State of User Sovereignty
We sit down with some wallet legends to talk about the state of sovereignty in the bitcoin self-custody space
MEMBER SINCE 2025
§01 · EVENT BADGES
§02 · TALKS & PANELS
We sit down with some wallet legends to talk about the state of sovereignty in the bitcoin self-custody space
Lloyd, Evan, and likely Adam will also be attending. I still need to flesh out this idea with Lloyd, I will need to write some template code + basic infrastructure for the coding part of the workshop. We've never done this before but I think it is very feasible and would be awesome for participants. I would do some practice run-throughs well ahead of the conference. Phase 1 - Distributed Key Generation Theory - Basics of asymmetric cryptography (private & public key) - Shamir secret sharing (polynomials on whiteboard & discuss as group) - Interaction: get three audience members to shout out (simple) polynomial coefficients - Draw out and go through through Distributed Key Generation with these polynomials on the whiteboard. - At the end, we'll have three verified secret shares that correspond to a group private key (which no one ever learned!) Phase 2 - Let's make a FROST key - Programming! * Will use rust but no prior knowledge. * git clone * Once setup, on a hackmd (or better system if I can come up with one) we get participants to write their name next to an index (list: 1, 2 ...). * We decide on a threshold as a group (choose 2 or 3 so people can go crazy with signing later). * Participants each creates a scalar polynomial in rust! (2-3 LOC), write to disk using tool provided in code template. * Participants convert their scalar polynomial into a point polynomial, pastes into hackmd under their name. (1 LOC) * Participants evaluate their scalar polynomial at indexes (1, 2, ... n_parties), and pastes these evaluations on hackmd. (1 LOC) * Speakers collate these 'keygen shares', and distribute them to the intended recipients. * This could be done between tables through DMs. * E.g. Party 1's evaluation at i=3 goes to Party 3, evaluation at i=4 goes to Party 4. * Each audience participant receives their keygen shares. * They sum them all up to result in their FROST secret share! Phase 3 - Signing! * Introduce the concept of Nonces and how they relate to FROST. * Show signing API (show what we need to achieve signing!) * Show secpfun API to create a secret & public nonce. * Let audience participants pair up and share public nonces among themselves, (via hackmd or DMs)/ * Each participant will sign under a set of nonces with their partner! * Share and aggregate signature shares -> finished signature! * Verify signature * Bonus task -> sign nostr event! ~2 hours. --- Possible additional talk we could do: ### Dark Skippy Talk & Demo Introduction of Bitcoin hardware wallets. Dumbed down refresher on Schnorr signature mathematics (whiteboard or screen). Discuss the types attacks that a malicious signing device can perform. Start with easiest (predetermined private key), progress to tricks (output unrelated public keys), then nonce attacks (nonce-reuse), then introduce exfil attacks. See https://darkskippy.com/taxonomy.html. Introduce Dark Skippy and significance. Explanation of how Dark Skippy works, highlevel description of Pollard's Kangaroo Algorithm. Live Demo: Audience draw seedwords, or speakers generate onscreen. Import seed onto a corrupted SeedSigner (airgapped!1!). Fund wallet with 3 utxos. Run Dark Skippy attacker view onscreen. Sign a 3 input transaction, Broadcast Tx, thank u for the seedwords. <1 hour.