The Cerberus Protocol: Chapter 2 — Preparation

Everything you need to get ready for the secure setup ceremony

After completing this section, your three signatories will have prepared the items shown above.

The Cerberus Protocol is a step-by-step guide for businesses setting up their own bitcoin multisig storage. Today we’re releasing the second chapter of the protocol with the intention of getting feedback from interested bitcoiners and businesses.

Following the explanatory Overview released last month, today’s Preparation section finally provides some practical instructions for establishing your team and preparing all the necessary equipment to get started.

We’d Love Some Feedback

We’d love to hear your thoughts, so let us know areas you think could be improved, things we might have missed, typos, or even some toxic trolling!

Cerberus is intended to be an ongoing project where the security improves with every contribution. The more secure and convenient we can make Cerberus, the less corporate investors will create systemic risk by storing their bitcoin with custodians.

As always, send comments via Medium, Twitter, email, or GitHub. We’ve already integrated some of your feedback from the Overview, so here’s a big thanks to everyone who has sent us comments so far.

Appendix Coming Soon

We expect the publication of this section in particular will generate some probing questions on our approach to bitcoin security. We’re currently tidying up our design notes and will be publishing the Appendix next, which provides far more detail on issues such as: why the protocol uses Trezors; the necessity of safe deposit boxes; and why we focus on bitcoin only.

A Draft

Provided below is a copy-paste of the protocol, but we’ve had to make some compromises to fit the formatting on Medium. For the absolute latest version with better presentation, make sure you check out the official website.

IMPORTANT: THIS PROTOCOL IS UNDER DEVELOPMENT AND NOT YET READY FOR USE.

Preparation

This chapter will cover absolutely everything that is needed to prepare for the execution of the Setup Ceremony section of the Cerberus Protocol.

Tasks listed below should be followed in consecutive order. If a task can’t be completed yet, complete it before moving to the next step. But if you get ahead of your other signatories, that’s okay.

For background information on why you’re performing certain tasks, refer to the Appendix.

1. Assembling the Team

1.1. Select the signatories
From your organisation, select three people to be the multisig signatories. These people should be highly trusted board members, shareholders, or employees with a history of integrity at the company.

1.2. Assign a number to each signatory
Assign a number to each signatory. For the purposes of making outbound transactions, each signatory will have a different role within the protocol:

• Signatory 1: Always initiates outbound transactions.
• Signatory 2: Always verifies outbound transactions.
• Signatory 3: On standby to initiate or verify in the event that either signatory 1 or 2 is unavailable.

WARNING
Only share this sensitive information on a need-to-know basis.

1.3. Designate a “Master of Ceremony” (MC)
The Master of Ceremony (MC) has the responsibility to guide the setup ceremony to make sure each signatory is following the protocal as described. Select the MC from the three signatories–ideally the signatory who is most patient and process-oriented.

NOTE
From this point, all three signatories should independently follow the protocol, completing each task one-by-one. Sections marked “MC ONLY” can be skipped by the other two signatories.

2. Print Out The Cerberus Protocol

Each signatory will require a physical copy of the Cerberus Protocol that they can check off with a pen to keep track of progress.

2.1. Print out the Preparation section
With Preparation section open in your browser (you’re on it now!), click File > Print and follow the print dialog to print from your office or home printer (black and white is sufficient).

2.2. Print out the Setup Ceremony Section
Open the Setup Ceremony section from the sidebar menu and print that too.

2.3. Store the printed documents in a secure location
When not in use, place the documents in a secure location at home, ideally in a cupboard or room with a locked door.

2.4. Use the printed version from now on
For the remainder of the Preparation and Setup Ceremony sections of the protocol, use the printed documents to check off each task one-by-one, so that you don’t lose your place. You will still need to use the online version from time to time, to obtain links to the required equipment and software.

3. Preparing Secure Physical Storage

After the completion of the setup ceremony, each signatory will need to store their seed phrase in a safe deposit box and store their hardware wallet in a home safe.

3.1. Identify a safe deposit box provider
Find a suitable safe deposit box provider conveniently located near to your home or office. You can find these online with the Google search term vault safe deposit provider near [YOUR LOCATION].

WARNING
Ensure you are not using the same vault branch as any of the other signatories.

Safe deposit box criteria

• Provider: private vault or bank
• Size: typically smallest will do (approx. 2” x 5” x 12”)

Selecting a provider will largely depend on your location, but if you have a large selection, try to optimise for:

• A private vault provider
• Each signatory using a different brand of vault provider
• Accessible 24/7 including public and bank holidays
• Minimal KYC needed to open an account (privacy)
• Court order and subpoena protection

Examples of suitable safe deposit box providers

• Swissgate Securities
• Private Vaults Australia
• Ultra Vault

3.2. Book the safe deposit box
Follow the provider’s procedures to book the safe deposit box under your own name. You should ensure that your safe deposit box will be available to you before the day of the setup ceremony.

WARNING
The safe deposit box should not be registered under the company, and no other colleagues should be granted access even in the event of death or incapacitation.

3.3. Prepare home storage for hardware wallet
Confirm that you have somewhere at home to securely store your hardware wallet after completion of the Setup Ceremony. Ideally this would be a home safe, but alternatively could be any storage space with a locked door.

4. Preparing the Laptops and Software

4.1. Prepare laptop computers
Confirm that you have a laptop available that meets the following requirements:

• Operating system: Windows or MacOS
• Ports: 1 x USB Type-A (the “classic” USB port), integrated or via dongle
• Storage: Minimum 200MB of available hard disk drive space

4.2. Download Electrum
Download Electrum from the official website to your default downloads folder.

4.3. Install Electrum
Install Electrum using the file you just downloaded.

4.4. Verify the Electrum installation
To ensure your installation of Electrum is secure, you need to cryptographically verify the software.

• Mac: [Instructions coming soon]
• Windows: [Instructions coming soon]

NOTE
Verifying the Electrum installation (4.5) is probably the most technical part of Cerberus. For this step, you may want to follow the instructions together with the other signatories so that you can help each other.

4.5. Prepare the hardware
On the day of the ceremony, ensure that you will have the following items available:

• Laptop, fully-charged
• Electrum installed and verified
• Laptop’s charger cables
• A good night’s sleep

NOTE
Only the MC needs to continue below. The other signatories are now fully prepared, and can go straight to the Setup Ceremony section.

5. Acquiring the Equipment

MC ONLY

5.1. Hardware wallet purchases
Order the items from the stores linked here. If delivery to your country is not available, then an alternative retailer should be found. Check off each item after placing the order online (receipt will be confirmed later).

• 3 x Trezor One: Official Trezor Store

5.2. Amazon purchases

• 100-pack of 9-by-12-inch tamper-evident deposit bags: Amazon
• 8-pack of fine-point Sharpies: Amazon
• 4-pack of privacy screens: Amazon

WARNING
Do not unseal any items once received.

6. Scheduling the Ceremony

MC ONLY

Cerberus requires a setup ceremony to be held in a secure environment. All three signatories will need to meet in person at a single venue and will need a full afternoon to complete the setup ceremony.

6.1. Identify a suitable venue
Normally the venue will be a private meeting room at your office. The room should meet the following criteria:

• A table large enough to comfortably seat at least five people
• At least one wall with no windows or glass walls
• No security cameras installed
• A minimum of three power points close to the table
• A waste paper basket
• Access to good coffee (to keep participants laser-focused throughout the ceremony)

WARNING
If it can be avoided, do not indicate the purpose of the booking to the venue manager.

6.2. Establish a suitable time and date
Coordinate with your signatories and the venue to establish a suitable date and time that works for everyone, according to the following criteria:

• Date: At least seven days from now (time to complete tasks before the ceremony)
• Time: An afternoon after lunch
• Length: An uninterrupted block of five hours

6.3. Book the venue

6.4. Invite the signatories
Add the booked times to each signatory’s calendar, and confirm they have each accepted the invite.

7. Preparation Checks

MC ONLY

7.1. Confirm receipt of online purchases
Check off each item as they are received and do not unseal. Keep items together in a safe or locked cupboard.

• 3 x Trezor One
• 1 x 100-pack of 9-by-12-inch tamper-evident deposit bags
• 1 x 300-pack of heavy weight ruled lined index cards
• 1 x 8-pack of fine point Sharpies
• 1 x Privacy screen

7.2. Double-check that each signatory has completed their tasks
Verbally confirm that each signatory has completed the necessary tasks before the date of the ceremony. This may take a few calls and in-person meetings before you can check everything off.

Signatory 1

• Safe deposit box booked
• Hardware wallet storage prepared
• Electrum installed
• Electrum verified
• Laptop and charger prepared

Signatory 2

• Safe deposit box booked
• Hardware wallet storage prepared
• Electrum installed
• Electrum verified
• Laptop and charger prepared

Signatory 3

• Safe deposit box booked
• Hardware wallet storage prepared
• Electrum installed
• Electrum verified
• Laptop and charger prepared

NOTE
If these tasks are not completed in advance, or someone forgets to bring the required items on the day, the ceremony may need to be rescheduled.

Well done! If the instructions have been followed correctly, your team should now have everything ready for the setup ceremony. You (the MC) and your fellow signatories can put your feet up and comfortably wait till the scheduled ceremony date.

We want your feedback! Drop us some comments on Medium, send us an email to storage@clavestone.io, or submit an issue on GitHub.

If you like the look of the Cerberus Protocol and would like updates when we release a new section, follow our Medium account!

And of course, don’t forget to applaud and share our article!