Building On Bitcoin

Today I am joined by Justin Moon. He is a developer and an educator and he hosts build a boot camp where he teaches people how to code on bitcoin and build applications on bitcoin. And we get into all types of conversations, including ways that people can get involved with bitcoin. UM, so many different options. We talked about ways that people are building and what kind of options are available there, and then we get into security of bitcoin.

We talked about bitcoin wallets, bitcoin security, bitcoin protocols, UM, what would be maybe the easiest way for big inners, and then what's more advanced ways as people want to grow their security UM. I liked what he said that complexity is the enemy of security, and so we talked about that and so many other ways to protect your privacy. It was a really good conversation with Justin. So let's go ahead and just jump right into it. Hey, everyone,

welcome to another episode of the Market Distructors podcast. Today, I am joined by Justin Moon. He is a bitcoin developer an educator and uh, I'm really excited to have him on the show. Welcome Justin. Thanks for having me. Mark. So, I met you in Texas a few weeks ago at a bitcoin conference and you were given a talk about wallets and security and things like that. Really good talk,

by the way. I appreciated that. Why don't you just give us a little background on you know, who you are, what you've been doing, and what you're doing in the space right now. So I'm a programmer by trade. I learned uh during college. I didn't actually study it in school, but I was so bored in school that I just picked it up on the side because it was fun. Uh. And so I've been doing for like five six years,

and I got into bitcoin maybe eighteen months ago. Uh and uh, when I actually understood that it was it was a really good technical solution. I always thought it was it was probably smoking mirrors. But when I went and studied, I was like, oh wow, this is quite interesting. Uh, even if it you know, just on a technical level, even if it doesn't impact the world at all, it's like technically very interesting. So that kind of got me

in there. And uh and yeah, so after about six months, I became frustrated with the difficulty of learning how bitcoin works. Uh you know, y'all you're just like chasing down random blog posts and uh, there wasn't really like a really many classes I could take to faciltate to just speed up my learning. So I created a little thing called Biddle boot Camp, which is like a six six week or so online bitcoin programming boot camp where we do, like very briefly, we we do like three or four

main things. We make like a little mini version of the bitcoin network. We write it ourselves so you can see how the like mining and everything interacts with transactions and all this stuff, which is fun. And we do a little uh programming with the real bitcoin network, you know, connecting to all these peers, composing messages, reading messages, trying to do stuff like initial block download ourselves, which is kind of fun. And then we build the hardware wallet

at the end. So that's my Biddle boot Camp class. And uh, an interesting thing with the Biddle boot Camp was that, Uh, a lot of people who are interested in it were like really bitcoin people, and they weren't very sophisticated programming wise, and this might apply to your audience. Uh. So I ended up creating a little thing called University, which is like a learned to code class aimed at people who are interested in bitcoins. All the examples involved bitcoins.

So like when we're learning to do a loop, that's a common thing you do in in in programming, we do something repeatedly. Uh, we're trying to solve the question of how many times will the bitcoin uh subsidy have? Right, there's this happening every four years. So it's like a simple base gain out your problem and you can do it with a like a loop and programming to you know, just divide it until it reaches zero and you count how many times you do that. So it's it's like

a lot of fun little exercises like that. So I'm sort of one of these advocates for trying to get people to understand a bit going on a little more technical level, uh, just because I think it's it's very rewarding. It reduces the chances you lose your coins, which is extremely important. I think the best self defense and bitcoin is education. Yeah, it's kind of like, was it that meme going around like they should just learn to code? Yeah,

learn to code. I actually got suspended from Twitter for saying learn to code with some journalists, uh in the doghouse for forty eight hours, I think. But yeah, it's it's uh. I mean, it's kind of a joke. And

obviously it's not for everybody. I wouldn't like say, you know, like you know, my friends with you know, talk to safety and almost every once in a like who wrote the bitcoin standard for a great book, and like, I don't want I don't think he should maybe learn to code's got his thing figured out, you know, maybe it's not. It's just like my point is, it's not for everyone. I think I think a lot of people should try it because what I love about it is, um, you know,

I love the space. We both love the space. I believe it's gonna be one of the most you know, one of the biggest technologies to really change things up. And so there's gonna be all types of opportunities and and if you want to get involved, I mean, maybe you want to do marketing around bitcoin or right content around marketing, or maybe you want to code. And so there's a bunch of different areas that you can get in depend on what you're what you're you know, interests

are or whatever, but in your background. But I'm curious, So, like you're teaching people how to write code and then code on bitcoin, but um, they're not actually changing Bitcoin. They're not working on bitcoin core. They're working on is it like products that would be on bitcoin or working with bitcoin like stacking on it. Yeah, So there's a distinction in bitcoin development. There's a distinction between application development

and protocol development. Right. So the protocol is, uh, it's just a sort of rules, right, and the Bitcoin protocol is like an abstract set of rules. Uh. And then there are different software programs that attempt to like execute and enforce these rules, right. And so the oldest one is we call it bitcoin core or the Setoshi client. It's the thing that Setoshi made, uh. And it was really started out as really like a proof of concept, right.

It's a kind of an ugly piece of code sort of hacked to clearly hack together by one person who was you know, didn't didn't didn't have the resources available to attempt such an ambitious project and was just sort of, you know, continued to be nursed along for a few

years until he could get uh some external interests. But still it's it's sort of like, uh, it's like it's like sort of an ugly UH program, I think, just because it's very hard to change because any if you make a mistake, the network splits, so you know, the developers have to be very very conservative. And some other protocol implementations or something like btc D. This is a version of an implementation of the Bitcoin rules UH created

by roast Beef the the or. He's one of the people who made it, and he's the guy who makes the l n d UH Lightning protocol implementation as well Lightning Labs. He's the CTO of Lightning Labs. There's another one called li Bitcoin. There's a number of these UH protocol rule implementations, and then there's application development, right, so that's like your Wasabi wallet or your electron wallet, or your treads or or maybe like bitmax or backed or

anyone of these exchanges are on ramps. Also like lending products, the fa basically thing that interacts with bitcoin. I mean it's an Apple. Yeah, that kind of like like the ice, like the iPhone, and you have like your ILS application, which is the core, and then you have all the apps that you can install on them that can do any number of things exactly. And but the big distinction there is that anyone can work. It's very hard to actually work on the iOS operating system. You gotta go

get a job at or at Apple. Uh. But with bitcoin, you you can work on the bitcoin core project. And I've had a few students make small changes to it because the codes there and if you notice some bug, you can just kind of update it and eventually your change will get in if it's a good change, hopefully, And so so yeah, that's the distinction is you have the people who are working on the actual rules. Well

there's there's sort of like three pieces. There's the people who work on the software that like executes the rules, the people that build applications on top of it. But then also like the one group that I don't really mention is the researchers. They're the ones that think about how the rules should change. Right, so segue for example, was this uh way that the rules changed and uh it took a ton of thought, and this is a change in the abstract rules of bitcoin, not any piece

of software that executes those rules. So it's sort of like the three different pieces. And I focus more on the application development. But I think most, or I would say many people who get in involved in bitcoin probably start on the application side, like how can I play with bitcoin? Right? And as they get deeper, they might move towards more of a protocol developer and sort of the most advanced as a researcher, where you trying to

think about everything holistically and improve the whole beast. Sure, but I think for easy comparison sake, I mean a lot of people think about building apps for the iPhone and the Android, but they're not thinking about trying to build a new Android or go work with Android. They just want to make an app for it. Yuh. But

I guess it's a little bit unique. Bitcoin is a little b unique in a sense where it's open source, so anybody could just build whatever they want on it, versus, like you said before, like the Android iOS, those are not open source, so you can't just build anything, right, it has to be permissioned and within when it's the other big difference that's so out of our Bitcoin is that it's not like the open source is not just that you can work on it, but it's so easy

to copy and make a copycat, right, Like trying to make a copycat of Android is like absurd because it's it's so hard to market it, right, But bitcoin, you know, you make an alt coin and try to market it to people, Well, it's it's very easy and you just like light Excuse me, lightcoin took forty five minutes to create, right, So it's it's it's it's one of the tough things about bitcoin development is there's a huge in sign up once people become sophisticated enough door with it to go

and copy it and compete with it. Uh, just the one I like your point, but that's the one distinction is it's like you get, it's just so easy to copy. Yeah, and then I've heard it. I've heard it said where you know, because bitcoins open source and then you can build whatever applications you want on them, and then you

could start building on top of like other applications. So a lot of times these other applications may be open source as well, and then it's almost like stacking legos, so then you can kind of combine other applications to make a new application kind of a thing. Yeah, I was just playing with BTC bas server. That's the it's a project. It's like a merchant processor that is self hosted. You can uh, you know, for like ten five ten bucks a month, you can run it and accept bitcoin

payments on your e commerce stores. It's like for my classes, I accept payments in bitcoin using this, and you don't have to trust a third party, which is really nice. You actually hold the keys to the bitcoin yourself and you run it on a computer that you control. So it's it's sort of like goes along with the ethos of bitcoin to uh do the verification yourself and not

trust third parties. And within this BTC pay server application, there's all these little apps and so one of them was one to like export your your invoices to quick books, right, and so at this point these are both free, open source products, but it is so you're starting to see this sort of like stacking of uh. I mean, it's it's the BBC PAS server has its own little app

store kind of inside, which is pretty cool. Uh, And I think you're gonna see a lot more of that, especially as uh you can create you can turn these little projects into businesses as bitcoin becomes more popular, especially if the developers continue to build stuff open source, right, so BTC, paser ever built it open source, which allows people to now start building on top of it. Um I think I guess once people start trying to close it off and keep a proprietary then maybe that slows

things down. Yeah, yeah, I mean you can definitely see that. Like I guess the company like Costa Gems tends to I guess they have some some some of it open source, but a lot of quite a bit of its uh close to uh. Some some of these companies are trying to make it more like a walled garden, which always fine, especially if it might be hard to like build on it,

but especially if you can audit the code. Uh like if if as as a bitcoin user, you always want to demand open source, not because you're gonna go and read the code, but just because you can sort of assume that a popular thing where the code is on the internet is going to have some people like justin over here, who's gonna migaul and trying to see if

there's something wrong with it. And if there is, tell everybody and so that that that's the thing that's really powerful about open sources that you can sort of the more popular is you can assume more people are sort of looking at it and they're trying to like attack it and figure out ways to break it. So like that's a nice thing about the Treads or the whole firm where everything about it is is a pretty open store. And you know, and it's been that way for about

four years. So uh, as your your average non technical users should find some comfort in that fact that a lot of these sort of like hacker types are competing with each other to break the treads or and they struggle to So that's that's a really nice thing, you know. Yeah, so that's a good segue. I wanted to jump into UM talking about security. So you mentioned COSA and then

obviously treads or UM. So at at the bit Block Boom conference, you were talking about security and different types of custody and wallets and whatnot, and I think you you basically, I mean, I guess if you want to break it down into two big buckets, you have self

custody and then you have someone else holding custody. Uh, and then you have shades of that like a cosa where there's like maybe some shared stuff, but you either have someone do it for you or you do it yourself, right, and then if you do it yourself, you have a couple of different options. So what are your what are your thoughts there? Yeah, so, uh, I guess the big distinction is uh sort of about really owning bitcoin versus having financial exposure to bitcoin. Right, So there's a number

of ways to get uh. To own bitcoin, you have to you have to have control over a secret number. Basically it's a huge secret number, like eighty decimal places, and that having control over a certain secret number like that, it's so big you can't guess it. It would take the you know, the age of the universe to guess and check whether you your guess was correct. That's the security of a That's that's what it means to really own bitcoin is to have control over one of these

secret numbers. And that's what a treasure's entire job is to safely, generate, store, and interact with this big secret number. Right, that's the cryptography and cryptocurrency. So so that's what it means. Just to own bitcoin is to to control that number yourself. But it's scary because uh, you know, if your software has a problem, it might try to steal that number, or uh, your software might not generate it in a in a good way to make it sort of easily guessable.

So there's there's some pitfalls there. So on the other side is financial exposure to bitcoin, right, and so when you're getting financialists exposure to bitcoin, you don't have all the benefits of like, let's say, being able to cross a border with your bitcoin in your head. You know, to memorize uh twenty four words and cross the border with uh, with your net worth in your head. That's

like one of the most amazing things about bitcoin. Uh, you don't you don't get the privacy benefits, you can't transact with it, uh, number of other things that you know, in the case of a government crackdown, you you you you aren't sure you'll be able to keep your financial exposure. Uh. So so some of the ways you can get financial exposure are you know some of these like products uh, like, I mean the big one is by quote unquote buying

coins and starting them on an exchange. What you own at that point is an iou you do not own bitcoin. You own an IOU that represents bitcoin, and if the exchange you're working with when completely insolvent tomorrow, you wouldn't ever get those bitcoins. And this would happen in Mount Docks for example. So these are people who had financial exposure bitcoin but didn't own them, right, And a lot of people think those exchanges are like banks, but they're not.

They're not. They're not insured. Yeah, well, and then even banks, right like banks, uh, you know, they're insured up to a point, but if the banks ever go completely insolvent, you're not gonna get all your money either or whatever.

The way I like to look at it is that everything in life has risks, everything has trade offs, right, and we always have to wait with those tradeoffs, and those risks are and you know, just like in the old days, maybe people kept cash at home and put them in the mattress or put it in the walls. But the risk with that is that you know, your house burns down, someone steal as you, robs you whatever, or you can put in the bank, but then the risk is, I mean, what if the bank doesn't give

your money? And so today kind of the same trade off, like I can custom my own bitcoin UM, but that that carries risks if I do it wrong, if I get hacked, if I lose my password. I could have someone stored for me, which probably is does a better job of security, So the security risk kind of goes away, But then there's risks that maybe they don't give me my money when I want it, or they go and

solve it. Like you said, yeah, you don't get all the benefits of bitcoin if someone else, if you just have this, It's like it's about that other people will find these benefits compelling, but you yourself don't get the benefits because you're you know, you're just using a third party. Yeah, so what are what do you think are I know you've done quite an extensive review on a lot of these different hardware wallets, UM and and and different ways

to secure it. So what do you think are like the kind of the first steps that someone should make that are pretty good without going to overboard. So my point of view is that, uh, like when I think back to when I first started to use these hardware wallets and software wallets, and I think about all the mistakes I made. One alarming thing is I was always using real money, right Like I was, I was learning how to use it with real money, and if I made a mistake. I don't think I ever made a

real mistake. I got really close a couple of times, but uh, you know, if I would have made a mistake, I would have lost for money. And so the biggest thing I think of is that if if you really want to commit to learning how to use this asset in a safe way, uh uh you know, to to to basically have your own Swiss bank account in your pocket, right, think that's what it is. Uh. If if you want that, then you have to commit some uh time and energy to learning. And the best way to learn is to

use bitcoins test network. It's called test net uh test not is you is uh? And this is what we do in my Huddle boot camp to class to teach people some of these self custody fundamentals. Uh. Test ne is a a clone of the Bitcoin network that is intended to be used by software developers like myself when we're building applications. And so every almost every wallet supports test not because the developers want to test it when they're you know, making changes. They want to test that

it works without having to risk grow money. But test that has a is also very nice if you're trying to learn how to use these products, because you can screw up and not lose any money, which is fantastic. But all the all the hardware wallts, all the software wall, it's work exactly the same, whether using test net or

the real bitcoin network which we call main net. So that's the big thing I would recommend is is, uh, you know, look at it as sort of like maybe a couple of months process of learning and just start uh downloading wallets and playing with them using bitcoins test new And one of the important things I would practice doing is practice like, uh, practice like losing the wallet. Right, so all you have is your your your seed words. Right, we have these like twelve or twenty four words that

represent that secret number I was referring to earlier. You can practice like deleting the wall and figure out how you can get those test not bitcoins back from this words. Right.

So you're so you're basically stimulating a disaster, right, so you can sort of like simulate and uh practice going through these sort of disaster scenarios and uh, that way, if if you do this, you know everything that everything that that that could go really wrong, and you've sort of practiced how to, uh, how to recover from that, and you know what what mistakes are fatal and which aren't, uh, and you can do all this without ever risking row money.

And maybe you get halfway through and you say, hey, this is a't for me. I'm just gonna you know, leave my coins with a third party. But I think I think, uh, I think, you know, we need to look at like, you know, I think different people need

different levels of security. So I mean, if you're trying to secure hunt it dollars with a bitcoin, your security protocol is gonna be a lot different than if you're trying to secure a million or ten million or a hundred million, and so um, you know, maybe maybe if you're only dealing with a hundred bucks or a couple hundred bucks, maybe you don't need to go through all that.

Maybe just put it on a truas or it might be might be might be good what putting on a trust or at that point it's too expensive because that's just where as much as your coins are worth. That's true. I mean, I think I think, yeah, so that's a good point. You know, you get started with just it's it's kind of like the idea of good off zero with uh, you know we tell people, we tell no connors like good off zero at least have like a dollar worth of it kind what you know, Yeah, it's

not rational to have zero dollars a bitcoin. You should at least have like one dollar. Uh and what we same way if you own some maybe maybe just move a couple of your coins off in exchange, a couple, you know, small percentage of your coins often exchange and practice holding that yourself. Yeah, So do you think it's kind of like we have like heart we have we have software wallets or hot wallets, right that we could download from the app store, and there's dozens of those. Probably.

Then we have like a hardware wallet whould be like a treas er ledge or cold coin, which is an actual like a hardware like USB device that I could store it on and that so that like maybe level one is like just downloading an app and storing it in there. I mean there's so many today, Um, some that make it super easy to send your bitcoin, like drop it, um, you know, ones that pay you back like Glali, and then there's you know, all kinds of other ones. Do you do you mess around with those

at all? Or do you think that's just you should probably skip right past that and go right to a hardware wallet. I I, uh, I just find Dusktop apps easier to use, honestly. Uh So, I I got started using Electron because Electron is quite easy to use. But I think the idea of starting with a mobile app. But one nice thing about mobile apps is you can like scan QR codes much easier, so like you never have to worry about typing it in wrong. You just scan the QR code and you know, you it's a

little it's a little bit more ergonomic. So yeah, either a Dusktop software app or a software wallet or a mobile app are great places to start. And you know, you just practice sending sending back and forth. I mean, like one of the other things you can sort of learn about is just like the different fees you pay. I think most people, uh, you know, after being in bitcoin for like a year, they realized that you don't it doesn't matter if your transaction confirms and twenty minutes

or not. Most of the time. Most of the time that confirms in a week, you're happy. Uh, And so you you know, you learn to pay a much slower fee. At a certain point you can pay you know. Uh yeah, I think many of us overpay on the fees on our fees quite substantially. So it's like, you know, just to start start playing with a little dials that the

software wallet's using. I think. Yeah, I think one of the best ways to understand bitcoin is to just play around with it and try to figure out, you know, after you're after your transaction is created, you know, go and put that I D into maybe block stream dot inflows, block explorer, uh and and go try to look at

it and understand what the block explorers telling you. You know, like your transactions are much more interesting than like a transaction in the abstract, so you can sort of like look at yours and try to understand what's actually going on there, and you'll see some terms you don't recognize. Google those. I think that's one of the best ways to learn about that point from from the beginner's point

of view. Yeah, Now, what about when you're using a hardware wallet like a treasure or a ledger, when you're doing those transaction and I mean, I guess you have to log onto their website connect your wallet, and so then it's running all those transactions through their servers, right and and maybe the next step would then be to use those hardware wallets, but then how the transactions run through your own server? Yeah, so this is a tricky Uh,

this is something I'm actually working on right now. Uh So, Yeah. The default way is that you're using apps that they make for you, and so the trader off there is privacy. They will know every transaction you ever did, and you should probably assume that they're going to sell that at some point information because it's very valuable. Uh you know, maybe they won't, but you should probably assume that they will.

So if you care about your privacy and you don't want basically, uh you don't want uh it to be public knowledge which coins you own, then you'll probably want to figure out a way to connect to your own node of some sort. And the the easiest way to do that in out is using the electrom wallet and something called electron Personal server. This is uh it's basically something that can connect Electrome to your own full node. And this is not really for non technical users, honestly,

it's and even I don't really enjoy doing it. Uh, it's it's like a glue to to connect these two different programs because electrom knows how to work with harder wallets and uh, but it does it generally. It talks to uh third party servers which are are probably also leaking your privacy. This is one of the things. The deeper you go down the rabbit hole, you you you learn about all these different places where privacy is leaked.

That's sort of like a lot of the advanced usage a bitcoin is around using it without leaking your privacy. And so there's a new class of things that user interfaces that will connect directly to bitcoin corps. And I'm working on one called Junction. I hope to release it either tonight or tomorrow. I made like one release a

week or two ago. But I'm making a desktop app uh and so that would connect directly to your own full node uh full note meaning like your bitcoin core running and it and it goes and verifies every one of the transactions, so I can see what you what your balances are. Uh. So so there's a new class of this, like an interface that someone could use to connect to their their full node much easier. Yep. So

so it's it's an interface to to do uh. It's an interface that connects hardware wallets to bitcoin core, so you can use your hardware wallet together with bitcoin core and UH you can also use your hardware wallet and a multi sig set up. So this is the idea with multi sake is you can have multiple keys control your bitcoins. You can basically split your bitcoin up to be controlled by let's say three different of these secret numbers, and you only need two of them to participate in

order to move your coins. And so the beauty of this is that it removes a single point of failure. Something you could just totally lose one of those, uh and you'd still be able to recover your funds because as long as two of them still remain. Uh. So this is this is the focus of my junction project.

Had I had a long talk with Ryan McDonald from a COSA at at at the bit block Boom conference and they offer you know, multi stake two or three or three or five, and you know it's like, if you have a hard enough time keeping track of one key, does having three keys just complicate things? Like now you have three points of failure? Well, I mean, yeah, there's uh, there's Uh, well, you don't have three points of failor because if any of them, any one of them can

fail and you're still okay. Uh there, I mean there's sort of a yeah, there's sort of an interesting question here, Like, I mean, another thing some people do is they, you know, make cop you know, have you'll have like split your coins between five different wallets or you know, three different wallets, let's say, and uh and you know, try to treat

these separately. And so the nice thing about that is if you lose one of them, yeah, you lose that whole wall, but you don't lose all your coins, right, so but you know, uh so, so there's sort of a there's sort of a debate between whether you should sort of us have a couple of different storage strategies. None of them are perfect, but you might lose some coins, but you'll you'll minimize the chance you lose all your coins.

The other point of view is that you should really put a lot of effort uh into one storage strategy, make it as good as you can, and put all your coins in there, uh and just really make sure that that doesn't fail. And that's the point of view I would tend to go with but that's maybe more

because I'm an advanced user. Yeah, I go with the option one personally, as as my as I've grown, I've added more hardware wallets, and I think maybe that's because, um, I'm I'm afraid of either hardware failure or like hacking. So if somehow it got one got hacked or one failed, um I only lose a fraction as opposed to all

of it. Yep. Yeah. So the the the idea with hardware wallets, just to kind of back up a little bit, is that you know, like let's say, like right now, no one's really trying to hack your bitcoin because anybody who knows about bitcoin uh and is a is a nasty person, is probably focused on other scams, right. They're probably trying to make these some of these uh kind of scamming I C O S or something where that you know there's nothing there and they're just trying to

sell you vaporware. Uh, and so that's sort of a scam is beginning to go away. Uh. Maybe they're doing like ransom attacks right where they just shut your computer

down and demand bitcoin stuff like that. But eventually if bitcoin s price goes up a lot more, uh A lot of these easier scams are going to go away, and the only scam that remains is actually taking people's bitcoin and so uh, Like there's a lot of ways that, like, if you have a wallet on your phone or your computer, there's a lot of ways that a wallet like this could be just could be compromised. Like one of the big ones is, let's say, uh, viruses and stall all

on your desktop. That is a key logger. It logs every key stroke you have, and so it waits until it sees key strokes that you know represent the password to your to your account or your your seed or something. Uh, it can just go and and steal that run off and steal your coins. Uh uh. Let's like, you know, there's a number of ways that h a a uh program running on a desktop computer can be compromised. The

reason why we like harder walltz is that they're very simple. Uh. They're like the simplest possible computing environment that can generate, store, and interact with a Bitcoin private key. And so just because the environment is so simple, there's like less places for ghosts t hide, so to speak. Right, there's less

places for a virus to pop out of the woodwork. Uh. And they only communicate They attempt to only communicate with the rest of the world over a very simple channel the USB wire or in some cases like a micros D card or a QR code. Uh. They attempt to only communicate over to the rest of the world over the simple interface. Uh. And it's just like reduces the chances that they, like your normal computer is communicating with the world to the internet, maybe through your like you know, uh,

like three different ways to plug stuff into it. There's just all kinds of ways that it can connect to the external world and that a virus can get inside. So that's the big value proposition of a hardware wallet. Got it, And and unless somebody actually takes physical control over it, it's pretty much impossible and then be hacked. Uh, it's not impossible. Like there are versions there, there are like people have hacked hardware wallets, uh remotely. I can

think of like two of them. Two verb two things. Like one of the scary things is if if somebody installs a virus on your desktop computer that's connected to the internet, uh, and they can send if there's some imperfection and how the USB communication works, Like there have been examples where you could extract the bitcoin seed from

the device without actually having physical control atlas. But the thing is these are all demonstrated in the lab by researchers, and none of these my knowledge I've ever been exploited in the wild. So yeah, in general, the rule is they need physical access to the device in order to get your your key off of it. Yeah. So so then you feel I mean, and you, like I said, you've done some research on this, I've seen seen your work.

But I mean, so you feel that overall, like a basic hardware walle it is probably good enough security for the average person. Um if they and then and then maybe to step it up is then to start trying to figure out how to communicate with their own server. Yeah, I mean, it sort of depends what your goals are.

If you really want, like some people really need, uh you know, privacy, uh, And so just like think about that's one of the big things, like how who do I care if everyone in the if the government or if uh some foreign power or something or like some some like do I care if everyone knows which coins I own? Right, That's like one the first questions you should ask, uh, and if if you if you do really care about that, then you're gonna need to do

a lot more research because it's it's that's parts tough. Uh. But for the average person, if if you don't really care about that, uh, then yeah, just using a harder wall with treads ors website or ledgers app, it's pretty good. And the one caveat is just make sure you have backups of your seed because like most people think, Like when I encounter the Harvard Wall, I thought, Okay, I just need to keep track of this harder wallet, and uh, you get into situations we were talking about this earlier

where you need to upgrade the software. It's called firmware on the harder wallet, and uh, this is scary because if if that goes wrong, it can destroy your private key, it can destroy your bitcoins. You need a backup, right, And I think this is this is one of the tough things about uh, Like this is one thing that's a lot of people in neglect. I almost screwed this up the first time I attempted to do a harder wallet.

Just make sure you have backups. You can have like redundant copies of the back up and also hardware walts, you know, in a fire or something that's going to be lost. You can also explore storing these backups and something that might be a little more you know, fire resistant paper or steel or something. But you know, you

don't go to overboard like a lot. I think a lot of people get caught up and try to optimize it so much that, like, you know, they're there, that they try to find some strategy that could like survive World War three, but then they never figured out and so they leave their coins in something that's a lot less optimal. Right, So so yeah, simplicity is the enemy

of security. So you want something that's simple and that like five years down the road, when you forget how it worked, you can still get into it and move the coins. I love that quote. Simplicity is the enemy of security or no, no, complexity is the enemy of security. Sorry I got the wrong. Complexity is the enemy of security.

Simplicity is the the ally of security. Complexity is the enemy of security because if you're overcomplex over your own skill level, you actually do yourself more harm than good. There was a talk that Andreas on top of this did uh that I saw where you basically kind of said the same thing and I said, what's what's the best security protocol? And it's like it depends on you, Like, yeah, you need to have the best one that's that's up

to your technical standards. If you go over, then you put yourself in more risk, right, So I guess that's kind of and that's why I like, I mean, maybe I jumped aground a little bit talking about this like practicing on testing up, but that's where I really like this point of view, like uh, and this is this

is for people who aren't going to store more. But the nice thing about like playing around with some of these things with that with either along you know, you could also use as a normal bitcoint but just very

small amounts. But you can play around until you get to the point where you're like, okay, this is above my head, right, like this is where I can't go further right, and and then like you can just by playing around and sort of reaching it's okay, I can't do much more than this without help, and then you know that's where you can say, okay, well this is

my area I feel comfortable with, right uh. And you can do that by just like practicing playing around with small amounts and see where it starts to get a little sketchy and well you don't understand everything that's going on. Yeah, yeah, well good stuff. I mean, like like you talked about the story, I mean I ran to the same problem. I plugged in a wallet and it needed a firm more update and I couldn't find the backup phrase because of whatever reason. And it was it was a scary situation.

Luckily I got out of it. But it's definitely like a wake up call. We're like, wow, that was a close call. I could have lost everything. I need to do better next time, and hopefully everybody can just stay out of that trouble from the first place. Which you really wanted some kind of a playbook, right, Like imagine like picture yourself in five years, three years, two years, opening up your or whatever, your little treasure box, right and you see this like harder wall. You forget how

it even works or something. These words you don't know what they mean. You really want some instructions or something in there. It's kind of described how to uh, how to uh what to do? You problem is then it would be a would be robber gets that and they know what to do. That's that's also true and everything

has these like tradeouts. I think of it, you know, I kind of think of it sometimes like in the in the old West days or they maybe during the gold rush, right, they would go bury their gold and they'd make a map to it, right, and like the map was like they're private key kind of a thing, right, only they had the map and like that was where the gold was, um and and it's kind of like that, and it's like, well, then where do you keep that map?

And then how secure is that map? Right? And and uh, kind of the same age old problem that we have today a couple hundred years later. And I mean another way to think, Another way I think about this is that, like, you know, if you're really bullish on bitcoin, if you really think it's it's going to work, there's like a number of ways you can bet on it, right, And

one of them is to just buy the asset. But you know, not everyone has a lot of extra capital sitting around to buy it, or to buy more than they have now, like maybe your max out you don't

want to expose yourself more financially. Well, there's other ways you can sort of bet on it too, and I think one of the best ways, but there's two like ways I try to help people bet on At first, like, you know, you can learn to do programming, uh, Like these bitcoin programming skills are going to be massively in demand if the world moves to this is our money. Another way is to just learn, like slowly learn about security.

Right if the war, if private keys become something that everybody sort of understands and interacts with, these these sort of operational security information and security skills are gonna be really useful, uh, And they take time to learn, so you can so you can sort of view this as like an investment, and it actually has a bet on bitcoin, right, like, if if bitcoin does well, you're gonna see a significant

payoff from learning the stuff. Yeah. I mean basically, just like you would put your money in hoping that it's worth more in the future, but like why not put your time in hoping your time is worth more in the future. So exactly, Yeah, either one is a bet on the future. I like that, and they're different bets. Yeah, that's a great point. That will that will wrap it up on, which I think brings us right back to um the kind of things that you're teaching, right, teaching

people to code and teaching people to build applications. So, um, I'll definitely make sure that we link up to that in the show notes for anybody listening. Um. But I just love that, right, Like, yeah, you don't have to just put your money in, put your time in, put your skills in, um, and we can all work to kind of build this thing up together in our own unique ways. Take it slow too. You know a lot

of this stuff. It's like, you know, you look at bitcoin is like this long term project, right, don't don't be in a hurry trying to figure out how to use it, how to you know, how to work with it. It's like I think a lot of times, just take your time. This is like a long project, right, We're not. It's not a race, it's not a sprint. Cool all right, justin well, good stuff. UM. Like I said, I'm gonna link to that stuff down there so people can follow

up on that. And I appreciate your time and teaching us a little bit about security. Thanks a lot, Mark, Take it easy. Hey, if you like this episode of the Market Disruptors podcast, please help us take this to the top of the podcast charts. Just please do me a favor and rate review and subscribe. Taking fifteen seconds to just leave a quick review goes a long way in helping us reach more people and disrupt more markets.

I really you, show you listening and I'll see you next time on the Market Instructor's podcast M