Oddbean new post about login | logout The only reason I don't agree, is because I think a distributed multisig setup is a lot to ask of someone who just bought their first 100k sats. Like anything in Bitcoin, security should be a journey that grows as your gain conviction. This isn't to say that I didn't set up a distributed multisig for my early sats, but I think it's a bit to ask of someone who is brand new. Anyone who holds >5% of their net worth in sats, and has been here for over a year should definitely be exploring multisig though.
Holding a smaller amount wouldn’t be about distributed multisig, it would be about service based multisig. I’m not saying there is one size or one setup, I’m saying that the various levels of security and self custody should be met with different kinds of multisig. In the case of someone who just bought 100k sats, maybe it’s a 2/3 with their phone, their spouse (or another device), and the wallet provider? —— I just think the design mentality should be “so what multisig would be best for this user’s situation and skill level?” 🤔
This is the correct take. Multisig everything, but solve for the difficulty on the design side. As a non-dev, I often overlook the "just make it better" solution. Lol.
I'm not sure if it would be profitable from a business perspective, but I'd like to see different multisig-as-a-service models. Imagine a Bitkey-esque solution, but where instead of needing to buy a new hardware device, Bitkey holds a key, the app on your phone holds a key, and a trusted contact holds a third. Imagine if exchanges embraced multisig for their clients, but in a shared custody model that didn't require new entrants to the space to purchase new hardware... nostr:nevent1qqsgetnrngvhm9hwgxp5s9hcznsup2k0kvuhmk09pzakv9qm8qrs3qcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsyg9euaj5dwsxg4hdxqweu54uf8ay3ec2d0ezs2l85xh899rkzgprmspsgqqqqqqslh8chq
Damn it. Now I might have to write an article about this...
You could have the additional key be offered by the person who onboarded you too 🤔 Like an “affiliate + key assistance” system. As long as they understand the trust model, this could be an interesting idea. Also I think a way to hold the “backup” key with a friend or spouse using Apple keychain or Google password whatever would be critical. I think having them use an entirely different app and download it would be a bit friction for someone who didn’t have any bitcoiner friends. But if you could have a way to have a secure keychain encrypted key or something, and your wife or friend could just scan a QR and unlock something for you, that would be good UX. They wouldn’t even have to know what keys are being used or where. They just know that their Apple account has the keys to help get your coins back. 🤔🤔 Something there I think.
I love this idea. Ties in well with WOT concepts. Additionally, id like to see this software signer take the form of an open source app that would work across any exchange or service that supports it. Think something like Amber or nos2x, but for Bitcoin keys (obviously never for single-sig). The app would also house configuration files for the multisig wallets it contains keys to, and would reject any attempt add additional keys from the same multisig as a security measure.
There will always be a place in the market for companies to hawk their specialized secure hardware signing devices to the "paranoid crypto anarchists", but we shouldn't let our individual willingness to pay for hardware solutions quiet our demand for better security models for new entrants to the space who aren't going to buy dedicated hardware immediately. https://image.nostr.build/9a1dc3bd1156843fb9e2c1d361df1134e9c43dc82d73bb984f08e5a28f35a3fe.jpg
That's why bitkey is great for newbs, especially if they're stacking in size
I think when someone just bought their first 100k sats is the best time to teach "ultimately, you're responsible for protecting your keys". Conversely, "Don't worry. If you screw up, your spouse might be able to bail you out." seems like the beginning of forming bad habits.
I think that's a little like saying that using training wheels is setting people up for not being able to ride a bike. I think making the presumption that learning and taking responsibility aren't incremental processes (when i think there's ample evidence that it is like any other learning process) is a great way to just get a lot of people to be too afraid to take the first step, imo.
Hmmm.. I'm not sure that relying on shared custody does much to teach self custody. Using training wheels does in fact teach balance to ride a bike. Regardless, if I don't want people too afraid to take the first step, I'm suggesting something like a singlesig wallet app on the phone they likely already own; not purchasing at least a 2nd signing device (either for themself and/or their spouse) in addition to having to sign up for some sort of assisted custody wallet service. Remember, the premise here is that we're only talking about a mere 100k sats at first. I think most newbies on the fence about dabbling in so little would be completely turned off by any relatively significant additional investment and enrollment process just to do so. Learning can certainly be an incremental process. That process ought to be learn singlesig; then you can learn multisig, imo.
