About The Artist
One of the things I get most stoked about when I look at the leaderless yet unstoppable growth of Bitcoin is the organic unity of minds that coalesce to bring new and exciting things into our reality.
Unapologetically devoid of any central organising committee, but instead bound by the forcefield of Bitcoin’s core principles of value, freedom and decentralisation, I am repeatedly left in wonderment watching waves of new initiatives breaking all over the world, promising new and exciting capabilities that have never existed nor even been possible before.
Like SeedSigner (the nym – who we will now refer to as “SS” for the purpose of this brief article) and his creation of the SeedSigner (the project) – an open-source Bitcoin signing device developed to reduce the cost and complexity of executing multisig Bitcoin transactions.
Driven by the proverbial mother of all invention, SS had been considering for some time how he could improve the security of his long-term Bitcoin holdings. Unhappy with his solution at the time – based on using Bitaddress.org to create wallets & private keys and then Shamir sharing/key sharding to add an additional layer of security – he was searching for something better.
"You start to wonder – as the gains happen – about your security setup. I wanted to get my security setup right, and multi sig was getting to the point where it was starting to be accessible to people"
Security, security, security
When he became aware of the concept of multisig, I suspect he probably didn’t realise what a rabbit hole he’d stumbled upon. Tuning into an episode of the Stephan Livera Podcast with Michael Flaxman, he heard Flaxman describe a means to “10x your Bitcoin security” using new multisig via tools like Specter Desktop.
The legions of Specter fans out there (and those of you who peeped our previous feature with key contributor Ben Kaufman) will already be aware that their excellent open-source repo not only contains the blueprints for its multisig wallet software, but a DIY hardware wallet build too.
With his natural inclinations towards techie tinkering and 3D printing sufficiently piqued, SS figured he’d take a shot at putting a unit together to try out for himself.
The experience, in short, blew his mind.
"The first time I signed a transaction with multisig, I can only compare it to the first time I sent a Bitcoin transaction or the first time I ever sent a lightning transaction; it was this magical lightbulb moment"
It was the start of something.
When Flaxman subsequently tweeted about how cool it would be to have a neat enclosure to tidy up the loose parts and wires of his self-assembled Specter device, SS responded in the best way he knew and knocked-up a prototype for him. With Specter’s innards now neatly stuffed inside a perfectly formed 3D-printed case, Flaxman described the experience of using it as a game changer: “You go from dangling loose wires to a securely mounted professional (enough) device with NO SOLDERING”.
"For me, it was kind of a game to see how low I can drive the price down to get this basic signing functionality; where people can use the device to create private keys and then set up a wallet and actually transact with the Bitcoin network"
Multsig made accessible for all
Buoyed by the experience, the pair started talking about using a much cheaper, stripped-down Pi ‘Zero’ and small Waveshare LCD which could be used as an air-gapped device for calculating the 24th (checksum) word in a seed. SS then decided to add a camera to the unit which would allow users to scan QR codes and sign transactions, turning it into a fully-functional transaction signing device that fundamentally does the same job as the Specter HWW but with some of its more high-end bells & whistles stripped out. In doing so, the price point (and physical size) could be reduced, allowing far more people to access the unit’s seed-generation, seed-import and transaction signing capabilities.
And with that, the SeedSigner was born.
With cheap and widely available off-the-shelf components, SeedSigner now provides a naturally inexpensive, open-source, air-gapped signing system which carries a higher degree of security assurance than some of the more high-end, network-attachable devices.
But why would anyone want an inexpensive signing device that you can assemble yourself using innocuous doodads sourced from any major electronics store, I hear you ask?
Well, for starters, go and speak to any Ledger customer.
A hack of Ledger’s customer records database sadly compromised tens of thousands of customers’ private data, including names, physical addresses and emails, reportedly causing a great deal of stress and countless threats and scam attempts being made on many of them.
The whole episode, and the fallout since, has served as an important reminder that privacy is a one-way street, that private data has value, and that once your info is out there it is hard (if not impossible) to claw back. Thus being able to get your hands on a secure, fully-functional Bitcoin signing device without having to disclose any personal contact information is a great thing.
Secondly, when generating or entering your seed on a regular network-connectable HWW/signing device, you are placing some level of trust in the firmware developer that they have not introduced an exploitable backdoor. It might not be a worry shared by everyone, but if you are like me and have little capability to meaningfully audit code yourself, having a fully air-gapped solution like SeedSigner that has no network-attachability and which solely references visible QR codes is a welcome assurance that backdoors are unlikely.
"Something we’ve explored is having either a setting or a default mode where, when you first turn the device on, it brings up a snake or a Pac Man-type game"
New Problems, New Perspectives
"I personally have a bunch of multisig setups, but I’m pretty sure one SeedSigner is going to replace all my current hardware wallets. Especially for my backup cosigners – no need to keep buying those backup hardware devices"
Then there’s the fun stuff. The fresh perspectives and problem solving skills that SS and project contributor Keith Mukai and Newtonick bring to the mix in their development of SeedSigner are leading to some really cool micro-innovations and UX approaches.
A favourite of mine which they came up with recently is their introduction of a QR code transcription template & workflow. You see, with there being no retained storage capability on the device, each time users boot up the Seed Signer, they are forced to enter their seed anew. But with most seeds comprising 24 words, it can take a few minutes to enter them using the joystick and button controls as users scroll through the words on the device’s small screen.
So they came up with an ingenious way to firstly give users the ability to generate a QR-version of their chosen seed words on the device itself, and secondly to then walk them through the transcription of the code onto a piece of paper using a felt-tip pen (analog FTW!). What this compellingly low-tech workflow gifts to users is the ability to scan the hand-drawn (and therefore air-gapped) QR-code back into the device via the camera instead of manual entry whenever the user wants to sign a transaction.
Now who wouldn’t want to give that a spin?! Not me, is who!
"A big turn around for the project was when Nick and Keith came in. Nick forked the original repo and then rewrote the whole code base to lay the groundwork for where we are today. Keith is hugely creative, especially on the UI side, and has brought some awesome new feature ideas to the project. They collaborate really well – there’s a bit of ying & yang between them"
When experimenting with the concept, they found that QR codes are remarkably resilient and very forgiving in how neatly the codes need to be when hand-drawn – a boon for anyone with messy handwriting. Who knew?
And if you’re worried about your QR code paper copy falling into the wrong hands accidentally, then the solution to that is the same as you would use to protect your seed words properly – robust, secure physical storage and employment of a passphrase. Boom. Risk mitigated.
And last but not least, there’s the price point.
$50 for an air-gapped multisig transaction signing device that allows you to create or import your own seed, export an xpub, sign your transactions in a safe and secure manner and essentially kickstart your sat stacking journey without any 3rd parties knowing about it?
As Keith Mukai explained to me, you now have the ability to use one piece of cheap hardware to sign for basically infinite keys – which is a big deal for anyone who might not want to drop hundreds of dollars for several name-brand HWWs. This opens up the option for a family or even, say, a small El Salvadoran village to be able to share one device amongst themselves.
"[At first] I just kind of tinkered with it – you’re kind of scratching your own itch, and just trying to bring something that you want to see into existence"
So if you’ve been flirting with the idea of trying multisig quorum set-ups for yourself but have hesitated because of cost concerns or complexity worries with more established hardware wallet vendors, I suggest you try these bad boys out.
And if you’re way ahead of me on this and keen to contribute some help to this awesome project, the team would love to hear from you. Now that the overall code structure has been established, they are iterating and making improvements where they see the need and also seeking contributors to create walkthroughs/tutorials on building and using SeedSigner and technical users who can help to test new features and upcoming releases.
SeedSigner’s website: www.seedsigner.com
SeedSigner’s cases: https://btc-hardware-solutions.square.site/
SeedSigner’s Github: https://github.com/SeedSigner
Seed Signer’s YouTube channel: https://www.youtube.com/channel/UCNubamOe37-UQYt5sbaRmOg