Note: the following is a transcription of my interview with Jeremy Welch & Alenda Vranova from Casa. I use Rev.com from translations and they remove ums, errs and half sentences. I have reviewed the transcription but if you find any mistakes, please feel free to email me. You can listen to the original recording here.
You can subscribe to the podcast and listen to all episodes here.
In this episode, I talk with Jeremy Welch and Alena Vranova from Casa about crypto custody. We discuss how the Casa key management solution works, the all-star team they have assembled and designing products people love.
Interview Date: Saturday 27th October, 2018
“Bitcoin does form the dominant position, it has the most hash power, it is the currency in terms of design, decentralisation, or ability for governments or corporate actors to control it, it is the strongest, therefor everything relies on Bitcoin’s survival.”
— Jeremy Welch
Peter McCormack: Hi, Jeremy. Hi, Alena. How are you both?
Jeremy Welch: Doing well.
Alena Vranova: Good morning (laughs).
Peter McCormack: Good afternoon from here. So, I’m going to start with a slightly embarrassing admission. It had never really crossed my mind what the name of Casa was, and I was watching a film last week and a lady brought a gent into the house and she said, “Welcome to my Casa.” And I was like, oh! Keys.casa is keys to the castle, right?
Jeremy Welch: Yeah, yeah (laughs).
Alena Vranova: (Laughs)
Jeremy Welch: There you go. Home.
Alena Vranova: That’s the castle, where you keep your precious stuff. Everything that you value is in your home. It’s your, it’s the ground, that you build upon. So that’s Casa, yeah (laughs).
Jeremy Welch: It also has some meaning around, the history of computing. Home has always been your home folder or the home button. It’s always been something around personal computing.
Peter McCormack: Okay.
Jeremy Welch: So that was intentional as well.
Peter McCormack: And also, Alena, Jeremy and I share a love for the same form of hardcore heavy metal.
Jeremy Welch: (Laughs)
Peter McCormack: I don’t know if you, have a similar interest.
Alena Vranova: Ah, well, I used to listen to a lot of punk and punk rock when I was 15, 16, even cut my hair wild (laughs) and colored it green, and so (laughs), yeah, I think, we could, we could share this. we could head-bang (laughs) definitely to some, to some music.
Jeremy Welch: Nice (laughs).
Peter McCormack: Right. Anyway, so look, thank you both for coming on. It’s very good timing. I obviously had Jameson on last week to talk about privacy and safety. I’m very interested in Casa. You seem to have a good reputation so far.
Peter McCormack: I don’t normally do the origin stories because they’re often already done, but actually, I don’t know either of your backgrounds too well. So, I’ll start with you, Alena, because I first became aware of you quite recently. I’m obviously quite new to the Bitcoin world. I, I wasn’t aware of your background in Trezor. So, if you could just give me a brief introduction to your background, and then Jeremy, if you could do the same.
Jeremy Welch: Sure.
Alena Vranova: Okay. I’m a business developer. I like to bring companies from zero up to profit, and that’s what I’ve been doing for a decade before Bitcoin in the traditional finance, super-boring environment of insurance and risk management.
Alena Vranova: And then, I discovered Bitcoin in 2010, as I was writing my thesis about international monetary system and why it’s not working (laughs), and why it’s doomed to fail. and I was looking for alternatives, and that’s where I found Bitcoin, and then 2013, I co-founded SatoshiLabs, together with Marek and Pavol, in order to create Trezor, the first hardware wallet.
Alena Vranova: And you know the story afterwards. I’ve, basically left, my position as CEO in 2017, last year, and this year, I joined forces with Jeremy, to build up Casa (laughs), the castle (laughs).
Jeremy Welch: (Laughs) Yeah. That’s it, it’s amazing. It’s been a very, a very fast, very short window that we’ve all been working together, many of us, even Jameson. And, I think out of the kind of shared mission and, shared meaning and that we see around where this world should go, we’ve, we’ve connected very, very quickly, so, we’re very fortunate.
Peter McCormack: Fantastic. And where did the idea of a Casa come from, Jeremy?
Jeremy Welch: So, it’s been a, it’s been a little while coming. So, my background, I grew up in the States, in the Southeast. I went and studied Political Philosophy at Duke and dropped out, joined a startup really early on, actually in advertising space. We sold that, we grew that company, very quickly and sold that into Google, and I was at Google for a little while.
Jeremy Welch: I learned a lot during that process about the way that the advertising-based internet works. it was very disconcerting, seeing all of that, and, seeing how much data was being tracked, everything. I mean it was, with my background and my interest, it was not a great thing to see.
Jeremy Welch: And so, I left, and I went back to finish up my studies at Duke, and it was around that time I was specifically interested in this question of the, the nature of capitalism and, I was studying again Political Philosophy at the time. And, that’s when I found Bitcoin. So, this was 2013, 2014, sometime, sometime around that.
Jeremy Welch: So, I did a few independent studies related to Bitcoin at the time. We put on a little Bitcoin conference. And that was the time when I got really deep into it and, had a much better understanding of it.
Jeremy Welch: it’s, a lot of fortuitous things, Matt Corallo at the time, one of the Core devs, was at UNC, and so we did an event together. But after that, I kind of stayed back. I dropped off from, from that world and I wasn’t very public in that world, tried to do one or two other startups, and one of those in the last year, we were working actually on an application in the home-sharing space and, had early users, had early traction, but pretty quickly realized last year, I met, I met the guys at the project called Blockstack.
Jeremy Welch: They’re building a decentralized DNS. Not many people know this, but it’s one of the few that is, a few projects that has been in production and working for years. I mean you’re talking two or three years of working on a decentralized DNS system.
Peter McCormack: I’ve got it installed on my computer, actually.
Jeremy Welch: Yeah (laughs)? Yeah. Nice. So, what came out of that is, we started shifting our app to be an app on top of Blockstack and understanding the more decentralized architecture. We stayed far away from ICOs, we never considered doing anything, to that end, but during the process of trying to build on Blockstack, we very quickly saw what the stack was going to look like.
Jeremy Welch: It was very clear to the team, myself, that there were some big pieces of this, application stack, this new application stack, this new way to write applications, that were missing. One of the biggest ones was key management. Without key management, without improved key management, you’re not going to be able to do anything, the kind of promised architecture of this world isn’t going to work, the benefits of this world aren’t going to come to fruition and …
Jeremy Welch: So, we knew that that would, that had to be improved and solved to build better applications. We also realized that, a node device in every home is where the world is going to go, and so, through that experience, developed a product plan and developed a pathway towards building a kind of full stack, application experience and solving some of these issues, and, then met Alena, met Jameson along the way as we started talking about these ideas and about mapping this stack.
Jeremy Welch: It was a very fast conversation. It was like, “Yeah, this, okay, so this is how it works.” “Yeah, this is how it works.” “Okay, well, then that means this and this and this, and this is where it should go.” “Oh, yeah, that means that’s, that’s where it should go.” And it was like a very, very fast, kind of we were all on the same page, all at different places, and, have come together to, to build out Casa to make it easier for people to, to build out both applications, to build out key management layers, to build this full stack experience.
Peter McCormack: And, obviously you’ve come out with the Lightning Node. I’ve bought mine…
Jeremy Welch: Awesome.
Peter McCormack: … which I’m excited to get. Although I probably, I know what I’ll do. I’ll end up giving it away for, for some reason, like, as a promotion.
Jeremy Welch: Well, we’ll have to send you another one, then, if you’re doing that.
Peter McCormack: That would be cool. But, that kind of came out of the blue. I didn’t see that coming. Where did that come from? What was the idea for that?
Alena Vranova: A part of the story that Jeremy just outlined also connects back to hardware wallets and Trezor, because when we introduced the hardware wallet, we solved a lot of issues in Bitcoin for an individual, and that is like how to protect yourself against digital risks about, against piracies and hackers, and against third-party risk. So, how can you keep your Bitcoins without the help of any online service, right? Such as an exchange.
Alena Vranova: But we also introduced new paradigm, a new problem to people, and that is how to keep my recovery seed safe. Okay? That’s, a little piece of paper with 24 words, and all of a sudden like, where do I store it? Should I divide it? what if my house burns down? What if I, what if someone takes a picture? Stuff like that. so that was one part.
Alena Vranova: The second part was, and these people have been asking Trezor support all the time. So that was a big issue. And another big issue I’m seeing, and, Jameson is also documenting this, is the rise of physical attacks. So, extortions, kidnappings, even killings, for crypto.
Alena Vranova: And, so I thought like, on a journey to a sovereign hardware, okay, what you need is being able to set up a multisig in an easy way, not quirky, not fighting with electron, not fighting with command line, something that my mom would be able to set up and use, and Casa solves that really well. So, it’s basically the first step to, on the journey to a sovereign individual is, enable this, enable and use easy multi-device, multi-location, multi-signature setup.
Alena Vranova: Okay. So that’s, that’s the start. And now, what do you need in order to be completely sovereign Bitcoiner? You need to relay your own transactions. Okay. So that’s where the node comes into play. Currently we’re focusing on our premium clients or our clients who are paying $10,000 a year.
Alena Vranova: But they’re not paying just for the multisig app. They’re paying for a, let’s say, I call it the white glove, security concierge. Okay? It’s something that we just not provide that, yeah, a software solution, but it’s also a service. It’s 24/7, dedicated person on the phone, in case you panic, and you lose one of your Ledgers or your Trezors, and you have someone to, to call to, you have a, a lot of other perks inside, and I said a node for our clients is something that is, that just makes sense.
Alena Vranova: So, each of our premium client receives a node and we just happen to think like, maybe this is something … We’ve done a beautiful interface. It’s super-user (laughs), friendly. The Casa node, actually, contains a Bitcoin full node, and the Lightning network nodes, with autopilot. And the entire experience is actually the interface, because there’s no command line. There’s just like few clicks and you’re done. So, this is again something that, potentially my mom could use.
Alena Vranova: And we decided to open it for the wider market and see, at least like, just to see the interest, and the interest was actually overwhelming. It seems that people really do want to run their nodes, but they just didn’t know how.
Alena Vranova: I wanted to run my own nodes. the only way I did it ever was running ABCore on my phone. Why? Because it’s an application (laughs) that I just click, and I clicked buttons, right? And so, we made it, it’s coming as a complete package and, the end goal is a sovereign individual.
Peter McCormack: So, yeah, it was very useful because I did try, and I’m like the least technical person. My background’s creative and I’m always trying to understand the technical things. I tried to set up a full node and I kind of got a bit lost, but as soon as I saw your product, I was like, great, yeah, I want that.
Peter McCormack: And one thing I’ve noticed, and you probably have a strong opinion on this as well, Jeremy, is you guys seem to have a very strong focus on design in an industry which hasn’t always had a strong focus on design. Both the design of the hardware, but I also noticed on your website recently when I was going through it, you’ve got the procedure for checking up on your OPSEC, and it was just so beautifully designed that it seems that you’ve put design as a forefront of what you do.
Jeremy Welch: Yes. Absolutely.
Peter McCormack: Is that because of your background in advertising?
Jeremy Welch: No (laughs. I would almost say a lot of the advertising industry is, is much more about the effectiveness of some, influence campaign. Again, I studied Philosophy and I’m interested in cybernetics, and I do have a mind for design. Alena does, too. We’re, we’re fortunate that many people on our team have a strong appreciation and a mind and when they see something, they definitely understand it and they know where more design needs to be applied or more design thinking, design principles.
Jeremy Welch: But all the credit for that goes to Scott Hurff. He’s our head of design. He’s one of the best designers in the world. We’re very fortunate. I’ve known him for a little over a decade and it was a long, a long path to get him to join our team. He joined, he was on the Tinder team prior to this and he redesigned the entire app around the super like, and, which he doesn’t discuss that often publicly, but that’s become one of their biggest features and their big revenue driver.
Jeremy Welch: And he’s designed at a series of companies and startups as part of that and he wrote a book called, Designing Products People Love, which is a Wiley book. It’s a bestseller. Phenomenal book. But, just that statement, “Designing products people love,” captures, I think, his outlook of it’s not just about solving a problem, it’s not just about a minimum viable product, it has to be an experience, it has to be something that people love and they’re emotional about and they connect with. Right?
Jeremy Welch: And he’s totally new to the crypto space. So, that was something that was I think advantageous, having someone with fresh eyes come in and look at key management and look at seed phrases and look at, managing multisig and seeing how the hell are we, how the hell (laughs) are we going to make this simple for people is, it was a real challenge, but he has done an incredible job of learning very quickly, adjusting things.
Jeremy Welch: And, we haven’t really shared that much about the experience with the Casa node, but we’ve, you’ll see. It’s an experience. Unboxing and, like, setup process, the whole thing, it’s beautiful. It’s a great experience, but it’s also very usable. And, that was something that, as, as that came together, there was, there’s strong security reason for owning your own node. We also saw a strong experience-in-design reason for running your own node.
Jeremy Welch: So actually, the first node we created was last year, right before we actually did key management, and it’s running a node or creating a node was the impetus or the source of us really understanding the depth of the problem of key management, because we realized that to run and build a good mobile experience that is a decentralized app or is an app that runs in some, some capacity locally or has, runs as Bitcoin does, you have to be running some sort of local node. You don’t want to ping out to an outside server all the time.
Jeremy Welch: in fact, several different apps that if they’re running on your phone or they’re running on your desktop in this space, they actually run a server in the background on your computer or on your phone. And that’s just not, that’s not scalable. That’s not going to work. That means that if you’re using multiple types of apps designed in this way, that they’re all going to be running servers. It’s going to overload your computer, it’s going to be a mess.
Jeremy Welch: But it very quickly occurred to us, okay, if we’re thinking about applications and we’re thinking about running these different servers and we’re running Bitcoin and we’re running Lightning and we’re running Blockstack and we’re running, any, any other server that we’re trying to run, then why don’t we just centralize them on one device?
Jeremy Welch: If we have one device and we put it out there just for Bitcoin, then we can put more on that device. We can think about other ways to connect apps into that. And then if you’re on your home network, which, if you look at it, what’s interesting is that, h- how much time out of a, out of the day are you either at home or at an office?
Jeremy Welch: For most people, most of their day is spent on one network. People think, oh, oh, my gosh, how am I going to connect to my home node if I’m traveling? It actually is much less of a problem than most people realize.
Jeremy Welch: And so, what we wanted to create was this ideal experience and design this ideal experience and this path towards building better apps that would connect with, that when you’re on these dominant, home networks, that you, you can have these experiences and then, but the security hole in that, right, that came up is an evil maid attack.
Jeremy Welch: When you’re not there, evil maid attack, someone can walk in, just grab the device and walk out. And so, the path or the, the solution there is to have better key management and the ability to encrypt the device, the ability, so the keys that you’re using, the keys that you’re managing using your Casa app, will enable you to encrypt your data that’s running on your device that’s backed up with cloud, there’s a lot.
Jeremy Welch: So, some of those things, this, this earliest version, the, of the Casa node with Lightning and Bitcoin, we’ve implemented a lot. There’s a lot more that we’re adding, but this really is going to be an upgraded experience over time.
Jeremy Welch: There’s a lot (laughs) coming down the pipe, so we’re going to reveal more of that in the coming months, as we’re shipping this, this first experience, there will be more upgrades coming for the device and more announcements, and we’re excited to, to share some of those.
Peter McCormack: Are you actually live at key management solution? Do you have clients actively using it?
Jeremy Welch: Yes. Many clients on the premium side, the, for the three-of-five and, that is, mostly Bitcoin, and we do have Ethereum support, but it’s, it’s a light Ethereum support. And we’ve started work on some other currencies as well.
Peter McCormack: So, the Ethereum’s a single key support for now, right?
Jeremy Welch: Correct.
Peter McCormack: Because, did I see you, you kind of put out some kind of like appeal to the Ethereum community.
Jeremy Welch: That’s correct. So, the multisig on Ethereum is insecure. It’s not built into the core protocol or the core EDM. it actually runs as a smart contract. And, that’s problematic. This is such a core function, made a call to the community to try to explain that from a security view, again, the reason why clients come to us is primarily security.
Jeremy Welch: And so, when clients, they ask us about multisig, they ask us about nodes, our recommendation is around security. We call it, we call Casa wealth security service or sovereign wealth security. And so, as we’re looking at other solutions, we’re not a trading interface. We’re a long-term hodl, security interface and security service, and so as we looked at Ethereum and we, we look at other coins, we evaluate not just based on, hey, are our clients asking for this, but also, what are the detailed security models, what are the boundaries around this protocol, what are the attack vectors here, and, where would our clients potentially be at risk, and how can we build this in a better way if we need to, or encourage the engineers to do, to build it in a better way.
Jeremy Welch: And this is just one area to where we very quickly saw a gap. we saw the Parity hack where, it wasn’t really a hack. It was actually some kid that was an early engineer that was going around (laughs) testing a lot of, he was testing a lot of, commands in, the Parity multisig wallet and he happened to send a kind of kill command for one contract that, that contract ended up being, securing, over $100 million.
Jeremy Welch: So, it was a total SNAFU. It wasn’t a hacker. It was someone internal, but out of that, the Ethereum community decided, and in the prior, in the DAO, they did a hard fork. For this specific case, they decided to do no fork. That money is still frozen. That money is not accessible. Parity’s, reputation has been destroyed.
Jeremy Welch: And that all came from one of these multisig contracts. Like the multisig contract logic was perfectly sound, but it was a flaw in, who had access to it, which is an issue, but it just demonstrated or it put a position around the fact that for the Ethereum community, they may not, they may not bail you out even if your smart contract worked, if there’s a bug or there’s some other issue, there may not be an incentive for them to make any changes.
Jeremy Welch: And we think that that’s problematic, right? Because it could be a bug that was introduced from someone else in the community that caused it. It’s definitely problematic. So, we’ve decided to support only single key in the meantime and then try to work with some folks in the, in that community to, drive, better support for multisig.
Peter McCormack: Have you had much of a response yet from the Ethereum community from your appeal out to them?
Jeremy Welch: Yeah. We’ve spoken with several people and we’ve talked with several of the major creators of different, multisig contracts, and there is a movement to validate one of the contracts and, and push it towards being a, kind of selected contract.
Jeremy Welch: we’ll see. Their community is generally supportive of multiple implementations of any one thing, and although for certain applications and for certain, for certain pieces of the protocol, that’s fine. For multisig and key management, that’s just not going to fly, and it’s going to cause insecurities. So, we’re supportive and we’re trying to be helpful where it can, but it’ll be a process.
Peter McCormack: And was there a need to include Ethereum even without multisig because, I guess a lot of the people you were targeting probably holding Bitcoin and Ethereum or maybe … do you support ERC-20 tokens as well or just Ethereum?
Jeremy Welch: No, we’re not. Just, just Ethereum. So, we started with Bitcoin. We’re all Bitcoin hodlers and most of our early clients that we talked to when we first walked through the pitch and walked the product were all Bitcoin.
Jeremy Welch: Subsequently, we found, out of the large wait list that we have, the majority have Bitcoin, so it’s something 85, 90% are Bitcoin. Something around 70, 65, 70% a- have some Ethereum. The holdings aren’t as big, but there’s definitely some there.
Jeremy Welch: And what we, the way we’ve approached things is, I think business model is really important, and we’ve aligned around this business model, and so you pay a flat fee for the year and we’re going to provide service, and if you’re paying for a specific currency or you have a currency, as a customer and then we will work to support that currency, because you’re a paying customer and you’re not paying us, we’re not earning money off of fees and trading, there are no mixed incentives there. It’s just very simply, you’re trying to protect something, you’re paying for us to help advise and support you in protecting that and provide software to you, to protect that.
Jeremy Welch: And, so whatever it is you wane protect, even if it’s data, if it’s not even a currency, like we will, we will help advise on that, and that’s where even the security checklist comes into play.
Peter McCormack: Right. So therefore … I’ve looked at the potential coins you’re going to support in the future, ERC-20, ERC-721, Litecoin, ZCash, Monero, etc, which is cool, but therefore, do you take a completely impartial position with regard to opinion on tokens and coins, and you will just support the demand from the customer?
Jeremy Welch: Not totally impartial. We have a principle, we have a series of principles, amongst the team and one of those is what we call Bitcoin First. It’s not pure Bitcoin maximalism (laughs), but it is, maybe close, but (laughs) it is much more of, again, what we call Bitcoin First, and I think that that’s the healthy outlook.
Jeremy Welch: it’s obvious to us that if Bitcoin disappears or there’s a problem with Bitcoin, then everything else is going away. Everything else is going to get attacked. It’s, it’s going to be a mess. And so, Bitcoin does form the dominant position. It has the most hash power. It is the currency that, that, in terms of its design and decentralization and, ability for governments or, corporate actors or anyone outside to control it, it is the strongest.
Jeremy Welch: And, from that position, everything relies on Bitcoin survival. And so we have a position around Bitcoin first , be able to lead into the world where we’re heading and where we’re designing towards, we will support other currencies, we will support other systems, we will support other applications, , and we will build applications on top of Bitcoin, but the idea here, again, is that, Bitcoin is this linchpin and we have to keep that as a priority.
Peter McCormack: What are your principles with other tokens there or other coins? For example, Coinbase has their particular structure and rule set they base whether they will list a token. Do you have certain things you evaluate about the team, the token, the issuance that help you make a decision?
Jeremy Welch: We don’t think as much about, again, it just comes to the client. I mean that’s the nice thing about aligning around paid clients is that, if a client’s paying for it and is willing to pay for it, then we’re happy to add it.
Jeremy Welch: Now, the primary concern is just around security. Are we going to be able to adequately protect this for you? Is this going to introduce more security into your life, or more security risk into your life? And so we do look at the security of the protocol and the currency, and we think through that, and we provide recommendations sometimes, or other times we just implement it, but in this case, or in many cases, we usually have some recommendations.
Jeremy Welch: So, there are a couple other currencies that we work our teams on, more recently, and we’ve provided a few small recommendations, but, for some of them, it’s a little easier to implement than others.
Peter McCormack: So, I used to, a few years ago used to have a web development business, which was very simple website, these client websites, and I would panic on a Friday night if we haven’t made a website live or a change live, that there would be some kind of bug or some kind of problem that I would get a call over the weekend. You have implemented a key management solution which will be protecting millions and millions (laughs) of dollars of crypto. So, what keeps you up at night, Jeremy, with that?
Jeremy Welch: I think it just comes down to the, the security of our clients. I think that we, from an engineering perspective, we have very strong process, we have very strong testing, we have extensive tests on backend and then applications.
Jeremy Welch: A lot of people don’t realize this, but even in the application, we effectively engineer ourselves out of the equation. So, we revalidate, we re-derive your addresses both in the app and on the server, we validate those against each other. We take a very strong engineering and security view, against the whole system while also thinking about the experience design, right?
Jeremy Welch: And so, I think that what keeps me up at night more is not so much the immediate, yes, we are designing a lot of immediate pieces here, but the more kind of comprehensive picture of what we’re building. And, there’s still a lot of big design problems to solve.
Jeremy Welch: There’s a lot of work to do to make it so that, again, anybody can run their own node and we’ve made tremendous strides and the team has done a phenomenal job, and we have the best team in the space, period, bar none, from every end. From engineering and operations, client service and design, it’s unreal. The team is unreal.
Jeremy Welch: The thing that keeps me up at night is we have this mission, we have clients that are very passionate and need, need the service. We’ve, the product that exists today is solving that need and is doing a good job of it, and the security architecture and that’s important, the design and the security architecture mean that we have, certain protections on the downside, but again the bigger thing that I think keeps me up at night out of all of that is more around kind of what comes next.
Jeremy Welch: Security is a moving target. It’s not always, like you can’t just set, set it and forget it. So I am thinking a lot about and working with the team a lot on, what comes next, and the security checklist is one of those examples of broadening our region, broadening our, broadening our impact and helping everyone, but building solutions that will continue to help secure people over time, it’s a journey. It’s going to take time, to really improve and help people.
Peter McCormack: So, let’s talk a bit about the product. As from my podcast, I always tend to approach it from the simpler side of things for people who don’t understand things. So, I’ve never once interacted with a multisig wallet.
Jeremy Welch: Yeah.
Peter McCormack: Okay? Never done it once. I don’t know how it works. I can’t picture in my head the journey of using a multisig wallet. So, can you just talk me through how multisig works, and if I was to use Casa, how I would interact with a multisig wallet?
Alena Vranova: Imagine a multisig, very simple. Just like, when you have a bank account, and you need, more signatures in order to move money, the same happens in multisig. So, you have a defined set of signatures that you need, th, number of signatures that you need to use out of those to move those funds.
Alena Vranova: So, we are working with a three-of-five, which means there are a total of five keys, and the client has one key of his own, three hardware devices, Ledgers and Trezors, and then the fifth, key is in Casa, and that key is not used to co-sign your transactions. It’s basically there to help you, recover, from, from a bad situation.
Alena Vranova: So basically, in order to move funds, you initiate the transaction on your phone, that’s one key, and then you go, for example, to your lawyer, because he has one of your hardware wallets, and you go to your office because there’s another hardware wallet of yours.
Alena Vranova: The idea here is to distribute the keys in a way that make it even for, a physical attacker very expensive to try to extort you, okay? So, if someone holds a gun to your head, and says, “Alena, give me your Bitcoins,” I say, “Yeah, I would love to, but I need to see my lawyer and I need to see my office,” then the assumption is that the attackers will be rather discouraged, to do so.
Alena Vranova: Now where the hardware wallets are is up to every client. We are not giving any precise advice because, I don’t think it’s a good security measure to actually do some prescription on where to place those hardware wallets, but this is basically the, the principle how, how it works.
Peter McCormack: Right. So, is there still a potential security hole there? So, if I had a mobile and a hardware wallet, that is essentially a scenario where I could be quite often keeping two of my keys together?
Jeremy Welch: Yes, and that’s okay. So, the principle is you never want to have more than two keys in one location. It takes a total of three keys to sign and execute a transaction, and so you never want to have more than two in one location.
Jeremy Welch: But if a client were to put three in one location, then yes, they are at risk, and so we advise strongly against that. We provide basic guidelines around, a home safe, an office safe, using a safety deposit box at a bank. each setup for the client is unique and they’ve spoken with other family members or colleagues or whoever it is in their life and, one of the other interesting things of multisig is you can actually involve more people.
Jeremy Welch: Allow a spouse or a brother or some other family member or a lawyer to have a portion or all of that seed phrase, then they have the potential to control those funds.
Jeremy Welch: And that’s not always a trust issue of, potentially them taking that. It actually opens them up to the security risk of also being attacked. So, it’s, spreading the keys out in multiple locations, sometimes that’s with another person, sometimes that’s with another bank, but the setup is always unique.
Jeremy Welch: We do emphasize the kind of sovereignty and responsibility of our clients and, and we design around that, but we also think about kind of lifetime relationships and providing the support that if they, sometimes our clients, go through a lot of testing, before they onboard funds and, that means sometimes that they actually change locations. They start with one set of locations, they test it out, and they change it to another set of locations.
Jeremy Welch: But ultimately, kind of coming back to your question of how it works for you, multisig, you have an app on the phone, the phone makes it easy to, to view the five keys using the key shield. One of those keys goes down or you haven’t used it in a while, you haven’t tested it in a while, then it will get flagged and you need to go check that key, regular maintenance is something that has always been a part of multisig is regularly checking, once a year or so to make sure everything’s working.
Jeremy Welch: And so, we do that, but then you would just, you can use the app to aggregate and sign multiple signatures and it’s totally asynchronous. You can sign one signature one day, travel into the office or to another city where you have another key, and sign that two days later, and we hope you construct that transaction and then finally broadcast it.
Alena Vranova: Yeah. I would just add that one of the key features of, of Casa, is that we completely did away with the recovery seed, which means you have, five keys, you have four, three hardware wallets, but you have zero recovery seeds to protect, which is an amazing, setup.
Alena Vranova: otherwise, if you would go and set up your own multisig, you’ll also have to protect the recovery seeds for each of, of the hardware wallets or the devices that you’re using, which basically increases your risk exposure, and that’s exactly the opposite what you want to achieve with the multisig, right?
Alena Vranova: So, we’ve been thinking on how to make it really (laughs) more secure and not, not less secure, and that’s, how we operate. So, our clients do not store recovery seeds in case of they lose one of their hardware wallets. We simply help them, or basically they can do the key rotation by themselves through the app.
Alena Vranova: It’s quite easy, and you just flag one key as missing, and basically you move the funds to a new multisig setup with the new missing, or a, a replacement of the missing hardware wallet.
Peter McCormack: Okay. I understand. So there was a situation in Ireland once where the Irish Bank got robbed because the family were taken hostage in the house. Somebody stayed with the family and somebody took the bank manager to the bank to let them in.
Peter McCormack: So, I guess a scenario where there’s two keys at home, say, a mobile and a hardware wallet and one in the office, I guess at full disaster scenario, there still exists that scenario where a gun to the head can say, “Well, let’s go to the office and get the third key.”
Jeremy Welch: Yep. but the consideration there is that, most attackers are not planning on, going multiple locations. So, you already eliminate a certain type of attacker by just having that.
Jeremy Welch: Secondarily, the type of attacker that would go into the office, that would go check things, you frequently have, especially for these types of clients, you frequently will have security guards in those offices, you will have security systems, cameras, lots of other layers, even just driving to and from the office, you’ll often get picked up on other kind of closed circuit o, CCTVs, maybe when you’re leaving in the neighborhood, whatever …
Jeremy Welch: There are other areas, that you could signal to someone, you could signal help. The point is just extending that time, extending the amount of space that has to be traversed, and, over time, I mean that does increases the likelihood that even if they were to take the funds that, that person would be caught.
Peter McCormack: Yeah. I, so I guess the biggest risk is more users following the guidelines correctly and implementing the correct OPSEC and not being lazy.
Jeremy Welch: Yes.
Peter McCormack: … and not sit with all four keys at home for a couple of weeks before they get around to things. It’s, I guess it comes down to the user.
Jeremy Welch: Right, right, right. And that’s the important part of having strong service is also around the constant emphasis that we provide around that security. It’s easy, whenever it’s just you at home and you’re not really thinking about it, to kind of slack off, in a sense, but having that person or team that’s regularly …
Jeremy Welch: We have a thing that we call the intelligence briefing that we send out every weekend, that provides a series of updates and our take on security, the, the news that week and what you should be paying attention to and any improvements you should be making in your process.
Jeremy Welch: So, it’s a constant dialogue with people, and I think it’s important that people are evolving their security procedures over time, and then that provides a little bit of the awareness that, I think keeps people from making those mistakes.
Jeremy Welch: One thing to point out is that we’ve done a lot of work, the product is practically self-service. So, rotating keys, I mean, you can do everything, and we, you even have the ability to, if the company disappeared tomorrow, you’d have full access to your funds.
Jeremy Welch: And that’s really, really important. Even if someone were to cut us off, government were to cut us off or a corporate actor, or just a DDoS attack, it wouldn’t matter. You’d still have control of your funds, and you can still do everything, but what’s important from that is that it’s much harder to kind of shoot yourself in the foot or, create problems for yourself because it’s, it’s been designed very well.
Jeremy Welch: So, those are the two, the two attack vectors that we’re primarily mitigating is, these physical attackers and the issues of just, stupidity and making mistakes yourself. We are designing actively to prevent that.
Peter McCormack: Okay, so if something was to happen to the company and they wanted to continue to use the service or would they have to move the funds into something new?
Jeremy Welch: So that’s a question of timing. Right now, they would shift something, they would still be able to use the software, but they would shift. Our recommendation and what our security procedure says is they would shift things into another wallet or some other means of control.
Jeremy Welch: But over time and where we’re headed and now that the, the Casa node is public, our goal is to take most of what we’re doing even from a software perspective, and gradually shift more and more of that on to the node device.
Jeremy Welch: And so even, in a case to where we did go out of business, that they’d still be able to use the full service, and then maybe when they reconnected back to the broader network or to Casa, if their internet went out or they’re, regionally, there’s, there’s a variety of situations that it wouldn’t matter.
Jeremy Welch: And we’ve even tested, one of our engineers has actually tested a Casa node. It got a bunch of retweets a few weeks ago, funnily enough, it was actually, I think the week before we announced the node, but, one of our engineers actually tested even connecting directly to a satellite connection. So, we’ve, we’ve been testing a variety of means and the goal is to gradually shift more and more of this into your own control.
Peter McCormack: Is there any risk or possibility that somebody could build a decentralized version of what you’ve done, which, therefore eliminates what you need, or does it require a central third party, like yourself, with the fifth key?
Alena Vranova: Yeah, the software solution is just one tiny part of everything that we provide, and this is important to understand. I’ve been seeing, a talk by Andreas Antonopoulos recently, where he said one important thing, to s- to see what, what’s the, what are the options to take for a Bitcoiner.
Alena Vranova: You can either be completely on your own, so, have your hardware wallet and protect your stuff, and that’s like the, the wet dream of a Bitcoiner, right, to, to, to be completely sovereign, or you can give up all you have to a company f Coinbase. Okay? So, you can do either/or.
Alena Vranova: And we are bridging this experience of being completely secure but being also completely sovereign. And we’re not holding your crypto, we’re holding your hand, if you want it. And this is something that is very difficult to replicate in the space.
Alena Vranova: You can of course build a service company, a concierge service and, yes, you can, you can do that, but we have like a very unique composition of the team that we have, of the philosophy that we (laughs) share, of, the approach to the software as well, but, like the entire package, I believe it’s quite difficult tto replicate in the space, but not impossible, of course, and, competition is good (laughs).
Jeremy Welch: So, we evaluate it. For everything that we’ve actually shipped, every product that we’ve actually shipped, and this is something that I think a lot of people haven’t probably fully processed, for every product that we’ve shipped, we’ve tried 10, 15 other variations. We’ve looked at everything.
Jeremy Welch: I mean we evaluated key splitting, we evaluated, full multisig, we evaluated two-of-three multisig, we evaluated four-of-six multisig, we evaluated eight-of-ten. We evaluated all these different schemes, we only came to what we built after the, if you really get into the product design process, and Scott himself just on user interface side goes through four or five different iterations of every single screen before he settles on the kind of composition that makes the most sense.
Jeremy Welch: So, there’s a lot of work. There are some other paths, but what we’ve arrived at is this rare mix of evaluating pretty much everything out there and saving people time. our goal is not to build a solution that requires you to constantly come to Casa. Our, our goal is what people pay us for is we’ve evaluated just about everything out there.
Jeremy Welch: And there will continue to be new technologies that we will continue to incorporate in Casa. There’s not, there will be increases in decentralization that we will suck into Casa and, and, we will make use of that, right? But we will first evaluate it and we will evaluate it from every angle.
Jeremy Welch: And, most people don’t have the time. They lead lives. they have families and they have jobs and, for some people, is fun to test out these security features, and that’s great, and we encourage that. We encourage people to be as independent as they can, but it’s really hard. It takes a lot of time, and it takes a lot of knowledge, and most people just don’t have that time or knowledge, and so we’re doing that on behalf of our clients as we’re testing out everything possible, and then bringing them the best of the best.
Jeremy Welch: And that’ll continue. That process will continue. We’ve got other products we’re announcing through the end of the year that in terms of a cohesive experience and just this kind of edge-of-security experience, it’s not about any one technology, it’s about everything working very cohesively together, and again that’s very, very hard to achieve.
Peter McCormack: I don’t have enough Bitcoin to justify becoming a Casa customer, maybe one day, but I was trying to envisage using it, and one of the downsides of it, which is by design, is that you’ve made it difficult to move funds, right? Naturally, as a way of protection.
Peter McCormack: So, if I suddenly want to, if I suddenly need some Bitcoin, I have to create the transaction, and I have to go to the various places. And like you said, you might do it at work in two days to do this final thing. Therefore, I kind of picture the scenario where I almost think I need three levels of accounts, almost like the Casa multisig is my vault, and almost then need almost like, a saver’s account where maybe at the start of the month I’d put in the amount I would maybe need over a month, and then like a cash account. Do you envisage people having different levels and will you be supporting that with your products?
Jeremy Welch: I think that the very clear picture there is that, so we started with the hardest thing. Right? We started with the most important and hardest thing, which was multisig. And that’s long-term cold storage, but we have added single key support, and we have launched the Casa node.
Jeremy Welch: And so, you can start to see a picture forming to where, it’s about managing keys, and then those keys manage your assets, and regardless of where those assets are, if it’s on the node or in a multisig setup, most people will have multiple key setups, most people will have some money in, custodial services, right? It won’t be all of your money, but it’ll be some of it. Some of it will be in a hot wallet, some of it will be on a node.
Jeremy Welch: And where we’re headed, what we’re building, and there will be other price points beyond this, we’ll announce some things, more things soon, but you’ve basically already become a Casa client if you’ve bought a Casa node. And we don’t view that as you bought a one-time device, right? Like there will be more coming with that node, and you’ve basically entered into the Casa experience just at another price point.
Jeremy Welch: So, there is more coming. We started with this premium segment and we started with three-of-five because specifically with solving one of the hardest problems, but out of developing that expertise and out of all of the software and interfaces that we build for that, we can now leverage into building into hot wallets and building into these other areas for managing the kind of full, again, the full experience of your funds.
Peter McCormack: I got a feeling you were hinting at that a two-of-three is coming, which I might be able to afford.
Jeremy Welch: We’ll see.
Alena Vranova: Don’t give up too much (laughs). You know that one of the things that keep me awake, if we can touch on that, is the amount of people actually keeping their funds on, third-party services, and, the amount of people calling for custodial services, that, that is mind-blowing considering we’re in Bitcoin, and Bitcoin is designed to be a peer-to-peer private money, okay? It’s not supposed to sit somewhere in any other people’s, vaults.
Alena Vranova: So, I’m happy to have services such as Coinbase. They’re amazing because they enable people easy access, easy diving into Bitcoin, so you have news of 25 million customers on Coinbase, amazing. But, you also need to understand that the Coinbase owns 25 million people’s KYC data, and so, one day, I hope not, but that there may be an event where this data leaks, and you, all of a sudden you have 25 million targets.
Alena Vranova: So, that keeps me awake, and I think we should work our ways through, securing the most crypto wealth right now, but also to secure, like to help people understand. That’s why we started with the security checklist, to allow people just go through simple questions and see for themselves what’s their security health.
Alena Vranova: One of the questions how you store your keys, do you use a third-party service? Do you use second factor authentication? do you use a password manager? Stuff like that. So, trying to, like, educate people that, yes, this is a good service if you want to do a quick exchange, yes, this is a good service if you want, to use, you know Bitcoin for small spendings, then you use a hot wallet, and this is what you do if you want to secure your wealth.
Peter McCormack: What are the disaster scenarios? Say my house burns down, I would lose two of my keys. That’s fine, because I’ve still got two. I can call you guys up, you’ve got one. That’s fine. It’s some silly scenario where I’ve lost three, right?
Jeremy Welch: Again, the system is designed, the system is designed in a way so that it, one, as soon as you lose one, like we have all kinds of alarm bells, if you flag one as being off, we have all kinds of alarm and, and we get notifications and we’re calling you to try to help and get you, and we also hold and reserve.
Jeremy Welch: We hold a few, we authorize resellers for both Trezor and Ledger, and we, hold a few devices. We hold up to three devices, for our clients, so if they’re anywhere in the world may lose a device, then we will overnight them one. they can also just get one off the shelf anywhere, but we, we at least make that available that they’ll never be without device.
Jeremy Welch: So, the disaster scenarios are, I mean if you, if you really dig into those or situations to where, every area where you’ve, placed a key is somehow compromised, but the reality is in that (laughs) situation, that you have much bigger problems.
Jeremy Welch: So, in a scenario to where you had keys in New York and you had a key in San Francisco and you had a key in Texas, and all three were nuked, somehow, right? it’s a big problem, some of our clients, they have their funds that are in Casa that are kind of long-term, cold hodling and they have some funds in Xapo that are in the, the nuclear bunker.
Jeremy Welch: And, the interesting thing about Xapo is like the flip of that is you don’t have access to those funds. You can’t get easy access, and if there is a nuclear war, then, it may be decades before you can finally get over there, just depending on the situation. So, there are these trade-offs.
Jeremy Welch: And the one thing that we do provide you is full control. You can access at any time, and so I think that, getting to these extreme cases is, life starts to change so rapidly, the important thing that we have designed into the system is the ability that even though your keys are spread out, the experience around gathering, signing, recovering is extremely fast. So, your ability to recover is extremely fast, and your ability to sign, assuming you can get to those locations, is also fast.
Jeremy Welch: So, in a, in a real disaster scenario, you would shift funds out of the three-of-five because the primary security concern is mostly likely going to be for you to be on the move. You don’t want to stay in the city if there’s a major disaster scenario. You want to shift out and travel or, be on the road. So, we do think through those scenarios.
Jeremy Welch: We also have another product that’s coming out, that also mitigates another very (laughs), very far-edge case. So, there’s more. There’s more coming, and I, and I think that, again, this will be a gradual journey where we will consider every case and then, mitigate everything that we can.
Jeremy Welch: But there will be always disaster scenarios and, even in that case, the one thing that we can provide is that you have someone there 24/7 with you to try to solve those scenarios and try to recover or try to, device gets dropped in water or something, right? Like we will do everything within our power to help you recover. and so even that is a level up from where most people would be.
Peter McCormack: Let me ask a question about something I don’t technically understand. Say I lose my hardware wallet, so I’ve lost one of my keys then. Do you need the other keys to generate a new key? Is that how it works?
Jeremy Welch: No.
Peter McCormack: How are the new keys generated, then? So, say I lose one. How can you not just generate a new one and then I have three?
Jeremy Welch: No. So, the problem with losing three is that in order to access the original fund, set of funds, so in a multisig set up, you have the five keys in our case, five total keys, and you have to sign with three of them to get funds out of those addresses that are tied to those five keys. So, in a scenario to where if three total keys were lost, even if you generated a new key set of five and you sync those, you wouldn’t be able to move funds from the old key set into the new key set.
Peter McCormack: Right. So, if you lose a key and you have a new key created, you are actually creating a new key set.
Jeremy Welch: Yes, that’s correct. That’s correct. And we automate that process. So, we simplify and automate that process, and it’s full HD, HD wallet, right? So, all of, multiple addresses tied to each new key set, we allow you to select, by UTXOs in very careful, specific transactions, bind your old UTXO sets to new UTXO sets and it’s very customized, but very fast and automated in terms of how that works, which would normally take, an engineer at a command line a very, very (laughs) long time and, having a lot of information and being very aware of, their UTXOs, which, most people just aren’t.
Peter McCormack: Say I’m at home, I’ve got my two and I’ve lost my one at the office, and you create a new key set. Do those two originals at home still work or do they have to also be reset?
Jeremy Welch: No, they work, they work.
Peter McCormack: They work.
Jeremy Welch: Yeah. That’s the important thing and the nuance of the design is that you can phase that one, all the other keys still work, you just sync the new key-
Peter McCormack: Mm-hmm (affirmative).
Jeremy Welch: … then you have a totally new key set, and that we assist you in making the shift from the old key set to the new key set. It’s very fast. It can all happen within, three or four minutes.
Peter McCormack: Say I’ve lost that key. How do I get that new keyset? Like say I’ve got my new device.
Jeremy Welch: Yep.
Peter McCormack: I call you guys. I’ve got my new device.
Jeremy Welch: Yep. You just tap in the app, you click on the key, you flag it as compromised, you tap the key again, you flag replace key.
Peter McCormack: Okay.
Jeremy Welch: You plug the key in on a computer and sync that key with our systems. And then, we generate all of the new addresses for you, the key set for you. We derive all of that. That's, derived, again, that's derived on our servers and it's derived on your app directly, and then that's validated between the two.
Peter McCormack: And that all just starts working straightaway?
Jeremy Welch: Mm-hmm (affirmative).
Peter McCormack: So, sorry to push on this.
Jeremy Welch: No, this is great.
Peter McCormack: Just because I'm trying to get my head around it. So, say, say mister Mr. Extorter comes to my house with a gun and a hardware wallet. What stops him from putting a gun to my head and getting me to then phone you and say, "One of my keys is lost. I'm restoring," and create a new keyset with the hardware devices there, and then suddenly he's got three?
Jeremy Welch: Yeah, well, he could create but he's still going to require you to sign with a bunch of your old keys, to put funds on the new keys. And, if even in that, that new key, that new singular key is still tied to all of your old keys. So, he's not going to be able to do anything with that money without coming to you every single time.
Peter McCormack: No, I mean he comes to, comes, I've got two keys, he gets me to retire one, he gets a new one created, and with those three, he forces me to transfer my funds to another wallet.
Jeremy Welch: Well, he can't if it's only with your old key set, right? But, but what you're describing is that he's basically rotated one of his keys into the system?
Peter McCormack: Yeah.
Jeremy Welch: Is that what you were describing?
Peter McCormack: That's one thing, yeah.
Jeremy Welch: Yeah, well, but in that scenario, he can't access funds from only that key.
Peter McCormack: No, but he sat with me with a gun to my head, does a transaction, I sign my two and he signs the third one, and the funds are gone.
Jeremy Welch: Okay. So, to even get funds onto that key set, you would still have to go to multiple locations. So, if you rotated in his key.
Peter McCormack: Mm-hmm (affirmative).
Jeremy Welch: ... right, if you attempted to do that, to even put funds into that new key set, you still have to go multiple locations.
Peter McCormack: Why is that?
Jeremy Welch: So, it would be no different. Because, so you have to sign with the old key set to get into the new key set.
Peter McCormack: Sorry. I'm, I'm, so I'm getting lost here because…
Jeremy Welch: So, think of it like this, okay? Think of it like this, you're home, right?
Peter McCormack: Mm-hmm (affirmative).
Jeremy Welch: you have keys to get in all of the doors. And if there's an attack, if something happens, if you lose keys, if something then you just change the locks. Right? On your home.
Peter McCormack: Mm-hmm (affirmative).
Jeremy Welch: Any time there's an attack, you change the locks. Any time that you're changing the locks, the locksmith has to come out. It's a long process. Right? Same thing with, on the multisig side, we've simplified everything around key set management, around key generation, around even signing.
Jeremy Welch: What we haven't done is we have made sure to still use the signing process of having to go multiple locations and use multiple devices. So even though you can regenerate a new key set within a few minutes, right, you still, to fully complete your new setup, you would have to go to one of your other locations and get another key. So that attacker, he's not going to gain anything.
Peter McCormack: Oh, right, and how do you know then that I've got to that new location?
Alena Vranova: Well, in order to move funds, you need to sign three keys. That simple. You will not be able to move anything unless you do three signatures, one on your phone, two hardware wallets. So ideally those hardware wallets are not with your phone, but if one of them is, then you go to another location for the third key.
Peter McCormack: I'm still ... Sorry, I don't mean to be a pain. I'm, I know I must be, but.
Jeremy Welch: No, no, no, no! It's okay, it's okay.
Peter McCormack: I'm imagining I've got my mobile wallet and one hardware wallet at home, one at my dad's, and one at my office, say. That's my four.
Jeremy Welch: Yeah.
Peter McCormack: An attacker comes, holds a gun to my head, I go into the app and I say I've lost my home wallet.
Jeremy Welch: Yes.
Peter McCormack: He's brought a new.
Alena Vranova: Yeah, an attacker would not, want to replace your keys. An attacker would ask you to transfer the Bitcoins to his address, okay? That would be the scenario. so, you would say, "Okay, I would like to do, but we need to go to see my lawyer and we need to go see my office."
Peter McCormack: That's the scenario where the attacker, like, you've convinced the attacker that you have to go somewhere else.
Jeremy Welch: Well, then, you have to go somewhere else regardless. In every single case, if you're going to make a transaction, even if it's a recovery to shift into a new key set, you have to go multiple locations. Does that make sense?
Peter McCormack: But why if I have got three keys with me do I have to do that?
Alena Vranova: Well, you should not. The multi-device, multi-location. That's the standard practice.
Jeremy Welch: I think I know where he's disconnecting. So, what you just said was, if you have three keys.
Peter McCormack: Mm.
Jeremy Welch: And I think what you're assuming is that w- so the three keys that you have, you have the key on the phone-
Peter McCormack: Mm-hmm (affirmative).
Jeremy Welch: ... you have the key at home-
Peter McCormack: Mm-hmm (affirmative).
Jeremy Welch: ... right? And then you're assuming that the key the attacker has, is that correct?
Peter McCormack: Yeah, the attacker's-
Jeremy Welch: Yes.
Peter McCormack: The attacker's switched in their key and he sat with you so they've got three keys.
Jeremy Welch: Yeah, but he can't, he can't switch in that key. So, there's a disconnect right here, okay? So, three keys are at the home when the attacker is there, with the new key, okay? But that setup, that key set with his new key has zero funds on it. It has nothing on it.
Peter McCormack: Right.
Jeremy Welch: Okay? All of your money, all of your money is still on the old key set.
Peter McCormack: Right, so I have to go to the other place.
Jeremy Welch: Exactly. And so, it doesn't matter. He can swap in a key all he wants and it's not going to get them anything. The only thing that will happen is that, is if they took you to other locations to go get your old keys.
Jeremy Welch: So really, even though there are three keys at the home, it's really two keys that are actually connected to your funds and one key that has no connection to your funds right now. So, you still have to go get another, you have to go get another third key that's somewhere else at another location to do a transfer.
Peter McCormack: Right.
Jeremy Welch: But this is a case that won't even matter, because again, no attacker is going to do this. Logically it makes zero sense because (laughs), even if an attacker rotated in one key, then they would have to come to you every single time they wanted a transaction because they can't sign with one key. They have to have three total.
Peter McCormack: Oh, no, no, I would take, I would take the whole lot at once.
Jeremy Welch: Yeah.
Peter McCormack: ... and just then disappear.
Jeremy Welch: Yeah.
Peter McCormack: (Laughs)
Jeremy Welch: Yeah.
Peter McCormack: It's good, though, because, I sat here at home and I was thinking, I'm going to find a way of breaking this. I'm going to really find a way of breaking this-
Jeremy Welch: Yeah.
Peter McCormack: ... and think, feel, feel really smart, you know? That's what I spent most of my time preparing for and thinking of different scenarios, but really all I could come down to is, stupidity-
Jeremy Welch: Yep.
Peter McCormack: ... or some sophisticated, attacker who would also have to know that you have Casa and your setup and have to be-
Jeremy Welch: Yeah.
Peter McCormack: ... prepared for some scenario multi-location. And it, it is really quite impressive, actually.
Jeremy Welch: Yeah, but again, even in that case, like there are so many, so much room for error. most attackers, most thieves, they have very, very tight windows and very, very tight locations. They're not looking multiple locations at once.
Jeremy Welch: And then it just becomes a question of, okay, even if they designed (laughs) a multiple-location attack, how much are they actually getting, and how much are they going to have to spend to achieve that? If they have to spend $500,000 or $1 million because of that, they have to hire an entire team of people to achieve this, right, and they're only getting $2 million, and then there's the risk that someone else rats someone out and, there's all, all kinds of complications happen.
Jeremy Welch: So, you ultimately are just creating this scenario to where the cost gets higher and higher and higher and higher for an attacker and the risk gets higher and higher and higher, and so, that prevents these attacks from happening.
Peter McCormack: And I guess also from your side, you, you don't really want to hold much customer data or know too much about your customers, really, because that is an attack vector as well.
Jeremy Welch: That's an attack vector in and of itself, yeah. So we've actually, gone above and beyond in limiting our customer data. We don't use any tracking in apps. We don't use, a lot of (laughs), a lot of companies use these like tracking systems, to just understand what their clients are using in the apps, and we've removed those. Right?
Jeremy Welch: We don't use those in our design in our applications. We’re doing a lot of steps that no one else is doing to limit any kind of customer information, and we have certain, customer, communication channels, which we send advice down or, but that's it. And so, the client, we are even, we design even for internal attackers, right?
Peter McCormack: Mmm.
Jeremy Welch: Like we, we design for, Casa should never be able to compromise you.
Peter McCormack: Yeah, because I was wondering, are there any risks of, like rogue developers coding some kind of time bomb that screws your clients basically?
Jeremy Welch: It’s a very real thing in all systems, and that's one thing that people just are not considering, and so we are, we are even designing against that, to mitigate that, and that's what I pointed out. Even, so that's limiting customer information, that's re-deriving addresses on both the apps and server side. Like there's just a variety of things that we do that no one else is doing, to, to ensure that that's not even possible.
Peter McCormack: Now, look, we've done an hour and 15 already. Alena, I'm, I'm not going to ask you a lot about, B Foundation because I know you've answered it a lot. I just want to say, how is it going?
Alena Vranova: (Laughs) Good. We are in the process of, establishing everything and setting everything on, in place so then we can start to be fully operational next year, early next year. That was the plan. Now we're following up on that and, November will be like the final steps, you know (laughs).
Alena Vranova: We're in this like establishment area and, we are implementing the donation engine which is on Giacomo's shoulders right now, so, we're moving forward. I hope we will start doing some real projects, very, very soon.
Peter McCormack: And Jeremy, what's coming up for you and for Casa? What shall we keep an eye out? Obviously, there's lots coming, but, what can you tell us?
Jeremy Welch: Well, the nodes, first off. We are shipping nodes. So, we've just been doing some assembly and final testing this week and, those will go out, I think on Monday, is the first, big shipment. So, that's moving. That's exciting.
Jeremy Welch: But then there will be more updates to those nodes. we do have a way of providing kind of software updates and, so there will be more features and more additions to that. There will be more on the key management side.
Jeremy Welch: There is another new kind of secret project that, will be coming out, and again we view this as like a, kind of packages. You buy at a certain pricing tier and you get a package of stuff. So, there's more. There's more coming. We're excited about this year, and, we're excited about 2019. Go to Keys.casa and check out the security checklist and the other products there, but it's going to be a fun year.
Peter McCormack: It's really cool. I feel like you've really levelled up in terms of what you're doing here in crypto, like you say, the team you've assembled, the focus on design. It's very impressive.
Jeremy Welch: Well, it's kind of assembled itself, right? As soon as we kind of arrived at, this core mission of maximizing personal sovereignty and safety.we were all surveying and looking around at the other solutions in the market. If you look at like the iPhone, I mean there's hundreds of cellphone models prior to the iPhone emerging, and what happens in cases to where someone takes a very kind of lateral move or a very big leap, to the Apple team, it seemed obvious. Like why aren't people doing this? Why don't people have apps? Why don't people have, these other components?
Jeremy Welch: And, as soon as it's out there, it took a little time to build the momentum but then all of a sudden everyone also shifted the game, and shifted in that direction. So, think about kind of core design experience, what the rules of the game are for Bitcoin, for decentralized apps, and we're building the best possible experience around that and, enabling people to secure their funds and secure their data and there's, there's just more coming along that path.
Jeremy Welch: So, as soon as we kind of started elucidating what pieces of that looked like, everyone in the team has, has kind of rallied around that. So, it's been a very natural growth of the team and we're much bigger than we kind of led on, publicly and we're excited about the next year and, and releasing more products and helping people manage their keys and manage their data and manage their, manage their Bitcoin and more.
Peter McCormack: Fantastic. And how can people stay in touch with you, and who do you want to hear from?
Jeremy Welch: You can go to keys.casa. Check out the security checklist. On Twitter, we are @casahodl and, yeah, anybody that has questions around security, anybody that has questions around key management, if you're managing, large amounts of funds, small amount of funds, we are happy to help anyone. The DMs are open. you can also just email firstname.lastname@example.org, directly.
Peter McCormack: Fantastic. And you, Alena, how can people stay in touch and who do you want to hear from?
Alena Vranova: Oh, ideally on, Twitter, or Telegram, @alenasatoshi, or just message Casa, if you, if you want to become a client (laughs). Yeah.
Peter McCormack: Fantastic. Thank you both for coming on.
Alena Vranova: Thank you for inviting us, Peter.
Jeremy Welch: Excellent. Thank you, Peter.