Oct. 7, 2025
CUSTODY AND TREASURY SUMMIT: ADAM BACK
The player is loading ...
A conversation with Adam Back at Bitcoin Park's Custody and Treasury Summit in Nashville, TN. We discuss the current state of bitcoin custody and how it applies to individuals, small businesses, and public companies.
Date: September 18, 2025
Adam on Nostr: https://primal.net/adamback
Adam on X: https://x.com/adam3us
Bitcoin Park on Nostr: https://primal.net/park
Bitcoin Park: https://bitcoinpark.com/
(00:00) Teaser
(01:07) Not your keys, not your coins
(01:49) Why self custody matters: seizure and asset protection
(03:06) Early Bitcoin legal fears and Obama’s Swiss bank quote
(03:54) Individuals adopt self custody; shift to business treasuries
(04:22) Custody advice for small businesses and dentists
(05:34) Multisig basics, redundancy, and vendor diversity
(06:45) Single sig vs multi sig usability and learning curve
(07:32) Practical setups: single sig cold storage and backups
(08:24) Keeping multiple backups
(09:06) Fireproof steel backups and moving to treasury topics
(09:30) Public companies using custodians: risks and drivers
(10:48) Collaborative custody among custodians and decaying multisig
(12:10) Balancing third party risk vs operational self custody risk
(12:43) Finality, time locks, and covenant based safety nets
(13:59) Why multisig is essential for large organizations
(14:56) Industry pushback and the case for proof of reserves
(16:20) Adoption of proof of reserves and hybrid treasury strategies
(16:51) Closing and audience Q&A intro
Video: https://primal.net/e/nevent1qqsxtltftjfavnlg8ysjvnn9504l40ykq8hdw25pcmaljwdx0xp9wyswev5e3
more info on the show: https://citadeldispatch.com
learn more about me: https://odell.xyz
WEBVTT
NOTE
Transcription provided by Podhome.fm
Created: 10/07/2025 16:26:02
Duration: 1028.573
Channels: 1
1
00:00:00.080 --> 00:00:11.940
So as the saying goes, not your keys, not your coins. If if you can birth a child, you can self custody. Like, the risk you're balancing is on one side you have third party risk, and then the other side you have operational
2
00:00:12.240 --> 00:00:13.155
self custody risk.
3
00:00:17.235 --> 00:00:24.535
Risk. I'm really appreciative of these two fine gentlemen closing us out. Without any further ado, please join me in welcoming Matt O'Dell and Adam back.
4
00:00:27.410 --> 00:00:32.550
Thank you, Rod. Before we get started, I just wanted to let the record show that I like the bit key.
5
00:00:34.850 --> 00:00:37.510
The recovery process is you you download a PDF,
6
00:00:38.450 --> 00:00:52.405
and then if for some reason Square disappears, you download the APK that's on GitHub, and you scan the QR code on the PDF, and you're able to restore your funds. I've done the process. It's not, like, the most ideal process. I like seeds better, but
7
00:00:52.960 --> 00:00:55.780
it gets the job done. It's very easy to use. Anyway, guys,
8
00:00:56.400 --> 00:01:00.020
we have the legendary Adam back here with us. Can we get a round of applause for Adam?
9
00:01:06.025 --> 00:01:17.885
Adam, we're gonna be talking about custody today. Do you know anything about that? Okay. Yeah. So as the saying goes, not your keys, not your coins, and then we get into the details of how you manage your keys. Yeah. So, I mean, last cycle,
10
00:01:19.400 --> 00:01:22.680
I heard very frequently that not your keys, not your coins is FUD.
11
00:01:23.159 --> 00:01:24.700
And then FTX happened,
12
00:01:25.400 --> 00:01:26.700
and everyone realized
13
00:01:27.000 --> 00:01:27.500
that
14
00:01:29.080 --> 00:01:32.540
it was not FUD. But now we're three years later, and I feel like,
15
00:01:33.005 --> 00:01:37.744
time is a flat circle, and we're kind of back where we started in a lot of ways with new people.
16
00:01:38.204 --> 00:01:41.985
So I think a good place to start just real quick is for the individual,
17
00:01:42.845 --> 00:01:45.585
why is the ability to self custody Bitcoin
18
00:01:46.920 --> 00:01:47.660
so important?
19
00:01:49.000 --> 00:01:51.980
Well, I mean, I think if you if you think about it,
20
00:01:53.240 --> 00:01:54.300
Bitcoin is providing
21
00:01:55.160 --> 00:02:00.045
kinda asset protection in the sense of it being hard for a third party to seize your assets.
22
00:02:00.604 --> 00:02:01.104
So,
23
00:02:01.965 --> 00:02:03.744
you can think about that like in The
24
00:02:04.125 --> 00:02:06.705
US, your primary residence, if you live in the state of Florida,
25
00:02:07.485 --> 00:02:14.224
that is protected in a legal way, but an even stronger protection is you have the keys, then there's no
26
00:02:15.200 --> 00:02:18.819
pressure point that the court can go through other than you yourself
27
00:02:19.120 --> 00:02:20.500
to seize your assets preemptively.
28
00:02:20.879 --> 00:02:22.819
And unfortunately, that is actually
29
00:02:24.799 --> 00:02:32.475
a material consideration for some professions that are commonly on receiving end of legal, it's like medical professionals, dentists.
30
00:02:32.935 --> 00:02:39.995
So they will actually go and make use of these legal asset protection mechanisms because they're gonna get sort of frivolous court cases that try to
31
00:02:40.295 --> 00:02:50.370
seize their assets. And then, you know, if you find yourself in the unfortunate position of being attacked by the government, if you were involved in some activist activity or running online privacy
32
00:02:50.670 --> 00:02:52.450
servers like Tor servers, remailers,
33
00:02:53.630 --> 00:03:02.715
step one in those kinds of things is they seize all your assets so that you can't afford a lawyer, so you're an easy target. So some of the early Bitcoin developers were thinking about this as well because it was very unclear
34
00:03:03.255 --> 00:03:10.635
what the legal status of Bitcoin was, if developers could be targeted. So I think Barack Obama did actually the accidental
35
00:03:10.935 --> 00:03:11.675
best advertisement
36
00:03:11.975 --> 00:03:12.475
for
37
00:03:12.910 --> 00:03:20.370
why you should wanna custody your own Bitcoin, which is I think he was viewing it as a problem actually, but if you look online, there's a there's a thing where he says that,
38
00:03:20.670 --> 00:03:29.275
you know, everybody's walking around with a Swiss bank account in their pocket and, like, yes. You got it. But he thought it was a problem actually, and he he wanted to stop it.
39
00:03:31.255 --> 00:03:44.140
Yeah. I mean, it's actually way better than the Swiss bank now because they handed over a ton of information. So so we have on the individual side, and I remember that Barack. I've it was the whole Bitcoin community did, like, the Leo DiCaprio meme, like,
40
00:03:45.160 --> 00:03:59.955
pointing with the beer in their hand. So we on the individual side, I think I think more or less, like, it's become standard practice that when people come in, they understand the importance of self custody. Like I said, FTX did help a lot on that front. But now we're seeing more and more businesses
41
00:04:00.255 --> 00:04:03.075
adopt Bitcoin as a treasury asset, as a savings
42
00:04:03.695 --> 00:04:06.115
vehicle for their free cash flow.
43
00:04:08.015 --> 00:04:21.690
But I think it's important not to group all businesses together. Right? I think we're seeing a lot of small businesses adopt a Bitcoin, and then we're seeing these large publicly traded Bitcoin treasury companies. So I'd like to start with the on the small business side.
44
00:04:22.150 --> 00:04:31.345
If someone if a dentist office, for instance, was coming to you, let's say a heavily profitable dentist office that was making, like, a million dollars net a year, and they wanted to keep the majority
45
00:04:31.645 --> 00:04:33.425
of their free cash flow in Bitcoin,
46
00:04:34.205 --> 00:04:43.000
what would be your actionable recommendation for them in terms of how to custody that? Well, get a hardware wallet and generate the seeds,
47
00:04:44.580 --> 00:04:46.600
correctly, like, on the hardware wallet,
48
00:04:47.300 --> 00:04:49.880
and back it up in a fireproof way,
49
00:04:50.500 --> 00:04:51.000
and
50
00:04:51.380 --> 00:04:59.735
put the seeds somewhere safe that, you know, a member of staff or somebody can't easily get to. And if it's an asset protection situation,
51
00:05:00.595 --> 00:05:09.095
you kinda want that to be a bit obscure so that it's not obvious to the authorities because, you know, that that's what happens people is there. You know, there were people that were,
52
00:05:09.680 --> 00:05:11.939
I guess, selling Bitcoin OTC for cash,
53
00:05:12.479 --> 00:05:12.979
and
54
00:05:13.680 --> 00:05:17.300
that was not approved at some point. So they,
55
00:05:17.840 --> 00:05:27.175
sort of raid people's houses and take everything electronic and backup looking, and that could be a problem. So you gotta take that into account as well. So it's a little tricky sometimes to figure out where to store the backups. But
56
00:05:27.635 --> 00:05:34.055
if you're not really worried about the legal attack, at least make sure that it's not gonna be somewhere that can be stolen easily.
57
00:05:34.995 --> 00:05:38.055
And I think if you wanna go further, you can consider,
58
00:05:39.800 --> 00:05:45.100
a multisig, like a two out of three multisig with three seeds and back those up in different places.
59
00:05:45.560 --> 00:05:49.340
The extra redundancy will protect you if you lose one of them
60
00:05:49.640 --> 00:05:59.585
and use three different hardware wallet manufacturers so that if one of them has some horrible bug that nobody saw coming, you're still protected. So that's kind of the state of the art. It's a little bit complicated,
61
00:05:59.965 --> 00:06:01.665
which is, you know,
62
00:06:02.125 --> 00:06:05.505
why you see the Bitcoin discussion because usability is a factor.
63
00:06:06.060 --> 00:06:12.240
I think, you know, the counterargument to that is when people care about things, they can figure stuff out. Like, people can
64
00:06:12.780 --> 00:06:15.760
use computers. If they care about it, they can
65
00:06:16.139 --> 00:06:26.595
do a lot of things. So I think people can learn how to manage seeds. Okay. I mean the big one for me relatively recently was I became a father. Raising a child in childbirth,
66
00:06:26.974 --> 00:06:30.354
which I didn't do childbirth, my wife did, is incredibly impressive.
67
00:06:30.815 --> 00:07:01.875
Like if peep I I always say that if if if you can birth a child, you can self custody. Like, every woman out there deserves a ton of I know all the women in the world, all the mothers at least, can self custody Bitcoin. I'm not sure about the men, but maybe we'll make it more usable for them. I would I just wanna just drill into that for a second because what I hear because this is, like, it's kind of combined on the individual and small business side. Like, the recommendations are almost very similar. Right? It's self custody, learn how to do it the right way, keep your backups offline, do proper cold storage, practice, practice, practice.
68
00:07:03.530 --> 00:07:09.470
But what I see a lot on both the individual and maybe even, like, the family office, small business side is they say,
69
00:07:09.850 --> 00:07:12.750
you know, multisig is you should only do multisig.
70
00:07:13.290 --> 00:07:21.005
Single sig is not secure. And if you if you're not willing to do that, they, like, almost overwhelm you into then going and buying MSTR instead. They say go buy MSTR.
71
00:07:21.945 --> 00:07:27.405
I so I'm kinda and I so I think, like, almost as an industry, we've kinda pushed too far into the paranoid
72
00:07:28.169 --> 00:07:29.389
multisig or bust.
73
00:07:29.770 --> 00:07:31.710
And so I'm kinda curious on your opinion.
74
00:07:32.810 --> 00:07:37.150
For, like, the average person, you know, maybe their threat model doesn't include a government,
75
00:07:38.810 --> 00:07:39.310
like,
76
00:07:39.690 --> 00:07:41.229
single SIG, self custody,
77
00:07:41.944 --> 00:07:50.505
cold storage, you know, you buy a single hardware wallet, you put it on steel is is pretty fucking good. Right? Oh, it is good. Yeah. I mean, that's that's certainly where I started with,
78
00:07:51.465 --> 00:08:07.460
it's before the HD wallet. So it was with, Bitcoin Armory, which is you have two laptops, and you take the network card out of one, and that's your hardware wallet. And it generates the seeds, which were a different standard at that time, and you write them down. And I think they were already
79
00:08:08.235 --> 00:08:12.235
fireproof backups, but they just were a different format. I think where things and it it was using,
80
00:08:13.835 --> 00:08:15.854
you know, not multi sig, but,
81
00:08:16.635 --> 00:08:17.695
some kind of,
82
00:08:18.715 --> 00:08:20.975
what do you call that, like a redundancy encoding
83
00:08:21.435 --> 00:08:22.495
so that you can,
84
00:08:24.600 --> 00:08:38.175
With something like Shamir's or something like that? Shamir thing. But it was a custom one that they did. So, anyway, you could you could say you wanted two or three, and it would it would reconstruct to one seed. I mean, it's a one private key. So, actually, it wasn't multisig, but it had the redundant backup.
85
00:08:38.654 --> 00:08:42.195
So that's another way to go. And I I think the redundant backup is good because
86
00:08:43.214 --> 00:08:43.955
people will,
87
00:08:45.535 --> 00:08:51.740
forget things if they hide them in clever places after a few years when they don't they don't have to use it frequently.
88
00:08:52.440 --> 00:09:00.220
Yeah. So keep two backups at least. Yeah. I would say so. And then, like, if you're keeping it in your house or something, your house burns down, like, it's good to have it somewhere else.
89
00:09:00.600 --> 00:09:03.740
Yeah. And and this the fireproof backup things are
90
00:09:04.085 --> 00:09:11.225
pretty reasonable to use as well, like the crypto steels. Little steel plate washers. Okay. Let's get into treasury companies because
91
00:09:12.085 --> 00:09:23.180
I think most people in this room are aware that you're launching your own. These treasury companies, these large businesses, specifically, I mean, you have, like, MSTR and then you have everyone else. I don't believe any of the
92
00:09:24.199 --> 00:09:31.019
I don't I don't know of any of them that are actually doing self custody, and they're mostly using regulated custodians. Twofold,
93
00:09:32.360 --> 00:09:33.100
how should
94
00:09:34.305 --> 00:09:37.205
people that are are are trying to analyze
95
00:09:37.585 --> 00:09:43.925
these different stocks and whether or not they should buy them think about that risk? And second of all, how should officers of those companies
96
00:09:44.305 --> 00:09:48.005
think about that risk? And moving forward, should they be moving to better models,
97
00:09:48.500 --> 00:09:52.839
or is the the current status quo sufficient? I mean, I think what,
98
00:09:53.459 --> 00:09:55.560
started them on a track of using
99
00:09:56.660 --> 00:09:57.720
custody providers
100
00:09:58.100 --> 00:09:58.600
is,
101
00:09:59.779 --> 00:10:05.375
whatever they do, they have to get their public company audit firm, you know, one of the big four typically,
102
00:10:05.835 --> 00:10:06.335
to,
103
00:10:07.595 --> 00:10:15.615
be willing to give it a stamp of approval. And so that's a kind of defensive standard, so they're probably gonna advise them to use a qualified custodian
104
00:10:16.140 --> 00:10:18.800
in a certain country with a certain set of licenses
105
00:10:19.180 --> 00:10:23.440
and audit off the custodian itself. Right? But I have talked to
106
00:10:23.740 --> 00:10:24.800
public market
107
00:10:25.660 --> 00:10:28.240
treasury companies who are, you know, looking at
108
00:10:28.545 --> 00:10:35.045
soft custody as well, so it's not something that they are unsensitive to. And one thing that we like Blockstream,
109
00:10:36.305 --> 00:10:39.605
we've been working with some developing custody technology
110
00:10:40.065 --> 00:10:40.565
and
111
00:10:41.000 --> 00:10:48.300
working with licensed custodians to integrate that is the concept of collaborative custody at the custodian level.
112
00:10:48.680 --> 00:10:50.700
So let's say that you're working with,
113
00:10:51.480 --> 00:10:53.180
you know, two independent
114
00:10:54.455 --> 00:11:14.070
audited custodians and you make a two or three where you have one of the keys that's already better than the single custodian because, they have to collaborate with each other. So it wouldn't be just, like, one rogue, you know, one company, one custody company with a a bad practice or a rogue employee somehow managed to work overtime and overcome it, and then your funds are gone.
115
00:11:14.450 --> 00:11:16.150
Because if that situation develops,
116
00:11:16.530 --> 00:11:23.365
the other company wouldn't or you wouldn't if you have to sign it. And I think the other thing is, you know, we've got AnkerWatch
117
00:11:23.665 --> 00:11:31.045
in the room as well is the decaying multi sig concept. Right? So you can start with a certain setup. So you could start with
118
00:11:31.345 --> 00:11:40.270
you having two of the keys and the custodians having the same key each or something. So if one of the custodians fails, you still have the redundancy, and they can't do anything without you.
119
00:11:40.730 --> 00:11:41.390
And then
120
00:11:41.930 --> 00:11:45.630
to protect yourself, if you make a operational blunder,
121
00:11:46.570 --> 00:11:52.605
that over time, that could swing to the other direction. So I think it's possible to provide a kind of safety net where
122
00:11:53.065 --> 00:12:03.805
you're protected from backup failures of your own and protected from reliance on third parties at the same time, so it can kind of fall back to relying on third parties to help you recover access
123
00:12:04.260 --> 00:12:09.960
if you make an operational mistake, but start from a point of view that you're in control de facto to start with.
124
00:12:10.660 --> 00:12:23.115
I mean, you're kind of balancing. Right? The the risk you're balancing is on one side, you have third party risk, and then the other side, you have operational self custody risk. Right? Yeah. I think, you know, apart from those mechanisms,
125
00:12:24.055 --> 00:12:34.190
the thing that makes it somewhat dangerous to manage Bitcoin custody is if it if somebody gets access who shouldn't have access, it's gone. Right? A Bitcoin transaction is final.
126
00:12:34.730 --> 00:12:38.750
You can go complain to developers and miners all you want. It's not going undone,
127
00:12:39.130 --> 00:12:44.430
and that's a feature of the network, so you sort of have to have to accept that's how it works. And,
128
00:12:45.450 --> 00:12:47.550
the only way around that really is
129
00:12:48.705 --> 00:13:05.310
the smart contract or, you know, Bitcoin script equivalent of time locked bolts, which you can just about do using Bitcoin script, but it's a bit it has side effects. It's not not ideal for backup. You basically have to pre sign lots of transactions, and then you've gotta back those transactions up.
130
00:13:06.090 --> 00:13:10.670
But, you know, there are in the covenant discussion, I think that is probably the most,
131
00:13:11.930 --> 00:13:30.625
compelling reason to even want covenants is is to have this kind of protection because with that, you can have custodians in the two of three. And if the custodians conspire and you move you I mean, you move the Bitcoin and you weren't expecting it, you can cancel it. Right? So if you're in a situation where you don't need to move money quickly, you can say, well, if,
132
00:13:31.085 --> 00:13:35.350
you know, all of the coins, if they move, I should have a week to cancel them,
133
00:13:35.730 --> 00:13:42.150
then you can override that kind of thing and reassert control. So that sort of provides you with a bit of a safety net.
134
00:13:42.690 --> 00:13:45.590
And so there are there are companies working on
135
00:13:46.375 --> 00:13:51.355
sort of prototype versions of doing that with current Bitcoin script using lots of presigned transactions.
136
00:13:51.815 --> 00:13:53.834
And there are designs for doing
137
00:13:54.375 --> 00:14:01.110
it with, you know, it doesn't really matter that much which covenant. They can mostly do that kind of thing. I I mean, I think in general,
138
00:14:02.050 --> 00:14:09.430
when it comes to large organizations or companies, like, multisig is by far the gold standard. Like, I think it was important that we covered that for individuals
139
00:14:10.370 --> 00:14:22.024
and smaller businesses that are getting involved with Bitcoin, single sig is is incredibly powerful and and doesn't have as much of an operational burden to manage. But when when you're talking about large organizations, I mean, just from the the pure
140
00:14:22.725 --> 00:14:33.490
the pure example of, like, micro strategy, like, sailors shouldn't have 600,000 Bitcoin on a cold card. Right? Because then all of a sudden you you you enter territory where you have a single individual risk,
141
00:14:34.269 --> 00:14:39.570
where if if that individual gets compromised or is malicious, then they can rug the entire organization.
142
00:14:40.110 --> 00:14:43.490
So I think multisig solves a lot of things. I do question
143
00:14:44.695 --> 00:14:54.235
how quickly the industry will actually move to these superior models. I mean, we've seen Saylor specifically who is very much the leader of the movement
144
00:14:54.615 --> 00:14:55.995
push back against it.
145
00:14:56.310 --> 00:15:01.290
And and he is and combined with that is this this whole concept of proof of reserves.
146
00:15:01.670 --> 00:15:03.610
So I'm kind of curious on your opinion
147
00:15:04.230 --> 00:15:23.725
on whether or not basically the industry and investors should be demanding proof of reserves from these companies and because it I feel like that is goes hand in hand with how you choose your custodians and and how you handle custody. Yeah. I mean, I think the somebody was pushed on that. I think Coinbase tried to argue against that on some
148
00:15:25.080 --> 00:15:37.580
operational security reasons. I know Sailor specifically said it causes operational security issues. I've seen Coinbase say the same thing, but I don't I don't really see it. I mean, the whole the block explorer is public. You can go find some high value
149
00:15:38.204 --> 00:15:46.944
coins and point at them. I think it's you no advantage in seizing them or stealing them. Right? So I don't I don't really buy it. So and I think it it doesn't hurt, you know. It only helps confidence
150
00:15:47.404 --> 00:15:50.545
in the in the company. I mean, they they're paying for audit statement.
151
00:15:51.710 --> 00:16:00.530
A block explorer link is very cheap, so they can just ask their custodian or if they're cold steering it, provide the links. It's pretty easy and doesn't hurt.
152
00:16:02.190 --> 00:16:06.450
Yeah. So the and and a few of them are doing it. So, you know, it shows it can be done without issue.
153
00:16:07.355 --> 00:16:07.855
Yeah.
154
00:16:08.555 --> 00:16:12.815
Yeah. I mean, even the country of El Salvador is doing it. Yeah. There you go. Example.
155
00:16:13.115 --> 00:16:20.095
But, yeah, I the ones that I know of is Meta Planet and XXI are doing it. I mean, do you think it's gonna become more common, at least to prove reserves piece?
156
00:16:20.560 --> 00:16:21.940
Yeah. It could. I mean,
157
00:16:22.319 --> 00:16:27.300
I think, you know, with a company like Meta Planet, they are doing a hybrid approach. So
158
00:16:27.759 --> 00:16:33.779
they when they raise money, they put most of it into buying a cost during Bitcoin, but they do with a bit of it, they're doing
159
00:16:34.254 --> 00:16:39.875
call strategies. It's part of their strategy. There's presumably some tax or specific reason for it.
160
00:16:40.894 --> 00:16:47.060
So, of course, those are they can't provide links for that because it's, like, an option position on some platform.
161
00:16:47.600 --> 00:16:50.980
Right? But for the cold store Bitcoin, yeah, I think why not, really?
162
00:16:51.840 --> 00:16:54.500
Love it. Should we rip some q and a for the audience?
163
00:16:55.120 --> 00:16:58.340
Yeah. All good. First of all, can we get a huge round of applause for
NOTE
Transcription provided by Podhome.fm
Created: 10/07/2025 16:26:02
Duration: 1028.573
Channels: 1
1
00:00:00.080 --> 00:00:11.940
So as the saying goes, not your keys, not your coins. If if you can birth a child, you can self custody. Like, the risk you're balancing is on one side you have third party risk, and then the other side you have operational
2
00:00:12.240 --> 00:00:13.155
self custody risk.
3
00:00:17.235 --> 00:00:24.535
Risk. I'm really appreciative of these two fine gentlemen closing us out. Without any further ado, please join me in welcoming Matt O'Dell and Adam back.
4
00:00:27.410 --> 00:00:32.550
Thank you, Rod. Before we get started, I just wanted to let the record show that I like the bit key.
5
00:00:34.850 --> 00:00:37.510
The recovery process is you you download a PDF,
6
00:00:38.450 --> 00:00:52.405
and then if for some reason Square disappears, you download the APK that's on GitHub, and you scan the QR code on the PDF, and you're able to restore your funds. I've done the process. It's not, like, the most ideal process. I like seeds better, but
7
00:00:52.960 --> 00:00:55.780
it gets the job done. It's very easy to use. Anyway, guys,
8
00:00:56.400 --> 00:01:00.020
we have the legendary Adam back here with us. Can we get a round of applause for Adam?
9
00:01:06.025 --> 00:01:17.885
Adam, we're gonna be talking about custody today. Do you know anything about that? Okay. Yeah. So as the saying goes, not your keys, not your coins, and then we get into the details of how you manage your keys. Yeah. So, I mean, last cycle,
10
00:01:19.400 --> 00:01:22.680
I heard very frequently that not your keys, not your coins is FUD.
11
00:01:23.159 --> 00:01:24.700
And then FTX happened,
12
00:01:25.400 --> 00:01:26.700
and everyone realized
13
00:01:27.000 --> 00:01:27.500
that
14
00:01:29.080 --> 00:01:32.540
it was not FUD. But now we're three years later, and I feel like,
15
00:01:33.005 --> 00:01:37.744
time is a flat circle, and we're kind of back where we started in a lot of ways with new people.
16
00:01:38.204 --> 00:01:41.985
So I think a good place to start just real quick is for the individual,
17
00:01:42.845 --> 00:01:45.585
why is the ability to self custody Bitcoin
18
00:01:46.920 --> 00:01:47.660
so important?
19
00:01:49.000 --> 00:01:51.980
Well, I mean, I think if you if you think about it,
20
00:01:53.240 --> 00:01:54.300
Bitcoin is providing
21
00:01:55.160 --> 00:02:00.045
kinda asset protection in the sense of it being hard for a third party to seize your assets.
22
00:02:00.604 --> 00:02:01.104
So,
23
00:02:01.965 --> 00:02:03.744
you can think about that like in The
24
00:02:04.125 --> 00:02:06.705
US, your primary residence, if you live in the state of Florida,
25
00:02:07.485 --> 00:02:14.224
that is protected in a legal way, but an even stronger protection is you have the keys, then there's no
26
00:02:15.200 --> 00:02:18.819
pressure point that the court can go through other than you yourself
27
00:02:19.120 --> 00:02:20.500
to seize your assets preemptively.
28
00:02:20.879 --> 00:02:22.819
And unfortunately, that is actually
29
00:02:24.799 --> 00:02:32.475
a material consideration for some professions that are commonly on receiving end of legal, it's like medical professionals, dentists.
30
00:02:32.935 --> 00:02:39.995
So they will actually go and make use of these legal asset protection mechanisms because they're gonna get sort of frivolous court cases that try to
31
00:02:40.295 --> 00:02:50.370
seize their assets. And then, you know, if you find yourself in the unfortunate position of being attacked by the government, if you were involved in some activist activity or running online privacy
32
00:02:50.670 --> 00:02:52.450
servers like Tor servers, remailers,
33
00:02:53.630 --> 00:03:02.715
step one in those kinds of things is they seize all your assets so that you can't afford a lawyer, so you're an easy target. So some of the early Bitcoin developers were thinking about this as well because it was very unclear
34
00:03:03.255 --> 00:03:10.635
what the legal status of Bitcoin was, if developers could be targeted. So I think Barack Obama did actually the accidental
35
00:03:10.935 --> 00:03:11.675
best advertisement
36
00:03:11.975 --> 00:03:12.475
for
37
00:03:12.910 --> 00:03:20.370
why you should wanna custody your own Bitcoin, which is I think he was viewing it as a problem actually, but if you look online, there's a there's a thing where he says that,
38
00:03:20.670 --> 00:03:29.275
you know, everybody's walking around with a Swiss bank account in their pocket and, like, yes. You got it. But he thought it was a problem actually, and he he wanted to stop it.
39
00:03:31.255 --> 00:03:44.140
Yeah. I mean, it's actually way better than the Swiss bank now because they handed over a ton of information. So so we have on the individual side, and I remember that Barack. I've it was the whole Bitcoin community did, like, the Leo DiCaprio meme, like,
40
00:03:45.160 --> 00:03:59.955
pointing with the beer in their hand. So we on the individual side, I think I think more or less, like, it's become standard practice that when people come in, they understand the importance of self custody. Like I said, FTX did help a lot on that front. But now we're seeing more and more businesses
41
00:04:00.255 --> 00:04:03.075
adopt Bitcoin as a treasury asset, as a savings
42
00:04:03.695 --> 00:04:06.115
vehicle for their free cash flow.
43
00:04:08.015 --> 00:04:21.690
But I think it's important not to group all businesses together. Right? I think we're seeing a lot of small businesses adopt a Bitcoin, and then we're seeing these large publicly traded Bitcoin treasury companies. So I'd like to start with the on the small business side.
44
00:04:22.150 --> 00:04:31.345
If someone if a dentist office, for instance, was coming to you, let's say a heavily profitable dentist office that was making, like, a million dollars net a year, and they wanted to keep the majority
45
00:04:31.645 --> 00:04:33.425
of their free cash flow in Bitcoin,
46
00:04:34.205 --> 00:04:43.000
what would be your actionable recommendation for them in terms of how to custody that? Well, get a hardware wallet and generate the seeds,
47
00:04:44.580 --> 00:04:46.600
correctly, like, on the hardware wallet,
48
00:04:47.300 --> 00:04:49.880
and back it up in a fireproof way,
49
00:04:50.500 --> 00:04:51.000
and
50
00:04:51.380 --> 00:04:59.735
put the seeds somewhere safe that, you know, a member of staff or somebody can't easily get to. And if it's an asset protection situation,
51
00:05:00.595 --> 00:05:09.095
you kinda want that to be a bit obscure so that it's not obvious to the authorities because, you know, that that's what happens people is there. You know, there were people that were,
52
00:05:09.680 --> 00:05:11.939
I guess, selling Bitcoin OTC for cash,
53
00:05:12.479 --> 00:05:12.979
and
54
00:05:13.680 --> 00:05:17.300
that was not approved at some point. So they,
55
00:05:17.840 --> 00:05:27.175
sort of raid people's houses and take everything electronic and backup looking, and that could be a problem. So you gotta take that into account as well. So it's a little tricky sometimes to figure out where to store the backups. But
56
00:05:27.635 --> 00:05:34.055
if you're not really worried about the legal attack, at least make sure that it's not gonna be somewhere that can be stolen easily.
57
00:05:34.995 --> 00:05:38.055
And I think if you wanna go further, you can consider,
58
00:05:39.800 --> 00:05:45.100
a multisig, like a two out of three multisig with three seeds and back those up in different places.
59
00:05:45.560 --> 00:05:49.340
The extra redundancy will protect you if you lose one of them
60
00:05:49.640 --> 00:05:59.585
and use three different hardware wallet manufacturers so that if one of them has some horrible bug that nobody saw coming, you're still protected. So that's kind of the state of the art. It's a little bit complicated,
61
00:05:59.965 --> 00:06:01.665
which is, you know,
62
00:06:02.125 --> 00:06:05.505
why you see the Bitcoin discussion because usability is a factor.
63
00:06:06.060 --> 00:06:12.240
I think, you know, the counterargument to that is when people care about things, they can figure stuff out. Like, people can
64
00:06:12.780 --> 00:06:15.760
use computers. If they care about it, they can
65
00:06:16.139 --> 00:06:26.595
do a lot of things. So I think people can learn how to manage seeds. Okay. I mean the big one for me relatively recently was I became a father. Raising a child in childbirth,
66
00:06:26.974 --> 00:06:30.354
which I didn't do childbirth, my wife did, is incredibly impressive.
67
00:06:30.815 --> 00:07:01.875
Like if peep I I always say that if if if you can birth a child, you can self custody. Like, every woman out there deserves a ton of I know all the women in the world, all the mothers at least, can self custody Bitcoin. I'm not sure about the men, but maybe we'll make it more usable for them. I would I just wanna just drill into that for a second because what I hear because this is, like, it's kind of combined on the individual and small business side. Like, the recommendations are almost very similar. Right? It's self custody, learn how to do it the right way, keep your backups offline, do proper cold storage, practice, practice, practice.
68
00:07:03.530 --> 00:07:09.470
But what I see a lot on both the individual and maybe even, like, the family office, small business side is they say,
69
00:07:09.850 --> 00:07:12.750
you know, multisig is you should only do multisig.
70
00:07:13.290 --> 00:07:21.005
Single sig is not secure. And if you if you're not willing to do that, they, like, almost overwhelm you into then going and buying MSTR instead. They say go buy MSTR.
71
00:07:21.945 --> 00:07:27.405
I so I'm kinda and I so I think, like, almost as an industry, we've kinda pushed too far into the paranoid
72
00:07:28.169 --> 00:07:29.389
multisig or bust.
73
00:07:29.770 --> 00:07:31.710
And so I'm kinda curious on your opinion.
74
00:07:32.810 --> 00:07:37.150
For, like, the average person, you know, maybe their threat model doesn't include a government,
75
00:07:38.810 --> 00:07:39.310
like,
76
00:07:39.690 --> 00:07:41.229
single SIG, self custody,
77
00:07:41.944 --> 00:07:50.505
cold storage, you know, you buy a single hardware wallet, you put it on steel is is pretty fucking good. Right? Oh, it is good. Yeah. I mean, that's that's certainly where I started with,
78
00:07:51.465 --> 00:08:07.460
it's before the HD wallet. So it was with, Bitcoin Armory, which is you have two laptops, and you take the network card out of one, and that's your hardware wallet. And it generates the seeds, which were a different standard at that time, and you write them down. And I think they were already
79
00:08:08.235 --> 00:08:12.235
fireproof backups, but they just were a different format. I think where things and it it was using,
80
00:08:13.835 --> 00:08:15.854
you know, not multi sig, but,
81
00:08:16.635 --> 00:08:17.695
some kind of,
82
00:08:18.715 --> 00:08:20.975
what do you call that, like a redundancy encoding
83
00:08:21.435 --> 00:08:22.495
so that you can,
84
00:08:24.600 --> 00:08:38.175
With something like Shamir's or something like that? Shamir thing. But it was a custom one that they did. So, anyway, you could you could say you wanted two or three, and it would it would reconstruct to one seed. I mean, it's a one private key. So, actually, it wasn't multisig, but it had the redundant backup.
85
00:08:38.654 --> 00:08:42.195
So that's another way to go. And I I think the redundant backup is good because
86
00:08:43.214 --> 00:08:43.955
people will,
87
00:08:45.535 --> 00:08:51.740
forget things if they hide them in clever places after a few years when they don't they don't have to use it frequently.
88
00:08:52.440 --> 00:09:00.220
Yeah. So keep two backups at least. Yeah. I would say so. And then, like, if you're keeping it in your house or something, your house burns down, like, it's good to have it somewhere else.
89
00:09:00.600 --> 00:09:03.740
Yeah. And and this the fireproof backup things are
90
00:09:04.085 --> 00:09:11.225
pretty reasonable to use as well, like the crypto steels. Little steel plate washers. Okay. Let's get into treasury companies because
91
00:09:12.085 --> 00:09:23.180
I think most people in this room are aware that you're launching your own. These treasury companies, these large businesses, specifically, I mean, you have, like, MSTR and then you have everyone else. I don't believe any of the
92
00:09:24.199 --> 00:09:31.019
I don't I don't know of any of them that are actually doing self custody, and they're mostly using regulated custodians. Twofold,
93
00:09:32.360 --> 00:09:33.100
how should
94
00:09:34.305 --> 00:09:37.205
people that are are are trying to analyze
95
00:09:37.585 --> 00:09:43.925
these different stocks and whether or not they should buy them think about that risk? And second of all, how should officers of those companies
96
00:09:44.305 --> 00:09:48.005
think about that risk? And moving forward, should they be moving to better models,
97
00:09:48.500 --> 00:09:52.839
or is the the current status quo sufficient? I mean, I think what,
98
00:09:53.459 --> 00:09:55.560
started them on a track of using
99
00:09:56.660 --> 00:09:57.720
custody providers
100
00:09:58.100 --> 00:09:58.600
is,
101
00:09:59.779 --> 00:10:05.375
whatever they do, they have to get their public company audit firm, you know, one of the big four typically,
102
00:10:05.835 --> 00:10:06.335
to,
103
00:10:07.595 --> 00:10:15.615
be willing to give it a stamp of approval. And so that's a kind of defensive standard, so they're probably gonna advise them to use a qualified custodian
104
00:10:16.140 --> 00:10:18.800
in a certain country with a certain set of licenses
105
00:10:19.180 --> 00:10:23.440
and audit off the custodian itself. Right? But I have talked to
106
00:10:23.740 --> 00:10:24.800
public market
107
00:10:25.660 --> 00:10:28.240
treasury companies who are, you know, looking at
108
00:10:28.545 --> 00:10:35.045
soft custody as well, so it's not something that they are unsensitive to. And one thing that we like Blockstream,
109
00:10:36.305 --> 00:10:39.605
we've been working with some developing custody technology
110
00:10:40.065 --> 00:10:40.565
and
111
00:10:41.000 --> 00:10:48.300
working with licensed custodians to integrate that is the concept of collaborative custody at the custodian level.
112
00:10:48.680 --> 00:10:50.700
So let's say that you're working with,
113
00:10:51.480 --> 00:10:53.180
you know, two independent
114
00:10:54.455 --> 00:11:14.070
audited custodians and you make a two or three where you have one of the keys that's already better than the single custodian because, they have to collaborate with each other. So it wouldn't be just, like, one rogue, you know, one company, one custody company with a a bad practice or a rogue employee somehow managed to work overtime and overcome it, and then your funds are gone.
115
00:11:14.450 --> 00:11:16.150
Because if that situation develops,
116
00:11:16.530 --> 00:11:23.365
the other company wouldn't or you wouldn't if you have to sign it. And I think the other thing is, you know, we've got AnkerWatch
117
00:11:23.665 --> 00:11:31.045
in the room as well is the decaying multi sig concept. Right? So you can start with a certain setup. So you could start with
118
00:11:31.345 --> 00:11:40.270
you having two of the keys and the custodians having the same key each or something. So if one of the custodians fails, you still have the redundancy, and they can't do anything without you.
119
00:11:40.730 --> 00:11:41.390
And then
120
00:11:41.930 --> 00:11:45.630
to protect yourself, if you make a operational blunder,
121
00:11:46.570 --> 00:11:52.605
that over time, that could swing to the other direction. So I think it's possible to provide a kind of safety net where
122
00:11:53.065 --> 00:12:03.805
you're protected from backup failures of your own and protected from reliance on third parties at the same time, so it can kind of fall back to relying on third parties to help you recover access
123
00:12:04.260 --> 00:12:09.960
if you make an operational mistake, but start from a point of view that you're in control de facto to start with.
124
00:12:10.660 --> 00:12:23.115
I mean, you're kind of balancing. Right? The the risk you're balancing is on one side, you have third party risk, and then the other side, you have operational self custody risk. Right? Yeah. I think, you know, apart from those mechanisms,
125
00:12:24.055 --> 00:12:34.190
the thing that makes it somewhat dangerous to manage Bitcoin custody is if it if somebody gets access who shouldn't have access, it's gone. Right? A Bitcoin transaction is final.
126
00:12:34.730 --> 00:12:38.750
You can go complain to developers and miners all you want. It's not going undone,
127
00:12:39.130 --> 00:12:44.430
and that's a feature of the network, so you sort of have to have to accept that's how it works. And,
128
00:12:45.450 --> 00:12:47.550
the only way around that really is
129
00:12:48.705 --> 00:13:05.310
the smart contract or, you know, Bitcoin script equivalent of time locked bolts, which you can just about do using Bitcoin script, but it's a bit it has side effects. It's not not ideal for backup. You basically have to pre sign lots of transactions, and then you've gotta back those transactions up.
130
00:13:06.090 --> 00:13:10.670
But, you know, there are in the covenant discussion, I think that is probably the most,
131
00:13:11.930 --> 00:13:30.625
compelling reason to even want covenants is is to have this kind of protection because with that, you can have custodians in the two of three. And if the custodians conspire and you move you I mean, you move the Bitcoin and you weren't expecting it, you can cancel it. Right? So if you're in a situation where you don't need to move money quickly, you can say, well, if,
132
00:13:31.085 --> 00:13:35.350
you know, all of the coins, if they move, I should have a week to cancel them,
133
00:13:35.730 --> 00:13:42.150
then you can override that kind of thing and reassert control. So that sort of provides you with a bit of a safety net.
134
00:13:42.690 --> 00:13:45.590
And so there are there are companies working on
135
00:13:46.375 --> 00:13:51.355
sort of prototype versions of doing that with current Bitcoin script using lots of presigned transactions.
136
00:13:51.815 --> 00:13:53.834
And there are designs for doing
137
00:13:54.375 --> 00:14:01.110
it with, you know, it doesn't really matter that much which covenant. They can mostly do that kind of thing. I I mean, I think in general,
138
00:14:02.050 --> 00:14:09.430
when it comes to large organizations or companies, like, multisig is by far the gold standard. Like, I think it was important that we covered that for individuals
139
00:14:10.370 --> 00:14:22.024
and smaller businesses that are getting involved with Bitcoin, single sig is is incredibly powerful and and doesn't have as much of an operational burden to manage. But when when you're talking about large organizations, I mean, just from the the pure
140
00:14:22.725 --> 00:14:33.490
the pure example of, like, micro strategy, like, sailors shouldn't have 600,000 Bitcoin on a cold card. Right? Because then all of a sudden you you you enter territory where you have a single individual risk,
141
00:14:34.269 --> 00:14:39.570
where if if that individual gets compromised or is malicious, then they can rug the entire organization.
142
00:14:40.110 --> 00:14:43.490
So I think multisig solves a lot of things. I do question
143
00:14:44.695 --> 00:14:54.235
how quickly the industry will actually move to these superior models. I mean, we've seen Saylor specifically who is very much the leader of the movement
144
00:14:54.615 --> 00:14:55.995
push back against it.
145
00:14:56.310 --> 00:15:01.290
And and he is and combined with that is this this whole concept of proof of reserves.
146
00:15:01.670 --> 00:15:03.610
So I'm kind of curious on your opinion
147
00:15:04.230 --> 00:15:23.725
on whether or not basically the industry and investors should be demanding proof of reserves from these companies and because it I feel like that is goes hand in hand with how you choose your custodians and and how you handle custody. Yeah. I mean, I think the somebody was pushed on that. I think Coinbase tried to argue against that on some
148
00:15:25.080 --> 00:15:37.580
operational security reasons. I know Sailor specifically said it causes operational security issues. I've seen Coinbase say the same thing, but I don't I don't really see it. I mean, the whole the block explorer is public. You can go find some high value
149
00:15:38.204 --> 00:15:46.944
coins and point at them. I think it's you no advantage in seizing them or stealing them. Right? So I don't I don't really buy it. So and I think it it doesn't hurt, you know. It only helps confidence
150
00:15:47.404 --> 00:15:50.545
in the in the company. I mean, they they're paying for audit statement.
151
00:15:51.710 --> 00:16:00.530
A block explorer link is very cheap, so they can just ask their custodian or if they're cold steering it, provide the links. It's pretty easy and doesn't hurt.
152
00:16:02.190 --> 00:16:06.450
Yeah. So the and and a few of them are doing it. So, you know, it shows it can be done without issue.
153
00:16:07.355 --> 00:16:07.855
Yeah.
154
00:16:08.555 --> 00:16:12.815
Yeah. I mean, even the country of El Salvador is doing it. Yeah. There you go. Example.
155
00:16:13.115 --> 00:16:20.095
But, yeah, I the ones that I know of is Meta Planet and XXI are doing it. I mean, do you think it's gonna become more common, at least to prove reserves piece?
156
00:16:20.560 --> 00:16:21.940
Yeah. It could. I mean,
157
00:16:22.319 --> 00:16:27.300
I think, you know, with a company like Meta Planet, they are doing a hybrid approach. So
158
00:16:27.759 --> 00:16:33.779
they when they raise money, they put most of it into buying a cost during Bitcoin, but they do with a bit of it, they're doing
159
00:16:34.254 --> 00:16:39.875
call strategies. It's part of their strategy. There's presumably some tax or specific reason for it.
160
00:16:40.894 --> 00:16:47.060
So, of course, those are they can't provide links for that because it's, like, an option position on some platform.
161
00:16:47.600 --> 00:16:50.980
Right? But for the cold store Bitcoin, yeah, I think why not, really?
162
00:16:51.840 --> 00:16:54.500
Love it. Should we rip some q and a for the audience?
163
00:16:55.120 --> 00:16:58.340
Yeah. All good. First of all, can we get a huge round of applause for
