I know a lot of people are looking into their source code. And as far as I know, they've passed every single security test. So maybe someone else has a different answer. I don't know.
Yeah, I mean, correct. You can use an offline laptop and sign transactions on an offline laptop. The challenge is, it's really, really hard to do it well. It comes to a belief in the mathematics behind it. Yeah, and good code. Yeah, exactly. But, I think that adding the multi-sig component diffuses that risk. I mean, it diffuses the risk of having a compromise of one device and it diffuses the risk of having your keys online. Okay. Thank you. I wish I had a better answer for you.
What are the criteria to choose hardware wallets? So, I mean, I think number one, open source. I think number two, well-tested in the market. So, I play with all of them, right? I try to get my hands on every single hardware wallet. That doesn't mean that I trust the brand new, the newest hardware wallet and the newest technology with my money, and I don't trust it with my client's money either. So, I think that it's better to go with something that's been on the market long enough to have been tested, at least relatively thoroughly in our industry. But also, I think open source is the most important component of it. And I also think ensuring that it is compatible with other wallets. So when you have wallets that are creating proprietary seeds that aren't using BIP 39 or other standards, I think that's dangerous because it causes an issue with recovery.
Any other questions? You guys just want Andreas. I know. It's okay. Don't worry. Oh, yeah, okay. We got one more question.
You mentioned about the brain wallet, that it is not a good system. What is actually the difference between a good brain wallet and a passphrase or the mnemonic?
Okay, good question. So, humans are really bad at randomness. We think we're really good at it. They're like, oh, yeah, I'll just put my finger on this letter in a book and no one will know. We're really, really bad at it. And so, there are a number... So, for example, if you're doing a key creation, you should have a number of different sources of entropy, different randomness that goes into creating that key. So you don't have a single source of entropy. You have multiple sources of entropy. And so, you don't have that if you're picking your own words. And that's why they're less secure. At least they've been proven to be less secure.
So what actually happens is the key with BIP 39, the key is actually created, and then it's cut into sections, and those sections correspond to a word that's in this specific library, in this specific dictionary. So the word is actually, it's kind of like reverse coding. You have this really difficult string of letters and numbers that represent your key and it chunks it up into different sections and those sections relate to English words so that we can then recreate it. That's a very simplified version, but yeah.
Okay. Good, thank you.