This week’s top story — Casa’s Sovereignty-as-a-Service

Read the full weekly crypto recap here.

“We’re headed towards this world where a lot of wealth and data is going to be managed and controlled by private keys, public and private keys, by cryptography.” Jeremy Welch on Unchained Podcast

Casa has been on a tear making announcements over the past few months. Recently, Jack Dorsey also posted screenshots on Twittershowing the process of syncing his Casa Node. Casa provides customers with self-custody and key management products and services. Casa places emphasis on simplifying the user experience in an industry that struggles with good design. We wanted to take the opportunity to outline some of Casa’s products and explain why they are important for the ecosystem.

Keymaster

Casa launched with a premium offering (the Keymaster package) for $10,000 per year. It was targeted at Bitcoin holders who have significant crypto holdings. The premium Keymaster package runs 3-of-5 multisig with five total keys: one key on the user’s phone, three hardware devices (ledgers and/or trezors), and one key at Casa. The key Casa holds is not meant to be used as one of the signatures in multisig but rather as an emergency recovery in the case of technical issues or lost keys/devices. Customers use Casa’s Keymaster mobile app to seamlessly aggregate and sign multiple signatures in an asynchronous way.

Multisig. Multisig stands for multisignature. In the traditional sense, an example would be a shared bank account where all owners would have to sign off to move funds. Casa uses multisig to add security to an individual’s cryptocurrency wallet. There is a defined set of signatures and users need a certain threshold of signatures to move funds. With Casa, if users follow best practices, multisig is intended to make it difficult and expensive for an in-person attacker to steal funds. Further, Casa’s implementation of multisig makes it possible for customers to retrieve funds in the case of lost or stolen devices.

Seedless recovery. One of Casa’s key differentiators is that it does away with the seed phrase. Many wallets and hardware devices ask users to safely store their seed phrase on a piece of paper, which places a large burden on the user. If users share their seed phrase with a family member or lawyer, they can potentially gain control of those funds. Also, the person with the phrase is also at risk being attacked. Recognizing this UX and security challenge, Casa completely did away with recovery seed and uses key rotations for recovery. If users were to create their own multisig setup, they would have to protect the seed of each wallet or device. Jameson Lopp puts it well, “TL;DR the average person is terrible at securely and redundantly backing up data. If we can get rid of that requirement, users are less likely to shoot themselves in the foot.”

Keymaster is an alternative to storing crypto at central custody providers (Coinbase, BitGo), creating your own multisig setup (which requires users to manage multiple seed phrases) or storing it on centralized exchanges, which users are painstakingly realizing (cc: Quadriga) is not an ideal option. While central custody providers are arguably more secure, they require trust on the part of users, bringing up the idea of “not your keys, not your coins”.

The biggest risk is getting users to follow best practices. Casa advises keeping devices in different locations, but it’s up to customers to execute. Though hopefully users understand that keeping all devices in a single location defeats the purpose of paying for a premium self-custody offering such as this.

“Multisig for everyone”

A year after launching the Keymaster package for power users, Casa brought multisig to the masses last week by rolling out different packages combining Casa’s products and services at different price points, allowing users to “choose their sovereignty level”. The tiers range from silver to diamond. Silver is free to use and includes 2-of-3 multisig support (phone, hardware wallet and Casa key), but customers must pay Casa 0.1% of funds if they end up using the key recovery service. Diamond costs $5,000/year and includes the 3-of-5 key shield and much more in terms of customer service from the Casa team. For a detailed overview of the tiers and price points, refer to Casa’s blog post.

Casa Node

Shortly after launching the Keymaster package, Casa released the Casa Node, which contains a full bitcoin node and a lightning network node. “It allows you to easily make and receive payments via the Lightning Network, manage Lightning channels, and support the Bitcoin & Lightning networks.” With this, users can set up and run their own node quickly without having to use command line. According to The Block, Casa has shipped over 1,000 Casa Nodes since launch. This shows that a lot of people want to run their own node but don’t know how. The motivation behind running a bitcoin node is to validate transactions on and strengthen the Bitcoin network — as a sort of community service. Further, in order to set up a lightning network node and open channels on the lightning network, users also have to run a bitcoin node. The motivation behind running a proprietary lightning node is to interact with increasing apps and businesses launching on and incorporating lightning network.

Casa Lightning Extension

In February, Casa launched a browser extension for its lightning network-enabled bitcoin node available on Google Chrome and Firefox for improved usability and security. The extension allows users to control their Casa Node directly through the browser and enter payment information more easily on lightning-network enabled websites (for a list of some websites that integrate lightning network, read our weekly recap 2/8–2/14). The lightning extension reduces the friction of transacting on lightning network. Before the extension, Casa Node users would have to go through a multi-step, manual process to send a payment. With the extension, users can stay in the same browser window/tab, click on the extension within the browser, and make a payment.

Another pain point that Casa’s extension solves is integrating third party software with a lightning node. As described on Casa’s blog, users have to use command line to find, save and export files called macaroon files and a tls.cert file, then import them into third party apps. Casa describes one of these files, the admin macaroon file, as the “key to the kingdom”. If proper precautions aren’t taken and malicious actors get ahold of the file, users risk exposing their information and funds. Users can avoid this tedious/technical process and security risk by using the Casa extension and node.

Initially, Casa reached out to Will O’Beirne, the creator of Lightning Joule, to find a way to work together. Both teams eventually decided the best way forward would be to build out their respective versions, though Casa plans to integrate Will’s Lightning Joule with Casa Node.

In an era where (1) storing funds on exchanges is becoming increasingly risky, (2) hardware wallets have UX challenges and are at risk of being lost or stolen, and (3) running a full bitcoin and lightning node is reserved for those who have the technical know how and put in the time and effort, Casa is praised for putting control and security back in the hands of users, and democratizing participation in one of the most important crypto networks. And it is providing a friendly entry point that does not require users to have technical expertise.

Read the full weekly crypto recap here.

Reports, market insights, and other information (“Information”) provided by Circle Internet Financial Limited (“Circle”) or its affiliates have been prepared solely for informative purposes and should not be the basis for making investment decisions or be construed as a recommendation to engage in investment transactions or be taken to suggest an investment strategy in respect of any financial instruments or the issuers thereof. Information has not been prepared in accordance with the legal requirements designed to promote the independence of investment research and is not subject to any prohibition on dealing ahead of the dissemination of investment research under the Market Abuse Regulation (EU) No 596/2014. Information provided is not related to the provision of advisory services regarding investment, tax, legal, financial, accounting, consulting or any other related services and is not a recommendation to buy, sell, or hold any asset. Information is based on sources considered to be reliable, but not guaranteed, to be accurate or complete. Any opinions or estimates expressed herein reflect a judgment made as of the date of publication, and are subject to change without notice. Trading and investing in digital assets involves significant risks including price volatility and illiquidity and may not be suitable for all investors. Circle and its affiliates trade and hold positions in digital assets and may now or in the future trade or hold a position in an asset that is the subject of Information provided. As a result, Circle or its affiliates may be subject to certain conflicts of interest in connection with the provision of Information. Circle will not be liable whatsoever for any direct or consequential loss arising from the use of this Information.