What people dont realize is that this guy is going to load up on Bitcoin with state funds and disappear with the keys one day. Can't be sanctioned, can't be frozen, or seized. No one even knew until this tweet that he had this much. Where are the seed phrases? Who has the pin to the hardware wallet?
Discussion
If I wanted to flee and disappear the funds, I wouldnβt have made them public. Now we all know how much there is and the Salvadoran people and the world can audit it.
Rather, the question is: how or who has the keys to that wallet?
What cold wallet would you trust all that Bitcoin?
Personally, the only hardware wallet I trust is a Coldcard. But yes, it ultimately comes down to 24 words and maybe a passphrase. I am assuming multi-sig. But if he was hypothetically deposed, what then? He just hands the seed phrase to the next guy? Is the next guy going to even know how Bitcoin works? Or does he get in a jet to the middle East and transfer the $400+ million somewhere else? Saddam Hussein had pallets of cash and gold which he had no intention of handing over. Again I'm just speculating.
Lol. Pin to the hardware wallet. π
You don't need a hardware wallet to create a cold bitcoin address. And we have no idea how they have set this up.
What we do know is that it is using an older address type Pay-To-Script-Hash (starting with 3). So it's likely not a simple single signature address.
I always wonder how all these "whales" store their Bitcoin. Like what if Saylor has a heart attack tomorrow. What mechanisms does he have in place so that Microstrategy continues? I still stand by my assessment of Bukele. π€£
Saylor uses a custodial service. At least for his company.
Until now, so has bukele. Pretty sure this is a small percentage of his stack that he's taking off the exchange but it's good because until now I think it was custodied with an American company.
Oh and re: pin to the hardware wallet. That's literally the only defense they have to sign transactions π€£π€£π€£ what am I missing here?
Not at all, actually the reason why a hardware wallet can rely on pin security is because as a physical device it assumes there will be physical security too (e.g. in a location protected by secret service inside a safe within a room that only authorised personnel can enter etc.). Also it may have a self destruct feature like the ColdCard, where it bricks itself after a few incorrect tries with no way to recover.
But talking just in general about wallets set up by hardware devices, you'll always be told to write something down, back it up, hide it, maybe stamp it into steel. Maybe you are given many things to back up, but for a typical user setting up their first wallet, it's usually 12 or 24 words that they need to keep a copy of.
It's the copy that is the most important thing. Hardware wallets are not built to live forever. Electronics can fail, they can be broken and they can be lost or stolen.
The backup is actually your master, the device is more like your secondary which is designed to kill itself before giving up your private key, but also built such that it could kill itself when you make a few mistakes and it can do that because it knows it is a secondary.
The physical backup needs even stronger security, maybe it is split into parts (using a cryptographically sound method like seedxor or Shamirs secret sharing scheme) and secured in different locations.
You use the primary if the hardware wallet is compromised, lost or whatever, so it can be put out of reach where it takes days to get to if you need.
With more corporate situations, you're probably going to use a multi signature wallet where there are multiple keys and signing is a multi step process where different people are responsible for each key and there is a well thought out signing ritual.
If I were president, I would also be sure to consider a way to hand over the bitcoin to the next political party that gets sworn in and make sure it is a well thought out and well documented process. It would probably involve generating new keys and a new address and having the funds sent to the new address because you can't trust people to lose their keys.
Great explanation. It's gonna be interesting to see the transition of power in El Salvador. It's a lot harder to smuggle cash and gold vs. a pneumonic or two. We still don't know who controls which seed or what the process is. The guy hasn't been transparent about the process at all. Like I mentioned earlier, no one even knew he had that much Bitcoin and he's claiming it's just a "chunk".
I agree, there isn't a massive amount of transparency.