It's on the screen, we're going for more of the payments to protect Bitcoin, arguably
more important.
And to host the next panel, let's go take a look to all of these back on the stage again.
Please give a round of applause to the co-host of the Bitcoin efficiency show, put by Dennis
Massavich, head of infrastructure and security and high-tech, fair system stage.
Massavich, who is the physicist, mining entrepreneur and educator, and last but by no means least
we have the CTO of CASA, James and Lott.
Thank you so much guys, please give a round of applause, have a great one.
All right, good afternoon again, Massavich.
Good afternoon, gentlemen.
So, yeah, this panel is about security and privacy.
And these are interesting topics in the Bitcoin space.
So before we dive into that, I think we'll just do a quick round of introductions, a little bit about who you are
and what you do in the space for a little more context.
Dennis Massavich.
Yeah, so I joined iStash more than six years ago.
I take care about infrastructure and security.
Before that, I worked a similar job helping banks.
So I'm a long time in financial industry.
And yeah, that's it.
Excellent.
Massa.
Hi everyone.
My name is Massavich.
I work as an app for Lightning applications at Denali.Swiss, which is a Bitcoin-only Swiss exchange.
And they have also a content creator in this area.
Excellent.
So I've been building high-security self-custody wallets for a decade now.
First three years, I was at BitGo, mostly focused on enterprise wallets,
helping exchanges and companies secure their high wallets.
And then seven years ago, I co-founded Acasa.
And Acasa, basically, we are targeting individuals to help onboard them
into really the highest possible self-custody architecture that we can think of.
Excellent.
Between the three of you, there's a lot of perspectives in the security and privacy side.
So maybe let's start with the big picture.
What is security and how does it relate to Bitcoin?
So I like to use an analogy that security is just like health.
In a way that usually we are young, we have a lot of it and we don't think about it until we run out of it.
And not being healthy can be a serious issue.
And if you think about it, what you can do to stay healthy,
the best thing is to follow very simple rules, watch what you eat, exercise, sleep well,
and don't do risky stuff.
And exactly the same thing goes for security.
So it's nice to have institutions which can help you.
But you should really think carefully and take actions yourself before it's too late.
I mean, I think that's one of the reasons why both security and privacy are very difficult things to talk about with people
because we are talking about being proactive.
And if humans in general take the path of least resistance, whatever is the most convenient.
And there's also generally a mindset of, well, if whatever I'm doing so far seems to have worked,
why should I put more effort into it?
And so it's unfortunate that being in the security space often feels like we're fear-mongering,
like we're telling you all these are all the things that could go wrong.
And it's true, but we're doing this because we've seen many catastrophes over the past 15 years of the space
and we can learn from them and we should learn from them.
I've always said it's better to learn from other people's mistakes than from your own.
That's what I'd like to add.
Yes, with Bitcoin we need to build our security. Our security needs privacy.
And so we have a great responsibility in taking care of our Bitcoin.
So we need to be careful and we need to learn how to protect ourselves
and use some of the ways to do that. This is important.
Yeah, and so I think this enters us into this conversation in a really good way
because a lot of users, people who are first entering into the Bitcoin space,
they do not get their first Bitcoin by directly receiving a UTXO on the blockchain.
They don't even necessarily get it through a lightning wallet or something like this.
They get it on platforms or exchanges or something like this.
And so what is this at this first step?
What can users do to be as secure as possible in this first entry into the ecosystem?
So, yeah, Nice Edge is one of the platforms where we have all one million users,
earning their first sub-chance.
And it is interesting we support 2FA, second factor authentication,
for I think seven years, eight years.
But until we start enforcing those methods, people were not keen to use it for whatever reason.
But, you know, it is only so much the platform can do.
What we can do is we can offer you secure ways of authentication
and then authorization of your actions.
And you have to follow those rules and, you know,
you should really think about not only the platform.
I would say that the biggest failure of users is protecting their mobile bank or crypto platform
and not thinking about other things of their life.
And usually email is the most important one because many of those services you access via email.
And if you don't protect your email, someone can reset passwords,
someone can do a lot of things you don't want them to do.
So you should start thinking about protecting all of your accounts.
And it's like this before, health, you can say,
I'm going to do healthy life over the day, but overnight I'm going to do whatever I want.
So you should really activate the additional factor of authentication
and use hardware device when possible.
Basic cybersecurity, use a password manager.
Use, you know, one of the highly vetted password managers that's out there like one password or key pass.
It doesn't really matter as long as something is used by millions and millions of people
and has a lot of eyes on it.
If you know in your head the passwords to log into your different accounts, you're doing it wrong.
You should only know one password and that is the password that unlocks your password manager.
If you're doing your passwords in your head, you're most likely reusing passwords on different services
and eventually some of those are going to get leaked.
They're going to get used against you.
We see drive by attacks all the time where these leaked username and password lists
get used against every other popular service just to see which ones are being reused
if they can get into those accounts they're going to drain them.
Of course the next step is to factor authentication.
That's a whole other rabbit hole because there's many types.
The best is of course a hardware based 2FA.
I highly recommend buying a YubiKey.
This is like a $40, $50 investment.
That's like the strongest possible two factor authentication that you can have.
The next step down which doesn't cost anything is something like a Google Authenticator
with those rolling codes.
And then the very worst type of 2FA is the SMS based.
And that's generally because your phone accounts are not particularly secure
and we see a lot of SIM swapping or phone jacking in this space
where basically an attacker will either bribe employees of Telecom
or somehow otherwise trick them into changing the ownership of your phone number account over to them.
And then of course they own all of your 2FA authentication
and you can start resetting all passwords to your various accounts
such as email and then exchange accounts.
So we're starting from a point where basically if you're using an exchange
you are relying on basic security skills that apply everywhere else.
But then to take this a little bit more specific into the Bitcoin world
it's when you really get off the exchange that it starts to become more Bitcoin specific.
And so now these days there are two methods of coming off of the exchange that is commonly
and one is lightning.
And this is, I think, an area that you had some thoughts on in the last moment.
Kersher.
Yes, so many people now are purchasing Bitcoin on their platform
and many times it is a KWC platform.
So the platform knows everything about yourself.
So it knows your identity, your financial data and documents and so on.
So it's easy then to associate your withdrawal from a centralized exchange
to your destination address and then track the future movements you can do later.
So in case the platform is abused or is forced to reveal such information
this information can track even your future payments.
So it could be nice to evaluate also the possibility to withdraw using the lightning network.
Many platforms are nowadays supporting this kind of withdrawal method.
And with this way you can withdraw many times, accumulate maybe on channels
and then evaluate to go back on chain later, maybe after some jump in several nodes, etc.
This could be something useful for privacy but as also James on set
privacy is strictly connected to security because we need to be private
also to preserve our physical security now and in the future.
So this could be a way.
Yes, lightning really think it's a tool to start to increase the privacy
but how private is it? Is it really something that in fact increases that privacy
if you're using a central exchange as your starting point?
Jameson and France?
It always depends on how many trusted third parties you're using
and especially trusted third parties that you have given your personal information to.
So like I said this is usually trade-offs between convenience and then security and privacy
and so the most convenient way to do some of the stuff I was talking about
would be go on board into a KYC exchange and then perhaps you would draw to a custodial lightning wall.
Well now you've actually given up all of your privacy because the benefits of
uniterating on the lightning network no longer matter if on both ends
the people or the services that are helping you do that can see all of that information.
So ultimately if you want the highest level of security or privacy in the space
you need to be doing things yourself.
You need to be running your own software, running your own nodes and that takes work.
It's more difficult and this is why a lot of people don't do that
is because generally people take the path of least resistance highest convenience
and that's why we have all of these talks because we're trying to convey the trade-offs
that you were making as a result of going the more convenient path.
Yeah exactly because I think the thing here is that these are all individual choices right?
Security and privacy it depends on your perspective and maybe security is top of mind at the moment
because I don't know I'd like the health analogy Dennis that it's sort of
it only comes up when you really need it and therefore that might suffer
but privacy is also the same thing in the Bitcoin space.
It's really difficult to actually achieve privacy in any meaningful way
because privacy is really a misnomer.
Everything on the blockchain actually is there.
It's just a matter of how can you associate that with an identity.
So Dennis I know you have some thoughts about the sort of the privacy versus anonymity.
Can you get into that?
Well first privacy and security I mean if you are insecure you can still get secure
but if you lose your privacy you probably won't be getting back in days of internet
so that's really a big issue and when we try to enforce KYC
we also try to enforce strong authentication methods
because if you love someone to get to a KYC account
well there is a big chance he might get a lot of your personal information
which you certainly don't want to.
And it's not only for the crypto platforms or any platform which does KYC.
Now about anonymity I believe that it's mentioned many times in Bitcoin paper
because there was this vision of having anonymous transactions
which means transactions are there we can all see it to verify
but we don't know who is actually doing that.
Now privacy is a different thing because privacy we can do two of us transactions
and no one will know about it and that's not the way that blockchains are designed
at least Bitcoin not.
So that's a different issue but I think that the KYC is interesting
because we talked about before two different factors of authentication
like passwords something you know, only you know, only you should know
and something only you should have like hardware key and SMS is your problem
because it is not something only you have
it's actually what your mobile provider has and it just gives you the SIM card
and he can make many of those again.
But there is a third thing and this is something only you are
and if you have KYC, if you have video check then we can do the selfie
and check if this is really useful.
That's another factor that sometimes KYC can be used also as security method
and we do use it because people tend to lose their two factor authentication
and then they want to regain their account back.
So that's when something which is actually invading your privacy can be used also for security.
Well so an interesting thing here KYC I guess in this case is being used as a security measure
which normally you would use a password as a first factor application
and then hardware key or OTP generated on your mobile phone as a second factor
but if this if you lose your phone and you won't believe how many people will sell their phone with their calls on it
and then they want to get their account back and we don't have this second factor.
So then we use selfie as what only you are and check back as a second factor application.
Yeah so I think this illustrates the trade off fairly well between security
and then the sort of self sovereignty ethos which is big in the Bitcoin community generally here
in terms of especially when we're talking about that if you're really going to be interacting
with the Bitcoin base layer the blockchain UTXOs holding their own UTXOs
that's the polar opposite from operating on an exchange.
And so we kind of are in this area where a transaction from one UTXO to another
is not actually private it's visible on the blockchain.
So are there ways to basically break those links and actually create privacy tools
like for example Samurai and Wasabi that have recently been taken down
has sort of degraded this possibility but is there still any way that once you've got a UTXO through a KYC service
can you make yourself private again? Any thoughts on this?
You can and I mean joint market is still running joint market will never be shut down
because it is completely decentralized.
Pay joint is another type of coin joint that's also fairly interactive
unfortunately not highly adopted but the trade offs with trying to do strong privacy
via coin mixing to protect yourself from the KYC providers is they know you're doing this
and if they see you doing this they may decide to stop servicing you.
So it's a weird type of trade off where I would say the strongest privacy
that you can attain in Bitcoin is by earning your Bitcoin directly
engaging in peer to peer commerce selling goods and services.
Then you're not going through a trusted third party that's doing data collection
and forcing you to hang it over personal identifiable information.
That's one of the reasons why Satoshi was able to remain honest.
There were no trusted third party custodial KYC services back then.
It was truly a peer to peer economy.
So that's generally what I recommend to people because otherwise you're trying to straddle this weird line
between using privacy stripping services and trying to regain your privacy
and meanwhile balancing that with the fact that they can see what you're doing
and may just decide to cut off your access.
And is there really so one point here as well is that if you have a UTXO that's come from KYC
therefore theoretically there's an identity attached to that.
Once that pops X number of times usually these chain analytics software
that make these determinations they really can't understand
if that's still the same person anymore.
Is that a factor in any of this that KYC is not actually necessarily this big buckaboo?
It's really maybe once you actually hold your own keys that everything is okay
you can just move it around.
Once you are in a sovereign self-custody setup it's permissionless.
You can do whatever you want.
Those exchange accounts are not permissionless. They can shut you off at any time.
So I think it's more the question of do you just start off from a sovereign setup and stay there.
Can you do that without having the convenience and the reliance upon the banking system?
We talked about how Lightning maybe has, if you're going through a third party originally
that Lightning might have not necessarily the privacy that people think you have
but what if you're starting from this position of self-sovereignty.
You are creating your own channels or you're using some kind of application
that helps you to create your own channels or at least use their Lightning service provider.
Masimo, do you have any thoughts on this?
Yes, on the Lightning network the best solution is to build up your own node.
So this is the best solution. You own your node.
You open your channels and you manage the liquidity. This is the best choice.
But obviously this requires some skills.
So here is where education comes in place and it is important.
Otherwise at the beginning people approaching the Lightning network may use something custodial
but we have the problems that Jameson said about the custody, the self-sovereignty.
Otherwise there are quite new solutions emerging like PhoenixD.
For example on-demand nodes you can run on a simple VPS for example or even at all.
In this case obviously you own the keys so this is an advantage
but you need always an LSP for example for PhoenixD it's a sync.
But this can be a good solution to start with, to start playing with the Lightning network
and to start understanding how is the impact on the privacy
when dealing with the channels, when dealing with Lightning transactions and so on.
And then when the skills you acquire are better and better
then obviously you should go to something where you manage all the setup.
So this means hardware, network connectivity, liquidity and opening the channels,
the liquidity on the channels and so on. So this could be the steps for this.
I think skill issue is really the main point of all of this.
Bitcoin allows for a great level of security but you get out of it what you put into it.
Now that if you would really do all of the things that Massimo said
think about how many signals you will leave out that would enable you someone to identify you.
I mean you have a setup server, a network, a lot of things.
So you know to stay unknown like Satoshi it's not easy today.
They prove that from chain analysis itself, I mean from blockchain analysis
they can find the problem source of many transactions.
So it's to stay away from this it's really, really hard.
And we are on the other hand, no one likes to have their user force to do KYC.
Also for companies this is a cost. So we are not enjoying it.
But the regulator who is forcing it has some certain opinion of what kind of people use Bitcoin.
And I think if on the long run it changes this opinion it might be a good thing
because no one wants to be called criminal because we don't have anything to do with that.
And this is how some people see us who are using Bitcoin.
So I think if this is what it is, on a personal level government cannot force you to do that
but the companies can be forced because you have to have the license, you have to live in a certain country.
And this is where the pressure is right now. The governments are pressing platforms to do KYC.
And when the trouble comes it's going to be even harder. So even less privacy.
And the problem with this is even if you find ways to get around it and send money to your friend
then he will be the one who will have to pay the price.
Someone somewhere has to go and interact with someone at least this moment who is obligated to do KYC.
Well it's interesting you brought up this point because regulations and different jurisdictions are basically one of the areas now
where different countries are differentiating themselves in terms of policy or even super-country entities such as the EU.
And the topical thing on the mind right now a little bit is that there was just an election in the United States
and maybe it looks like some things are going in a more appropriate direction there.
The EU might be going in an opposite direction. James, any thoughts on this?
Yeah I mean I'm breathing a bit of sigh of relief of course as CASA being a United States company
and us seeing some of the proposed regulations over the past few years
that Biden and Democratic administration have been wanting to see.
Hopefully we can at least have a few years of relief from having to worry about any of those passing
but we could just come back around full circle in another four years.
So that's kind of the downside of politics. There is no real permanence there.
It's just about what we can deal with right now.
And at CASA we specifically do everything that we can to avoid falling under the guidance of financial regulations.
We're lucky that we are non-custodial, we don't touch anybody's money
so we're not considered a financial service, we're considered a software service.
And so far in the United States they have not managed to pull us into the umbrella of financial regulations
though there are certainly plenty of politicians and bureaucrats who would love to do that.
Any other comments on the regulatory space guys?
As Tim so said some minutes ago, the best solution for getting into Bitcoin space
is always to be paid in Bitcoin to make services, consultancy, everything you do
to be paid in Bitcoin, if you have a shop or so you can take payments in Bitcoin
like the network has been, it is very useful for such purposes.
So if you take Bitcoin in such this way you get rid of everything else.
I know that it's not easy at the moment because not so many people are usual to pay in Bitcoin
and many people are scared also to pay in Bitcoins.
In Bitcoin many people also think that Bitcoin has something financial instrument, something to speculate.
Many people still do not understand what Bitcoin really is
and so these are difficulties that we have that everyone can start earning Bitcoin.
So the best solution is this, on the other hand anytime you are using some centralized platforms
and kind of instrument you are facing the regulation.
It's obvious that when a company is located in the EU or in the US they must comply to the regulations
and so the solution is for people to find a way to enter the system in the more private and self custodial way.
I would just like to add that we are mostly talking these days about regulations coming from anti-money laundering
but these are not the only regulations that are out there
and looking at the banking world, not all regulations are necessarily bad or invading to a privacy.
So like in the banking world the NSE payments which are all used today,
they also came from certain regulations also protecting money that you put in
so we see in crypto world a lot of polarized and other unauthorized use of assets of users
for whatever reason which is really bringing bad things to crypto.
So regulations that would help crypto platforms be more secure I think would be welcome
because it's an important step to come to the point where more people will use crypto and feel safer and safer.
So unfortunately at this moment we are seeing only these very restrictive regulations coming from organizations that don't trust us at all
and think we are criminals and we want to see who is doing more crime and this is the issue that we are having.
I wouldn't like that they would change this but I agree from the chances that the best thing they could do right now is deal as well
but I'm afraid this is not going to happen. Please note not in Europe.
I made some good points and I certainly agree that this is going to be one of the big battlegrounds going forward
is the governments versus the companies versus the individuals and we'll certainly see how this plays out
but on the individual level maybe on a last note what about those of us who are already in the paranoid crypto anarchist camp?
Any final considerations that someone in that scenario might have to contend with?
I can actually tie this into the first question I see if someone is asking is a tandem wallet safe enough
and that's basically I think an NFC card hardware wallet and so is anything safe enough?
There are many different levels of security and they all protect you against different types of threats and adversaries
and so I categorize it into a number of different setups so level zero is you're a no coin or you don't have any bitcoin
you don't need to care about this stuff.
Level one you have bitcoin IOUs on exchange with a trusted third party somewhere
we talked about the basic cybersecurity that you can do to protect that
but of course you're always going to be at the whim of that custodian and any mistakes they make
or any problems that could come in and cause them to lose the coins.
The next step is you're in self custody single signature wallet
this is where like something like Tango could come into play
though the initial I think most people would just have a software wallet which is a hot wallet
you're still susceptible to attackers.
Tango is like the next level where you at least take the keys off of the internet
but what Tango and some of those types of wallets don't have is you can't actually verify the transaction details
on your separate hardware screen so you lose a little bit of verification there
and then as you were saying the sort of paranoid crypto anarchist ultimate setup
is really what I've been doing for the past 10 years which is multi signature
that basically means instead of having one key that unlocks your bitcoin
you have multiple different keys you can put them on different devices different hardware
have them geographically distributed and this gives you an extreme level of robustness
and redundancy against all types of theft and loss.
It's a fantastic way to turn this off and we're just freshly out of time here
maybe Massimo do you have any final thoughts from your answer we've also just heard from
or to anything else.
I completely agree with Jimson yes the most important is to get your coins
you use your Android device to keep safe your keys and be safe and keep your money.
Yes absolutely agree so thank you all for this great talk about equine security and privacy
and let's all do our best to stay as secure and private as possible.