,
33 tweets,
9 min read
Read on Twitter
1/30. Managing bitcoins, or their private keys, is still non-trivial after over 10 years of existence. And yet, it's one of the most essential concern of the space.
Let's dig into this! I put the core headlines in the thread below 😎
Full read here: thib.ca/managing-bitco…
Let's dig into this! I put the core headlines in the thread below 😎
Full read here: thib.ca/managing-bitco…
2. First principles: owning a bitcoin actually means controlling the underlying private key that secures it.
3. Bitcoins are securely stored on a globally distributed ledger, which is replicated and synced across anyone who wants access to it to verify how bitcoins are moved within the network.
4. A Bitcoin private key is a 256-bit data unit, often represented as an hexadecimal string, which can be understood as a digital bearer asset with intrinsic financial value.
5. From generation, to storage and utilization, private keys deserve delicate care and extreme caution.
6. Exclusive control of private keys, echoing with rightful ownership, is primordial for bitcoin owners. But self-managing private keys brings an unusual responsibility.
7. Bitcoin transactions while traceable are irreversible, leading to permanent losses with no legal recourse to authorities or financial protections.
8. Multiple improvements were released by individuals, open source projects and companies, making bitcoin private key management much easier.
Thanks @Blockstream @wasabiwallet @SamouraiWallet @unchainedcap @CasaHODL @hodlwallet @GlacierProtocol and so many others!
Thanks @Blockstream @wasabiwallet @SamouraiWallet @unchainedcap @CasaHODL @hodlwallet @GlacierProtocol and so many others!
9. Today, most bitcoin owners still leave private keys on online custodial wallets such as exchanges after having acquired bitcoins, delegating full control of their private keys to trusted third parties.
10. Multiple custodial exchanges have lost customers' bitcoins in the past due to hacks as they turn into honey pots for hackers, or internal collusion jobs.
@MtGox being the most obvious, but unfortunately far from being the only one.
@MtGox being the most obvious, but unfortunately far from being the only one.
11. Many web, mobile and desktop wallets also have full custodial control of their users’ bitcoins, which introduce similar risks than with exchanges.
12. Self-custody of bitcoin private keys is therefore the most advisable alternative to eliminate reliance on non-trustworthy third parties.
13. Bitcoin’s architecture design using public key cryptography allows users to be sovereign by self-managing their wealth in an effort to cut the overwhelming dependence on trusted financial institutions such as banks.
14. Non-custodial desktop wallets can be "lightweight", meaning they need to be connected to a full-node of the Bitcoin network to verify transactions.
15. Full nodes are used in Bitcoin to verify transparently the transactions that are happening in the network, without trusting an intermediary.
16. Using Simple Payment Verification (SPV), non-custodial wallets ask full-nodes to verify specific transactions.
17. Other desktop clients have "full-verification nodes", which requires users to download Bitcoin's entire blockchain transaction history without requiring any external full-node for verification.
18. Bringing better usability, mobile wallets are by default “lightweight” wallets due to their hardware memory and bandwidth constraints.
19. Companies have developed specialized hardware products to make it safer and easier for owners to store their bitcoins independently of any trusted third parties, while reducing risks of traditional desktop and mobile wallets.
20. Even with added security features, multiple cases of losses and thefts occurred in the past.
21. In case of physical loss or destruction, hardware wallets have backups that need to be stored separately and offline to minimize risk exposure to theft and loss, which involves operational and physical security.
22. Floods, fires, earthquakes and other catastrophic events may very well destroy the backups users are storing in their homes or workplaces.
23. Redundancy and splitting of backups across geographies is advisable, which introduces other risks and dependencies.
24. Open-source software and procedures, such as @GlacierProtocol, a protocol for high-security bitcoin storage have been released by the community in an attempt to create an industry standard.
25. This is a deep cold storage, which involves machines that have never been connected to the Internet and never will with one-time disposable hardware.
26. With the rise of Bitcoin's market cap in 2017, institutions have showed interest in the safekeeping of bitcoins with novel configurations. With the segregation of duties between investing/custody, custodians have emerged as a quality interim solution to bring institutions.
27. Multiple signing authorities can be required to execute Bitcoin transactions with P2SH (pay-to-script hash) at the base protocol layer that has been available since the early days.
28. Multiple developments are currently happening for bitcoin private key management in an effort to blend security with usability and user sovereignty.
29. It has only been 10 years since Bitcoin’s birth so the industry still deserves additional infrastructure development for Bitcoin private key management.
30/30. Perhaps in 10 years, most Bitcoin hodlers will be able to securely manage their private keys without knowing how the system operates.
FIN 1/2 Owing a lot to @anbuteau, @mrcoolbp, Allen who reviewed early draft versions of this writing, and specifically to @sunknudsen and @ZanePocock with whom we're trying to make bitcoin private key management better for us three. More on that later I gues...
FIN 2/2
Learning everyday from the best! Helping us shape a better understanding of Bitcoin for security, privacy, usability and many other things!🙏
@JackMallers
@giacomozucco
@francispouliot_
@LukeDashjr
@lopp
@starkness
@valkenburgh
@nic__carter
@fernandoulrich
@LarryBitcoin
Learning everyday from the best! Helping us shape a better understanding of Bitcoin for security, privacy, usability and many other things!🙏
@JackMallers
@giacomozucco
@francispouliot_
@LukeDashjr
@lopp
@starkness
@valkenburgh
@nic__carter
@fernandoulrich
@LarryBitcoin
And @_benkaufman for the review!! 😬 thanks bud
