Bitcoin’s last security challenge: Simplicity
It’s been just 13 years since Bitcoin’s (BTC) “Mayflower moment,” when a tiny handful of intrepid travelers chose to turn their back on the Fiat Empire and strike out to a new land of financial self-sovereignty. But, whereas it took 150 years for the American colonists to grow sufficient in number to throw off the yoke of unrepresentative government, the Republic of Bitcoin has gone from Pilgrims to Revolutionary Army in little over a decade.
What sort of people are these new Bitcoiners? How do their character, demographics and technical knowledge differ from earlier adopters? Is “Generation Bitcoin” sufficiently prepared to protect their investment against current and future security threats? And, most importantly, what are the challenges that the rapidly growing community must urgently address to secure the success of our revolution?
Who are today’s Bitcoiners? While we don’t know precisely, we can see some high-level trends.
These changes can be charted in a number of ways. First, there’s unempirical but still valuable anecdotal evidence such as more diversity among attendees at industry events and more women in senior industry roles.
Then, there’s publicly available data, such as the number of corporations holding Bitcoin on their balance sheet. Years ago, pioneers like MicroStrategy would have been mocked. Today, a growing range of public and private businesses (as well as countries) hold part of their treasuries in Bitcoin, and a wave of miners have gone public.
Most importantly, the available data on private individuals shows that the old stereotypes are also changing fast. In the United Kingdom, for example, the proportion of investors over 55 holding crypto jumped from just 7 to 22 percent between 2019 and 2020. Similarly, recent consumer research by Gemini found that over half of “crypto-curious” consumers are women and among these, a quarter are over 55.
Sure, Bitcoin adoption has some room to grow before it will match the demographic diversity of the wider population but it’s clear that today’s investors are vastly different from Bitcoin’s “Mayflower Generation.” While that’s to be welcomed, it also means that their technical sophistication — including their security consciousness and skills — is much more mixed. The big question is: Are they prepared for the threats they face?
The colonial rebels were lucky in their choice of enemy: A divided government headed by a king some 3,000 miles across the ocean. In today’s digital world, we are used to much more diverse, insidious and fast-moving threats than lumbering national parliaments. Yet, in my most recently conducted poll of 1,600 Bitcoiners, the second most-cited threat was government seizure.
It’s easy to see why more than a quarter of respondents thought this was the case. For one thing, there are the highly publicized crypto crackdowns in jurisdictions like China. The United States has also confiscated citizens’ assets such as gold during the Great Depression. The risk of government seizure is more than simply theoretical.
But, as I often point out — and as a plurality of respondents agreed — the most significant threat to users’ Bitcoin is actually accidental loss. Even so, the risk landscape for Bitcoin is significantly more complex than other forms of digital security, Bitcoiners must contend with governments as well as their own forgetfulness.
While it’s true that the security landscape is complex, the real threat to users’ coins (and its solution) is actually quite simple and can be described in a single word: usability.
Making security simple
This security challenge-solution was perfectly encapsulated in a recent Reddit post:
“People who use the internet are not ‘internet enthusiasts’ they don’t care about learning about the tech, they just want to use the internet in a seamless and easy way. When crypto goes mainstream it’ll be exactly the same as that for 99.9% of all users.”
For Bitcoin’s early pilgrims, simplicity was never an issue — they embraced digital asset security best practices like self-custody and multisignature security from the very beginning. Now, we have a far more diverse array of Bitcoiners, a far smaller proportion of whom know how to keep their coins safe, even if they do understand the threats they face.
I don’t need to spell out what this means: More people will put their investment at risk by keeping their coins on-exchange or adopting relaxed security practices such as storing passwords and seed phrases online. These threaten individuals’ investment, of course, but even more worrying is what large-scale losses — whether through theft, confiscation or accident — would do for confidence and participation in the revolution.
This is in spite of the fact that self-custody combined with multisig is the single most effective way of safeguarding against every conceivable risk from malicious attack to absentmindedness. The technology exists and is proven. The only problem is making it easy and intuitive for every Bitcoiner to use.
There is a disconnect between Bitcoin’s central tenets of decentralization, self-sovereignty and user education with how well our industry is helping people achieve them. Users who don’t hold their keys don’t own their Bitcoin, but users are encouraged to cede control over their Bitcoin, resulting in coins being concentrated in a few exchanges and susceptible to attack.
The answer is clearly for the industry to dedicate much more effort to user education, right? Well, yes and no. In terms of general principles — about the importance of self-custody and why you should secure your Bitcoin like it’s an order of magnitude more than the current market valuation — there’s certainly much more to be done.
But, why make the specifics of protecting your Bitcoin something you have to learn? Every digital security expert knows humans are the weakest link in any chain and the more complex security systems are, the more they are ignored.
So, the real question is not whether Bitcoin’s new adopters are sufficiently skilled to protect themselves from the threats they face. Rather, we should ask when our industry will do what it ought to have done right from its early days, and make multisig self-custody so simple, frictionless and intuitive that there’s no learning curve at all. Answer that riddle, and we’ll have safeguarded the revolution for every generation to come.
This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.
The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.
Jameson Lopp has been actively building in the Bitcoin space since 2015 and has become one of the most respected voices in the Bitcoin developer community. He was previously an engineer at BitGo, developing its high-grade, multisig custody service before joining Casa, a company providing secure wallets and plug-in-play infrastructure solutions for Bitcoin.