WBD260 Audio Transcription
How to Protect Your Bitcoin with Nick Neuman & Jameson Lopp
Interview date: Tuesday 15th September
Note: the following is a transcription of my interview with Nick Neuman & Jameson Lopp. I have reviewed the transcription but if you find any mistakes, please feel free to email me. You can listen to the original recording here.
In this interview, I talk to Nick Neuman and Jameson Lopp, Casa CEO and CTO. We discuss how to secure your Bitcoin, the types of attacks that you need to be aware of and Casa’s multisig solutions.
“The definition of easy for an early Bitcoiner, cypherpunk is much different than the definition of easy for somebody who is just getting started with Bitcoin.”
— Nick Neuman
Interview Transcription
Peter McCormack: Right, here we go. Welcome to the show, Nick, you haven't been on before. How are you doing?
Nick Neuman: Yeah, good. Thanks for having me on, Peter.
Peter McCormack: Not a problem. Good to see you again, Lopp. It's been a while, mate. We used to do this quite regularly. Last time I did this with you, I was in Lubbock, Texas.
Jameson Lopp: I've lost count of how many times we've recorded something at this point.
Peter McCormack: We've done a few. The first one was like nearly three years ago now. So anyway, welcome to the show. We have a bull run situation, looking like we might be in one, so it is a perfect time to dive back in to talk about security again, remind everyone. We'll cover a bunch of stuff we've covered before, Jameson, but I think it's time to get back into that and talk a bit about security. And also, Nick, I think it's time for people to get to know you a bit. I mean, you're now the CEO of Casa; how long's that been?
Nick Neuman: Yeah, it's been since about really December of last year. We announced it at the end of January this year.
Peter McCormack: And how's that been going for you?
Nick Neuman: Great. I mean, the team is doing really well, the company's doing really well and so, especially as we focus down on just security and making sure that we really were focussed as a team, as a company, for providing the best security for bitcoiners, that's really paid off in terms of people understanding what Casa does.
Peter McCormack: Yeah, I think some people were a bit disappointed on the node going, but I kind of understand why you did it, why you made the choice. But anyway, welcome, Nick. We've been getting to know each other probably since then actually. I think we spoke about December, so it's been good to get to know you.
So, let's get into the security stuff because, you know, I'm now a Casa customer; we're going to talk about that, we'll get into that. But, let's cover some more of the Security 101 stuff and I know, Jameson, we've done this before, but there are new listeners since we've done this before. I think the show's probably doubled in size and some people don't take this as seriously as possible.
So, a good starting point, Jameson, is that privacy and security are linked. They're two things you have to consider at the same time. So, do you want to break down for people why privacy and security, you have to think of them as one holistic exercise?
Jameson Lopp: Well really, the question comes down to the attacker, you know; what are you trying to secure yourself against? And, in order to try to minimise the attackers and the range of different types of attacks that you have to worry about, a strong privacy model can help you there, because you can essentially hide from certain types of attackers. If they're unable to easily find you, then that provides some security, you know, through obscurity.
But, the real issue, I think, with privacy is how complicated it is, and it's its own rabbit hole. So, at Casa, we focus on security and usability, and privacy, I would say, is like a secondary thing that is like a nice-to-have because it bolsters your security. But, we have found that in general, it's easier to get people into a really strong security model and then after that, we can try to make it even better by adding various privacy-enhancing techniques on top of it. It's just privacy stuff tends to be a lot more work; you have to keep it in the front of your mind. Whereas, with security, there's more stuff where you can just set it and forget it in many cases.
Peter McCormack: Yeah, it's funny. I've never been particularly good on my privacy, but the kind of job I have, you have to be out there and talking to people; and, I've just not been very good with it. And now I am -- this is going to sound like an advertorial for Casa, but now I have Casa, I actually give less of a fuck because I'm less worried. So, we should talk about the product actually and why that is.
Normally when we do these shows, Jameson, we normally go through all the privacy and security stuff outside of your Bitcoin first, but I think I want to start with Bitcoin this time. I want to dive in and then talk about the other things people should do. So, would you say bitcoiners are particularly at risk, or have a specific type of risk they need to be prepared for?
Jameson Lopp: Well, there are a lot of the standard risks that anybody needs to worry about when it just comes to data or using the internet. The internet, in general, is a huge privacy and security nightmare. But, the real problem with Bitcoin and digital bearer assets is that they are a very tantalising target for remote attackers. So essentially, it changes the risk/reward ratio.
Where traditionally, if someone wanted to steal a lot of money from someone or an entity, they would have to physically go and coerce them; rob a bank, rob a person, rob a business, whatever. And, there is a lot of risk to doing that. There is a potentially high reward, but you are essentially putting your own life in danger. Whereas now, when you can reach out and remotely hack someone and steal a small amount of information from them, these private keys, you can then transfer potentially huge sums of money in a matter of seconds. And the physical risk to the attacker is a lot lower.
So, this is something that as the world is changing, attackers are also changing their own perspectives, they're testing out the different risk rewards in these new scenarios and that's why, for bitcoiners, this is a very dynamic environment. The new types of attacks that we're seeing, they're constantly changing. Education is a big part of this space and basically, keeping our clients, keeping people in the ecosystem in general up to date with what the latest, most sophisticated attacks are that they need to worry about.
Peter McCormack: I know you have that GitHub, but are you still maintaining that GitHub page?
Jameson Lopp: I'm technically maintaining it though on the bright side, there have not been many physical attacks, at least in 2020, that have happened. And perhaps part of that is due to the --
Peter McCormack: No one's allowed out! No, because one of the other things I was going to ask is, I'm wondering does anyone track the number of kind of Bitcoin hacks, stolen Bitcoin, and are we seeing this trending down as people become more aware of security and people have better practices; do you know if that goes on?
Jameson Lopp: There are a number of different articles and projects that have timelines of Bitcoin and other crypto hacks in general and it seems like, in terms of Bitcoin, as a unit of account, value being stolen, I think that's going down. But, in terms of fiat value and total number of attacks against various exchanges and other entities, that seems to be continuing to creep up. And especially as we enter what looks like it's going to be a bull run, the obvious implications of that is that it's going to get more attention from people who have never tried to pull off attacks in the crypto space before.
So, we should expect that we're going to see essentially new types of Black Hats, you know; security researcher folks who are going to come in and they're going to experiment with new types of deception, new types of technical attacks, and as a result, it's only to be expected that we're going to see more and more amounts of value get stolen during the bull run and then inevitably, there will be a sort of correction where the ecosystem absorbs the knowledge of all of the things that happened, and sort of shores up its defences.
But, this is a constant cat and mouse game; it's always going to keep ebbing and flowing; and as the amount of value on the line continues to increase, that is going to continue to result in more novel types of attacks, especially attacks that cost more to pull off start to happen because once again, the reward will become even higher, so it will make sense to do costlier attacks.
So, some examples of that were just a recent one, it looked like there was a 51% attack against the OKEx exchange with Ethereum Classic. And, from what I was reading, they just did a report, it looked like the attackers actually deposited over $1 million worth of zcash into the OKEx exchange before using it to essentially launder and do a 51% attack of Ethereum Classic against the exchange. So, they ended up getting their zcash and their Ethereum Classic back and, I think, got over $5 million, which is a pretty good ROI!
Peter McCormack: Yeah, pretty good!
Nick Neuman: Yeah. And, one thing to add on to that is that what makes the headlines is the big exchange hacks like last year, the Binance hack, where there was a bunch of Bitcoin lost. But, what actually is probably, especially as we get into a bull run and more new people come into the space, what's going to happen more is that people get phished and their coinbase account is stolen. And so, there's actually more of a risk to individuals generally from things like phishing, SIM swapping and just individual targeted attacks, where an attacker can get access to their exchange account and just suck the money off the exchange and it's gone forever.
Peter McCormack: Right, okay. Nick, what were you doing before Casa?
Nick Neuman: Before Casa, I was really working in finance, so I did finance, which was investment banking and private equity, kind of on the investing side. Then, I went into the start-up world and was actually working at a travel tech company called Grab. That was when I fell down the Bitcoin rabbit hole, started getting involved with Bitcoin and private key management and security, so that's how I got involved with Casa.
Peter McCormack: How big was the learning curve when you joined Casa, in terms of considering for the security and multisig, like how big of a learning curve was it for you?
Nick Neuman: So, I joined before we even had our product out, right, and so before Casa had already been working on some private key security and usability projects, and so I was relatively familiar with private keys. And so, I kind of was able to hit the ground running when I joined Casa with Jameson and Jeremy, and that was really beneficial for me because before becoming CEO, I was head of products, so I was leading the launch of what was then Keymaster, now the Casa app. So, there wasn't a huge learning curve for me, but it is still a complex topic and that's why Casa was created and is successful, is because private keys are hard and we're just trying to make it easier.
Peter McCormack: Yeah, that's a really interesting point on the easy side of things. I've got two experiences of multisig; there's yours and Unchained Capital's. And no disrespect to Unchained; I love those guys, I love what they do, big fan of Parker Lewis. But, that was a very kind of manual process to set one up. I don't know if you know, I've got a bet on the election with American HODL. So, we set that up in that and it's very cool, but I could not have done that on my own, right.
And then I've obviously got experience of setting up the Casa, and the Casa one is obviously very much designed for people like me who don't have to think about private keys; it's all just kind of done for me. And it was one of those things, it's so funny; it was one of those things you always put off in life. You're like, "I'll do it another day", just because it seems so much. And now it's done, it was quite a relatively simple process to go through. The harder process wasn't actually setting it up. The harder process was like, where am I going to hide these; where am I going to distribute these keys? That was the real challenge, and thinking through that.
Nick Neuman: Yeah, and that's why we have the client service side of our business, is we realise people aren't thinking about security every day for their job, like we are at Casa. And so, by offering our client services, we can really help people benefit from our knowledge, but not have to do all of the work themselves. So, they've got somebody that they can talk to and ask, "Hey, where do you think I should put these keys; can you help me think through that?"
And so, the way we've built Casa really, from the ground up, is to make sure that we think from every angle about the security and then can build those best practices into our offering for our customers, so that they don't have to think about it. And we try to be as helpful as possible with their own security setups so that they can feel secure, but not put in the hours and hours of work that it used to take.
Jameson Lopp: Security is a very personal thing. There are a ton of decisions to be made and each of those decisions has trade-offs with the risks. And it's usually a trade-off of risk versus convenience; that you have to decide what you're comfortable with personally. On the technical side, we get a fair amount of pushback from especially more technical folks, or people who've been in the space a long time, of, "Oh, multisig, I mean that's just a standard part of the protocol. Anybody can set up multisig". And, they're correct in the sense that we're not reinventing the wheel; we're not doing anything novel at a protocol level.
Really, what we're doing and what you probably noticed with your own experience, you know, comparing and contrasting different interfaces, is that Casa actually doesn't give you as many options. It's not a super advanced, you know, you have 100 different things that you can tweak in the interface. And we believe that's because one of our tenets is that simplicity and usability is actually a big part of security. Because, I would say that one of the big things I learned during my time working at BitGo and seeing a couple of different incidents happen there, is that BitGo was a more advanced, enterprise-based solution; there were a ton of different things you could configure with the setup; and inevitably, the various BitGo customers who did get hacked and lost money, it was always because of the decision that they made and how they configured things, how they were managing stuff on their end. It was never an issue of BitGo and BitGo's infrastructure getting compromised.
So, that's what kind of led me to the conclusion that we need to build the guide rails into the user experience, to essentially eliminate a lot of those footguns.
Peter McCormack: Well, I know what I'm paying for. I bought UX and customer service off you; that's what I'm buying, in my head. And actually, we should clear something up as well, Nick. You offered me the product for free, right?
Nick Neuman: Yeah, well I did because we were talking about the sponsorship stuff and I figured it would be good to get you to test it out and you were like, "Hell, no, I want to pay for this thing!"
Peter McCormack: Well, do you know what, I'll tell you what I did; I don't know if I told you at the time. The reason I did it is because it's an annual price, right, so I wanted to know if I valued it next year and I wouldn't know if I valued it next year. Maybe I could just twist your arm next year and have it for free! But, I wanted to know if I valued it, so I wanted to pay for it and I also wanted to know which one I wanted to pay for, because the diamond was just a bit too expensive for me. But, I wanted to pay for it.
But, I know what I'm paying for. I'm paying for the interface, the UX, of what it does, which is brutally simple and by the way, looks good, which is rare for Bitcoin. But also, I'm also paying for the customer service, like helping me kind of get a setup, make sure I just make some correct decisions. And I've been waxing lyrical about Casa since because now I've done it, now I've gone through that process, I've distributed the keys, I've set it up, I have that total peace of mind now that I've got that kind of, "That wasn't hard; that was actually quite easy". And actually, Jameson, it isn't easy what you've done to do; there's a lot of complexity?
Nick Neuman: Under the hood, there's a lot going on that is very complex and so that's why, you know, it's taken a lot of work to actually make this a very easy solution for people to use. And so, it's something that I think is not easy for other people to copy.
Jameson Lopp: That's where the value comes in though. We've had some really OG advanced Bitcoin adopters come to us who had actually replicated a decent amount of the same setup that we offer, but they just weren't comfortable with the amount of maintenance that was required to stay on top of everything and continue to make sure that what they had setup was still up to date and working. So, just little things like building cryptographic health checks easily into the app to make sure that your keys are still working; things like that that become valuable and are fairly difficult to replicate on your own, unless you're a software developer.
Peter McCormack: Well, yeah, but I just want easy buttons; I just want to press that button; and that's it. It's a bit like when I try to use Samourai. Is it Samourai Wallet that has a CoinJoin?
Nick Neuman: Yeah, yeah.
Peter McCormack: You had too many options. It was like, you had the anonymity sets and I was like, "I don't know what that means"; just all these options. I just wanted like one button that said, "CoinJoin".
Jameson Lopp: "Make me anonymous"! "Launder my money"!
Peter McCormack: No, Jameson, come on!
Nick Neuman: No, but that's where we're really trying to sit as a product, is we think that people aren't going to -- holding your own private keys is super important for the success of Bitcoin generally, but the average person isn't going to do that unless you make it easy for them to do. And, the definition of easy for an early bitcoiner cypherpunk is much different than the definition of easy for somebody who is just getting started with Bitcoin. And so, we think this is a really critical spot that we're sitting in as a company, to help bring the company, to help bring more people into Bitcoin and give them the best practices from day 1.
Peter McCormack: Well, look, I want as many people to sign up as possible, not just because you're a sponsor, but I just think it's prudent and it's sensible right now.
But, let's go back a step. Not everyone will fully understand what we're talking about. Let's keep it basic, because you know I like to do this for my audience. Jameson, can you just explain to people what multisig actually means because, I'll be honest, I actually had an idea in my head, but I didn't know fully what it meant before I actually set up with you guys. Explain to people what Multi-Signature is?
Jameson Lopp: I will not explain it to you at a technical level, but instead will give you a nice analogy of anyone who is familiar with, say, a safety deposit box at a bank. You know that they give you a key to that safety deposit box, but it's not just you go into the bank, you insert the key and turn it. There's actually two different keyholes in that safety deposit box and one of those keys is held by an employee at the bank. So, this is essentially a multi-signature operation that's required. You have to have two different authorised keyholders that sign off on opening that safety deposit box.
It's really the same thing, but at a cryptographic level, in the Bitcoin protocol where we're saying that when we put Bitcoin into a certain address, into a certain cryptographically redeemable script that locks it up, that in order to unlock that money and spend it, you need more than one key to sign off on it. And with Casa, we have a couple of different technical setups, but our flagship offering is a three out of five multisig, which means there's five different keys, they get distributed around a diverse set of locations and are stored on a diverse set of hardware and software; and, if you want to spend from that vault, you actually have to get three of those different devices and plug them in and add the cryptographic signatures before you have a Bitcoin transaction that will be accepted as valid by the network.
Peter McCormack: Okay, so that's still technical in some ways. Because this was the thing I didn't know before I used it. I was like, okay, I understand it's a multisig, but if I actually want to move Bitcoin, what do I - like, I know now, so I'm going to let you explain it, but what is the process that I go through with a multisig? Because, I think a lot of people listening will certainly, as a minimum, they will have had Bitcoin on an exchange and hopefully, moved it off, moved it into a hardware wallet, right? So, they'll be used to that process of doing that, and they'll also be used to that process of maybe moving it from a hardware wallet back to an exchange. So, they'll be used to that process of creating a transaction.
But, most of the time when you do that, you're just pressing buttons on a Ledger or a Trezor. You don't actually realise yourself you're signing something in your head. But when we talk about multisig, we say you've got to sign three. So, in layman's terms, tell people the process they go through.
Nick Neuman: So, it's basically like, think of signing as approving. So, when you send from your Ledger, you're saying, "I approve this money to be sent to Coinbase, or wherever you're sending it. So, to do that, you plugging your Ledger into your computer, pressing a few buttons and then the transaction goes off to the Bitcoin network.
With Casa, what you're doing is instead of doing it all on the Ledger, you've got a mobile app and the mobile app lets you type in, "I'm sending $5,000 worth of Bitcoin to Coinbase" and then you are saying, "start". And so, after you hit start, this is when you start approving it from your hardware wallets. So, first you'll approve it from your phone, which happens automatically after face ID, and then you'll approve it from a second hardware wallet; maybe it's a Trezor, maybe it's a Ledger. And all that requires is plugging your Trezor into your computer and hitting a few buttons. It's just as easy as if you're using -- I actually think it's easier than if you're using their interfaces, the Trezor/Ledger interfaces. And then, you're doing that a third time with a third device. And then after that, the transaction goes, because it's been approved by three devices.
So, the key here is what this does is it means that from one hand, if you have your Ledger stolen for example and someone knows the PIN, they could just use that to steal your money. Well, with this, if one of your keys gets stolen, they can't do anything with it; they need other keys in order to actually steal any funds from you. But more importantly, and what people really discount, is the risk of loss. So, since you've got five total keys, but you only need three of them to send funds, you have a room for error; you have margin for error. So, we're all humans and we're all going to make mistakes and previously, private keys have all been about, make sure you protect this one key with your life, or else you're screwed.
Well, Casa's built so that it's okay if you lose one of your keys; you've got your other keys to back you up. And so, that gives people a lot more peace of mind and a lot more room for error, because you're going to make a mistake, but it's okay. So, that's really how things work and that's why it's built the way it is.
Peter McCormack: Well, we should probably say also, so people know; if you lose one, you can swap it out?
Nick Neuman: Yeah, you just swap it out for a new one, but you've got the other keys remaining to actually help recover those funds.
Peter McCormack: Let me tell you what really fucked with my head to begin with. So, when I first set it up, there was a moment where I had to just take a little walk and work it out in my head. Like, I knew what he was saying was correct; it was the fact that strictly speaking, you don't need to back up your private keys?
Nick Neuman: Yeah, that's the other piece that's kind of magical here, right?
Peter McCormack: Yeah, but that screwed with my head, right? I'll tell you why. I told Jameson about this. I have this little Jameson that sits on my shoulder sometimes that says, "Pete, don't fucking do that, don't do that, you're going to fuck up!" And one thing that's been on the back of my mind is, for a long time, my Bitcoin was on a single hardware wallet and the key was backed up, right, and I don't mind talking about it now, because I don't use it anymore. It was backed up on a piece of paper hidden in the house, right, okay?
Jameson Lopp: Very secure against an evil maid attack!
Peter McCormack: Yeah, but they would never have found this. And then, I was at that point I was thinking, right, I need to write it down in two places to distribute it. But then I was thinking about the house burning down and I just kept thinking where I need to put that private key. But, I went through this setup for Casa and the guy who was helping me setup said, "Yeah, you don't need to write down the private keys". I was like, "What? What do you mean? What if I lose them? This goes against everything I've been taught!"
Nick Neuman: Yeah, but it goes against everything you've been taught as a bitcoiner, but think about it from the flipside of people who are not bitcoiners. It goes against everything they are used to, to have to write down this random 24-word phrase on a piece of paper. Don't put it on your computer, it can't be on an internet-connected device; put it on a piece of paper and hide it somewhere safe. Well, who knows what "somewhere safe" means?
So, we're trying to build this in a way that you don't have to worry about those seed phrases, because this makes it much more accessible to the average person as they're coming into Bitcoin.
Jameson Lopp: I have a lengthy blog post about our thoughts around what we call "seedless setups" but suffice to say, there are some backups of some keys. We automatically encrypt and backup your mobile key in a way that you don't have to worry about getting that hacked off of cloud storage. We also, of course, have backups of the Casa recovery key. And so, then there are some individuals who think through the extreme scenario of, "Okay, well what if all three of my hardware devices got destroyed simultaneously; what would I do then?"
Well, in that case, if that's something that you're worried about, we would recommend that you could backup one of your hardware device seed phrases on some metal or something and throw it in, maybe a safety deposit box that is extremely physically secure because then, even if that one seed phrase got compromised by an attacker, they wouldn't be able to do anything.
Peter McCormack: You've got to really try hard to fuck this up!
Nick Neuman: Yeah, and that's the goal, right. Put in the rails to make it really hard to mess up.
Peter McCormack: Yeah. I mean, I don't think I would want to go back down to the two or three because of this, because with the two or three, you know, it's better than having one wallet, right, one hardware wallet, but there's just a bit more room for error, just that tiny bit more room for error. So personally, I wouldn't go back to that.
Let me ask you something, Jameson. So, the one thing I worry about since this, I was like, "Okay, what if Casa screw up; what if there's like a bug that goes into the app and could a bug go into the app that means that I end up locking away all my Bitcoin?" Is that a possibility?
Jameson Lopp: Yeah, you know, this is one thing that scares me a lot when I think about when I think about Bitcoin and singlesig wallets, because every time that you're spending your Bitcoin, every time that you create a transaction, at a technical level you're not just moving values on the blockchain; you're actually destroying your money and then recreating it. You're consuming it with inputs and then creating new outputs and essentially, unlocking scripts and then creating new locking scripts. And so, there's a lot of things that can go wrong there. You could potentially screw up the fee and send all of your money to the miners if you miscalculate the inputs and output values. You could screw up the locking scripts and unintentionally lock yourself out of your own money. There's a lot of room for error.
One of the reasons why multisig is great that not many people understand, especially multisig using different hardware devices, is that if something like that happened in the Casa software, you would have to manually approve it multiple times on non-Casa software and non-Casa hardware. So once again, the diversity of the setup helps protect against even Casa screwing up.
So really, one of the fundamental things that we keep in mind when we are making architectural and design decisions is eliminating single points of failure, and that includes Casa as a company. We don't want a single human mistake on our end to be able to cause catastrophic issues. We don't want even the company as a single entity, if say it ceased to exist for some reason, to cause catastrophic issues for our customers.
Nick Neuman: One thing that we've built, we've had this for two years now since we built the product, is because it comes with the way that everything was created, how multisig is part of the Bitcoin protocol, is that you can actually recreate your entire Casa multisig using other software, like Electrum. You're not going to do that?
Peter McCormack: I've got a vote off Jameson! Help me out here.
Nick Neuman: So, the point though is that you can fully verify that everything is working properly in the Casa software with a completely different set of software. So, that helps people get a better comfort around the fact that there isn't an issue with the Casa software itself. Usually, we'll have clients that will do that and after they set up that up they'll be like, "Wow, I now fully understand everything that you guys are doing under the hood and am blown away by the amount of complexity that you have taken out of the product".
But, that is important because it means that if Casa were to ever go away, suddenly drop off the face of the earth with no warning, you could actually fully recover all of your funds using a completely different set of software.
Peter McCormack: Yeah, I'd be worried about that with me but luckily, I know Jameson; I can phone him up.
Okay, so one other thing. I've removed all my personal single points of failure, because that's the thing I always worried about, is because me just being a moron and screwing this up. The one thing I haven't solved yet, and I can't afford your Diamond product yet, but I've never sold the inheritance point. So, I've solved my single point of failure myself, so I don't actually know how your inheritance product works; can you explain that?
Nick Neuman: Yeah, so the way that our inheritance product works is, we build our inheritance to work within the existing estate transfer legal system, so you actually -- this takes a ton of hands-on work from the Casa client services team, which is why it's only available for diamond level.
Peter McCormack: Right, okay.
Nick Neuman: But, we actually change your multisig to have six total keys, and one of those is held by your estate lawyer. So, that means that after you pass away, at least three of the six keys are accessible through the legal process; so that's after you pass away, you need a court order to say that, "Yes, this person passed away, here's the death certificate", and then the estate lawyer can approve a transaction with their key; Casa can approve a transaction with our key; and then your third key, which is held in a safety deposit box, can be accessed with that court order. So, it does require a more specific setup and so, this is all built in to work with the existing legal system.
One of the things that we're thinking about is, like you said, inheritance is still a problem for people who are at our gold or platinum levels, but it takes so much time from the Casa client services team and the setup is so robust that it really has to be at the diamond level for our current inheritance offering. But, we're working on something that will be available for platinum and gold that will help them. Maybe it won't be quite as strong a solution as at diamond, but we really can help them to have some way to pass on assets to their heirs after they pass away.
Peter McCormack: I definitely need something; I've not solved that. I need to think about it because otherwise they're going to be -- I mean, I could leave one with a relative and they could just hold a phone over my dead face to approve it on my phone! All right, cool, brilliant. This sounds like such an advertorial, but I don't care because I think people really should be looking at this.
What else are you working on? Have you got any other new cool products coming? Oh, you've just released something?
Nick Neuman: We've just released our Buy Bitcoin feature.
Peter McCormack: It doesn't work in the UK yet, right?
Nick Neuman: Yeah, blame the UK, not Casa.
Peter McCormack: Nothing works in the UK. Every cool thing out there, you try the UK, it doesn't work.
Nick Neuman: Yeah. So, what Buy Bitcoin is, is it lets you buy Bitcoin through the Casa app and have it deposited directly to your cold storage. So right now, people are having to, you know, if they want to buy Bitcoin, they're going to cash out or Swan or Coinbase, or one of the many other exchanges, and they're buying Bitcoin and it's sitting in a custodial wallet until they withdraw it to more secure storage.
The problem with that is a lot of people are worried about moving Bitcoin, they don't feel like they know how and they might lose it; or they just are kind of lazy, honestly, and they don't ever move their Bitcoin off the exchange. So, we've built this so that it's secure by default. It's automatically going to your secure storage so you can really have an easy experience for buying Bitcoin, but still maintain that level of security that our customers love.
Peter McCormack: Well, that makes sense. So, I bought some Bitcoin the other day because when MicroStrategy did their thing, I was like, right, I'm going to have more Bitcoin. So, I moved some of the cash, the business cash, into Bitcoin and went 50% only. But yes, I went on the exchange and I bought it and then I transferred it into my Casa wallet. So, it would just make more sense to be able to do that direct.
Nick Neuman: Yeah, why not cut that step out; why do we have to go through the exchange? The exchange is great for people that want to be active traders, but it's not really a good solution for somebody who's just stacking sats to hold for a really long time. And so, that's where we come in.
Peter McCormack: I mean, it depends on your fees, right; I'd have to check those out first.
Nick Neuman: It really depends on what solution you're using, right. The fees for an Apple Pay debit card transaction are going to be a little bit higher, because you're actually paying the card processing fees.
The other thing that's interesting in that, it's just a little bit different than what people are used to, is that since this is a real on-chain transaction going to your wallet, you do have to pay the mining fee as well. So, that's something that I think people aren't quite used to but at least for me and the rest of the Casa team, that fee is worth paying to avoid going through a centralised exchange and taking those extra steps.
Peter McCormack: Have you partnered with someone for this?
Nick Neuman: Yeah, we partnered with Wyre.
Peter McCormack: Ah, Michael Dunworth?
Nick Neuman: Yeah, exactly.
Peter McCormack: I know Michael. Have you hung out with him?
Nick Neuman: Yeah, he's a character, he's a good guy.
Peter McCormack: He's great, yeah. I like Michael a lot. Okay, can I tell you my wishlist?
Nick Neuman: Yes.
Peter McCormack: I know you know; I don't know if Jameson knows this. So, Jameson, tell me how hard this is. I really want to be able to have minimum two, but multiple wallets within my Casa. I'll tell you why, because I have business Bitcoin and personal Bitcoin.
Jameson Lopp: Yeah, you're not alone. This is our most commonly requested feature. I want it myself because I have several pools of Bitcoin. I have some that's in a retirement account that has to be completely separate and yeah, this is totally doable. We have a few really low-level architectural changes we want to make to stuff like derivation paths, to standardise on that.
Peter McCormack: What? What's a derivation path?!
Jameson Lopp: Yeah, so like I said, really low-level architectural changes that we've got queued up over the coming months before we can role that out, but yeah; that is definitely high up on a lot of people's wishlists including mine.
Peter McCormack: How big of a challenge is that?
Jameson Lopp: Technically, we could do it right now and probably have it out in a few weeks, but that would make doing some other low-level migrations trickier, which is why we're putting it behind a few other technical changes first. So, it's something that we kind of have on our technical debt clean-up list to do first.
Peter McCormack: Right, okay. Actually, I think that's the only thing. Nick, I spoke to you about this before; was that the only thing I had on my wishlist?
Nick Neuman: I think that's the only thing on your wishlist. The rest of it, you said, "This is the most amazing thing I've ever used in my life!", right?
Peter McCormack: No, I do like it. I want to be able to name the wallets as well. Obviously, if I have multiple wallets, I want to be able to name them. But, that's really it. Like I say, I know this is going to sound like an advertorial because I'm waxing lyrical about it, but it does it so simply. But, you must have other things you're working on. Like, you must have some things you want to do, Jameson; you've probably got a massive list?
Jameson Lopp: Yeah. I mean, I've been creating tasks for two years now. So, this is the thing that when people come to us occasionally saying, "When are you going to add support for my favourite cryptocurrency?" then my common retort is, "As soon as we're done with all of the Bitcoin improvements".
Peter McCormack: That will never happen.
Jameson Lopp: And at this rate, it seems like it's going to take a while, you know, because we're also trying to be forward-thinking. We have other low-level architectural changes that we want to make in order to be prepared for future Bitcoin protocol improvements; Taproot, hopefully sometime next year, which will then support aggregated signatures, which will be a huge boom for Casa users and for any multisig users, both from the privacy standpoint and how much transaction fees you have to pay standpoint. So, lots of work to do there.
I don't want to spoil anything but suffice to say, the existing landscape of hardware devices has been fairly static until recently. Coldcard has been, I think, one of the newer ones that has been getting more adoption this year. We're starting to see other devices. I mean, obviously I haven't been to any conferences in six months now, but at the tail end of my last run of conferences, I was seeing a lot of new prototype devices that were coming out. And, some of those were very exciting to me for a few different reasons, both on the technical security side and on the usability side.
So, one of the things that we're always trying to continue to do is to simplify and improve the user experience, and I think that some of these new hardware devices will enable us to do that. Up until now, it's actually been kind of a challenging environment to be working as a multi-vendor hardware platform, because really I think a lot of these hardware vendors have been thinking of themselves as like a full vertical stack, where they create the hardware wallet; they also create all the wallet software. And, there's been some friction there with the different hardware companies, just because they keep pushing out things and changing things and sometimes, it breaks our stuff.
I'm hoping that we can continue to mature this space to the point that we can find some equilibrium and have some better communication that these device vendors start to see themselves as platforms that people are building a wide variety of software on top of.
Peter McCormack: You're not going to do the Casa hardware wallet, are you?
Jameson Lopp: Well, we are not a hardware-engineering company at the moment. We won't say we would never do it, but we would certainly want to bring on people with hardware expertise if we went down that path. But, you know, from the hardware product that we had with the node for a while, we learned a lot about how different it is to manage and maintain and support physical hardware. There's so many more things that can go wrong and it's a lot harder to get insight into what the hardware is doing when it's not in your possession.
Peter McCormack: Actually, I don't know if I'd want that, I'd be honest; I don't know if I'd want that, because it's like you're the gatekeeper and I work with three other kind of vendors.
Jameson Lopp: Yeah, that would reduce the diversity, right? That would add more trust onto Casa if we were also creating the hardware devices.
Peter McCormack: So, I think earlier you were basically saying you were not going to support any other cryptocurrencies?
Jameson Lopp: Not anytime soon. That's also something that can always change. It's building software of course, but if we were to -- we've spent a fair amount of time investigating and making decisions about this, especially a year or two ago where if it was adding, if we're talking about adding other cryptocurrencies into our three or five multisig product, then you start getting this venn diagram of dependencies and requirements of, now all the hardware devices have to support that, whatever digital scheme they're using; and, there'll have to be software libraries for interfacing with the hardware devices, and doing that, and other software devices for android and iOS. Essentially, it just becomes less and less likely that you meet all of those requirements, unless you're talking about maybe Ethereum, you know, the really, really popular ones.
Peter McCormack: I was about to say. I can imagine Ethereum's the one you get asked for probably most, but, yeah.
Nick Neuman: When you think about what we're trying to do; we're trying to make the usability and security as high as possible. And so, when you get into the complexity that Jameson was talking about, with adding other currencies that work very differently than Bitcoin, you really have to be careful, because the complexity just ratchets up significantly. And so, as a security provider, we'd like to say that we'd rather be an inch wide and a mile deep than a mile wide and an inch deep.
Peter McCormack: Yeah, that makes sense.
Nick Neuman: So, we want to make sure that the security and the experience that we build is the absolute best, and we can do that by focussing on Bitcoin.
Peter McCormack: What about Lightning; is that something you guys have to consider at all and does Lightning even have a multisig scenario? I mean, I'm way out of my depth, I think.
Nick Neuman: So, Lightning doesn't really have the equivalent of multisig from a user-facing perspective; you're not really dealing with that. But I think Lightning, as a technology, is very interesting. We did dip into that with the Casa node and I think that it's been growing a lot. And so, it's an area that we're keeping an eye on. When there's sufficient demand for us to actually build something usable in that area, then we'll definitely do it.
Jameson Lopp: There's a lot of potential paths forward that could happen with Lightning. At a technical level right now, a Lightning channel is a two of two multisig, but it's between you and someone else. It's not a multisig from your perspective of having to authorise multiple signatures yourself. Now, there are possibilities in the future where we might see various types of Lightning, almost CoinJoin style aggregated signatures where there are a lot of different parties that are essentially sharing a Lightning channel and sending funds through it. But, I don't think this is something that we need to worry about for at least the next few years.
And really, while the Lightning node product that we did, you know, it got a lot of traction and I think a lot of people liked it, we realised that one of the issues was that it was so cutting edge, it was really engineering-intensive just for us to keep up with the pace of the changes that were coming down from the Lightning developers. So, if we're talking about building a security product, we want to try to minimise the volatility at the technical levels so that we can manage it and have a more stable platform.
Peter McCormack: I'm thinking of ideas I want as I go and I'm wondering whether this is a good idea, but I've not actually played with it; you do have a normal wallet, don't you? Have you ever thought of mixing them? So, almost like in one app, I have my vault which is my multisig, my vault, my normal wallet, having them together.
Nick Neuman: Yeah, that's what you have right now. So, I don't know if you've actually gone over to --
Peter McCormack: I do? I've never used it.
Nick Neuman: Yeah. So, if you open it up, at the top of the home screen, you can select between your multisig and your normal wallet.
Peter McCormack: I've never even seen it and I've got it here!
Nick Neuman: Your normal wallet is super easy for you to use. It's like, using a single-signature wallet on your phone, but we've taken out the part where you have to worry about all the technical stuff, like backing up your seed phrase and all that. So, to do that, we've come up with a secure backup mechanism that gets into the technical details, but it really makes it easy to feel like you're using Coinbase, or a Coinbase-style wallet, but you're still in full control of the keys.
Peter McCormack: I thought it was a separate app. You see, this makes me now want to have a Lightning wallet in here as well.
Nick Neuman: Yes, that's what you would probably do one day. When Lightning gets to the point when we feel comfortable building something to support it, there's enough demand for that, that's what we will do because we've already got the structure set up in there, right.
Peter McCormack: It's kind of cool. So, it would be nice here if I could just transfer from my vault into my single so I can --
Nick Neuman: You still have to sign with the keys, so you can't just move it, because that would break the security.
Peter McCormack: No, but it says "receive here"; I have to copy the address, then I have to go into --
Jameson Lopp: Oh, no, there's actually a shortcut. If you want to send from one Casa setup to another, then during the send flow, on the page or the screen where you can scan a QR code or put in an address, there are shortcuts for your other Casa wallets, and that will automatically paste in the address.
Peter McCormack: I'd had this and I didn't even realise it was in there. That's brilliant, okay. That's really, really useful to know.
Nick Neuman: So, that's like your poker money.
Peter McCormack: Yeah, it's my poker money! Well, not based on how I've been playing the last three months. Anything else coming on?
Nick Neuman: So, from a user-facing feature perspective, we don't really talk a lot about, "Here's the big things we're building", because we like to make the fun announcement once it's ready. But, from an overall kind of thematic perspective, what we're working on is just making it as easy as possible for people to secure and use their Bitcoin by securing their private keys, right.
So, we look at Bitcoin as, it's got these two amazing features that are different than any money before it. One of them is that it has this 21 million hard cap. The other one is that it's digital money that you can actually own. So, the "actually own it as digital money" part is what we're really interested in as a company and that's what we think a lot of people miss about Bitcoin when they buy it to hold on an exchange or something. So, how can we drive that part of the adoption as much as possible, because that's how Bitcoin is really going to succeed is if both of those two major breakthroughs are really adopted and understood by people around the world.
Peter McCormack: All right. Well, we've talked a lot about that. Before we do the closeout, so Jameson, talk people through; they've set themselves up with Casa; they've got it in place; they've distributed their keys; still, what are the other things people should be aware of, they should be thinking about? Because, even though you've got this, you still don't want to be placing a massive advert. I mean I have because of what I do, but you don't want to put an advert out there and say, "Well, I've got a Casa wallet now with all my keys distributed". You still don't want that; you still don't want someone -- to put yourself under some certain threats. That's why I've geographically --
Nick Neuman: That's interesting though.
Peter McCormack: Well, I know what you're going to say.
Nick Neuman: So, okay; let me still say it, because I want to see if you actually know what I'm going to say.
Peter McCormack: All right.
Nick Neuman: When you are using Casa, there's this interesting thought that we throw around sometimes that, like, let's say you've got a home security system. You put a sign outside your door that says, "I've got a home security system from ADT", or whatever it is, and that actually deters people from coming after you because it makes it harder for them to break into your home.
So, is there the equivalent of that for a Casa user with Bitcoin? It's so hard for you to steal my Bitcoin that I actually want to tell you I use Casa, because that keeps you from even going after me in the first place. It's like, "Don't even bother here, because you're not going to get it".
Peter McCormack: I see what you're saying, so that's good for certain public faces; so, myself, Jameson. But, a lot of people might secretly hold Bitcoin, so they don't want to say, "I've got Casa", because you are introducing that. When it becomes kind of commonplace that most people have Bitcoin that; that's maybe the place. I see what you're saying about me; it's good to say that. I mean, I still -- yeah, I see what you're saying. I mean, I still don't want someone coming at me.
Jameson Lopp: Well, this works if we're talking about $5 wrench attacks where someone is trying to coerce you physically into moving your money. And, I also have a recent blog post about that and that's why physical separation of keys into access-controlled locations is the way to prevent $5 wrench attacks.
Now ultimately, Casa is a digital security provider not a physical security provider, so we can't do anything to protect you from a situation like a ransom or hostage situation. If someone you care about is taken and coerced and now you have some other reason why you might then want to go around and authorise all the transactions, that's a situation where you really need to think more about the physical security side of things. I've got plenty of blog posts about that too, as you're probably aware.
Peter McCormack: Well, I'm aware because I've seen part of your arsenal, because I've shot some of your guns. But the reality; in the UK, I can't do that. I have to have a very different -- I could have a kitchen knife and a spoon, but I can't have an AR-15. But, you know, I get it, I get what you're saying. That is a different scenario. But still, are there certain things, like we won't cover it all again now because I'll send people to the other shows, but are there certain basics in terms of, like, internet security, personal profile, that you think people should just be very careful about?
Jameson Lopp: I mean, there is a good reason why a lot of people in the Bitcoin space are anonymous. We have all these funny avatars. I mean, we have a space cat who loves tacos, who is a prominent figure in the community. And it all goes back to Satoshi Nakamoto. This is the originator of understanding that holding on to a digital bearer asset that is controversial in nature and may upset very powerful entities, may incentivise very powerful or bad entities to come after you and physically harm you, the best protection against that is to essentially hide and make it so that they don't have a target to attack in the first place.
So, there is this trade-off that I've talked about for a while, especially once I started doing the cataloguing of physical attacks against bitcoiners, which is that it's a catch-22 situation that once you're in the Bitcoin space, you are incentivised to talk about it, because you want the network to grow, you want adoption to grow. That will ultimately be good for you as a Bitcoin holder, it will be good for Bitcoin in general because it makes it stronger against all types of attacks. But the flipside is, once you start doing that, or at least if you start doing that proselytizing, that evangelism, with your government name as it were, then this opens up a whole bunch of attacks just due to the default lack of privacy that we have.
Peter McCormack: Right, okay. Well, look, I'm happy. I'm happy. I've got my Casa setup and it was so much easier than I expected and it's such a peace of mind to have it, especially heading into bull run, and I don't have a lot of Bitcoin but I have enough to know this was worth doing and I think other people should check it out. Nick, is there anything I've not covered that you wish I'd have asked or covered in this?
Nick Neuman: I don't think so. I mean, I think the last point you made there is a really good one about peace of mind. And, something that I heard another client of ours say recently was, "I've heard people talk about their peace of mind that they get with Casa, but I'm just kind of like, maybe they're exaggerating. But, after I set it up, it was like a weight was lifted off my shoulders and I totally didn't expect that".
Peter McCormack: It totally is.
Nick Neuman: And so, it's almost like people underestimate the amount of peace of mind that it gets you once you finally get it set up.
Peter McCormack: No, it totally is.
Nick Neuman: I know personally for me, before we built Casa, I had a lot of just basic kind of back-of-my-mind anxiety about my Bitcoin, and that's just gone totally.
Peter McCormack: Well, that's what I had; that's when I reached out to you. I was like, no, I need to do this, I need to get this sorted. This piece of paper's going to be the downfall of me and I'm going to be crying. Well, look, brilliant. I'm glad we're working together. It was a pleasure getting the product set up.
Okay, listen, anyone listening, get your fucking shit together. You're going to hear an advert for this as well on the show, which is going to be weird, but definitely check out Casa. It's probably my favourite, I think I said recently, it's my favourite company in this space. I love what you're doing; the product's amazing; it is very Bitcoin as a product, in that it's got a very Bitcoin feel to it.
All right, so if people are interested, Nick, where do they find out more?
Nick Neuman: Yeah, so you can go to our website, which is keys.casa. You can also follow us on Twitter, @CasaHODL, and then you can find me and Jameson on Twitter as well.
Peter McCormack: Yeah, Jameson, tell people where to go and find all your jazz as well.
Jameson Lopp: You can check out my website at bitcoin.page, or lopp.net; they'll both get you to the same place. And my handle on Twitter is just @lopp.
Peter McCormack: Awesome guys. Well, listen, keep it up, amazing work, love working with you guys and hopefully, once this lockdown bullshit's over, we'll actually meet up again soon.
Nick Neuman: Yeah, thanks, Pete.
Jameson Lopp: Looking forward to it, thanks.
