#741: Solving The Wrench Attack with Max Guise
A deep dive into BitKey's seedless hardware wallet—how it makes self-custody fast, private, and recoverable while addressing real-world coercion and usability risks.
Key Takeaways
- Onboard in minutes: BitKey offers a seedless 2-of-3 multisig collaborative custody across device, app, and cloud to lower barriers to self-custody.
- On-device verification: Added screen and full on-hardware signing after user feedback, increasing transparency and reducing phishing/coercion risks.
- Robust recovery: Recovery contact, emergency exit kit, and hardened onboarding flows handle lost phones, hardware, interrupted setups, and version mismatches.
- Time-delay vaults: Biometric liveness, configurable delays, and an 'ejection destination' redirect funds after confirmed prolonged theft to mitigate wrench attacks.
- Privacy-first changes: Chaincode delegation and proposed BIP-89 hide wallet descriptors from servers, keeping recovery benefits without leaking balances.
- Engineering realities: Hardware development needs extensive reliability, firmware–app coordination, and testing; launches revealed unexpected uses and viral gifting growth.
Original Source
#741: Solving The Wrench Attack with Max Guise
Visit Source