Bridging The Gap Between Wallet Security And Ease-Of-Use With Arianna Simpson

In the latest Epicenter Bitcoin episode, Brian Fabian Crain and Sebastien Couture were joined by Arianna Simpson, an Account Specialist at BitGo. A pioneer in multi-signature hierarchical deterministic wallets, BitGo develops enterprise-grade software, which it describes as "The World's Most Secure Wallet.” Their web-based multi-sig wallet is also available for free for individuals.

Arianna says she "fell into Bitcoin" about a year and a half ago and was hooked when she read Satoshi's white paper. While still working at Facebook as an account manager, she began writing about Bitcoin on her personal blog, for Business Insider and CoinDesk. In August of 2014, she moved into the industry full time and relocated to San Francisco to become BitGo's third employee.

The Usability/Security Trade-Off

Keeping bitcoins in cold storage has long been considered a best practice from a security perspective. Paper wallets, encrypted private keys and offline wallets like Armory have been used by individuals and companies to safely store bitcoins.

However, these security precautions come with important trade-offs. Holding bitcoins in cold storage makes day-to-day usage difficult and doesn't scale. Recently, a number of companies have started introducing multi-signature wallets as a promising new solution, which can provide both strong security and ease-of-use. BitGo is a pioneer in this field.

Enter Multi-Signature Wallets

By eliminating single points of failure multi-signature wallets solve an important problem. The protocol implementation of multi-sig wallets, introduced in BIP 16, allows for up to 15 keys to be created and for a subset of those keys to sign transactions.

BitGo leverages P2SH by requiring that 2-out-of-3 keys sign transactions. One key is held by BitGo and the two remaining keys are held by the user. One is their personal key, the other, an encrypted backup key, which BitGo recommends be printed and stored in one or several safe places.

“Multi-sig has a revolutionary impact on storage. It reduces the probability of hacks and user error. That's core to making Bitcoin more usable.”

With this key scheme, funds may be unlocked even if the user's personal key is lost, using both BitGo's key and the user's backup key. In the unlikely event that BitGo disappeared or went out of business, there is an open-source recovery tool that would allow the user to retrieve his funds with their personal and backup key.

BitGo’s Multi-Sig Architechture

- BitGos Multi-Sig Architechture

Arianna clarifies that BitGo does not hold customer funds, an important distinction from other wallet providers that could steal users funds and could also be considered financial institutions by regulators.

“We're really a software provider. We're building the technology to allow individuals and companies to hold and transact with their coins but we are never responsible for those coins. We're not holding them.