Satoshi Roundtable IV Recap
It was my pleasure to once again attend the Satoshi Roundtable; this year it was scaled up immensely and I didn’t even have a chance to talk to all of the attendees. We also had a ton of breakout sessions since it was an unconference format, so what I’ll be covering here is only a small slice of what was actually discussed.
It was an honor to meet one of the few politicians I respect. Ron has been a champion for liberty and limited government since well before I was born. He gave an impassioned speech about his quest to limit the military-industrial complex, limit the prison-industrial complex, and audit the Federal Reserve. After spending decades in Washington DC, his perspective is that there isn’t a two party system — the parties are two sides of the same coin. He offered a glimmer of hope: so long as it’s legal to be educated outside of the system run by the government, citizens have the opportunity to learn other perspectives and flex their creativity to further the cause of liberty.
Tribalism & Toxicity
You could argue that tribalism began the moment Bitcoin was created, as it was “us” versus “them” (banks and governments.) But the tribalism within the crypto ecosystem began once developers starting forking the code and creating competing networks. These crypto assets were dubbed “altcoins” because they were alternatives to the king of crypto, Bitcoin. Even this term is tribalistic and carries a negative connotation.
However, certain types of tribalism can be good. For example, look at the NFL. Their tribalism fosters competition between different teams and encourages fans to participate, which brings in greater revenue for the teams and the NFL. But there’s an understanding that the teams all need to cooperate in order to foster competition. This spirit of coopetition makes the NFL strong. I think coopetition is an important concept; in fact, I gave a lengthy presentation about it in 2017:
There can be downsides to tribalism that result in weaknesses. For example, there has been a lot of energy expended in the scaling debate which has now turned into a battle for branding and mindshare over the “true Bitcoin” now that the chain has been forked. This can result in us putting on blinders and failing to see external threats. Some folks are rightly concerned that Bitcoin users have been too focused on our internal strife to work on facing developments in the regulatory space and the like.
Demand for developers with blockchain experience is extremely high. A senior developer in this space can easily command a $200,000 per year salary for full time work — even higher for consulting work, to the tune of $200+ an hour.
There are several reasons for the developer crunch:
- It’s hard to find good developers, period.
- It’s even harder to find devs with experience in a niche space like crypto.
- Devs who have been in crypto long enough to be highly experienced are likely also financially independent at this point. They don’t need a salary. As such, in order to get these devs you have to capture their interest with a compelling concept as opposed to compensation.
- We’re just starting to see formal training programs pop up
Personal Physical Security
This one is near and dear to my heart after my swatting incident last year. Crypto celebrities are becoming red hot targets as criminals begin to realize that they’re more likely to score a huge payday by extorting someone with crypto assets than they are someone with more traditional assets that are illiquid. For example, if a criminal targeted a billionaire whose wealth was tied up in real estate and the ownership of a professional sports team, it would be mighty difficult to forcibly take those assets. Crypto, on the other hand, can be transferred in a matter of minutes.
What should the crypto wealthy do? Discretion is a pretty good start.
We’ve been hearing more and more reports of crypto holders being targeted with varying degrees of success. Death threats and extortion are becoming commonplace. Thankfully many of the extortion threats are bogus and are just folks trying to scare a victim into sending crypto assets. We even had an attendee who received a threat while at Satoshi Roundtable.
The onus is on all of us to sufficiently secure our crypto assets so that thugs are not successful. If we want to stop this trend, everyone needs to take measures to protect their cold storage so that they can’t be coerced into handing it over to an attacker. This means setting up your cold storage in a way that is incredibly difficult for even you to access. One method would be to use multi signature technology to spread the keys across several physical locations and/or key holders.
If you’re already well-known / vocal about being a crypto holder, you may wish to employ techniques to hide your physical location.
- Disable geolocation tagging on any social media posts
- Don’t post photos / mention a location until after you have left
- Move to an undisclosed location and ensure that your name is not on any property / tax records. This can be done by creating a trust or corporation that owns the property.
- Use a PO Box / mail collection service so that you don’t give your home address to anyone that would store it in a database.
Hiding is a good first layer of defense, but it’s not foolproof. If an attacker does find you, you’ll want to have multiple layers of physical defenses. The hard question is how much security is overkill.
- Hardened doors and windows
- House alarms
- Safe Room
- Armored vehicles
- Weapons with which you are proficient
It’s up to you to determine your threat level and how much effort / resources are appropriate to devote towards physical security. At the end of the day, the most important aspect of physical security in my opinion is situational awareness. Be mindful of your surroundings and always have a plan.
Criminals probably don’t know how wealthy you are; if you merely talk about owning or being interested in crypto then you’re a target. There was discussion around whether to keep duress wallets as a way of paying attackers off to get them to leave, but it’s not possible to say if this is a good idea. An attacker who is willing to threaten you physically should not be expected to act rationally — they are already taking a huge risk by committing one crime and could easily decide to commit another if they think it would benefit them to not have any witnesses to the crime.
The only way I see this trend reversing is if the success rate of physical attackers drops to near zero. Thus, when you protect your holdings from physical attackers you’re not only helping yourself, you’re helping the entire ecosystem by deterring attackers from trying to extort other users.
The CryptoCurrency Security Standard is a good place to start regarding crypto security practices. One point that was noted was that enterprises should require strong authentication to move funds. We’ve heard of several cases where a user’s email account was compromised and the attacker used it to send a request for a crypto transfer to be made to an address they control. If the employee who receives the email doesn’t authenticate it via another communications channel, preferably one with video, they’re blindly sending money to an address that they can’t be sure of the true owner. This cost BitPay $1.8M due to a phishing / social engineering attack in 2015.
When generating keys for cold storage that will be used to secure a huge amount of value, it’s worth being extremely paranoid and not trusting digital sources of randomness. For example, there was a problem with Android wallets a while back because their random number generator wasn’t actually random. As such, it’s a good idea to combine multiple sources of entropy including physical entropy such as rolling dice.
We also had an interesting discussion around if it’s a good idea to encrypt your wallet recovery seeds. The downside to storing them in cleartext is that if a physical attacker gains access to them, you’ve lost everything. You need to decide what threats you want to protect against. For example, storing a cleartext recovery seed inside a safety deposit box at a bank is secure against almost all threats. But it’s not secure against a rogue bank employee or from agents of the state who can legally compel bank employees to open your box.
I was asked about my own cold storage configuration. You can get pretty crazy with cold storage — an extreme example is the Glacier Protocol. I think cold storage shouldn’t be overly complicated; it needs to be accessible by the executors of your estate if you die unexpectedly. I should probably write a separate post detailing it, but the general idea is to use an air gapped PC to create an encrypted file container with all of your recovery seeds and instructions. Then use an extremely long random string to encrypt the container and use Shamir’s Secret Sharing Scheme to shard the decryption key and hand a copy of the file with one key shard to each of your estate’s executors. The hardest part to this, in my opinion, is choosing an M-of-N sharding configuration that is both robust to having a few entities lose their keys and yet also robust against having a small number of entities collude against you to decrypt your data and steal your assets before your death.
One unique point that was brought up was that very few cold storage configurations actually make use of Bitcoin-specific protocol features — they usually only look at the problem from a private key management perspective. If you want to approach this issue from a Bitcoin-specific perspective, check out this article:
Cold storage is a technique to keep keys offline and inaccessible to attackers. It is used by most major Bitcoin…blog.sldx.com
Paul Sztorc has been working on his Drivechain concept for several years with the goal of decreasing the contentiousness we see from proposed protocol changes that require hard or soft forks. Drivechains would enable anyone to spin up their own network that leverages the power of Bitcoin miners and pegs the new asset to BTC — it’s basically a method for maintaining a sidechain that is pegged to Bitcoin by miners rather than by a federation of signers. Dynamic Membership Multiparty Signing (mining) is arguably more robust than a federation because signers can come and go and compete with each other. The optimal form of sidechain would be pegged without requiring any special involvement from miners, but as far as I know no one has worked out a practical way to do that — it would likely require the ability to challenge SPV proofs for the sidechain-to-bitcoin peg in order to prevent theft, which would be a significant change to the Bitcoin protocol.
The drivechain concept is still seen as questionable by some developers due to its miner-reliant security model; it relies upon user activated soft forks in order to counter theft via miner collusion. However, drivechains are a permissionless innovation — they don’t require changes to the protocol to build. It just needs buy-in by miners to start adding the required transactions to blocks. I hope that we see some experiments run with drivechains that put real value into them so that we can observe how smoothly they operate.
There has been a lot of drama lately around Tether and conspiracy theories that it is being used to artificially inflate the BTC exchange rate by printing money out of thin air and using that money to buy BTC, thus driving the price up. Due to popular demand, we had a discussion with folks who are intimately familiar with Tether.
I learned a fair amount about Tether but didn’t feel like any bombshells were revealed. In general, it sounds like USDT is used to arbitrage between various exchanges and the reason that the issuance has risen so quickly is because traders on Bitfinex sell crypto assets for USDT, withdraw it to wallets on other exchanges, and eventually this results in Bitfinex’s wallet balance becoming too low. At that point, Bitfinex sends USD to Tether’s bank account and a process is initiated to issue new USDT, which are then sent to Bitfinex’s wallet. My takeaway is that it’s quite plausible that USDT is, in fact, fully backed by 1 dollar per USDT. It sounds like we’ll have to continue waiting for verification, however.
I’m not a lawyer, so the legal ramifications of how Tether operates are well outside of my wheelhouse. While I’m fairly confident that Tether is solvent, there could be other issues at play that may result in a regulatory agency interfering with their operations in the future.
I consider the latest Satoshi Roundtable to be a resounding success. Thanks to Bruce Fenton and the rest of the organizers! We all played the hand we were dealt and as a result we all walked away winners.