Discover and read the best of Twitter Threads about #SmartCustody
Most recents (9)
At @BlockchainComns we believe that multisig offers superior #SmartCustody over using Shamir's Secret Sharing (which was recently implemented as part of @Ledger Recover). Unfortunately, there are few practical alternatives to sharding a seed, and multisig is complex. 🧵… [1/13]
The first obstacle to multisig is that our experience is that they are too complex for normal usage. We know that even professionals using one of our well-tested secure scenarios find the hour it takes is too long. [2/13] github.com/BlockchainComm…
The second obstacle is that true multisig really is available only for Bitcoin. There are multi-account smart contracts that resemble cryptographic multisig, but they don't offer the same level of hardware security, and each transaction costs gas. [3/13] shivanisb10.medium.com/multisig-contr…
Perhaps my biggest problems with the @Ledger Recover program as it’s currently conceived are that it’s not open and it’s not independent. Users will be locked into decisions that Ledger made, for its own business reasons. [1/12]
The Gordian Principles from @BlockchainComns suggest that digital assets should be held in a way that’s independent, private, resilient, and open. Ledger Recover increases resilience, but that’s it. [2/12] github.com/BlockchainComm…
From what we’re heard, the Recover share holders will actually be requiring KYC checks. That doesn’t just go across our Principles, but also the general ethos of Bitcoin! [3/12]
One of my concerns with the new @Ledger Recover service is that they appears to be sharding via Shamir’s Secret Sharing, but doing so in a proprietary way and possibly in a naive fashion. We don’t know, as it is not open source. [1/11]
Obviously, Shamir’s Secret Sharing has a long history and is widely used, but it also has real drawbacks. As we’ve written at @BlockchainComns, one of the biggest dangers comes in reconstruction. [2/11] github.com/BlockchainComm…
Eavesdropping, trojan-horsing, or just faking authentication for the seed holder can all lead to a stolen seed! The process of restoring the shares, reconstruction device is a serious single point of compromise. And then there are concerns with how you distribute shares! [3/11]
Bitcoin has quadrupled in value in the last year, which makes #SmartCustody more important than ever. Your holdings might now be worth more than you think. How secure are your digital assets? [1/10]
You could choose to store your keys in hot wallets, which are directly connected to the internet, or in cold storage, which takes them offline. Each has its own advantages and limitations. [2/10]
The #SmartCustody process teaches you how to use cold storage safely and securely, so that you can protect your digital funds yourself. Though emerging tools are changing the landscape, this process remains today the best way to manage self-custody. [3/10] github.com/BlockchainComm…
#SmartCustody Adversary — Convenience
Our first adversay in category “Loss by Mistakes" is CONVENIENCE. It sounds, well, convenient, doesn't it? But it is a real adversary because focusing on it instead of safety or security can cause you to lose your digital assets. (1/8)
Our first adversay in category “Loss by Mistakes" is CONVENIENCE. It sounds, well, convenient, doesn't it? But it is a real adversary because focusing on it instead of safety or security can cause you to lose your digital assets. (1/8)
CONVENIENCE is an error that arises from your decision to ignore your normal security procedures. Yet that decision might be for entirely good and pragmatic reasons. (2/8)
If you're on the road, cold storage might not be accessible, or it might be vulnerable to theft. If you're frequently trading, you might need access to your cryptocurrency in a easy and quick manner. CONVENIENCE is important, but can be also dangerous. (3/8)
#SmartCustody Adversary — Disaster
DISASTER! Its motivation? "I want to destroy. I want to crumble and burn. I want to ruin with water, to blow things into the air. I am bombs, bullets, and explosions. I am sudden and unexpected but disastrous destruction." (1/9)
DISASTER! Its motivation? "I want to destroy. I want to crumble and burn. I want to ruin with water, to blow things into the air. I am bombs, bullets, and explosions. I am sudden and unexpected but disastrous destruction." (1/9)
This is the third adversary in my #SmartCustody book about protecting your cryptocurrency and other digital assets. And the motivations certainly explain the ways that you could lose your private keys. A house fire, a flood, a tornado, a war. (2/9)
When researching for my book, I heard the story of someone who religiously printed his keys to paper wallets. Every quarter he'd reprint so the ink didn't fade (and would then shred the previous one). Unfortunately, he kept those keys in the basement. Which flooded. (3/9)
#SmartCustody is an ongoing project of @BlockchainComns, a blockchain infrastructure support organization. In it we share the best practices for the use of advanced cryptographic tools in improving the care, maintenance, control, and protection of your digital assets. (1/14)
In the 1st edition of #SmartCustody we detail best practices & default storage scenarios, offer an exercise for you to learn how to model digital asset flows, create a risk model, do an adversarial analysis, and use these tools to modify your personal storage scenario. (2/14)
These resources, paid for by your fellow patrons in the Bitcoin and cryptocurrency digital-asset community, are available for free in the PDF bit.ly/SmartCustodyBo… and at cost in a print-on-demand book bit.ly/SmartCustodyBo… (3/14)
Our new FREE book “#SmartCustody: The Use of Advanced Cryptographic Tools to Improve the Care, Maintenance, Control, and Protection of Digital Assets” published by @BlockchainComns written by myself & @Appelcline is available TODAY! bit.ly/SmartCustodyBo…
Your digital assets are more vulnerable you might think. They could be stolen by hackers, extorted by the mob, expropriated by the government, or lost by you!
The #SmartCustody book details what you need to ensure that you don't lose your Bitcoins, your Ether, or your self-sovereign identity. It teaches you how to protect your digital data and cryptocurrencies with procedural solutions.
#SmartCustody—Are you considering all possible threats to your digital assets? Do you have comprehensive procedures to assess your risk profile? We (@anguschampion, @kanzure & I) will be hosting our 1st workshop on Tue, Jan 29 at @Blockstream in Palo Alto: eventbrite.com/e/smartcustody…
Adversary: Active Network Attack
Motivation: “I know you personally have cryptocurrency, and I want to steal it. I will use my expertise with programming or with hacking to attack you on the internet, and then your bitcoin will be mine.” eventbrite.com/e/smartcustody…
Motivation: “I know you personally have cryptocurrency, and I want to steal it. I will use my expertise with programming or with hacking to attack you on the internet, and then your bitcoin will be mine.” eventbrite.com/e/smartcustody…
Adversary: Bitrot. Motivation. “I am entropy writ large. I want to break down your storage, crash your hard drives and degrade your optical media. I want to prevent your computers from booting, your programs from running, and your data from reading; in the end, I always win.”
