Proof Of Keys, Intentional Crypto Bank Run. 4 Step Survival Guide.

Juan S. Galt
11 min readJan 1, 2019

--

Bitcoin’s 10th birthday is upon us. Are you ready for the celebration? This January 3rd, 2019 Begins an intentional run on the crypto banks. During this Proof Of Keys celebration, you won’t want to be caught off guard.

(See you next year! Where this celebration will be bigger and stronger. The steps on this guide will apply just as much and I’ll update it as key solutions emerge)

On January 3rd, 2009 the first block of Bitcoin called the genesis block was created and so this crazy ride began.

10 years later, the Bitcoin brand has world wide recognition, its infrastructure is becoming stronger by the day and single digit percentage points of the population in Canada, USA and countries around the world are said to hold Bitcoin or some other cryptocurrency.

Unfortunately part of the goal of Bitcoin, to allow people full control over their wealth, has been diluted by the ease of use dilemma. Exchanges, even with all their various authentication steps, and the historical risk of theft or failure, hold massive amounts of user wealth to this day.

The top Bitcoin addresses by BTC held are Bitcoin exchanges and too many new crypto users are not familiar with the history or the best practices to really take advantage of Bitcoin’s promise: money that can not be censored. Money that only obeys only your will.

Well, this January 3rd begins a tradition that might help curve the trend. And educate the new comers.

Named Proof Of Keys day by Trace Mayer, the long time Bitcoiner who sparked the campaign, will be an intentional run on the crypto “banks”.

Users from all over the world waving the Jan 3 (KEY) flag on their social networks or supporting it in silence will be withdrawing as much crypto as possible from their exchanges.

This is not just about Bitcoin. Every crypto asset, token, altcoin, crypto security, you name it will be withdrawn by supporters of the celebration. If it is supposed to be decentralized, you are supposed to be able to claim it and hold it yourself.

(Also, I’ve developed a workshop to teach non super geeks like me, how to Be Your Own Bank, next one will be at Anarchapulco, mid February conference in Acapulco Mexico, where I’ll also be speaking. Get the early bird price by sending me an email at byobankinfo@pm.me)

Why? There’s a few reasons.

For one, centralized crypto exchanges could be lying to us about how many funds they hold. Are they really in their wallets? After all, they control their interface and it’s very hard if not impossible for anyone to verify their reserves independently.

Second, do you know how to do it? Even if you return your funds to exchanges after the celebration, you want to have confidence in your ability to HODL and store your coins safely.

For example, in the case bad news about your exchange start to float around, and you want to exit, you won’t want to be caught off guard.

There’s a large amount of security risks with holding your funds on exchanges, especially when they are not regulated or watched. Furthermore they often operate in obscure jurisdictions which can’t enforce users’ property rights upon them. Most exchanges that have failed in crypto’s history have gone down because of alleged theft, capture by government agencies for alleged crimes, or simply vanished with user funds.

While exchanges provide an essential service to our industry today, that of aiding price discovery among all these assets and against fiat, it remains important to be able to claim your actual digital wealth at any time.

Otherwise, you are better off with regulated, controlled and well insured old school banks.

But then again, who likes banks? So let’s learn to take control of your own crypto, let’s study how to Be Your Own Bank.

Step 1: Withdraw Limits

Every exchange has withdraw limits, that’s a centrally enforced limit as to how many funds you can withdraw at a given time, usually per day. These withdrawl limits can be found fairly easily on their websites, or through a Google search.

These limits range from 2,000 USD in market value to 2 BTC in market value for accounts without KYC and AML verification, aka accounts with which your real personal identity has not been verified.

As you add KYC and AML data to these crypto exchanges, you often gain higher withdrawal limits. These limits are set by regulations and the exchanges must comply given that they are fat and juicy targets for law enforcement.

You probably won’t want to be the last person to withdraw your coins this January 3rd. While this is the first time this holiday is celebrated, and not as many people will be aware of it, we don’t know what consequences it will have. Some exchanges might fail to honour those claims, as they might actually be insolvent. We won’t know until we try.

So figure out your withdrawal limits and how long it will take to get your coins out and get ready to learn some of the basics of crypto. These key steps will let you start the year with a stronger foundation for your digital wealth.

Step 2: Get a Hardware Wallet or Two.

Hardware wallets are by far one of the best products this industry has produced. They are hardware devices designed specifically to keep your crypto wealth save. If you have anywhere from 2,000 USD to 500,000 USD worth of crypto, you’ll want to be using at least one hardware wallet.

These hardware wallets cost anywhere from 50 USD to 200 USD a piece and they are 100% worth it for any amount of crypto that you are simply not willing to lose.

The two most popular ones are Trezor and Ledger Nano S. I’m a bigger fan of Trezor and would recommend it over Ledger but it’s up to you.

There are some important tricks and details you should know when purchasing one though:

  • Buy directly from the suppliers, or a re-seller with a very good reputation. Sketchy re-sellers have been caught tampering with the hardware wallets and users without some basic knowledge have fallen for their scams.
    Such as pre loading the hardware wallets with a a master passphrase (seed)they control. Noobish users will think its already setup, send btc to it and lose it. The proper path is for you to generate the seed your self through the wallet’s interface.
  • When you receive the package, or buy it from a store, make sure it does not look like it has been tampered with. If the box looks like it may have been opened, the security stickers look like its been removed or it says anywhere that it is made in China, it is likely a fake and not worth the risk. This is an unlikely scenario, but one worth being aware of.
    There is an interception attack that can be done on high value targets, though this attack does not work well at scale, aka its very hard to intercept all hardware wallets, and do the serious hacking you have to do to them to compromise them.
  • Not all tokens and altcoins are supported by hardware wallets. Be sure to check that the coins and tokens you plan on withdrawing from exchanges are actually supported by your hardware wallets.
  • A good rule of thumb is, if the altcoin is not on the hardware wallet, it is probably a shitcoin.
  • Both of these hardware wallets support Ethereum and thus support all ethereum tokens. You’ll just have to do a little bit of reading to figure out how to check that the tokens arrived. Etherscan.io is great for this: Input the ETH address you sent to and on the ‘tokens’ tab it will show you the token balances.
  • Last but not least, even if the hardware wallets support your coin, they might not be supported by the wallet’s native interface, so you’ll have to find an interface that is safe and easy to use. More on that on step three.

Any wealth above 500,000 USD, and you should look into higher security solutions. You should also spend some honest good time learning about the options available and hire a few consultants (like myself) to inform you about the best options on the market and why they will work best for you.

Some such solutions include Multi Signature addresses and the Glacier Protocol, although these are not plug and play so far. Nothing is free and when you have so much wealth on the line, it is worth it to invest in their security.

At this point you might be thinking “Wow, if it is that tricky and involved to store cryptos, this thing might never go mainstream” and that’s an understandable feeling. But I suspect that when storing and moving crypto is easy as pie, it will probably be too late to profit greatly from their rise.

The day everyone is using Bitcoin is the day you probably want to start cashing out for real estate or whatever else makes sense to invest in.

The good news is, we are a good decade or two from that, and so the risk we have to contend with in the crypto wild west is the opportunity to make some seriously good coin. And at the same time, make the world a safer place. No more bailouts or bail-ins, no more hyper inflation, no more fake claims on assets, you get it, you are not that new.

Step 3: Identifying Official Sources and Official Wallets

As you might have noticed, crypto is in the wild west stages of its development. A new territory has been discovered and there is all kinds of promise and potential, but there are also snakes, lions, quick sand, pitfalls and jokers all over the place.

That’s the risk and the opportunity.

Such creatures of chaos show up in the form of fake websites, with domain names that looks almost identical to the authentic one like Blnance.com (with a small L instead of a capital i) to give some example. Others include twitter accounts that pretend to be famous developers, like the myriad of fake Vitalik Buterin twitters ‘giving away free eth’.

In some cases, popular Ethereum web wallets have been impersonated, resulting in stolen funds.

Even downloadable crypto wallets with trojans and other malware have been used to try and steal people’s crypto.

The best way to deal with these risks, frankly and in my non investment advice opinion, is to buy and HODL Bitcoin long term, offline.

But for those that like to play the game and are actively betting on various ‘crypto assets’, the next best thing is learning to authenticate sources.

There’s a few easy tips to make sure you don’t get caught up in these traps:

  • Use and extension like Ethereum address lookup This chrome extension remembers the authentic domains to popular Ethereum services, and lets you get to them without having to type them in letter by letter. Often, these fake domains take advantage of common typing mistakes to trick unexpecting users.
  • You can also bookmark the right domains which your browser will remember.
  • Go find the official twitter accounts first. If you find a website for the project you like, check the twitter account they link to, then if that account has say 5k-10k+ followers, and better yet a twitter check mark, then chances are you are at a real account.
  • Now go through that account, and find a link to their official website, usually under their profile picture. Then you’ll know you are at an official source. From there look for blog posts about how to use popular hardware wallets with their coin and custom interface.
  • Go to official forums like Telegram or Slack, from the official website and ask about hardware wallet support on the general chats. That’s a start but not great because random malicious people could be lurking. Then, find the admins, they usually have a special username check mark of sorts, and ask them to verify or link you to an official source. Preferably have them tell you in public since you can often ping them in the chat using @ and their username.

Once you have found the right wallets for you crypto assets and official guides to setting up a hardware wallet, you are ready to withdraw your funds.

Step 4: Properly Setting up Your Hardware Wallet

These hardware wallets have become fairly easy to user over time, explaining in clear ways what steps you should take.

Nevertheless, here’s a few basic things you should know to do and not to do:

  • When you first plug in your hardware wallet, after checking that it has not been tampered with, it will begin to walk you through the setup process. This will eventually show you one word at a time your freshly created the master passphrase. These are the 20 or so words that if spied on by others can get your funds stolen.
  • Make sure you are turned away from cameras, windows and sneaky people. It’s best if no one knows you are doing this, at that time and at that place. Just to be ninja sure.
  • Never make a digital copy of the master passphrase, also referred to as the master seed.
  • A fundamental security assumption of crypto security solutions like hardware wallets is that we are much better at protecting physical things than we are at protecting digital things. So write your seed on paper, make sure the ink and pen don’t bleed into the surface you write on, and stash it.
  • Don’t cut your master seed into 3 pieces and hide it in different places.
  • This is terrible security although it sounds like a great idea. One of the reasons is that by compromising one of the 3 parts, an attacker now reduced the randomness of the passphrase by a third. Do it again and now someone can be very close to randomly guessing your master passphrase.
  • Another reason is that if you lose one of the three pieces, now you don’t know what your full seed is, and you have to hack yourself!
  • There’s a way of doing this well called Shamir’s secret sharing, which offers you redundancy to loss or theft, but there is no open, credible or standard implementation of it it yet. The best option for now is to store the whole thing in one secure location.
  • Shamir’s Secret Sharing will soon get standardized by Trezor.

Once you’ve set this up, your pin included, you are ready to go, carrying your wealth as a bearer asset, something you can carry rather than something that is online somewhere, somehow.

Now you can begin to withdraw your coins and tokens from the exchanges into these hardware wallets. The more crypto assets you have, the more things you’ll have to do.

You now have a strong basic foundation of knowledge with which to explore this strange new realm of Bitcoin and cryptocurrency.

Become Your Own Bank and Claim Your Financial Sovereignty.

There’s much more to be explored in this new horizon. There’s bigger dragons and pitfalls out there than you might be aware of.

To help non super nerdy users (like you perhaps) Be You Own Bank, I’ve developed a workshop to teach you, in person, step by step where these dragons are and how to keep the away from your coin. These are the best tools and paths I’ve found to protect not just your crypto assets, but all your digital assets, including your online identity.

The first of these workshops will happen mid February at Anarchapulco 2018, and in classic ‘ICO’ style FOMO marketing, you’ll be able to get tickets at a low price now. The price will increase the closer we get to mid February 2019 when workshop time comes. (Don’t worry, it’s not an actual ICO lol)

SIGN UP NOW! Start up price of 100 USD worth of crypto, email us at byobankinfo@pm.me for details. As we move closer to mid February, and reveal more about the workshop the price will go up as high as 350 USD per person.

If you have any questions about anything Bitcoin, or crypto security related, you can find me on twitter @juansgalt or email me at consultjuan@pm.me.

You can also learn about all my past work in this industry at Juansgalt.com.

Happy Bitcoin Genesis Day, and join us in celebrating the spirit of Bitcoin, the #ProofOfKeys Holiday, this and every other January 3rd.

--

--

Juan S. Galt

Hunter of white rabbits. #Bitcoin Evangelism And R&D. #HODL #FreeSpeech #Privacy #AtomicSwaps