WBD325 Audio Transcription

WBD325+-+Shinobi+-+Large+Banner.png

Bitcoin Tech #3 - Wallets with Shinobi

Interview date: Wednesday 24th March

Note: the following is a transcription of my interview with Shinobi. I have reviewed the transcription but if you find any mistakes, please feel free to email me. You can listen to the original recording here.

In this interview, I talk to Shinobi, the host of Block Digest. We discuss the tradeoffs between different wallets, how wallets work, and how you should secure your bitcoin.

“You should really try to dive into this stuff and see all the benefits that you can get out of bitcoin, besides just watching your account balance in Coinbase be worth more and more money every day.”

— Shinobi

Interview Transcription

Peter McCormack: Shinobi, man, how are you?  How fucking hungover are you?

Shinobi: Very.  Very hungover.

Peter McCormack: What were you doing, dude?  Were you out on the razzle dazzle?

Shinobi: I was drinking lots of beer and arguing about Bitcoin.

Peter McCormack: Who were you arguing with?

Shinobi: Just some buddies in our secret dragon's den internet chat.

Peter McCormack: Is that like on one of those weird secret channels that I can't even set the software up for.

Shinobi: Yeah, although you've been there.

Peter McCormack: Is that the place we recorded one of your shows on?  Block Digest?  Yeah, that shit didn't make any sense to me.  Anyway, man, how you been?

Shinobi: Doing all right for the most part, except to just -- let's just not even go there, let's just say people should be arguing ideas and not people.

Peter McCormack: Okay, so I don't want to get into that because I've got friends on both sides.

Shinobi: Well, like I said at some point this year I'm going to take over and make an outline about said topic and we're going go through the idea and not people.  Join the drama, Peter, Bitcoin Twitter drama is calling you.

Peter McCormack: I've already got my own drama going on, dude.  Always, everywhere in every fucking direction.  I managed somehow to piss off the shitcoiners and the bitcoiners at the same time.  I managed to piss everyone off.

Shinobi: That means you're doing your job right.

Peter McCormack: Yeah, you know what, someone said that to me earlier.  I think it was American HODL I was talking to.  He said, "If you're not pissing someone off, you're not doing your job right".

Shinobi: Yeah, 100%.

Peter McCormack: I'm pissing off people by the -- the pure thought that you could potentially even think about spending some of your Bitcoin is triggering people.  Hodl, hodl forever.

Shinobi: I just spent Bitcoin last time I went to the grocery store; all my money is Bitcoin.  When Shinobi buys things, how do you think he buys them?

Peter McCormack: Just don't buy it, just don't buy anything, you've got to hodl forever.

Shinobi: Starve?  It's not too appealing.

Peter McCormack: Get in the bins, dude.  Get round the back of the restaurants.

Shinobi: It doesn't sound too appealing.

Peter McCormack: Before we get into today's show, let's talk about nodes very quickly.  So, I've completely fucking given up on the Mac Mini, so that was £1,000.

Shinobi: Dude, it's there, you just had to let it sync again.  You did it; it was there; it's hooked up, come on, man.

Peter McCormack: Dude, it just wasn't working so I've gone back to Umbrel, I've bought a new SSD which was the one they recommended and this one I'm not having any problems with.  So, the SSD, the one I was using before which was the one I got off my camera, obviously was too power intensive and I think that was what was causing the problems with the node.  So, I've bought the one they recommended, and it is syncing fine, man, and I think I'm going to be okay and I'm going to then connect that to Specter and the flangey pangey and send you some Bitcoin secretly somehow.

Shinobi: I mean like I said, Peter, people should take a stab at doing it without the whole stack that just does everything itself, but do what works for you.

Peter McCormack: Let me ask you, did you get much feedback on those two shows, because I've had more people -- it's a weird one right, the tech shows don't have the biggest amount of downloads.  If the show title was, "Set up your node Bitcoin to $1 million", it probably would, but it's just about nodes; so because it's technical, they don't do as well as like the moon juice ones.  But at the same time, more people have written to me about the node show than any other show; I reckon at least 200 emails.

Shinobi: Yeah, I mean I've been getting a bunch of DM requests and I think here's the best place to say this; if you send me a message request and you don't get a reply, sorry, I'm not trying to say, "Fuck you", or anything, but I only have so much time in the day and I have to juggle a lot of shit most days.

Peter McCormack: You've had a few on this one, I've had loads.  Funnily enough, I've had a lot of positive feedback, more so on the second one where I was kind of like talking through my issues as I was having them; people coming back and saying, "I thought I was the only one, I thought I was a complete moron".  Even people who are like techies and developers saying, "Look, I'm a techie, I find this stuff hard", so I think it was useful and despite some of the hardcore bitcoiners thinking I'm a moron, I think it was useful what we did.

Anyway, listen I'm going to get Umbrel set up, I'm going to get Specter set up, I'm going to get my flangey pangey set up and I'm going to make it all work somehow, but we're here to talk about wallets today, dude.

Shinobi: Yes, indeed.

Peter McCormack: Is there really much to talk about with wallets because I've got a Ledger, I don't really use Trezor, and I want to talk about that in a second.  I've got a Coldcard and I just plug it in and it works.  What's there to talk about; do we actually need to talk about this?

Shinobi: Everything.  I mean that Ledger, that Coldcard, technically speaking that's not the wallet, like that just holds the keys that sign things.  A wallet needs to track the actual balances on chain, it needs to put the transactions together for you; that Coldcard or whatever you're using just signs that transaction and then the wallet spits it off into the network, so it's a lot more to a wallet or to keys than just the thing holding the key.  There's a lot more steps to there, there's a lot more things to think about and especially in terms of backing up those keys themselves, there's a decent amount of stuff there too.  It's a lot more than just that thing you click sign on.

Peter McCormack: All right, well the best way to do this, let's play this as if I've just discovered Bitcoin; I've been surfing Twitter and I've found this guy, Shinobi, he's going on about Bitcoin.  I'm like, "Okay, I want some Bitcoin", so I've gone and bought some Bitcoin on an exchange, my Bitcoin's sat there and the next thing I've read is that I need to like have myself a wallet.  If I was coming to you, Shinobi, "Look, I've heard about these wallets.  What the hell is a wallet?"  What would you say it is?

Shinobi: A wallet is either a thing or a combination of things that allows you to track your balance, see when you've received money, spend money you've received and manages the actual private keys used to authorise those transactions.  That can be a single thing, a single device or a piece of software, but that can also be multiple things like a device and a separate piece of software working together; like all of those different parts of that aren't necessarily going to be part of the same software or the same device.

Peter McCormack: Okay.  Do you think it's fair to say a wallet, you could also describe it as a little personal Bitcoin bank account?

Shinobi: I mean in non-technical terms, yeah, that's a general way to describe it.  I don't think it gets across the separation of the different things that it does good enough, you know what I mean?

Peter McCormack: If I think about it in terms of my online banking, I go into one of my bank accounts, I can see my balance, I can receive money and I can send money.

Shinobi: Okay, that's actually a good way to put it because now that I think about it, you're thinking like you log into the bank account, the bank website.  Well, you put your password into that, but the password isn't on that website, you know what I mean?

Peter McCormack: Yeah, yeah.

Shinobi: To get into that account there's that separation there, kind of like I'm talking about with tracking your balances and maybe the thing that actually holds the keys and signs stuff.

Peter McCormack: All right, so I've realised I need a wallet.  I've been told I need to get my coins off the exchange I'm on, and what are my options.  I've been out and I've looked, and I've seen there's such thing as a paper wallet, seen there's hardware wallets, I've seen there's software wallets I can download to my computer, I've seen there's wallets on my mobile phone, I'm sure there's others.  Which should I be going for; what is the difference between them?

Let's go old school, let's start with the paper wallet, are they dead?  That as a concept, is that dead, really?

Shinobi: I would say in 99% of people's cases, yes.  The simple reason is that when you generate a paper wallet, it's just the private key and the public key to send money to on a piece of paper, so you generate that on your actual regular computer.  You have to print that out through your printer.  Nowadays, every printer has wi-fi, every printer is hooked up to a network; most of them are security nightmares.  

So if you know what you're doing, yeah, you could still make paper wallets safely nowadays, but most people I would recommend do not ever do that, because that key that's actually holding your money is going to start on your computer, it's going to go from there to your printer, both of those computers are actually going to have that spending key in it, and that's a dangerous thing in my opinion, because the whole point of that is to keep that key away from computers until you're spending it. 

Nowadays, a normal computer -- most people's aren't really that secure.  Most printers, I could drive by your house and if I can get a signal and you have an insecure printer, I can just start poking with that.  So, unless you already know what you're doing, really bad idea to start messing with those.

Peter McCormack: Right, that's fair.  What that makes me think is that in its most simplest form, a wallet is a public and private key.

Shinobi: That's definitely the most central core part of it but there are still the other aspects of it, like how do I find out if there's money on it.

Peter McCormack: Okay, that's interesting.  That's what we should probably separate because go back to when people were using paper wallets, I wasn't around then, I wasn't using paper wallets, how would they spend Bitcoin?  Would they have to go to a certain website and punch in these keys to do it?  How would they use it, or would they have to load into a wallet?

Shinobi: You would have to go get another software wallet that could actually track balances and sign things and pretty much import the private key from the paper wallet into that to be able to spend it, because obviously unless you're an autistic monk math genius, you're not signing a transaction by hand without a computer.

Peter McCormack: So, the public and private key are the central components to a wallet, but there are other wallets that provide functionality that can increase the things you can do with those public and private keys?

Shinobi: I wouldn't say increase the functionality, it's about you need other things in order to use that key pair, period.  If you don't have some way to find any UTXOs sent to that address or that wallet, then you don't even know you have money.  If you don't have a computer that can actually take that private key and sign with it, you can't spend that money. 

The private key, the public keys that get generated from them, they're like the central pillar of a wallet, but in my mind, you don't have that wallet without adding those other things, like the ability to actually find money associated with that or spend that money.

Peter McCormack: That makes sense.  Okay, so I've discarded the idea of a paper wallet, my options are I've heard about these hardware wallets, but I've got to order one, it will take some time.  I've seen that I can just download a wallet to my mobile phone and I'm pretty flush, I've bought myself 30, 40 Bitcoin and I've seen these software wallets on my mobile phone; is that a sensible option for me?  Should I download a software wallet and transfer that Bitcoin to it?

Shinobi: This question in my mind, 100% of the time, comes down to how much Bitcoin do you actually own?  If you only have, say, $100 of Bitcoin that might make sense.  It's completely irrational to go spend $100 on a hardware device like the Coldcard if you only have $100 of Bitcoin, like that's just economically silly.  But, if you had $10,000 of Bitcoin, go get the secured device.  Putting $10,000 of Bitcoin on a phone is a really bad idea; but if you just have that tiny amount…

Peter McCormack: It's a bit like I've got my wallet in my pocket and I've got my bank account.  If I've got £10,000, $20,000 whatever, I'm not going to keep that in my wallet and walk around the streets with it or leave it in my car.  I might have a couple of hundred dollars in that wallet, but the rest I'm going to leave in my bank account where it's a bit more secure.  It's a kind of similar scenario as well, right?

Shinobi: Exactly.

Peter McCormack: Okay, so I think the thing to get across then is that there are different wallets that people should be using therefore for different scenarios.  I have a desktop wallet, I have a software wallet on my mobile, I have a hardware wallet, I also have three hardware wallets used for a multisig.  I'm at that point where I understand the different type of wallets and what they're used for, but I think for some people, especially the new people coming in, we should try and break down what the difference is, and I think the starting point is to explain the difference between a hot and a cold wallet.  Do you want to start with that?

Shinobi: A hot wallet would just be that wallet you put on your phone; that's something that has the actual private keys that can spend the money on a computer or device that has a network connection.  It is possible for people to connect to that computer and try to mess with it over the internet.  Absolutely, utterly horrible way to store large sums of money.  If you just want to have some pocket change or spending money, stuff like that, perfectly reasonable solution but a cold storage wallet, where people should be keeping most of their savings or net worth in Bitcoin, is where you separate those keys that can actually spend the money and that's not on the network machine.

That would be say Specter on your desktop, like you set up last time, with the actual private keys on something like a Coldcard because that way, yes, people can still connect to that computer and they can try to play games with it, but they have to physically get a hold of that Coldcard to get those keys that can spend your money.  That is the most binary kind of divide between different types of wallets and just as simple as this; any large sum of money should never be sitting in a hot wallet, it should go to a cold storage wallet.

Peter McCormack: If I talk about my personal wallet journey, my very first wallet was within the exchange I used when I first bought some Bitcoin on Coinbase, my Bitcoin sat in that wallet.  Then I had a software wallet on my phone and similar to what you just said, it was like a very small amount that I transferred into it.  My next step was to go to a hardware wallet and I think the first one I had was a Ledger.  And then I went to a multisig to go to that deep cold storage.  Let's work through each one of those so people understand it.

Even when they have an exchange account, the Bitcoin they have there is in a wallet, right?

Shinobi: Yeah, those coins have to be tied to some keys somewhere that somebody is holding, or they can't exist.  That is a very important thing to think about.  If you just leave your coins on Coinbase, you might not have to worry about keeping those keys safe in order to protect your money, but somebody does.  Whether you have the keys or not, somebody always has to keep those keys safe, otherwise your money's at risk.

Peter McCormack: With something like Coinbase, do they maintain a separate wallet for every individual user, almost like a separate bank account?

Shinobi: No.

Peter McCormack: Do they keep all of the Bitcoin in one giant wallet, you see your balance that comes just from a database and when you choose to withdraw it, they send it from their big giant database?

Shinobi: Yeah, it's the latter.  There's no segregation, everything is just in Coinbase's wallets and UTXOs, although I will say they do have a service called a Vault.  It's pretty much like the unchained capital multisig where they have one of the keys that's been around forever, but that type of service is really the only situation where you're going to have coins in the hand of someone else, so to say although not entirely because of multisig.

Any other situation it's just that business has it in its own keys, nothing is separated based on users' accounts.

Peter McCormack: Therefore, to say you have a wallet with Coinbase is actually slightly misleading.  What you have is a login and a balance of an IOU from their big wallet.  You don't actually have your own wallet; you just essentially have a balance on your account; so to say your Bitcoin is stored in a wallet but it's not your wallet, it's their wallet; okay that makes sense.

So, I've decided to withdraw it out, my $100, I've got myself a software wallet, what should I be thinking about with that when I first set it up, anything I need to be thinking about?

Shinobi: Obviously, any wallet no matter what it is, your word seed.  Keeping that, backing that up properly, making sure that's safe.

Peter McCormack: What is my word seed, can you explain that to me?

Shinobi: Let's try this, when you generate a Bitcoin private key, you just pick a really large random number and that's your private key, just a very long string of zeros and ones.  The way wallets work nowadays is you make that one original key and then from that you can make as many keys as you want?

That big random number, obviously if you just expect people to write down zero, one, zero, zero, one, one, zero and not screw up a single digit of that, that's never going to happen.  So, what developers did is they made this special dictionary of 2,048 words and pretty much every one of those words has a definition, so to say, of a very specific 11-digit binary number.  Each 11-digit binary number there could be maps to exactly one of these words. 

This way when your wallet generates this really large random number that is going to generate all of your private keys, it translates the number into the words in the dictionary so that you wind up with 23 words instead of just zeros and ones and then that last word, the 24th word, you pretty much hash the first 23 and take that and the numerical value and add on like the last 11 digits of zeros and ones and turn that into a word.  That's like a safety check, because when you enter in those 23 words it's going to map the 24th one to a safety check of the other 23.

If you type in a seed and any of the words are screwed up but you have the last word correct, the wallet will go, "No, this is wrong, and we know it's wrong because that last word isn't what it's supposed to be because all the other ones got messed up".  The entire point of this is just to make sure that when the user goes to backup their keys, they have something they're used to reading, used to handling; words instead of just a really long binary number that nine out of ten people would probably copy down wrong.

Peter McCormack: Let me try and translate into what I think is super easy language.  The wallet itself has this super long set of numbers.  That is essentially the ID for that wallet, and if you know that, you can restore that wallet.

Shinobi: I wouldn't call it an ID so much; I would call it more of a password than the ID in an analogy.

Peter McCormack: Okay, that's a password, but to make it simpler for people creating wallets, rather than write down this thing that you can get wrong, it's much easier to write down words and memorise them.  So strictly speaking for anyone listening to this who's creating their first wallet, all they need to know is, they need to write down and store -- we'll come back to writing itself because that's an issue, but they need to store those 24 words because that is the password to their wallet. 

If that wallet is ever destroyed or anything goes wrong with it, say it's a mobile phone wallet and they lose their phone, they can download the wallet again, put in those 24 words and it will restore that wallet for them.

Shinobi: Those words are your money, as far as like the simplest thing anyone should be thinking.

Peter McCormack: Right, those words are your money, that's your backup.  I get my first wallet, I set it up, I send my $100 of Bitcoin to it; the very first thing I should do is backup those words.  Now, everybody has their own way of doing this.  What is the best way to backup these words; is there any kind of like process? 

Mine is as follows right: the very first thing I do is write them down and then with that wallet I send $100 in, I then wipe that wallet and then I restore it from the 24 words to check that I've written them down correctly and I check that the balance is restored.  That's the process I go through for the creation of a new wallet, does that make sense?

Shinobi: Obviously, I don't personally do anything like that anymore, but if there is the slightest bit of uncertainty, of nervousness, of doubt that you did something right, then you absolutely should do that.  You should send a small amount first, make sure that you can recover it properly before you send larger amounts of money.  You should not be skipping something like that until you personally feel comfortable enough managing your Bitcoin that you do not actually feel worried like that.  If you feel any doubt or any worry, absolutely like test things like that first before you send a significant amount.

Peter McCormack: Anyone listening first time, you get a wallet, it's going to ask you to backup your seed words; do.  To begin with just write them down clearly, I say "clearly" because once I wrote them down, I couldn't read back one of the words.  So, write them down clearly, send a few dollars in, wipe the wallet, like delete it if it's on your phone, restore it, put in those seed words and check that those few dollars still exist. 

If you're done, you have written down that master password correctly, but from that point of backing them up, what do you recommend?  Keeping them on that piece of paper; stick that piece of paper under the bed, in the attic?  Is that a good way of backing up your seed words?

Shinobi: It's entirely dependent on the risks that you want to protect yourself from.  Obviously, a piece of paper is okay, but there are numerous pieces of metal that will allow you to record this.  There are products where you get little tiles with letters on them, and you can slide them into a slot and lock them; there are tools where you can literally take a hammer and smash the letters into a plain piece of metal; I think there's also capsules too, where you can just like slide the metal letters in order into a locked tube.  Obviously that is going to be way better than a piece of paper, say, if your house catches fire and burns down.

As far as what you actually record those words on, just start with the piece of paper and get it done; but as time goes on, you should think about making that more durable with things like these metal products that you can store your seed on because as time goes on, life changes, your environment around you changes. 

You might not worry about your house burning down this year, but a couple of years from now, I don't know, society could be going crazy and nutjobs run around at night throwing Molotov cocktails at random houses.  It's just start first with actually just getting it down on paper but over time, the longer you hold that, you should be thinking about making that backup of those words as resilient as possible to different things that could go wrong in life.

Peter McCormack: I guess, like with me, I'm a little bit more carefree about backing up the words to a software wallet with $100 in than I am to say a hardware wallet that might have say a whole Bitcoin in it.  There are different risks that you can take which is fair.

One of these metal devices I had, as I remember, I only had to record was it the first three or four letters of each word?

Shinobi: Yeah, it's the first four because the whole structure of the dictionary that was made for this, all of the words were specifically chosen so that there are no words that could get confused, you know what I mean?  Everything was structured so that as many words as possible have completely different letter structures so you can't confuse them.  The only kind of exception to that is probably not in the actual dictionary, but the word "ten" versus "tent".  There are similarities in the words there, but maybe you shouldn't be playing with Bitcoin if you confuse the word ten with tent!

Peter McCormack: So, I've got my wallet, I've backed up my seed words, so I've got my master password should anything happen.  In terms of this wallet, if I want to send and receive Bitcoin, I've just got these very basic instructions I put in the address, I click send and I confirm, and it goes. If I want to receive, I click receive and I get the address and I give it out to somebody else, but you're talking about these public and private keys; do I need to know what these are?

Shinobi: To at least some degree, yes.  You have to understand the difference between the two at least in the sense of, it's perfectly okay to send somebody a public key or an address to send you money, but don't send them the private key.

Peter McCormack: Of course, because if somebody has your private key, they can steal your Bitcoin; but honestly, Shinobi, I can't remember a time when I've used a wallet like this that it's ever showed me a private key.  It may have but I can't remember it, I just click "send" and it goes; but I do realise when I want to receive Bitcoin, it gives me an address, a big string of letters and I do give that to somebody.  Am I missing something or are these wallets actually exposing my private key to me?

Shinobi: Visually no, but every time with a software wallet that you go to sign something, whether it just does it when the wallet boots up, whether it's password protected; those keys have to be unencrypted and actually put in the computer memory to actually sign that.  Whether that's happening on your desktop, where other things running on the computer could potentially grab that, or whether that's happening on a device like a Coldcard where you don't have to worry about that because it's not connected to anything; that device actually has to have that private key in some way that's accessible.

Whether that's hidden from the user completely, whether the user can only get that through an advanced option or menu, that's kind of up to the different wallet; but that key, when you sign something, is available there in that machine.  There is some way, if you dig around and figure out how, that you as a user could directly access that.

Peter McCormack: Well let's break down the keys, let's do that first.  Explain to me what the public key actually is?

Shinobi: The public key is pretty much just the result of multiplying the private key by a special point on a graph, that's kind of the Crypto Curve that Bitcoin uses, and it's really just that simple.  You take the private key, you take this number that's special in the cryptography that Bitcoin uses; and you just multiply them and bam that's your public key. 

The whole relationship there is all of the crypto that allows you to sign something, to verify that a signature is correct; it just involves the relationship between that private key, the special number and the public key that you get from multiplying those two and the fact that you can do other kinds of maths to make this signature without revealing the private key, to verify this signature only using the public key. 

The key thing to remember if you actually want to understand the maths here is that you just make the private key with a totally random number and then that public key, that address; you're actually generating that directly from the private key.  So, everything always starts with the private key.

Peter McCormack: Right, but I don't really know most of what that is you've just talked about and I've definitely never used that even in my four years, consciously, but I've heard about it, but what actually is the public key; what does it do; what's it for?

Shinobi: It allows people to lock a UTXO to that public key and the only way to unlock it is to prove you can sign with the private key that matches to that public key.  Think about the public key as the padlock that you lock Bitcoins with, and the private key is the actual key you can use to unlock that.

Peter McCormack: We covered UTXOs before, essentially is every single UTXO on the ledger linked to a public key?

Shinobi: The general answer for newbies is, yes.  The Shinobi answer is technically, strictly speaking, they don't have to be.

Peter McCormack: Okay, this is probably going to go to a little bit deeper about Bitcoin works, right, in that when I go into my wallet, my wallet has my public key.  What does it do?  Does it scan the blockchain and find all the UTXOs associated with that public key and therefore it knows?

Shinobi: Exactly.  That is exactly what the wallet does to find your balance.  It just takes all of those public keys and it checks the blockchain and goes to find any UTXO locked to any of these public keys.

Peter McCormack: What, it scans through all the blocks?

Shinobi: Mm hmm.

Peter McCormack: Basically, all the Bitcoin I hold, which is basically all the UTXOs that are mine, are distributed randomly through all the various blocks on the blockchain and so my wallet goes in and says, "These are all your UTXOs associated with your public key", and it displays them for me.  In terms of where they exist in Bitcoin, I could have some UTXOs that are sat next to yours in a specific block?

Shinobi: To me, it's kind of silly to think about things in those terms, but yeah that is a helpful way, I think, for new people to think about it.

Peter McCormack: The reason I'm thinking about it like this is because, I always assumed my wallet opens and it knows how much Bitcoin I've had and for just some reason, I assumed all my Bitcoin UTXOs were all nice and neatly in one place together.  But strictly speaking, what it seems to me is happening is the wallet is going through the blockchain, scanning it with my public key and going, "Right, these are all your UTXOs, so we'll list them out; and then this is the value of each one, so here's your total"?

Shinobi: Yeah, like last week, I just loaded up an Opendime to give to somebody to hopefully push them over the hump.  That UTXO; that's in the last couple of weeks of blocks.  I also have UTXOs created years ago that still haven't moved since being created in that block years and years back.

Peter McCormack: What does the wallet do; does it just go block-by-block, show me all the unspent transactions, is this matched to your public key?  Yeah; right, tick.  We'll associate that in your wallet.  That's essentially what it does. 

So, let me ask you another question, because thinking about it like this, I'd be interested to get the feedback on this.  Even just understanding this now, what we've just gone through now has just literally levelled up my understanding of Bitcoin a bit more, because as a UX person, like I said, I just imagined there's like my wallet and all my UTXOs somehow in the Bitcoin blockchain were all mine; but they're not, they're all just scattered through it which is kind of interesting.

So, at the point I go to spend one of my UTXOs, say I've got a UTXO in Block 623,111 and it's half a Bitcoin, and I go to spend that, and I send that to Shinobi; what does the blockchain do to know that one's been spent, because that block is sealed right; the one that it's in, as an unspent, is sealed?  Does it have to look if it's been spent later on?

Shinobi: Any node in the network will do that automatically.  Pretty much every node has, in addition to all the blocks if they want to keep them, they have the UTXO set, so it's just a collection of all the outputs from every transaction that have not been spent yet.  So, when you go to spend that, if that coin you're trying to spend is not part of that set, then the network will just go, "Invalid transaction".  That is checked immediately upon the transaction being submitted to the network.

Peter McCormack: So, what my wallet is doing is it's going via a node to check all the unspent transactions?

Shinobi: There are a couple of ways that can work under the hood.  If you're using your own node and say you import a wallet with something like Specter that will literally have to go scan block-by-block and make sure your history is displayed, coins that you used to have and spent show up in your wallet and go through all of that.

There's a newer feature in nodes not many wallets are using so far, where you can just directly check the UTXO set, so find all of the coins that are unspent right now that you own but that won't show past transaction history because it's just checking the UTXO set instead of the whole block history.  Then most Litewallets out there just hook up to a node that makes a special index of all the data that's just all the individual transactions.  So, when you're connecting to a Litewallet's back end, most of the time it's just going to check that database of like individual transactions, instead of scanning the whole chain or checking the UTXO set.

So, there are these couple of different ways that happen in the back end, but ultimately that wallet has to find those UTXOs somehow through one of these methods to be able to show you the money that you have.

Peter McCormack: Is there any way my wallet could connect to a rogue node which has a bold set or a fake set of UTXOs and tells me a wrong balance; is that something that can happen?

Shinobi: Yeah, and this is exactly why so many bitcoiners are so ardent about running your own node, because you know you are in control of that thing telling your wallet this kind of information.  This is also why most Litewallets will connect to a trusted backend that the user is trusting to not lie to them, instead of random nodes on the network like Litewallets used to do.

Peter McCormack: Okay, but even if it is connected to a rogue set of UTXOs and it tells me I've got a UTXO which is mine, which isn't and it has been spent; even if I then try and spend it, that's not going to work, right, that's going to be rejected?

Shinobi: Yeah, there is zero chance the actual network would let you spend that.

Peter McCormack: So basically, what a wallet does, just to reiterate, it goes and checks all the unspent transactions, all the ones linked with my public key; it tells me which are mine and then it gets my balance. 

At the point then that I want to send Shinobi a Bitcoin and that's going to be made off of two UTXOs in my list they're both half a Bitcoin, when I click "send" what actually is happening?  This is obviously where my private key is used but what is actually happening?  You're saying a transaction is being signed, but what does that actually mean?

Shinobi: Pretty much, your wallet's just going to show you the transaction, which coins you are spending, which new UTXOs you're creating, so whoever you're sending money to; and then whatever change is left over going back to a UTXO you control.  It's just going to show you this and when you click "sign", it pretty much just hashes the transaction and then your private key signs that hash; so you pretty much just multiply that hash by the private key in simplest terms, and that's the signature.

Anybody can look at the public keys involved in the coins you're spending, prove that this signature was actually made by the private keys that correspond to that and then it just blasts it off to the Bitcoin network and eventually winds up in a block.

Peter McCormack: Right, so the software automatically just does the stuff which signs it, creates what it needs to create to send to the Bitcoin network.  The Bitcoin network then validates whether that private key can sign that public key; and if it can, it accepts the transaction; and if it can't, it rejects it?

Shinobi: Yep.

Peter McCormack: It goes into the meme pool, men pool, sorry, the mempool.  That's so funny, do you know what we've been trying to come up for a holding name for the company that defines What Bitcoin Did and Never Edits, I think "Meme pool" would be great.  There you go; I bet someone's got that.

Shinobi: Why not?

Peter McCormack: Let's try and go in even simpler terms.  So, I want to send the transaction, it gets that UTXO, it hashes it with my private key; how is my private key stored on my device, in my wallet, and how is that prevented from someone actually seeing what that is?

Shinobi: In the case of a hardware wallet, which again anybody with significant amounts of money should be using, it's because it's either physically not connected to the computer, or the connection it has to the computer is very limited and secured.  So that key is only actually on that special device, so unless somebody can either physically take that device or break, if it's a wallet that actually does connect to a computer, the security between that connection, then that key never leaves that device, so it should be safe.

Now any software wallet, like on your desktop that actually keeps the private keys on your desktop, or the same thing on your phone, any wallet that is not designed by an incompetent idiot will encrypt your private keys with a pin code or a password or something and they're stored encrypted.  But when you actually go to sign a transaction, those keys have to be decrypted to actually sign.  And so, for that time period that you're signing a transaction, that key is exposed on your normal computer and it could potentially be compromised.

Peter McCormack: Okay, I'm going to work through this again.  So my wallet has picked out the UTXO; it knows what it is because of my public key.  I want to send it to you, so I need to sign it with the private key and the private key itself is -- did you say is derived from the public key?

Shinobi: No, vice versa.

Peter McCormack: Vice versa.

Shinobi: The public key is derived from the private key.

Peter McCormack: Right, okay, so I sign the transaction with the private key; that is sent off to the network.  The network can check it's a valid transaction, because it uses the public key to ensure that the hash is correct.

Shinobi: That the signature is correct, but yeah.

Peter McCormack: Yeah, the signature is correct, because only that public key can be matched to that private key.

Shinobi: Mm hmm.

Peter McCormack: Shit, I've learned so much more today.  I've literally 10Xd my Bitcoin understanding today!  All right, cool, okay so that's done.  I get all that, that's great and that's a software wallet and most of that will happen in the background, but I understand how it's working now; okay, great.

I'm now pretty into Bitcoin, Shinobi, I've bought $10,000 worth; I need a hardware wallet.  There are three main ones on the market and for complete transparency, Ledger are a sponsor of mine.  I am also a fan of Coldcard and friends with Rodolfo; I do have a Trezor.  There are three devices I think all are worth addressing, because I personally think each one, certainly between Ledger and Coldcard, each one suits a different person.

I have had feedback that there are issues with Trezor.  Your personal feedback would be valid here if you want to talk about it; what do you think of Trezor?

Shinobi: Honestly, I'd rather kind of make a general comment before we go into nit-picking specific brands here.  Let's look at things in terms of category first, let's call the first category Trezor, we'll call the second category Ledger, and we'll call the third category Coldcard.

A Trezor 1) you have to actually plug that into your computer; and 2) there is no secure chip on there.  There is no special security chip on that that physically secures that device if somebody actually got their hands on it.  Now, that is strictly speaking way better than just having your private key sitting on your laptop, but it does not have that physical security where if somebody got their hands on the device, there is that secure chip protecting your private keys that costs lots and lots of money to break and get past.

Peter McCormack: Can I ask a question there?  If I've found someone's Trezor, I'm not going to be able to do that, but someone with the right equipment and technology could probably hack the device?

Shinobi: Yeah, this I want to be clear: I'm speaking purely about old vulnerabilities that have been patched in the most recent firmware, but if you found someone's old Trezor that they hadn't updated their firmware in a long time, I could probably break that with like $70 of equipment and get the private keys off of it.

Ledger is the second category.  They have a secure chip like that, but everything is closed source, and everything happens on that chip, so it does have some degree of physical security unless that chip is broken.  That will make it very hard to get your keys off of, it but it's a completely closed source system; you cannot audit that.

Now Coldcard, with the third category, it's kind of a hybrid between the two.  It has a regular open chip like the Trezor, but it also has a closed secure chip like the Ledger.  But the thing is with the Coldcard, they work together in a way where the trust that you place in that secure chip, breaking that secure chip alone is not enough to get your keys; you have to break the other open chip as well.

So the way those two things kind of work together is you get the best of both worlds.  You have a very large open stack that you can audit everything except the secure chip, but the secure chip is only kind of adding extra security.  If that's broken it doesn't take away from any of the security of anything else.

Peter McCormack: Should everyone just use a Coldcard?

Shinobi: That's what I personally use, and I would personally recommend for large amounts of money, but it's just really you have to analyse these categories and think about, do you really want or feel the need for that physical security where if somebody actually got their hands on your device, it would be very expensive for them to steal your money; or do you not care about that? 

How much trust do you want to place in the maker of that device?  Do you want the ability to audit and verify the product that they're sending you, to the best degree that you can; or do you not care about that and you're okay trusting this company?  Those are the two things.

Peter McCormack: I've got a personal recommendation on that, because I have all three devices, like I say, for my multisig and we'll come to that, so I've used all three devices. 

Trezor I've always felt a little slightly uneasy as it's browser based and I don't know why, but I just have.  Coldcard, I love, because of everything you said in terms of the design and the security set up; but I think for the people listening to this show -- full transparency: they are a sponsor, but at the same time, the first wallet I ever got was a Ledger Nano S and I've used it for four years. 

The main difference between the two is if you're going to use a Ledger, you're going to download the software which is Ledger Live, you're going to plug it in, it's very easy UX, it takes you through to their software, to receive and send Bitcoin; that's super easy.  The UX, I think, is consumer friendly, whereas with something like Coldcard you're going to need to connect it to another wallet, something like Specter, and I think that's a level above and I think that requires a certain amount of experience.

That is not to say that people couldn't do it, and absolutely they could; but also based on my understanding of the technical skills that many people have, that might be a big leap for them if they're not particularly technical with their first hardware wallet.  Am I being fair?

Shinobi: With some wallets, but it's really about knowing the wallets.  Electrum, if a user can handle using Electrum, very easy to set up a Coldcard with; or Wasabi Wallet, very easy to just set that up and use Coldcard with.  I would personally say, just because I don't like trusting completely closed systems, unless you are that terrified of not being able to understand it, get the Coldcard, take some time to look at it and play with it.

Peter McCormack: That's fair, it comes down to that "Don't Trust. Verify" thing, whereas I'm from that world whereby I can't audit the code anyway.  I require a lot of the technical side of things being obfuscated for me through UX, so that's why something like Ledger has been a great first device for me.  At the same time, I have gone through that journey of also learning Coldcard.  I actually think for some people as well it's probably worth, if you've got enough Bitcoin, trying out multiple wallets and seeing which one works for you as well, but yeah, okay, fair enough.

Okay, so I've migrated from a software wallet, I've got a hardware wallet, I'm using a hardware wallet.  Is there anything else I need to be thinking about with regards to them, like separate from my software wallet on my phone?

Shinobi: Just really physical security.  That's really the big threat there in my mind, if somebody can actually physically get their hands on your device.  Now, that's kind of why I harp on the physical security so much, because if you still have your word seed, if that wasn't compromised and somebody stole your Coldcard the Mark II, the last version not the current one, Ledger actually did a security test where they bought hundreds of thousands of dollars of equipment and tested, literally peeling off layer by layer the secure chip so they could break it, and they succeeded; but they showed that it literally took $100,000-plus of equipment and serious expertise needed to operate that equipment to break it.

If somebody stole my Coldcard, I could not notice for a week and then go, "Oh", and just move my coins to a new seed and it's probably going to take that person, if they even have any chance of getting those tools and learning how to use them, another month or two to break it.  Whereas, a Trezor, if that Trezor is out of date and the firmware is not the current firmware, there are numerous vulnerabilities that would allow me to just put together a little $70 device and I have your private keys now.

Peter McCormack: I get it; that makes sense.  So next step, I've got my $10,000 of Bitcoin, I keep stacking over and over, also we go through a bull market and suddenly I've got $0.25 million, $0.5 million of Bitcoin, but it's all stored on this single hardware device.  I'm personally starting to feel a little bit vulnerable for a number of reasons.  What if there's a house fire and I lose the device and for some reason my backup seed melts?  What if someone comes to my house with a $5 wrench and threatens me?  Is there a way of becoming even more secure?  This is where, about ten months ago, I signed up for Casa and went for a multisig solution, just protect myself against all those scenarios.

I don't want to go too deep on this now, I know there are multisig solutions that people can set up themselves; and again for transparency, Casa are a sponsor.  But for someone like me, it's just so easy to set up and manage.  Let's just go with absolute basics of what a multisig is and what it means.

Shinobi: Just the way that a UTXO is locked to a single public key, so that you have to sign with the right private key to spend it, you can lock it to multiple keys.  You can have three keys to that lock, you can have five keys, you can require all of the keys to sign it, you can require like a two-thirds majority to sign it; and that way, you can take the different sets of keys that lock this and you can take extra steps to secure them. 

You can spread them around so that they're not close to each other, you can leave one set with a family member that you trust really well so that that's not around you.  You can make sure that at your primary residence, you do not have all of the keys necessary to spend your coin at your primary residence.  So, if someone kicks your door in, you are literally incapable of giving them your money.  Allowing multiple keys to control that lock, you can take a lot more steps like that to safeguard your keys. 

If you have a 2 of 3 multisig and you only have one set of keys at your house, when that guy kicks your door in, you literally can't give him that money without going and kicking someone else's door in and it's becoming a crazier and more risky situation for that person.  If you have all of your coins on a single key address, when he kicks that door in, he's just taking your seed and there goes your money.

Peter McCormack: That's totally relevant, so I'll talk about it from my view of becoming a Casa user and explain how I understand it.  My Casa is a 3 of 5 multisig.  I know they offer a 2 of 3 and I think they offer a 3 of 6, which includes an additional key for inheritance planning; but let's go with the 3 of 5 to keep it really easy to understand.  One key is on the phone, one key Casa has, I hold the other three keys.  To sign any transaction, I just have to create the transaction in Casa, and I have to go to three of the devices.

One does it on the phone immediately, if I keep on in the house that's the second one; but the third and fourth key can be geographically distributed, not even just a friend's round the corner or family member, but in another country to give that total protection; but I have to go through that process of at least signing three of those keys to send that Bitcoin.

For anyone listening, the idea being is that as Shinobi says, if someone comes and attacks me, yes, I have two keys here, but that Bitcoin can't be spent without the third key, so they have to get on a plane with me, go to where that third key is and force me to.  So, basically, it makes the situation too difficult or too risky for them to threaten me. 

There are other benefits, right?  You've got the benefits of not losing a device, personal mistakes, you can lose a key and then you can replace that key, so that multisig solution is a much better solution for someone who's got larger amounts of Bitcoin as well; is that fair?

Shinobi: Yeah, absolutely.  It does come with the requirement that you have to keep all of the public keys of every key in the multisig, even if you're not going to sign with that key, otherwise you don't have the information needed to actually open the lock.  Yeah, I mean if you have enough money to your name in Bitcoin, keeping another thing on a piece of paper, or having all of that money be in a lot riskier situation, it's pretty obvious to me most people are probably going to write the extra thing down on paper and get a lot more security.

Peter McCormack: Also, an interesting thing on my multisig which I didn't realise when setting it up is, because it's a multisig, I don't store a backup of the seed for those wallets, because what happens is that's an actual vulnerability now.  What I actually do is if I lose one of my keys, I just swap that one out.

Shinobi: I know Casa is really big on the not doing seed backups for their product, but personally I would still recommend having seed backups, even for a multisig like that, if you're going to set it up yourself outside of an ecosystem like Casa.

Peter McCormack: That's fair.  I think right now we've covered a good amount of stuff in wallets.  There is the amazing subject of xPubs which we've not talked about, which we should touch at another point, but I think knowing the level of the audience and the feedback I've got for the shows so far just covering tech stuff, I think that's a good amount right now.  How do you feel?  Have I missed anything that you think we should add?

Shinobi: I think that's fair, but I think we should at least go into a little more on the seed backup trade-offs.

Peter McCormack: Okay, let's do it.

Shinobi: When we talked about that earlier we were mostly just talking about what to store that on, things like paper versus steel, but we didn't really get too much into how to store that, like where to store that.  I just feel like this is kind of one of those things that is an open question.  Even somebody like me, I'm not so sure that how I'm handling things now is good enough.

Peter McCormack: I agree.

Shinobi: I'm not going to keep doing things that I'm doing right now five or ten years from now and this is kind of just an open question about what is the best way to do this.  I have my seed backups, I physically control them, but a lot of people talk about sharing copies of that, say with friends or family. 

I just want to drive home that you are trusting whoever you give a copy of your seed to keep safe for you, with your money.  They have your money.  If they want to stab you in the back, you guys have a fight and they decide, "Fuck you", they have your money.  So, if you are not completely trusting that no matter what happens between you two, that person will be honest, will hold that for you and not take your money, and you're going to backup your seed with a copy with other people like that, use a decent passphrase. 

Don't go crazy and a bunch of 30 random characters that you might forget, but put your coins in a passphrase wallet on your seed, so that there is something between that seed and your money if you do not trust that person with your life.

Peter McCormack: Can we talk about that, what do you mean, "Put a passphrase on that seed"?

Shinobi: You can effectively take your seed and enter a passphrase, so like you're adding an extra word that's not part of that special dictionary that we talk about.  Then it just adds that, hashes it and makes a new key set that's entirely unrelated to the keys that come from your main seed.  You need to remember that passphrase plus your word seed to generate those keys.  That is a very good way to defend yourself against really any kind of threat model, where you're worried somebody could get their hands on your word seed.

Peter McCormack: How does that work in a scenario?  Say I've got myself a hardware device and when I'm setting it up, it's telling me to backup my seed phrase; how do I add -- will that wallet give me the option for that additional?

Shinobi: It depends entirely on the software and the hardware that you use.  All hardware wallets that I'm aware of support it, although the way to enter it is going to be different; and most of the software wallets out there support it.

Peter McCormack: Interesting.  Let me ask you something, if I create a wallet with one piece of software or one hardware device and I backup the seed phrase, can I use that seed phrase in any other wallet to restore myself?

Shinobi: Yeah, as long as it supports the standard, which I'm not aware of anything that doesn't, at this point.  Yeah, that word seed should be compatible in any other hardware wallet, any other software wallet out there.

Peter McCormack: In terms of storing this seed, there's a bunch of options.  You could hide it somewhere deep in your house, where no one would look; you could bury it in your garden; you could use a safety deposit box; you could use a friend or family.  Each of those scenarios still has the risk that somebody finds it.  What about the idea that you split it, that you store half of your seed words on one place and half another?

Shinobi: No, that is a horrible idea.  You lose a lot of security in terms of the mathematical security when people find part of your word seed.  This is counterintuitive, but for every single word in your word seed that somebody is able to compromise, you're actually cutting in half how hard it is for them to guess the rest of your seeds.  It's not just like it gets 1% easier, another percent easier, no.  Every word is half as difficult, so that gets cut in half every time.

Peter McCormack: If you are storing it as you have before, if you store it as the whole seed together, if they find it, they have the whole seed; whereas if you split it in two, they can only find half of it.  So, I would have thought you're at least giving yourself more protection to somebody finding it, because they've only found half?

Shinobi: It's a big risk and also you should be doing this -- if you're going to do something like this, you should not just be cutting things in half like that.  There are methods where you can actually split the word seed into three cards; there are templates out there for this.  I think it's like, if you have 24 words, each of them has like 16 words or something, but they're different, so that any two of those cards would be enough to get your whole seed back from.

If you're going to consider splitting your seed, look for things like that and go read about the kind of risks and the benefits of doing that.  Don't just naively cut your seed in half and then do something like that.

Peter McCormack: So really, wallets is a journey and it's a journey of not just how you use a wallet and how you interact with the wallet, it's actually a journey of security.  Anyone listening should really go through the steps that we've talked about, try the different types of wallets and gradually build up their own confidence, read a lot, learn a lot about this and go step-by-step.  It's really a personal journey, right?

Shinobi: Yeah, and I mean some of this is just open questions.  I don't think that I have a handle on where to store my seed or how to store my seed for the next ten years.  Right now, my attitude is pretty much just, "That's behind me and my gun, so good luck".  I'm not really comfortable with that being my plan for the rest of my life, so things like that, even I'm still trying to figure out what is the best, safest way to do this.

Peter McCormack: You can see why, and I know it's controversial, but you can see why some people would prefer just to use a custodial solution rather than take ownership of their own private keys, especially if they were holding tens of millions of Bitcoin; they might feel a particular risk of making a mistake or some kind of physical threat to them.

Shinobi: It really is a lot to think about, but so is anything that you have to be responsible for yourself.  Yeah, I think people should strive to learn how to be responsible for these types of things.  I understand why people wouldn't, but you should push yourself; you should really try to dive into this stuff and see all the benefits that you can get out of Bitcoin besides just watching your account balance in Coinbase be worth more and more money every day.

Peter McCormack: Yeah, that's fair.  Shinobi, this is great as ever, I think we've broken it down quite easy.  I will share a whole bunch of stuff in the show notes of all the different wallets, all the different solutions like the things that people should be trying and like as we said, just like start step-by-step; just start with a basic wallet, start practising your own personal security, read up on it and for most people it's just a journey of figuring out as they go.

Anything you want to add, before we close out, dude?

Shinobi: No, I think we pretty much plumbed through the whole outline pretty well.

Peter McCormack: Nice one, as ever tell people where to find you, this might be the first time they've heard one of these shows.

Shinobi: @brian_trollz on Twitter and you can also find a podcast I do with my friends FUD and Janine at @blockdigest on Twitter.  Hope everybody learned something today.

Peter McCormack: Awesome bro, listen I will see you shortly.  Wonder what we're going to do next month, but take care, dude and hope the hangover's okay.

Shinobi: I'll live.