Lol. Pin to the hardware wallet. π
You don't need a hardware wallet to create a cold bitcoin address. And we have no idea how they have set this up.
What we do know is that it is using an older address type Pay-To-Script-Hash (starting with 3). So it's likely not a simple single signature address.
I always wonder how all these "whales" store their Bitcoin. Like what if Saylor has a heart attack tomorrow. What mechanisms does he have in place so that Microstrategy continues? I still stand by my assessment of Bukele. π€£
Saylor uses a custodial service. At least for his company.
Until now, so has bukele. Pretty sure this is a small percentage of his stack that he's taking off the exchange but it's good because until now I think it was custodied with an American company.
Oh and re: pin to the hardware wallet. That's literally the only defense they have to sign transactions π€£π€£π€£ what am I missing here?
Not at all, actually the reason why a hardware wallet can rely on pin security is because as a physical device it assumes there will be physical security too (e.g. in a location protected by secret service inside a safe within a room that only authorised personnel can enter etc.). Also it may have a self destruct feature like the ColdCard, where it bricks itself after a few incorrect tries with no way to recover.
But talking just in general about wallets set up by hardware devices, you'll always be told to write something down, back it up, hide it, maybe stamp it into steel. Maybe you are given many things to back up, but for a typical user setting up their first wallet, it's usually 12 or 24 words that they need to keep a copy of.
It's the copy that is the most important thing. Hardware wallets are not built to live forever. Electronics can fail, they can be broken and they can be lost or stolen.
The backup is actually your master, the device is more like your secondary which is designed to kill itself before giving up your private key, but also built such that it could kill itself when you make a few mistakes and it can do that because it knows it is a secondary.
The physical backup needs even stronger security, maybe it is split into parts (using a cryptographically sound method like seedxor or Shamirs secret sharing scheme) and secured in different locations.
You use the primary if the hardware wallet is compromised, lost or whatever, so it can be put out of reach where it takes days to get to if you need.
With more corporate situations, you're probably going to use a multi signature wallet where there are multiple keys and signing is a multi step process where different people are responsible for each key and there is a well thought out signing ritual.
If I were president, I would also be sure to consider a way to hand over the bitcoin to the next political party that gets sworn in and make sure it is a well thought out and well documented process. It would probably involve generating new keys and a new address and having the funds sent to the new address because you can't trust people to lose their keys.
Great explanation. It's gonna be interesting to see the transition of power in El Salvador. It's a lot harder to smuggle cash and gold vs. a pneumonic or two. We still don't know who controls which seed or what the process is. The guy hasn't been transparent about the process at all. Like I mentioned earlier, no one even knew he had that much Bitcoin and he's claiming it's just a "chunk".
I agree, there isn't a massive amount of transparency.
