Okay, hey everyone, good to see you. I'm Florian May. I'm going to moderate the next 30 minutes on the Bitcoin security panel. Yeah, Bitcoin security is a really broad topic with a lot of different aspects that can be considered from like mining, hash rate, key handling, patch management, and Bitcoin core and other implementations. There's a lot of FUD going on. So security by itself is always an interesting topic, but combined with Bitcoin it gets even more interesting. I'm really happy to have you guys here. I don't think any of you needs an introduction. I'm a big fan of your work. We have hardware, we have software experience, which is really great. And to start the discussion, I want to start with an open question to the round to get started. Like what aspects of BTC or around BTC or maybe crypto in common, but obviously with BTC as focus, do you think especially important right now to address what should the community and companies working on Bitcoin focus on? Maybe Pierre, can you start? Yeah, certainly. I mean, this is a really good question and there are many aspects affecting the security of Bitcoins and the holdings in general. I, as you know, specialize more in the vulnerability side with a good understanding of the cryptography. So I'm more looking at the vulnerability side, the health of the networks, the clients, and not running into issues based on that. The good thing though with Bitcoin is because of proof of work, even though there's vulnerabilities, there's no way to like kind of reverse transaction, right? That easily because you need to redo the proof of work even though there would be like exploitation of nodes. So this is very reassuring. And then the thing that gets to me on the other side are the clients, the holding and not losing the funds because I always get asked, I'm worried about my Bitcoins being stolen. But I, you know, tell people you should worry about not losing them first. That's like the there's much more Bitcoins that are just lost than actually stolen. So those are like the aspects that I, I'm focusing on that I think are important. So there's technical aspects like, you know, securing, you know, key management where there's basically like there you're talking about cryptographic barriers to be able to actually do anything. But then besides that, you have like game theory and you know, like incentive kind of things that prevent people, bad actors from doing stuff. And then you have like, you know, the social layer, people actually, you know, trying to manipulate the narrative and manipulate markets. And then I think that in this space, we've actually seen a lot more people hurt by either losing their keys or by falling prey to the social engineering more than people stealing keys. Not that that's not to say that we should not be careful securing keys. But I think, you know, unless like you're a really big exchange, you know, which kind of, you know, is going to be a major target. Attacks against individuals for stealing keys other than ransomware attacks or other stuff like that have been relatively rare. So I'm more concerned, I mean, when I first started working on stuff on Bitcoin software, I was mostly focused on how to secure keys and how to make sure that key management was done in an environment that's secure. But as I started to see more things that could potentially lead to game theoretical issues or consensus failure, I started to focus more on like the, you know, the issues with forks and issues with different kinds of, you know, market manipulations and things like that. So I think all these things need to be taken into consideration. Yeah, so I've spent the past few years mainly working on key management side, three years doing more enterprise hot wallet key management, and now focusing more on personal key management. So obviously, I feel like this is where I can best put my skills to work and try to help people basically be more sovereign to themselves. There's a number of other issues at play, though. Something that plays into that is actually the usability of having a high security solution. And really, I think one of the results of having not so good usability is that we result in creating more systemic risk in the system. You end up with more people basically leaving their keys with trusted third parties, usually because they don't trust themselves. And in many cases, maybe they shouldn't trust themselves. But, you know, I think the goal is that we should be trying to get to a point where people should be comfortable being their own bank, trusting themselves. I could go on, but I think that's enough. With Bitcoin, we have a wonderfully designed cryptographically system, which is, from my point of view, very secure. But at the same time, we need to also invest in the usability of such systems, because without a good usability, I think you couldn't have a very good security. The product or the project can be very secure, but if users don't know how to use it properly, then we failed, ultimately. And that's what we are trying to solve in a software or hardware wallet space. We need to educate the people what actions they are doing, what the effects of these actions will be. And also, there are a lot of things that can be improved, like, for example, people are blindly scanning QR codes, sending Bitcoins to this, and they don't check the address. The address itself is a problem, because there is no really straightforward way how to confirm that the recipient address really comes from the person we want to send the coins to. And there are a lot of work to do, even non-trivial work, because it kind of relates to the whole digital identity management thing. And I think this is something that should be improved, and it's not really related to the hard core cryptography security, but it's also very important if we want Bitcoin to be used not just by hard core cryptography nerds, but everybody. Okay, thanks. That was really interesting, and I think I got two keywords that kind of triggered me that were, obviously, education is one point where we have to work on as a community, but ultimately, I feel there's always a limit to education, what you can make non-technical people understand with what the current state of Bitcoin and the whole cryptosphere is. I mean, you have scammers telling people to enter some commands into the debug console of their wallets. We have supply chain attacks. We have different channels where people, like on Discord and Slack, where people get ripped off all the time. We have exchanges where, obviously, input validation is done on the client side and cryptography. So there's so many different layers going on with problems that cannot be solved at once, but I would be interested, especially in your opinion, James, in our experience, and yours, Pavel, what the current feedback from your customers and buyers is, maybe early adopters of CAESAR, not only the small ones, but also the institutional ones, what the problems are, the typical ones that you actually plan to address. Yeah, it's actually, I guess, one of the first major points is that it's loss is the biggest problem. And so this is because we have made great advances, like with Trezor, with hardware devices, making the private keys much safer from digital attackers. Just getting an air gap in there goes a long way. And so then what we're really dealing with now is probably one of the biggest security issues is really one of the biggest issues with any type of computing environment is always that dang user that keeps getting in the way and screwing things up. And we have yet to figure out how to eliminate the user from the equation, so we have to do the next best thing and try to prevent the user from shooting themselves in the foot in as many ways as possible. That's really one of the primary focuses that we have at CAESAR, where we're not trying to build any hardware ourselves. We're taking what's already out there on the market and trying to assemble it in a new way with software that just implicitly by following the software itself, you have to follow a number of best practices. So we don't necessarily have to do as much education. It's just baked into the product itself. From our experience with our Trezor support, I can tell that there are two big issues that happened during the last year. One of them is not specific for the last year, but I still feel that people don't really understand that the recovery seed or the mnemonic sequence is really, really important, and they just decide to, for whatever reason, not write it down. There are some counter measures, like, for example, requiring a person to give back some of the words they have written down, but still, it doesn't really mean they have not thrown away the paper shortly afterwards. Also, we had one example that a person wrote down the seed, but they didn't know they should really write down it in a correct order, so they just tried to be smart and randomised it for whatever reason. Oh, but you can brute force that with the right script, right? Yeah. And so I think that could be solved by education, and it's really a much bigger issue because we tried to educate people not only to use Bitcoin properly but to stand for themselves, and suddenly they have their faith in our own hands and they are not really used to it. And the other thing was, well, from the last year, it has been a year of Bitcoin forks, at least that's how I perceived it, and a lot of people are really hasty about trying to claim new coins and they were entering their mnemonic seeds to lots of various websites with no history whatsoever, and also it created a lot of problems because they somehow managed to send coins to where they should not really appear. For example, if you have a big cache, you claimed your big cache from the main Bitcoin chain, and then you accidentally send it to a SegWit address because the exchange gave you a SegWit address and there was no really easy way out of it, so there was a coin loss because of lost mnemonic and a coin loss because of coins being sent to somewhere they really shouldn't belong to. Okay, thanks. Maybe another indirectly related question, maybe you can even start with that because that topic keeps popping up, at least in my talk with people, how to deal, especially in your case, with supply chain attacks. What does Trezor do about it? What do you think about, I think the typical questions are trusted element within the hardware, secure stickers with holograms on it, all that kind of stuff. Yeah, so let me first explain what supply chain attack is. It's basically when you order a device and someone intercepts it on a way and they replace some of the critical parts with tainted one, and obviously there are more ways how to do it. One of them is to introduce some kind of a attestation element which is able to say, hey, I'm a legit hardware. This creates automatic trust to the hardware vendor and by hardware vendor I don't mean the hardware wallet vendor but the producer of the chip it is using. I'm not really comfortable with that because from my experience this stuff mostly works but then it comes a moment where it stops to work and this happened last year where a very smart computer cryptography expert and hacker found a bug in our competition which uses a secure element and he basically broke down their attestation model and this is really hard to fix because once you have a million devices out there, you can either not fix the bug or replace all of them and it's a big problem. Another problem is some of the platforms use Intel SGX secure computing platform and there are a lot of attacks related to Spectre and meltdown attacks which can be also applied to this so it's I'm not saying it's a bad solution but it has some drawbacks and if you rely on it, it's very hard to fix because it's embedded in the hardware. What we use is what you mentioned we try to protect the supply chain by applying various physical features like for example we are applying holograms on the device and on the on the box. This also has its drawbacks and one of the main drawback is that we really need to educate our users what should they look for, how the packaging looks like and of course this is also not 100% temper proof because somebody can try to copy it in a very good way and there is a basically there is a race how good your holograms are for example. I think that you know one takeaway from you know what stick is talking about of even all of these hardware vectors that are getting exposed over time is that the idea of secure computing is a fallacy. I mean it's you know fantasy land it's not going to happen at least not anytime in the foreseeable future and so the best thing that you can really try to do is eliminate as many single points of failure as possible and so this is one reason why we actually recommend with our multisig setup using you know a variety of different brands you know instead of just buying three treasures use a treasure, a ledger, a cold card and really spread out the risk because it's not possible even for like hardware level experts such as himself you know some of these devices are black boxes you know he doesn't know what's going on inside of like the ledger hardware there's probably you know only a handful of people on the planet who do and there's no way that we can expect to ever be able to really get any level of trust you know at the like hardware level like that. I would like to add to this because the supply chain attacks traditionally uh the hardware secure modules like they were not popular at least the you know the people in general and uh there's a big difference between buying an off-the-shelf computer turning it into something you know is most likely clean because you know obviously this computer was not specifically targeted because computers are used for general purpose and and uh you cannot assume to be able to hack all of them without being detected so or or um you can go at the store and buy it um the problem with the hardware outlets that they're facing is that they're obviously will be targeted just because they are hardware wallets for bitcoins so uh and the Kessa huddle I assume there's also advice maybe to add a device that is not a hardware wallet uh in the multi-sig scheme. Yeah I mean definitely I mean I love Trezor products but um I have to agree that uh I think um you know one of the issues is that they will be specifically targeted um I I've tended to like to use um you know um airgapped computers that are not that are general purpose that you know are it's hard for someone to specifically target that machine and also to use a different operating systems or different distributions of operating systems in case one of them gets hacked um in the case of like for instance bitcoin nodes usually don't want any kind of divergence there because you want them to reach consensus but in the case of using multi-sig um basically every single uh additional uh you know signature that you require is another thing that needs to be hacked so so you're adding more security with with more different kinds of platforms. Just to be clear I trust Trezor and this is what I give to family members so. Thank you. Yeah that's a good point. I just wanted to add that I think it's very wise to combine various security options and security layers so if you combine a hardware wallet even multi-sig you are getting uh the best of both worlds or security of the both worlds uh the bad thing about this is uh you are also getting the minimum usability so you combine the usability but in opposite way so uh I'm not not saying it's uh it's not a thing to do but there it has some drawbacks. Oh yeah it's it's going to be very difficult for us at CASA to uh to both advise our clients to eliminate and eliminate these single points of failure and for us to support all the shitcoins. Yeah that's that's a very good point. Uh I have so many questions left on my on my book but we have only so much time so um uh when why we have you here um I'd love to hand over to the crowd now for a couple of questions so you can pick uh the brains of the experts with uh your security questions so feel free to raise your hand if you have a question related to bitcoin and security now. Please. Yeah maybe can we get this guy a microphone please. Thanks. Yeah. Uh I want to ask about the multi-sig three or two of three setup with the three different hardware bots uh what software do you use like Electrum or more just roll CLI or there's some review software that I could use for this multi-sig wallet or or just I shouldn't care because the wallet is secure enough that it doesn't matter. Uh well I mean I I would not assume that the software is secure though you know if it's open source you're gonna have a better guarantee uh for usability I've set up multi-sig hardware uh based wallets with Electrum and it was pretty easy uh the most difficulty that I had was doing it on Linux and having some issues getting all of the the libraries installed to support but uh other than that um it it's uh if you're if you're tech savvy then it should only take you a matter of minutes or maybe an hour at most to set up. So one other question is that uh what I saw is that for the ledger I can't see the the address the multi-sig address on the ledger itself for Trezor and keep it implemented so I thought implementing it because I think it's important part to be able to verify it but. Right and you know I'm not entirely sure of the details of why that's not supported I mean I think that's something that we just need to annoy them. That's probably not done but I personally I just also use Electrum mostly I think they're even implemented in the uh assistant in the base one so. I would just shortly add to it uh it's a good idea to use uh any software wallet that uh has hardware wallet support for multi-sig and at the same time it's open source uh it has been set Electrum three times uh I'm saying Electrum is fine but do your own research there are other options uh for example yesterday we had a talk with uh green address I think they also support uh hardware wallets and multi-sig at the same time. Any more questions from the audience on the other side? Get your sports in. Hi just talking about uh the open source and some more eyes can see and verify that uh the software is clean and bug free or doesn't have something. Is there any formal uh process to this like how many developers have looked at Electrum have looked at Trezor and. Those are that's a good question uh but you know no um really the the best metrics that you might be able to get is uh if you're looking on github and looking to see um number of forks number of stars number of total contributors I mean that will give you a general idea um you know hopefully uh you know at least the number of contributors or people who have looked at at least part of the code because presumably they then you know added or deleted some code um but yeah just some like general activity uh but that's only really gonna give you relative ideas by comparing between the different projects uh there is no metric you know for open source security other than probably general usage um so like if we know which I I don't think that we even do but if we knew that you know so many million number of people uh are using this software and you know have not gotten exploited uh the more people that are using it the you know the more uh value basically is up for grabs for an attacker to come in and try to steal from them so if the more and more people that are using it and not seeing any exploits gives you you know a general better sense of reliability but there's still no guarantees yeah let me add to it there is no formal process uh uh for trezor and I don't think there is any for uh one of our competitors uh one of the reason is partially that there are not a lot of people uh developing this stuff like there are maybe up to 10 people developing trezor I think it's the same or even worse for other hardware wallets um not sure how many electrum contributors has but also it's not not a big number so I think the good thing is to for the general bitcoin community to look at the commits uh for open source projects because every everything we deploy as a firmware to our users is uh being published before on a github as a part of uh of the commits so if there are a lot of people reviewing it we can start uh formalizing some kind of process but right now I'm not sure if it's even possible like internally at our company uh we have a rule that uh one shouldn't merge uh the the commit if if if it was written by by the same person so someone else has to merge it and I think it's a good rule but this is as formal as uh we can get uh at the moment I guess. Okay thanks that was uh was a really great insight um maybe uh one addition from from my side that the usual slogan applies don't trust verify if you can't maybe just avoid any bleeding edge stuff use uh uh the providers hardware wallet providers software wallet providers or software providers in common in the space that have a good reputation ask around uh be careful and yeah stay safe um unfortunately the time is already running out so I have to close around um thank you very much for your thoughts and input