S4 E6: JW Weatherman on Hardware Wallets, Cold Storage & Multisig
JW Weatherman is known in the Bitcoin space for his contrarian views, but also for having the honor to record the last interview with the late great cypherpunk Tim May.
In this episode, he talks about his preferred way to store private keys, the reasons he distrusts hardware wallets, and why he thinks it’s good to run Bitcoin Core on securely wiped laptops that never connect to the internet.
Also, he introduces YetiCold, a 3 of 7 hierarchical deterministic multisig setup that he developed with his son Will.
Warning: as mentioned in YetiCold’s GitHub repository, Yeti is beta software and even though it works, it did not receive proper testing. Do not use it until it gets reviewed by security experts.
Do not download YetiCold or run the Python script unless it has been checked by an objective professional who holds no stake in the reviewing process. Please manage your funds with responsibility and don’t entrust your savings to a system that isn’t properly reviewed.
YetiCold is being presented in this show for informative reasons only, as JW Weatherman explains the logic and cultural origins of 3 of 7 multisig setups. While the implementation may be faulty, the ideas can still be useful.
Nonetheless, feel free to follow the recommendations of JW Weatherman and run Bitcoin Core for maximum control, sovereignty, and privacy.
If you don’t have an account on iTunes or Spotify, you may use this YouTube video.
05:45 – Solve the puzzle and get 2.1 BTC from show sponsor Phemex
8:50 – Supply chain attacks on hardware wallets
12:00 – Compromising private key generation on hardware wallets
12:50 – Is running Bitcoin Core on your computer as safe as using a hardware wallet?
14:46 – Coldcard’s PSBT
20:28 – Lindy effects in hardware wallets (the longer they’ve been around, the more secure they are)
22:50 – Hardware wallets are definitely better than bank account security
23:10 – Why Bitcoin’s scarcity makes it very valuable
24:43 – Losing bitcoins vs losing fiat
26:48 – Hardware wallets vs cold storage
29:00 – QR code cold storage
29:25 – Multisig
34:00 – Casa multisig inheritance system
39:30 – Authentication, identity & voting
43:30 – Are microchip implants a safe way to store your Bitcoin private keys?
45:47 – Why Bitcoin is the best user experience
47:20 – YetiCold dot com
55:00 – Why does YetiCold use 3 out of 7 signatures?
58:00 – JW Weatherman on using steel plates to store private keys
1:02:00 – What the term “cypherpunk” really means and why the cypherpunk movement is abolitionist
1:05:40 – Why should YetiCold be trusted?
1:07:00 – Does YetiCold make JW Weatherman any money?
1:09:00 – Mathbot dot com
1:11:05 – Is Donald McIntyre a cypherpunk historian?
1:11:53 – David Chaum is a genius
1:13:50 – Digicash had to exist and had to fail
1:14:27 – Why JW Weatherman thinks Monero is a scam
1:16:53 – Closing note on the JW Weatherman’s interview with Tim May (available on YouTube)
“LXMI is a European Cryptocurrency exchange whose name is inspired by Lakshmi, the Hindu Goddess of Wealth, Good Fortune and Prosperity. It’s one of the regulated and legal Cryptocurrency exchange.
On LXMI you can buy bitcoins with most fiat currencies and you can also do the trading for top Altcoins.
They follow the “Not your keys not your bitcoins” philosophy with their integrated non-custodial wallet which helps you manage your own private keys. So if you’re into trading, then you don’t have to worry about having your Crypto frozen by whatever political decisions, since you’re empowered to hold and move your coins around whenever you wish.
It’s great to have new players like LXMI that respect your financial sovereignty.
LXMI is launching in 2020 for more information please check out – www.LXMI.IO/
If you’re not trading, it’s recommended to move your coins to a hardware wallet or some other form of cold storage, and in this episode, you’re about to find why.
Please keep in mind that this is just an ad for a sponsor of this show. It’s not meant to serve as financial advice, and you’re responsible to do your own research before buying anything and act according to your own decisions. Embrace your financial sovereignty with agency and precaution.
“Phemex is a Bitcoin exchange with derivative trading options which focuses on speed, robustness, and maximum uptime. Built by former Morgan Stanley executives, it manages o bring simple and accessible Bitcoin trading. In 2020, Phemex will also add S&P 500 stocks, stock indexes, FOREX, commodities, and more.
Sign up today at phemex.com/bonus and receive a bonus of up to $72.
Please keep in mind that this is just an ad for a sponsor of this show. It’s not meant to serve as financial advice, and you’re responsible to do your own research before buying anything and act according to your own decisions. Embrace your financial sovereignty with agency and precaution.”
Vlad Costea (00:07:18):
Hi there and welcome to season four episode six of the Bitcoin takeover podcast. I am Vlad and my guest today is J w Weatherman who is the founder of YetiCold .com a multisig cold storage solution and also math bot.com which is a programming tool where you play a fun game to learn coding and mathematics. I guess I haven’t tried it but that’s what it looks like. If you opened a website, math bot.com and also JW weatherman as a responsible for building this platform, which is called 10 hours, bitcoin.com you have audio files that you listen and in 10 hours you learn all about Bitcoin lightning network, handling your private keys and everything that you need to know to start and at least learn the basic vocabulary and the concepts revolting, grow in Bitcoin in a very, very short amounts of time. So thank you very much, sir, for accepting to do this interview. Yeah, man, that’s my pleasure. Thanks for thanks for having me. I know that this season is pretty much on the topic of how hardware wallets and cold storage and I also know that you are a lot more in favor of general purpose hardware as opposed to something that you buy from Trezor or ledger and has a serial number and can potentially leak some data about your transactions.
JW Weatherman (00:08:56):
So I’m kind of like the anti Bitcoin hardware guy. I think as far as what everybody is what everybody’s excited about right now. I think, I think having a hardware device specifically designed and targeted to Bitcoiners, especially if we’re talking about cold storage where we’re not just targeting Bitcoiners with this device, but we’re targeting people that have enough Bitcoin to where they’re willing to invest, say a hundred bucks into securing it. I think that’s a real problem because I’ll give you the, give you one example. In, in general, you know that the class of attacks I’m worried about are called supply chain attacks. But one example is imagine that you work in a shipping center and you know, like you work in an Amazon distribution center and you, you have access to whatever system keeps track of what devices or what write in the boxes somebody always does.
JW Weatherman (00:09:55):
If, if you believe that Bitcoin is going to appreciate, then you’re really, really incentivized to grab those devices and swap them out, right? And there are measures that companies are taking, you know, like tamper evident bags and things like that. But those are not that expensive to get around. Like most people that grab a hardware wallet are not going to go out to the website and like compare serial numbers on a depth, tamper evident bag or something like that. They’re going to, they’re going to pop it in and use it. And not even all the hardware manufacturers are going to do that because it is expensive to try to address that stuff. And I think it also causes people to get aware of it, right? Like if, if I send you out something that has a tamper evident bag, you’re going to be like, Oh wow, I never really thought about it, but how do I know that this diet and devices really not been tampered with?
JW Weatherman (00:10:43):
Could, could I create a piece of plastic that looks like this, you know, for the right amount of money. So for, for those reasons, I don’t think it’s a good idea. And that, that applies universally. But even if those were addressed to other kind of major class of concerns that I have are just around code review. So what, when you’re doing something like you’re generating private keys, you have to, you have to trust the software that you’re using that it’s creating a completely random number or somebody could guess it. And the problem with these hardware devices is that they’re not popular enough to there. They’re not nearly as popular as like Bitcoin core for example. So you have a lot of people that would catch a security bug and Bitcoin core, a lot of developers and looking at the code, you have a lot fewer looking at the hardware devices.
JW Weatherman (00:11:36):
The counter to that is that there’s less code to look at in the hardware devices than there is in Bitcoin core. And while that’s true, I still don’t think it even comes close to Alloway. So an example here would be, let’s say your favorite, you know, your favorite hardware company, Trezor. They have a developer that wants to insert a security bug, probably, you know, it’s a small enough company to where one or two guys colluding together could put a bug into that software that would make the private key generation less predictable and maybe somebody would catch it, right? Maybe maybe it wouldn’t be subtle enough or maybe there’s more people looking at that code than I give them credit for, you know, outside of the company. But I, I wouldn’t, I wouldn’t choose that when I can choose something that’s far more popular and far more secure for larger amounts. Right. I always have to qualify it with a dollar amount. Like if you’re, if you’re working with less than 50 grand and you’re doing a lot of transactions, then any, any hardware, well at I think is fine. But if you’re in a store, half a million bucks you know, take the extra 15 minutes of hassle to not use a hardware wallet that has those potential issues and just use Bitcoin core.
Vlad Costea (00:12:51):
Okay. So is this your advice? If you’re dealing with small amounts, it’s a lot safer to run a full node on your computer and use this type of hot storage.
JW Weatherman (00:13:03):
Yeah, I mean, I guess I wouldn’t, so like if if like nobody in my family uses a hardware wallet so it’s not really like I’m recommending that you do it. I’m just saying that’s okay. That’s fine. Like if you want to use a Trezor and you got a couple thousand bucks or you know, a ledger or a cold card or even to keep key that’s fine for a couple thousand bucks. Like I wouldn’t bust your chops over it, but but I would still, like if you were asking for my advice and you said I want to store a couple of thousand bucks, I would say go out to YetiCold kolbe.com and just follow the little wizard. And what that’s going to do is it’s going to help you take a generic laptop that you can get for 100 bucks. You could actually get them used for like 50 bucks. One of the guys that’s going to be in this workshop that I’m going to do in a couple hours.
JW Weatherman (00:13:52):
It picked up a couple of Chromebooks for like 60 bucks each and put Ubuntu on them. So what I would recommend if it was my grandma and she wanted to do that, cause I’d probably have to install Ubuntu for her. Right. cause you know, that’s a little bit of a hassle. But I just get her a cheap laptop. I throw you, bunch you on it. And and I’d use the wizard on YetiCold cold.com to download and install Bitcoin core and have me write down or seed words. And you know, for 60 bucks you have a, a full node that’s doing everything security related that you really want and it’s using the most trustworthy software that the community has access to. So that’s what I would do. But if she was excited about some gadget I’d be like, that’s cool. You know, it’s only 2000 bucks. Grandpa grab a Kohl’s card or whatever and it’ll probably be fine,
Vlad Costea (00:14:46):
I think compared to the others. Something that called card does is to use PSBT partially signed Bitcoin transactions in order for you to never connect the device to your computer. So it never goes on the internet.
JW Weatherman (00:15:02):
No, it’s interesting. It would be if it was, if it actually did that. And there, there are interesting things happening. Like I don’t, I like Rodolfo he’s a good guy. And I think he is like, if I was going to buy a hardware wallet, it would probably be a cold card cause they’re, they’re always doing interesting, cool stuff. And you know, I like him. Like I, I personally think he’s just a good dude. But there’s a limit to how much, how much money that I would put on it. Probably no more than 50 grand. Which is a lot, right? So like almost everybody listening is like, yeah, that’s fine. So when you see me on Twitter are just talking trash about hardware wallets, I always have to try to qualify that, but it’s just hard to get nuance across in Twitter.
JW Weatherman (00:15:49):
When it comes to hardware wallets, there’s a lot of confusion about exactly what they do and what they need to do. So if you take a step back and you think about all of the things that you want done, like when somebody sends you money when somebody sends you Bitcoin and you want to know that that’s real Bitcoin, right? You want to make sure that they’re not sending you be cash or some goofy thing. You want to make sure it’s not double spent. So that you actually have it. So that, that relates to basically showing you your balance. And then you want it to hold your private keys and make sure your private keys don’t get off. You want it to when you go to send a transaction, you want to make sure you’re sending it to the right address, right?
JW Weatherman (00:16:29):
So if, if you owe me 200 bucks and I send you an address, and then you use your software to send that 200 bucks to that address, you want to know that that address is really my address and not some attackers address. Mmm. Lost you there for a second. I’ll, I’ll just keep rolling though. Hopefully hopefully that doesn’t come out too bad on the audio. So, and then the other thing you want to do is you want it to deal with your change addresses if, if it does support change addresses. So can you hear me? Yeah, I can hear you.
Vlad Costea (00:16:59):
So you dropped for like two minutes or something? I couldn’t hear anything. The last part I heard was that if you were to buy one hardware wallet it would be [inaudible] Novak’s cold card, but then it just dropped. I could not hear anything. I tried to type to you in the chat. I guess you’re much too into the yard.
JW Weatherman (00:17:21):
Yeah, I was a, I was on a roll, but that was, that was gold. Sorry guys, we missed out. That was the most important things that I ever have said and then now you missed it, so I’ll never remember it. Okay. So let’s see. So after after I said that, yeah, so if I was going to buy a hardware wallet and I’m going to stare at the chat and just in case, but again, if I was going to buy a hardware wallet, it probably would be a Kohl’s card because Rodolfo is a cool guy and they make really good stuff. And they’re always like helping push the limit of what Bitcoin can do. And they’re also a Bitcoin only so they don’t support scam coins. And I respect them a lot for doing that. But I still wouldn’t put more than 50 grand on one or use it to generate keys where I store more than $50,000.
JW Weatherman (00:18:13):
Because that’s such a large amount of money that it’s worth whatever additional hassle is, might be involved with getting a full node set up. And you had said like the cold card, well, keep your keys on you know, completely disconnected and use this partially signed Bitcoin transactions. One of the big problems with hardware wallets is there’s a lot of confusion over what they do. And what they don’t do. And I, I need to do like a, a threat model similar to their coin threat model that I put out, but for private custody. But just to give you a quick rundown of all the things that you want, your people kind of think their hardware wallet is doing, that it’s not it’s not doing a lot of these things is you want it to tell you what your balances in a trustworthy way.
JW Weatherman (00:19:02):
It can’t do that. Only a Bitcoin full node can do that. You want it to hold your keys and keep them safe. In theory, it can do that. You want it to make sure that when you send money to an address, it’s the right address. Again, it really can’t do that. Cause it’s, it’s it’s, it’s trusting the computer that you’re plugged into. And there may be exceptions in some, you know, nuance here and there, but basically everything that a Bitcoin full node does for you tell you your balance allow you to send transactions, manager, change outputs, and holds your private keys. Those four things, I think a lot of people assume because they’re security critical and they’re being handled by their hardware wallet. And the reality is that maybe one of one or two of those four things are being handled by your hardware wallet and the rest is actually being handled by the PC that you’re plugging it into.
JW Weatherman (00:19:54):
And if there’s one thing that I don’t like about hardware wallets is that people think that because I have this hardware wallet, I can plug it into an untrustworthy computer, but if that untrustworthy computer is doing any security critical functions, that’s not true. But that’s kind of the whole sales pitch for a hardware wallet. So that’s, that’s probably the most critical thing that I’ll say about them that, you know, pisses me off a little bit. I don’t think they’re being marketed very honestly, but but again, for less than 50 grand, it’s probably fine.
Vlad Costea (00:20:28):
Okay. That’s interesting because when I spoke to one of the people who hack hardware wallets and have collected bounties from coldcard and from BitBox, I think, yeah, he said that if you were to choose one device it would be the Trezor just because of Lindy defect and for the fact that has been around for such a long time that he’s sure that it’s much more honest than the rest. And there is a team working to fix bugs and it’s harder to find exploits on an old device.
JW Weatherman (00:20:59):
Well those guys have had quite a few. I mean there’s no hardware wallet that I know of that hasn’t had some pretty nasty bugs released over the last year. Including Trezor. So I, I honestly don’t know. I mean there, there’s a, there’s different trade offs, right? So some hardware wallets have closed source chips, some hardware wallets have open source chips, some use secure elements, some don’t use secure elements. For me, I don’t know that any of those things impact how much money I would actually put on it. Like the main thing that I would be worried about with a hardware wallet, assuming it’s being used for cold storage or not day to day transactions is just that it generated, it used good entropy when it created my seed words and I dunno, that’s basically a security code review problem. Right. so I guess if I was really trying to pick a favorite, I’d try to pick the one that I think has the most security code review on that. But really before I, like if I’m taking that much time to think about it, I’m just, I’m grabbing a $60 laptop and I’m throwing with Ubuntu and Bitcoin core on it and I’m so like, I see them more as a, as a tool of like convenience and fun than a real security tool.
Vlad Costea (00:22:19):
Here’s a good question about the $60 laptops. How do you make sure that you wipe them? Do you totally replace the hard drive or what do you do to them in order to be sure that they’re not going to leak any data somewhere else and you don’t know about it?
JW Weatherman (00:22:36):
Yeah, no, that’s a good question. So [inaudible] there’s no solution that doesn’t have risk. And I think one of the things that I should mention to put this in context is that like hardware wallets are probably infinitely better than your bank account security right now. And certainly what I recommend you do, like using Bitcoin core is infinitely more secure than your bank account. And like I, I, I want to call that out because there’s so many hidden costs in bank accounts. I was looking at the stat there are something like three to 4,000 bank robberies in the United States per year which is several per day. And we don’t really care about that because it’s all FDAC insured. But that just means that all of that cost is hidden. Right? So with, with Bitcoin, part of the reason that it goes up in value, you know, if, if our economic theories turn out to be right, is that it has a limited supply.
JW Weatherman (00:23:40):
And scarce, it’s not being printed, but the federal government is actually printing a ton of us dollars and they say they’re targeting like 2% inflation, but they’re constantly taking the way that they measure that and they’re tweaking it. So it’s probably more like five to 6% inflation, which means if you have $100 a year later, it’s worth 96 cents. Right? And in only a year or maybe 94 cents. But that also doesn’t account for the fact that everything’s supposed to get cheaper. So like, you know, every time a new shoe factory is, PR is created, the price for shoes should go down a little bit, right? Like every time we come up with a new piece of technology, a new piece of software, the things that we’re extracting from nature should get cheaper, but they don’t, they actually go up, you know, depending on if you let’s see, how long did I lose you there?
JW Weatherman (00:24:33):
Not for a single second. I have no idea what happened, but I saw that message. I heard you. It was recorded because I can see the wave form. Okay. All right. So I’ll keep going. So what I was saying about inflation is that you think that there, you think you’re really being stolen from or you know, your, your savings, let’s say to be more generic or being redistributed or you know, taken by the federal government and used how they see fit. A few, a few percentage points a year, but because things should be getting cheaper, it’s actually more than that. We don’t know exactly what it should be, but my guess is that it’s probably closer to 10% per year is what is actually being siphoned off. And it could be quite a bit more than that or it could be, you know, a little bit less than that.
JW Weatherman (00:25:17):
Maybe it’s closer to the three or 4%, but either way that that turns out to be a lot of money and that money is used to just pay people off when they have their stuff stolen out of their bank account. It funds all the FBI investigations, the funds, all the counterfeiting investigations. And so you are paying for a lot of stuff. And so when people compare like the user experience of cold storage to the user experience of having money in the bank, they’re like, Oh, this user experience is so much more superior. You know, I have a problem, I have somebody I can call blah, blah, blah. Right? But you don’t realize that there’s a ton of hidden costs in there. And if you actually, if you actually had to pay for those hidden costs, you wouldn’t like it very much. And you would say that even with the hassle of having to learn how to install you month to a for a non technical person, that user experience is far superior than than than what you’re, what you’re actually getting.
JW Weatherman (00:26:11):
But all of those costs and mostly their financial costs are hidden. Those, those subsidies. So I want to just call that out there because I think people get frustrated with how hard this stuff is, but they just don’t have the proper context for it. This is the best, like Bitcoin cold storage right now is by far the most incredible user experience for storing your wealth. And it’s only gonna get better, but it is the gold standard. It’s, it’s, it’s better when you count and when you include all of the real costs and all the aspects of the user experience than anything that we’ve ever had. So now,
Vlad Costea (00:26:49):
Sorry, I tarted, it’d be a good idea to point out the differences between hardware wallets and cold storage because there’s always this confusion mostly due to the marketing that hardware wallets have that you start your keys offline, but you do connect them to your computer and they’re not like a paper wallet or something that you scratch on a metal plate.
JW Weatherman (00:27:12):
Right. So that’s a good point. I think cold storage in general is kind of this generic term, but for me, in order to really feel like it’s cold storage, the keys have to be on a device that’s never again connected to the internet. And, and this is really important, the only data channel because there has to be some data exchange, right? So in a way you’re saying it’s like offline, but it’s useless if it’s never [inaudible] never exchanges data with the internet or with a device that connects to the internet. So for me, I don’t consider it really cold storage unless the only way to transfer data is via QR code. And the reason for that is that if I plug in my hardware wallet to my computer, there’s a big fat data pipe and it basically, you know, like [inaudible] for all intents and purposes, it’s one device now and there’s an attempt to make sure that that the data that’s exchanged is, is like validated and correct and, and that that device is protected.
JW Weatherman (00:28:10):
But when you have such a huge amount of data that can be transferred your attack surface is just much bigger, right? And it’s, it also means that you’re not able to validate that data. So if for example, you have a computer that’s compromised, let’s say you have $100,000 in a hardware wallet and you plug in that a hundred thousand dollar hardware wallet to your computer and you want to move it to YetiCold cold or something else, you’re going to see an address pop up and then you’re going to send it. If everything that the hardware wallet does is correct, but your computer actually switches out the QR code on you because it’s compromised, you just lost all your money. So you want to make sure that any data that goes into your hardware wallet or out of your hardware wallet is human validated. If it’s really cold storage. And QR codes make that easy cause it’s a very small amount of data that you have to validate. And you can just, you can scan the QR code with another, you know, with your phone and read what the QR code data is before you scan it with your hardware wallet. And so, so unless it’s QR code only, I really don’t consider it. I really don’t consider it offline cold storage.
Vlad Costea (00:29:25):
I feel like before we move on and talk about the details which surround your cold storage solution, YetiCold cold, we should move on and talk about multisig what it does, why it’s important. And I remember I had the privilege to listen to a conversation between two very famous and prominent Bitcoiners from North America. And one of them said at some point, I think he was a bit drunk and said, why do people waste so much time building multisig solutions? Because nobody uses them. They’re kind of pointless. And they’re hard to understand or hard to implement. And the other one just contradicted him and said, no, it’s very useful. It’s good for security and stuff like that. So why should anyone ever use a multisig?
JW Weatherman (00:30:14):
Yeah, no, that’s a good question. Actually. The the guys at Trezor were just telling me on Twitter yesterday or the day before that they don’t think multisig is a good idea. And I think that that’s, that’s, I’ll try to explain what it is and then I think it will be pretty obvious why it’s important. So ultimately what, what happens when you’re controlling Bitcoin is you have access to a secret. You have some secret words, and if you use those secret words you’re able to send the Bitcoin balance that, that shows up there, right? And if you don’t have those secret words, you can’t send it. But anybody that gets ahold of those secret words, you know, as basically the owner, right? So you, you have your Bitcoin seed words or your private key that distinction doesn’t really matter for this. And if you, if you’re the only one in the world that has that, then you own that Bitcoin.
JW Weatherman (00:31:05):
But the moment three other people, the moment three other people own that as well, right? They have access to that data. It’s no longer your Bitcoin, right? It’s, you know, as far as Bitcoin is concerned that Bitcoin belongs to whoever decides to use those magic words first to transfer it. And so what multisig does and allows you to have multiple sets of those magic words and and you have to have a certain number, a certain threshold. So you could say, okay, I, I’ll just use the word password to be really generic here. So you can set it up to where you need three of five passwords in order to send the Bitcoin. And that’s really nice because ultimately you need to write these passwords down there way too long to memorize. So you’re going to write these passwords down and if you just write one password down and put it in your home safe, then you have a fire and you’re screwed.
JW Weatherman (00:32:01):
Like, even if it’s a fireproof safe, a lot of times paper will burn or or there’s a flood, right? And there’s not a whole lot of flood proof safes out there. And so you don’t want to just have it in one spot, but if you break up that password into little chunks, then it gets weaker. Because it’s smaller. So you don’t really want to do that. What’s better is having five different passwords and having a threshold requirement. Like you have to use three of those five passwords. It doesn’t matter what three can, where to send the Bitcoin, and that allows you to distribute these passwords physically, right? So you can have one at a deposit box, one with a lawyer, one with an accountant, one at your house and one at your mom’s house on the other side of the country, something like that.
JW Weatherman (00:32:48):
And that’s much better because even if your mom decides that she’s going to be a hacker and gets a hold of one of your one of your magic words, she still needs to others in order to spend that Bitcoin. And ideally when you store them in other places or with other people, you do in a way where those people don’t even know what they’re storing. So if you were to, you know use your lawyer to store one of these passwords you wouldn’t tell your lawyer, Hey, this is my Bitcoin password. And if you get, you know two more of them, you can spend all my Bitcoin, what you would do is probably just put in a nondescript envelope. It look really boring and it would just say something like estate plan or something generic. And you would just ask your attorney, Hey, can you keep a copy of this, you know, as a backup. And it wouldn’t even be interesting to them, right? They’ve been doing this for hundreds of years, so they’re just going to throw it in a file cabinet. So multisig allows you to do that. It allows you basically to keep your passwords in multiple locations.
Vlad Costea (00:33:45):
Yeah, that’s interesting. But what about these companies that do multisig or how you call it multisig and they claim that they help you pass on your Bitcoins. When you die and there’s this type of inheritance program. I think Casa does this and they have a free a five. Yeah, but that’s the premium one. I think the basic one is to a free and they hold one of the keys, but I’m not sure who holds the second one.
JW Weatherman (00:34:12):
Yeah, you are. You hold two of them. I think if I remember right you console holds one of the keys in that two of three and you hold two others. I, there’s a, there’s a couple of reasons that I really don’t like those services. The first is that they have no way to authenticate you. So the reason that we use passwords, and again, it could be your private key or your seed phrase, I’m just using passwords, be generic so that everybody kind of gets the idea. The reason that we use passwords is that that’s the only way that humanity has figured out. You can actually authenticate somebody at all. So like if I come to your bank and I want to get access to my money this is this is another place where you think that it’s a great user experience cause you just pop out your driver’s license.
JW Weatherman (00:35:01):
Somebody that doesn’t even know you looks at your driver’s license and says, yeah, that’s you. And then they just give you access to whatever’s in that account, right? Or maybe you have a debit card and, and that’s used, you know, but usually people can lose their debit card and they can just come in with a, with a photo ID. Right. That’s why it’s so great. I can always get access to my money. But what that means is that anybody that kind of looks like you or anybody that wants to spend $70 on a fake ID is going to be able to impersonate you in the bank and take out your mind. And it doesn’t seem like that big of a deal because the cost benefit for isn’t that great because you have just a crazy amount of money that the FBI will spend tracking you down.
JW Weatherman (00:35:42):
Right. Like, if you do that for five grand because it’s a threat to the system, the FBI will spend $100,000 to, to track you down without, without blinking an eye and you don’t know that you, you’re spending that money, right? But we’re all spending that money. So the only way that actually works is to give you some secret information or for you to have some secret information, essentially a password. And then anybody that provides that password has access to the to the resource. There’s things that we’ve experimented with fingerprint scanners and retinal scanners and all this sort of stuff. None of it works. The only thing that works is cryptography. And that requires that it be a password. So when we’re talking about somebody like Casa or Unchained capital offers a service like this, it’s getting, getting some traction. The reason that that’s a bad idea is that you give them a password and you tell them to hold onto this password and don’t use that password unless it’s me.
JW Weatherman (00:36:42):
But how are they supposed to know that it’s you? Right? Are they in love with you? If they spent like 20 years married to, you know, there’s going to be some dude that’s making 20 bucks an hour and his job is to verify that you were you and then give access to this private key that gets access to your Bitcoin. The way to fix that if they wanted to provide the service would be for them to hold your password and then give you a password so that you can authenticate yourself to them to get access to your password. But obviously that’s very stupid, right? Like passwords to get access to passwords. We’re just in an endless loop here. So that’s why I don’t, that’s one of the reasons I don’t like the service cause it just logically makes no sense. But the other is that I don’t want some guy having access to enough data maybe to figure out what my balance is.
JW Weatherman (00:37:31):
Maybe not that knows that I own Bitcoin. Right. I mean, whether whether they can fully authenticate me and not give my keys to an attacker is a pretty logical problem that I think most people can follow. But the other problem is actually I think it was, was it bit fi there was a company recently that does loans and somebody found out that they weren’t reporting to the government because there were forms that they had to fill out about exactly who owns what that’s in their custody and they were sending them off to, you know, some agency. Well, you shouldn’t be shocked, right? Like that’s, that’s how these things work usually. So you know, if, if you’re trusting Jamison lob, cause he’s such a cool guy to never share your balance with any, anybody that’s doing an investigation or a fishing expedition or whatever.
JW Weatherman (00:38:23):
I don’t know why you would want to take on that risk, especially since like you can just hire an attorney. You could and they probably won’t charge you anything to hold the document. And they’re going, they’ve been doing this for a long time and they’re going to do a better job at it. And if it’s multisig, that’s going to be fine. Right? You don’t want to do that for everybody because of that sort of logical authentication problem. But but it’s a lot easier for an attorney to figure out who you are when they don’t have, you know, tons and tons of people and they’re not really a target. Cause a lot of this thing, this comes down to targeting, right? If I’m an attacker and I want to steal somebody’s Bitcoin, I definitely think about Casa. But I don’t think about, you know, Joe Schmo attorney and trying to figure out whether any of his clients have given him a key. Right. It’s, it’s the, the cost benefit isn’t really there for the attacker. And it’s cheaper. So do that instead.
Vlad Costea (00:39:18):
Yeah, that’s an interesting take because some people would just argue that it’s convenient, but I’m always happy when I talk to security people and they present all the arguments why it’s a bad idea. And I remember when I was a university student in my second year and I wanted to do a bachelor teases on the subject of online voting. And at the time I taught it was the best idea ever. Right? It you know, increase participation and make it all very cool and increase youth participation because usually young people don’t, don’t vote too much these days. And I spoke to one of the experts from the parliament and he told me, you know, it’s all very nice and you can even make it very safe to the extent that nobody can hack it. But at the end of the day you cannot guarantee that is direct meaning that the person voting is actually you because anyone can steal your credentials and vote for you. And physically when you go to the ballot and put one piece of paper into the box, we can ensure, we can validate and often attend Tecate, that you’re the person voting. But when you have to do it in front of a computer or a phone or anything else, there can be a lot of fraud there. And that’s not something that anyone can prevent or check unless you become more [inaudible]. And that’s better not to get there. And
JW Weatherman (00:40:49):
W th the core problem,
Vlad Costea (00:40:52):
I realize that sometimes for additional solutions and something very basic that has prevents work for a longer time is a better idea than inventing problems and trying to find solutions for them with technology.
JW Weatherman (00:41:05):
Yeah. the core problem there is actually what would we call identity and there’s kind of two different ways that you can do identity. One is you tie it to your, your body, right? Like lad, you are that physical person. And you have access to certain things. The problem with that is that you basically have to be bagged and tagged, right? Like we need, we need to put a chip in, in the, in your brainstem, so can’t be removed without killing you. For that to be a viable way to authenticate you. Cause everything else that we’ve come up with. And even that, I’m sure that that’s not even possible. It could, if we can put it in there and not kill you, we can probably take it out and not kill you. So there’s really no way to do that. The other way to do identity is basically reputation based.
JW Weatherman (00:41:53):
Where, you know, I don’t, I don’t know, you know who you are, but you have this secret, right? And you can, you can prove that you have access to this password, right? Without giving it away. Without anybody else getting a copy of it, which is why biometrics incidentally doesn’t work. If I take a scan of your hand, the blood vessels in your hand or something like that to authenticate you as I do that, I get the data about your hand and then I could reuse that, right? Like at some point you could either fake it by somebody else, you know, creating a fake hand. Or you could just Jack in like do a man in the middle attack between the hand reader and the computer that is actually giving you access. And then whatever data that is being sent through there could just be repeated, right?
JW Weatherman (00:42:38):
You can just repeat that data. So you can’t the, the, the cool thing about cryptography is that when you have a password, you can prove that you have access to that password without ever sharing that password. We can’t do that with hands or eyes. I can’t prove that. I can’t show you my eye without giving you all the data to fake my eye. So it really, that’s one of the reasons it has to come down to passwords and when it comes to voting, because it’s not about like individual identities and reputations. It’s about individual meat bags, right? Individual physical beings. We really just don’t have the technology to solve that at all. So it’s kind of a broken system and I think it’s, I think it’s one of those things that’s broken because of the laws of the universe. I don’t think we can fix it. So, you know, leaving it as is and just having people fill out paperwork probably as good as anything.
Vlad Costea (00:43:30):
I remember back in 2014, 2015 that I was reading about Bitcoin being implanted as a microchip under your skin in terms of private keys being stored there. And I think this is tied to this topic that you get identified by your body and if you decide to implant your private keys in a chip that is under your skin, that’s not really safe as it.
JW Weatherman (00:43:55):
No. And actually I know of at least one guy that has done this and then he looked into how RFIDs actually work more. And it turns out that the connection between his chip and the rest of the world is pretty easy to intercept because it’s not encrypted. It’s not a high enough power computer that that is in the RFID that’s in your body. In his case, I think he put it in his behind his bicep and tricep area. So you know, he did this goofy thing and then anybody could come by and basically read the RFID. It’s kind of the same thing as like, you know, people with RFID readers walking around the mall and trying to get close to people’s persons to read. That used to be a thing with can’t remember which credit cards were doing that, but but no, it’s the, the idea of, of being able to have this physical device it doesn’t really make sense.
JW Weatherman (00:44:51):
Ultimately you have to have those secret words cause those secret words, the only thing that we can do math on and then transmit the results to the person that’s trying to verify your identity or verify, you know, to authenticate you and then authorize you. In the case of the Bitcoin network, you know, the Bitcoin network verifies that you have access to those magic words. So ultimately it comes down to it’s gotta be something that, you know and that can, can be calculated upon and then transmit the results to verify that you know, it without sharing that thing, you know? And so that has to be data. And I don’t think that’s going to change maybe ever. Like I said, it could be just a law of the universe, but we’ve certainly not come up with anything that’s even close.
JW Weatherman (00:45:37):
And I, I’ve never even heard anybody theorize as to how else it could work. And that’s why I say, look, Bitcoin is the best user experience by far because it uses that cryptography to authenticate you and it doesn’t pretend to be able to do anything else that’s just, you know, a security theater nonsense. So yeah, to bring it back to the colon storage issue though, that thing that, you know, that’s as good as it gets. So don’t give that thing that you know, to somebody else so that they can, you know, so they can be this gatekeeper. Instead use multisig have multiple things that, you know, stored in multiple locations and preferably locations like lawyers and a lot of these problems that people say, like for inheritance planning need to be solved by this, you know, centralized company that holds one of your keys and knows who you are.
JW Weatherman (00:46:28):
For estate planning stuff, a lot of this stuff has been worked out, right? Like, if you die, you don’t really have to worry about your kids getting access to your safety deposit box. If you did it right, they’ll get access quickly. If you did it wrong, they’ll get access slowly, but they will get access to your safety deposit box if you die. The same thing with like some envelope that’s with your attorney that says we’ll on it, right? Like that’s gonna probably come into play. So take advantage of these hundreds of years that we’ve had to try to work out these problems as best we can. And, and multisig allows you to do that and and do in a way that’s it’s free, right? Like, I, I don’t get anything for telling you this information, but if I give you bad information and sell you some product or some service I could probably make a couple bucks doing it. So, you know, look at the incentives and pick your experts carefully. Right? And I feel like I have teased the concept of YetiCold cold for long enough. Right now, I’m on the website
Vlad Costea (00:47:30):
Yeticold, call.com and I see that you have free options on the option three. You can choose between YetiCold hot, which is hot storage, recommended for storing under $5,000. There is YetiCold worm storage, which is probably a hybrid or something for storing between $5,000 and $50,000 worth of Bitcoin. And it’s a free seven HD. What does HT
JW Weatherman (00:47:58):
A hierarchical or hierarchy could deterministic wallet? I’d prayed in hierarchical deterministic wallet. It just means that you have you have one password. Let’s say you have one seed phrase. And that allows you to create multiple addresses and private keys so that you don’t have to have all of your money on one private key or one address. So if you had 1 million bucks, you’d want one password, but you would want, you know, maybe more, no more than five or $10,000 per address on the Bitcoin blockchain cause you don’t want to draw too much attention to that, that address. And that allows you to do that. So basically all Bitcoin wallets are like that. Now. The only people that are not doing a HD would be either people that have like old style paper wallets or who else? Oh I think Unchained capital released something called hermit. And I don’t think that’s HD. So it’s like this app that allows you to do a multisig setup, which is kind of cool. Like I, I appreciate those guys and I appreciate it that they published it, but it’s not HD. And I wouldn’t recommend it for large amounts.
Vlad Costea (00:49:06):
I don’t think exchanges do this either, especially after they had to comply with more regulations. They just give you one address and that’s it.
JW Weatherman (00:49:15):
That, that might be true. I’m not really sure. I don’t go in and out of exchanges very much. But yeah, it really doesn’t, it doesn’t apply as much to two exchanges cause they’re just, they, they just have a big database that has all your balances and all your transactions. But pretty much any Bitcoin wallet, like I don’t, I don’t think there are any Bitcoin wallets out there. Even the really crappy ones that you find on the app store. I think they’re all HD now.
Vlad Costea (00:49:44):
Okay. Moving back to YetiCold cold, you have the YetiCold cold storage, which you recommend for more than $50,000 worth of Bitcoin. And I think it says the same. It’s a free out of seven H the D stands for deterministic, but what does H stack higher rarer. That’s not easy for me to pronounce. Multisig setup where private keys are never on an internet connection device. And the other one, which is worm says that requires only a single computer to set up. And right now I think I have under $5,000 so let me click on this on the YetiCold and it says I need to get a laptop that can run Ubuntu and Bitcoin core
Speaker 9 (00:50:35):[Inaudible].
Vlad Costea (00:50:37):
I should get an SSD drive possibly for faster synchronization. And the initial block download for, for a small USB Tom drives for free dollars each and the printer and printer paper. Okay. And I click, let’s assume that I have these, even though I don’t think I have four small USB Tom drives, I click next and it says, install a Ubuntu on both laptops, following these rules and then click next.
JW Weatherman (00:51:08):
Yeah. Actually it should just be like a step by step guide. Yeah, yeah. That’s it. That’s all that it is yet. Yeticold called this basically a document, which is what you’re looking at right now. It’s, you know, it’s a website, but it’s really just like a, a step by step guide document to tell you what you need to do. And then it’s it’s some Python scripts over the top of Bitcoin core just because it makes it easier to do some of the stuff that we’re doing. Like, you know, write down your, your seed words and that sort of thing. But yeah, that’s it. So it’s a, it’s a thin layer to make it more user friendly to use Bitcoin core. For, for hot. It’s it’s not multisig. So you basically end up with a full node like you, you buy $12 worth of USB drives, you buy a cheap $60 laptop you know, netbook or whatever.
JW Weatherman (00:52:04):
You install Ubuntu on it, which if you’re not technical, that sounds really intimidating, but it’s really not that bad. It’s not any harder than installing windows. Probably a lot easier actually. So you install Ubuntu and then you go out to the website again, and it has you download and run a script that installs Bitcoin core and just steps you through writing down your seed words. And the only reason that we have the USB drives is just that it, it allows you to have multiple convenient copies of your seed words. So you, you you copy your seed words on paper, and then you throw it on three USB drives and you’re, you know, it’s not likely that you’re going to lose your money at that point because your house burns down. You know, you probably have a USB drive somewhere or a piece of paper somewhere that has the information you need, but that’s very simple and very straightforward and you know, as close to free as you can possibly be.
JW Weatherman (00:52:59):
The other thing that that’s important to note is that you know, you have this cheap laptop that you’re using for this. When you’re done, you can continue to use it. Like then at that point you have a full node that’s validating all your transactions. It’s making sure it’s running over tour. So it’s making sure when you send transactions, it’s, you know, relatively private, a whole lot more private than using a hardware wallet. A lot of people don’t realize this, but most of the time when you’re using a hardware wallet, you’re sharing your balance and your IP address, which can easily be tied to your home address with whatever company are you using. So if you really trust Trezor, that’s cool, but if you really don’t want them to know exactly how much Bitcoin you have and where you live don’t do that. You’re going to have to set up a full node and it’s going to be, you know, more work. And it’s not what most people do. So but yeah, when you’re done, you have a full node on that one. Right?
Vlad Costea (00:53:50):
Okay. Let me stop you there. You cut out for longer than two minutes.
JW Weatherman (00:53:54):
I think it got recorded. I’m seeing the audio on my side show up is it isn’t showing up on your side. There’s just a small gap there. When I stopped talking for a second,
Vlad Costea (00:54:03):
Hopefully I will have the proper audio file because I haven’t heard anything.
JW Weatherman (00:54:09):
Yeah, I keep losing connection and it’s reconnecting. I don’t, I don’t know why that is. Might be having just trouble with my ISP today. But yeah, I think it got recorded. So let’s see. Yeah, the, the, the the summary of what I was saying is that at the end of this, you have a computer set up. It’s a full node. You don’t have to, you don’t have to keep that thing running. Like, if you just have, you know, 3000 bucks you want to throw in Bitcoin grab any laptop back it up, format it, install Ubuntu set this up, write down your seed words, send your Bitcoin into it and then erase it and go back to using it, right? And you’re out 12 bucks total for the USB drives and they’ve got a pretty dang good cold storage solution for a few thousand bucks worth of Bitcoin and it costs you $12.
Vlad Costea (00:55:02):
Okay. So it’s back and it’s working and it’s letting me record once again. And I hear you, which is quite an achievement. We were talking about the cold storage that you developed and why is it three out of seven signatures?
JW Weatherman (00:55:17):
Yeah, the, the main reason that I did that is that I think the biggest risk to people isn’t especially if they’re using multisig. It really isn’t theft. You know, it’s possible that people are going to figure out that your will is actually a private key and then track down to more of your private keys. It’s, it’s not zero chance of that can happen, but the chance of that happening versus just a natural disaster, you know, a California wildfire taking out your house and your mom’s house and you’ve got, you know, three keys between the two of you, it seems more likely. So it’s really a judgment call. But I, you know, it’s a, it’s a well-informed judgment call of trying to keep digital stuff alive for a couple of decades. And it was a tough call between like a three of six.
JW Weatherman (00:56:08):
I wouldn’t do a three of five for larger amounts. I think that’s kind of easy to see why that’s a bad idea. You lose three keys, you lose all your information at wildfire scenario could easily hit three locations, you know, your, your safety deposit box down the street, your and you know, maybe your friend’s house your lawyer in the neighborhood, whatever. So, you know, earthquakes, natural disasters, floods, things like that could take out three fairly, fairly, you know, within the realm of possibility. So the thought was I wanted it to be where you would have to lose four keys or you could lose four keys and you would still be fine. So you could have done maybe a three of six. I would say that’s fine, but a three of seven just gives you one more key to lose before you lose your Bitcoin.
JW Weatherman (00:56:57):
And this is a weird world. People don’t really have an intuitive sense of what it means to lose a piece of paper or lose a few pieces of paper and literally lose your life savings or a significant amount of your investment. Cause there’s always safety nets and everything else. But this is it, man. You lose four pieces of paper. Even with the Eddie Coles you lose five pieces of paper. It’s gone. Right? It’s just completely gone. There’s not enough computing power of the universe to ever get that back for you. So being a little bit cautious, I think for those sorts of funds, I think this is worth the trouble. And it’s not too hard to find seven locations, I think, where you could where you could store stuff. So that was really the trade off. I think between an accountant, a lawyer you know, trusted family member, a couple of safety deposit boxes, home safe, you know, you can get seven places that are pretty hard to steal from. And be pretty confident that even if you’re a lawyer and accountant or flakes and they lose it, you’re still not going to lose your Bitcoin.
Vlad Costea (00:58:03):
What about the people who buy steel plates and they engraved their private keys on the steel plate and they say they don’t have to trust somebody else? What a, a part of their private key, they just write it down on something which resists to floods and to fires and whatever. Natural disasters.
JW Weatherman (00:58:24):
Yeah, I think so I don’t really care. Like I’ve, I’ve been in this kind of debate with Dan held he’s the head of business development. So lots of security background. Now I’m just, I’m just throwing, throwing cheap shots. So he, he’s the head sales guy, had business development guy at cracking and we were going back and forth just over the last few days because I don’t recommend people use steel. And he thinks that, you know, that it’s really important, but I don’t really care. Right? Like if you, if you write your seed word down, seed words down on steel in some form or you write them on paper, it doesn’t really, I don’t think matter very much as long as they’re geographically distributed. The reason that I don’t recommend people use steel is that user error and stress. And if you’ve ever done something like this, just knowing that, you know, if there’s a significant amount of money in play and you screw it up, you’re going to lose.
JW Weatherman (00:59:21):
It is enough to make people really nervous. So as somebody that’s been insecurity for a long time, I’ve seen a lot more things go wrong from data loss, from user error and user error is exacerbated by stress and time and, and just the amount. It’s not that it’s stressful to write things down on metal. The amount of time that you spend engaged in this activity is stressful because you’re dealing with stuff that’s stressful. And so you don’t want to have that user fatigue if you can avoid it. So there’s, there’s some serious downsides to using steel. Like it’s the user fatigue, it’s the hassle. Some of the products are really psychotic. Like there’s one that’s really popular and that’s going around right now that that has, it’s like a steel cylinder and you slide your your words down on the steel cylinder and there’s like a, when you, when you pull it out, you pull out all of these things.
JW Weatherman (01:00:14):
Well, if you don’t flip the right metal tab over and you pull this thing out, all of your seed words pour out onto your desk and, and they’re randomized. So they’re, you know, I’m not going to recommend that product and I’m not gonna recommend people just go some grab some random product off the shelf. Partly because of the risk of some stupid thing like that causing major problems. And you don’t get much for it, right? Like you think that steel is real durable? Well, if you have a flood and it gets washed away, it doesn’t matter that it exists if it’s under three and a half feet of silt. Which is very, very possible. So we’ve learned in the software security world over decades of doing this, that offsite backups are the solution. It’s not so much about the medium you want it to be, you know, relatively resilient.
JW Weatherman (01:01:03):
But it’s way more important that you just have them spread out in multiple locations. So, and when you use something like these different steel products let’s say that you get that cylinder and you throw that in an envelope and you give it to your lawyer and you say, Hey, this is my will that’s more suspicious and interesting than if it’s just a bunch of paper. So I don’t think it’s a, Oh, crap. I don’t know. I don’t know if this is going to get recorded, but I’ll finish the thought. I don’t, I don’t think that there’s a significant benefit as far as durability goes. If it’s a multiple locations. There’s stress that goes along with it. And then, you know, depending on where you put it, it could be more enticing for an attacker more you know, spark curiosity and so that, that’s why I wouldn’t recommend it. But at the end of the day, I don’t really care if you have it on steel or whatever you have in seven places, you you’re probably going to be fine. And it’s not something that I think is worth really fighting about. I think it’s the other things that are worth fighting, fighting about are things like multisig like that, that all fight over. Cause that’s really,
Vlad Costea (01:02:08):
It’s okay. Now I hear you. It’s recording. Let’s take advantage of this. And one question, I’m not sure what you said there, but I can possibly anticipate that something revolves around to your background in security. And you had this debate with Dan Held who is just into business stuff. So would you say that is cypherpunk and what is the definition of the term? Because that gets thrown around quite a lot and people say, Oh, that cypherpunk or you’re being very cypherpunk. And it has become much more of a compliment than, you know, at first it was used like a play at cypher, like cryptography cypher stuff and punk being against the establishment. It was a play on cypher punk, which is the more popular term.
New Speaker (01:03:01):
And though, geez, include Tim May and David Chaum and Nick Szabo and health, any and everybody who was there in the 1980s and 1990s possibly working on digicash or some other privacy protocols, I guess we can say that people working on tour are cypherpunk because they developed something which expands on the stuff that David Chaum wrote in the 1980s.
JW Weatherman (01:03:30):
Right. And this, this has been, I mean, I think the cypherpunk movement is basically an abolitionist movement, right? The way that I define slavery is the systematic expropriation of somebody else’s stuff. So, you know, we had racial slavery in the South but we actually had cases where the slaves, even in that situation, we had like a certain amount of autonomy, right. Like the slave owner didn’t really want to be living with the slaves. They would go off into the fields that was far from the, the plantation. But the thing that mattered is that they produced and that they got fleeced on a regular basis. And my human threat model that’s on 10 hours a bitcoin.com goes into this. But, but I think that right now we’re living in a time where we have central bank slavery where it’s just, it’s way more cost effective to take your stuff through the money printing system than it is to than it is to smack you on the back and make you do work.
JW Weatherman (01:04:29):
Ever since the industrial revolution just, you know, beatings were not enough to be making slavery profitable. Unfortunately, you know, central bank slavery has been really, really effective. But that’s okay. I mean, it’s like, what else are you going to do with your life? I don’t mind being a minority of people that are trying to, you know, end human slavery or at least greatly reduce it. And at the end of the day, like we don’t, we don’t really care if we’re popular because we don’t think that that’s the way to bring about change. We think that and we don’t think it’s through like a violent uprising either, right? So I don’t, I don’t need to get like a bunch of people with pitchforks together in order to do anything good. I can just sit back and write some code. You know, I can hang out, drink some tea work with, well, my son builds YetiCold .com help people secure their own Bitcoins and, and take those out of supply so that the price will go up and you know, have a much bigger impact anyway. So it’s, it’s it’s, it’s pretty hard to it’s pretty hard to be able to come or it’s pretty hard to complain about that, the disproportionate impact that we can have and we can still have, you know, a pretty good life in the process.
Vlad Costea (01:05:40):
I was about to ask you just one last question because I know you have to go and it’s about YetiCold, because that has been like the centerpiece of this interview and I feel like we should end with this. Why should anyone trust the code? Because you have some sort of pipes and scripts that you have to type in after you download Ubuntu and then you download Bitcoin core.
JW Weatherman (01:06:04):
Yeah. And that’s a really good question. And when I set out to build this, I thought it was just going to be a document that was going to step you through it because I didn’t want there to have to be any code that we were writing, but it was just too hard. The user experience was, was really, really difficult. There was a lot of copying and pasting that would’ve caused a lot of problems. So yeah, it’s, it’s a, it’s a question that everybody should ask. The answer is that two things. One is that it’s as little code as possible. And I think, I think the goal for any any project trying to help people do codes, cold storage on Bitcoin core should be to minimize their own code as much as possible. And the other is make it as easy to read as possible.
JW Weatherman (01:06:47):
So use something like Python where everybody can go through it. So it’s it’s really the best that anybody can do. I think if anybody has any ideas of how to make it even better you know, it’s an open source project, you can fork it and do that or you can just tell us because we’d be probably up for implementing those, those changes. One idea is to try to display the commands that we’re about to run before we run them. So we’re working on that. That’ll make it a little bit more transparent. But but really if you’re, if you’re using a large amount of money, it’s probably not a bad idea to pay somebody and it wouldn’t cost that much. Like you could have a Python developer probably look at it for half an hour cause there’s not that much code there. It’s mostly just buttons and stuff, which they can just skip over, see that we are really generating the, you know, that, that are everything security important is actually happening inside Bitcoin core. If if I was going to secure half a million bucks, I’d probably pay a developer 60 bucks just to look over this code.
Vlad Costea (01:07:50):
Okay. That’s a fair point. And is this making you any money or else why would you spend money and time developing it?
JW Weatherman (01:07:59):
Yeah, no, there’s no, there’s no money involved. This was the first project that my son did where he was the sole developer on it. So this was a, you know, he’s 15. This was a huge, like fun family project basically. And yeah, I don’t know if, if if anything, you know, it’ll help enhance his reputation a little bit. Like maybe he’ll get some freelance work out of it in the future, but mostly that was the purpose. Like, I wanted to build something to kind of contribute to the to the Bitcoin project that I think is really important. I don’t think there’s anything that I can spend my time on that’s more likely to have a positive impact on the world than Bitcoin. You know, I’m a cypherpunk. I obviously think this is a good strategy. But if it, if the timing didn’t work out where we’ll need it a good first project we probably wouldn’t have built it. So that’s, that’s that’s why it’s there. And yeah, it, it also it’s also something that I want to do use. Like I’m wanting to use multisig. I don’t have crazy amounts of Bitcoin, but for the amount that I have, I wanted to know that that was secure itself. You know, to some degree. I also built it just to scratch my own edge.
Vlad Costea (01:09:15):
Yeah. Congratulations for your son. And I hope one day he becomes a Bitcoin core developer, but the kind who actually gets funded.
JW Weatherman (01:09:26):
Thanks man. Yeah, no, he’s doing really well. Well, he also works on math bot.com, which is something that I think, you know, it’s, it’s also, I’m semiretired at this point, I’ve I’ve done pretty well in software startups, so, so I’ve been working on math bot for it at least a couple of years now. Also a thing to scratch my own itch. I’ve got, you know, a half a dozen plus kids that I need to teach math to. So so will, has been helping me build that and eventually they’ll probably be a little bit of money that comes in through that. But but, you know, I, I’ve been fortunate to be able to work on stuff that I think is important and, you know, basically a charity for the last few years.
Vlad Costea (01:10:09):
Yeah. I appreciate it. And it’s good to have a cypherpunk in the show. I think you’re the first one possibly. I’m not sure. What would you Wertheimer considers himself to be? I think he probably does consider himself a cypherpunk. Okay. And that also had Donald McIntyre, who is more into business, but as a partner of next elbows.
JW Weatherman (01:10:33):
Right. I think he probably does too. Although I always have to give him a crap about his his scam coin. But other than that I really enjoy his tweets and I think he probably considers himself decypher cypherpunk.
Vlad Costea (01:10:48):
I mean they’re very smart people. They know a lot of stuff and they have been in contact with cypherpunks for quite some time.
JW Weatherman (01:10:56):
Vlad Costea (01:10:57):
To their credit. If anything, they are like perpetuators of the moment. And I think Donald MacIntyre, before being anything forward, deuterium classic, he is like a historian of cypherpunks and he can tell a lot of great stories and this way of writing articles, which is fascinating at least to me.
JW Weatherman (01:11:19):
Yeah, I agree. I really, I really enjoy him. I think he’s blocked me a couple of times over the years and then unblocked me because I do call out the theory in plastic nonsense, but, but you know, I, I don’t know, it’s kind of the same thing with David chomp, like, I don’t know what, what’s going on over there, but it, it pains me that there has to be a scam coin involved. But but at the same time, you know, you can’t say these guys aren’t brilliant.
Vlad Costea (01:11:45):
I think David Tom is a genius and I did an interview with him and he seems so bored. Like he was trying to make an effort to pay attention to me because he knew he could use his time in a better way.
JW Weatherman (01:11:59):
Yeah. Yeah. He’s definitely a brilliant guy. And there’s no question that he’s probably accomplished more in his lifetime than all accomplishing. So you can’t, you can’t, I don’t know. It’s kinda hard. It’s a hard situation where you can see that there’s a scam, right. That, that the project that he’s working on right now is just utter nonsense. But at the same time, you know, he’s probably smarter than me, so it’s a, it’s tough situation to be too critical.
Vlad Costea (01:12:30):
Yeah. He finds himself in a kind of delicate position because he wrote all that great stuff. He had a prolific career up to one point when he ran DigiCash into bankruptcy and after that he disappeared, at least from the public eye. I guess he still wants to conferences. And did some work and he, he realized how people have capitalized on the ideas that he had. And he brags about building the first ever blockchain when he was, which university? Where was he in?
JW Weatherman (01:13:08):
You know, I’m not sure.
Vlad Costea (01:13:09):
He was in California, I think.
JW Weatherman (01:13:13):
Yeah. W it wouldn’t surprise me. Yeah, I mean there’s no question that like a lot of the a lot of the guys that matter right now and that have had a big impact on Bitcoin, did work at DigiCash or had associations back then and and that he was a pioneer like he was, he was the first person that I know of that was making real progress on electronic cash. So and you know, solving part of cryptography problem. So,
Vlad Costea (01:13:41):
And part of me wishes that he had success with DigiCash because now we would pay in a much more secure way on the internet. Yeah. Private also.
JW Weatherman (01:13:51):
Well, I, you know, and did you cash had to exist and it had to fail? I think because it, it showed, it showed the flaws in that system that brought about the ideas that make Bitcoin work. So it’s in a way you could say that he worked on Bitcoin, right? I mean, it’s what is Bitcoin if not a mission to create a secure money? And he certainly worked on that mission.
Vlad Costea (01:14:16):
I think it was more about privacy than he was about security, but whatever. I feel like Monero is closer to what Tom wanted to do. Then Bitcoin.
JW Weatherman (01:14:27):
I mean, I, I have an interview with a fluffy pony on my YouTube channel when I was getting ramped up and I can say with some pretty good confidence that it is a scam but it doesn’t have a chance of actually solving any problems and that it’s, it’s promoters lie about its capabilities and its importance. So I, I don’t think that, I don’t think that it was a scam back then. When these guys were building it, they knew that it, they knew, they basically had to have the approval of governments. They just thought they could get that approval. And when the, when it was clear that, that, you know DigiCash proof that wasn’t going to happen if they weren’t going to get that approval. I think at that point they started working on solving that problem, which they did with with proof of work and you know, the other innovations in Bitcoin.
Vlad Costea (01:15:20):
Yeah. It makes sense. That’s fair. Don’t you have to go in like 10 minutes?
JW Weatherman (01:15:25):
Yeah. Actually I should go now, man. I should, I should wrap it.
Vlad Costea (01:15:28):
Yeah. So thank you very much. JW Waterman. This was really good and I’m upset right now. I’m pissed that it worked so well in the end when we basically talked about stuff that’s not really related to the core topic, but it’s good that we had this recorded and we did this interview and they’ll see how I can make the best I would have had.
JW Weatherman (01:15:53):
Yeah. And, you know, maybe we’ll, if you want to rerecord in a few days, I’ll, I’m sure I’ll have another gap in my schedule and we can maybe use this and and then have another one that’s really a little bit more focused.
Vlad Costea (01:16:05):
Yeah. Always because I enjoy critical minds, you know, I feel like I’m learning, I feel like I’m having my opinions challenged and totally, it goes back and forth as opposed to talking to marketing people who are like, Oh yeah, we have this product and it’s the best and it does this and that. And if you ask them questions, they’re going to babble and say they’re nonsense.
JW Weatherman (01:16:31):
Yup. Yup. Totally agree. Yeah, I think that’s the, that’s been, I wasn’t never on social media until a couple of years ago. But jumping on Twitter and getting involved in recording podcasts and, and then also being a guest on podcasts has been just a very cool experience to get wrapped up and try to stay abreast of things. So I always appreciate it.
Vlad Costea (01:16:53):
Okay. I will end the interview with this mention that you have the last ever interview recorded with Tim may and it’s on YouTube and I haven’t listened to it yet, but I will listen to it after this and thank you very much for that. It’s a great community
Vlad Costea (01:17:10):
Service and at some point I hope that more people will discover it and listen to it. Yeah, thanks man. I’m sure. I’m sure they will. He’s going to have a, he’s going to have a very impressive legacy that we get to watch over the next few years I think. Okay, thank you. Bye.