The smell of fall in the air, this weekend I indulged in apple delicacies, watched the changing leaves, and oh yeah, traveled to make sure my Bitcoin custody is up to date…
If you follow me on X, you know that I hold Bitcoin with Casa, a multisig security provider, and that I use the service to manage a few different multisig vaults for various purposes.
This requires keeping a number of keys and wallets up to date, and since I don’t keep any key materials at home, it requires some degree of routine and dedication.
I’ve self-custodied my Bitcoin since 2020, and I’ve built up some good habits along the way. That said, something that always strikes me is just how much more nerve-wracking it is than trusted set-ups.
One thing that always gives me pause: the firmware update.
As I’ve written before, I’m not super technical. My specialty in Bitcoin is history, and while, sure that necessitates that I know about network theory and architecture, there is something about watching digital gears and a loading bar that just makes me super uncomfortable.
I say this all because it’s a less-known issue with the Bitcoin hardware wallets most use to self-custody. These devices, termed “signing devices” by Coldcard creator NVK, do just that, they manage your key material, and they sign on your behalf when making a transaction.
But, being live digital devices, they’re not infallible. They require some upkeep. All you need to do is to scroll past a few updates of people losing Bitcoin on firmware updates to know the drawbacks
It’s a common problem, and the culprit is always a corrupt hardware device (and a lost back-up). Add that multisig vaults, which require a combination of keys to sign a transaction, aren’t yet the norm, and the number of lost Bitcoin just seems to always be up and to the right.
The most common issue – the user doesn’t update their firmware often, waits, and later borks their device, thereafter finding they’ve also misplaced their seed phrase.
Here's Andreas explaining firmware updates in more detail, though he doesn't actually update his firmware, he just manages his seed phrase.
Suffice to say, it's an example of why the world of self-custody, however improved it is, still makes me uneasy. In my case, I updated my wallets without much of an issue. Only one of the wallets even needed a firmware update, and it was simple. (Taking all of a few minutes to prove my coins are safe).
That said, I had to make sure to check my other keys beforehand, and that I had a plurality of the multi-sig keys needed in a worst-case scenario, as well as my seed backups.
This is what makes Bitcoin custody such a high-octane process: you can never be too careful. When you’re your own bank, there’s always a chance that something might go wrong.
This article is a Take. Opinions expressed are entirely the author's and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.
No comments:
Post a Comment