if bitkey targets non-technical people to carry small balance to use daily, it's considered a hot wallet, which doesn't require a hardware device at all. there are great hot wallets that do this job very well. as soon as you step into the self-custody, cold wallet category, i expect hardcore porn security. you can’t blend hot wallet convenience with cold wallet expectations. that’s how people get wrecked. it's either full control or none at all.
Discussion
Can you give me your comments on what uou think of nunchuk multi sig ?
i think nunchuk is one of the best bitcoin wallets out there with some pretty cool features. but when it comes to storing my wealth, i don’t trust anything to generate my seeds. i create my own entropy with my own dices. not sorry for being an old school dick. 🤣
What hot wallet allows me to setup a predetermined amount (200 USD per day) that I can withdraw to a lightning wallet to spend everyday?
The bitkey requires me to set this amount using the bitkey. I leave the bitkey in a safe location somewhere else on the planet. So I don't have to worry about someone gaining access to funds. If they want it, they got to feed me for 200$ day.
And mash my thumb against the device every 24 hours.
Inheritance is hard. People we love, technically speaking, aren't going to be as comfortable with using software at all. to knowing what is important or not. they use the app as an individual who helps socially secure recoverability as well as be defined as the heir. the ease of this and the security of a hardware source of entropy makes it very attractive for even tech folks. all of the hard power benefits of self custody direction of funds and control and also providing corporate service for recoverability and inheritance both, at the cost of privacy for your utxos. thats fair enough for non dissidents, i think.
lost me at:
– recovery requires access to a device, hardware, or cloud.
i'm fine putting 0.1 btc on this thing. can't say the same for 1 btc.
if you lose your hardware device or phone or both, bitkey can recover your funds. this means it has all the information needed to move my funds. this is not a cold wallet.
Bitkey can't move our funds without us.
Yes it can
How?
If you lose your bitkey, your phone or both, it can still recover your funds, can’t it? This means they always have an encrypted copy of your keys somewhere in their cloud.
Please nostr:npub17q66c7yr5thrc9vscy2u2m7t50chjvvdwtkwp6qap6035ftv46xqmg3few help me here.
bitkey can’t move your funds. even in recovery. bitkey uses 2-of-3 multisig: phone key, hardware key and block’s server key. block holds just 1 key. that’s never enough to spend.
to your point nostr:nprofile1qyxhwumn8ghj7mn0wvhxcmmvqyw8wumn8ghj7mn0wd68ytfsxyh8jcttd95x7mnwv5hxxmmdqqs9tc6ruevfqu7nzt72kvq8te95dqfkndj5t8hlx6n79lj03q9v6xcalg0wv "if you lose your bitkey, your phone or both, it can still recover your funds..."
yes - but only with your participation. every recovery path requires a key you control or a process you initiate. here’s how:
cloud backup: your phone key is encrypted and stored in your cloud. it can only be decrypted using your hardware. if you don’t tap the device, nothing happens.
delay & notify: if you lose hardware or cloud, you can trigger recovery with the remaining key. block notifies you over sms/email for 7 days before co-signing. if you didn’t request it, you cancel it. without your key and time-based consent, recovery fails.
social recovery: if both keys are gone, your trusted contact helps decrypt your backup - but only after you prove your identity to them and they manually assist you. again, block server can’t act alone.
emergency kit (break glass): stored in your cloud, lets you bypass the app entirely. sideload the recovery tool, scan the encrypted backup and tap your hardware. it’s your key, your device - not block’s.
block can’t move your bitcoin on it's own. i hope this helps...
So does social recovery share a key with a friend in some encrypted form, and if so, who holds the key to decrypt the friend’s key?
during social recovery setup, your bitkey app encrypts the key that protects your phone key using your friend’s public key; not the phone key itself. only their device can decrypt it.
here’s the flow:
1) you invite a trusted contact
2) their bitkey app generates a public/private keypair
3) their public key is sent to your app
4) your phone key is encrypted with a random symmetric key (called PKEK)
5) that PKEK is encrypted using your friend’s public key
6) both encrypted blobs are stored in your cloud account
7) their private key stays on their phone (optionally backed up to their cloud, never to block!)
during recovery:
1) you install bitkey on a new phone and log into your cloud
2) you contact your friend (to be clear... they don’t get any automatic alert)
3) they enter a 6-digit recovery code into their bitkey app
4) their app decrypts the wrapper and returns the symmetric key (PKEK)
5) your app uses it to decrypt your phone key
6) now you’ve got 1 of your 2 keys, you can use delay & notify with new hardware to recover full access
so yes: the encryption key for your phone key is encrypted to your friend’s public key, only their device can unlock it & only when you ask. block never has your key, doesn’t see your seed and only facilitates communication between apps.
tl;dr: you choose who can help you recover. no seed phrases, no backdoors, no one else in control.
this doc might help if you want to go deeper into how it works: https://support.bitkey.world/hc/en-us/article_attachments/33164661348500
anytime... happy to help...
Interesting. Thanks for sharing
😳👀