Bitcoin’s Latest Security Challenge: Simplicity

Related articles


It’s only been 13 years since the “Mayflower moment” of Bitcoin (BTC), when a small handful of intrepid travelers chose to turn their backs on the Fiat Empire and head to a new land of financial independence. But, while it took 150 years for American settlers to grow into sufficient numbers to shake off the yoke of an unrepresentative government, the Republic of Bitcoin went from pilgrims to revolutionary army in just over a decade.

What kind of people are these new Bitcoiners? How do their character, demographics, and technical knowledge differ from early adopters? Is the “Bitcoin Generation” prepared enough to protect their investment against current and future security threats? And, more importantly, what are the challenges that the rapidly growing community must urgently address to ensure the success of our revolution?

Demographic diversification

Who are today’s Bitcoiners? Although we don’t know precisely, we can see some high level trends.

These changes can be mapped in several ways. First, there is non-empirical but still valuable anecdotal evidence, such as greater diversity among industry event attendees and more women in leadership positions in the industry.

Related: 10 women who used crypto to make a difference in 2021

Then there is publicly available data, such as the number of companies holding Bitcoin on their balance sheet. Years ago, pioneers like MicroStrategy would have been mocked. Today, a growing number of public and private companies (as well as countries) hold some of their cash in Bitcoin, and a wave of miners has gone public.

More importantly, available data on individuals shows that old stereotypes are also rapidly changing. In the UK, for example, the proportion of investors over the age of 55 holding cryptos increased from just 7% to 22% between 2019 and 2020. Similarly, recent consumer research conducted by Gemini found that more than half of “crypto-curious” consumers are women and among them, a quarter are over 55 years old.

Of course, Bitcoin adoption has some room for growth before it matches the demographic diversity of the wider population, but it’s clear that today’s investors are very different from the “Mayflower Generation” of Bitcoin. While this is welcome, it also means that their technical sophistication – including their security awareness and skills – is much more mixed. The big question is: are they prepared for the threats they face?

Change threats?

The colonial rebels were lucky in their choice of enemy: a divided government led by a king some 3,000 miles across the ocean. In today’s digital world, we are used to threats that are much more diverse, insidious and fast-moving than heavy-handed national parliaments. Yet, in my last survey of 1,600 Bitcoiners, the second most cited threat was government seizure.

It’s easy to see why more than a quarter of respondents think this is the case. On the one hand, there are the high-profile crypto crackdowns in jurisdictions like China. The United States also confiscated citizen assets such as gold during the Great Depression. The risk of government seizure is more than just theoretical.

But, as I often point out – and as several respondents agreed – the most significant threat to users’ Bitcoin is actually accidental loss. Even so, the risk landscape for Bitcoin is significantly more complex than other forms of digital security, Bitcoiners must contend with governments as well as their own oblivion.

Related: Lost Bitcoin may be a ‘gift’, but is it hindering adoption?

While it’s true that the security landscape is complex, the real threat to user coins (and its solution) is actually quite simple and can be described in one word: usability.

Simplify Security

This security challenge solution was neatly summed up in a recent Reddit post:

“People who use the internet aren’t ‘internet enthusiasts’, they don’t care to learn more about the technology, they just want to use the internet in an easy and seamless way. When crypto goes mainstream, this will be exactly the same as 99.9% of all users.”

For early Bitcoin pilgrims, simplicity was never an issue – they embraced digital asset security best practices like self-custody and multi-signature security from the start. Now we have a much more diverse array of Bitcoiners, a much smaller proportion of whom know how to protect their coins, even if they understand the threats they face.

Related: Discourage adoption? Balancing security and innovation in cryptography

I don’t need to spell out what that means: more people will put their investment at risk by holding their coins in exchange or adopting relaxed security practices such as storing passwords and key phrases online. These threaten individuals’ investment, of course, but what is even more worrying is what large-scale losses – whether by theft, confiscation or accident – would do to trust and participation in the revolution.

This is despite the fact that self-guard combined with multisig is the most effective way to protect against every conceivable risk, from malicious attacks to distraction. The technology exists and has been proven. The only problem is making it easy and intuitive to use for every Bitcoiner.

There is a disconnect between Bitcoin’s central tenets of decentralization, self-sovereignty, and user education with how our industry helps people achieve them. Users who don’t hold their keys don’t own their Bitcoin, but users are encouraged to cede control of their Bitcoin, causing coins to be concentrated in a few exchanges and susceptible to attack.

The answer is clearly that the industry puts a lot more effort into educating users, right? Well, yes and no. In terms of general principles – about the importance of self-custody and why you should secure your Bitcoin as if it were an order of magnitude above the current market valuation – there is certainly a lot more to do.

Related: Mass adoption of blockchain technology is possible and education is key

But why make the specifics of protecting your Bitcoin something you have to learn? Every digital security expert knows that humans are the weakest link in any chain and that the more complex the security systems, the more they are ignored.

So, the real question is not whether new Bitcoin users are skilled enough to protect themselves from the threats they face. Rather, we should be wondering when our industry will do what it should have done from its inception and make multisig self-custody so simple, frictionless, and intuitive that there is no learning curve. Answer this riddle, and we will have saved the revolution for every generation to come.

This article does not contain investment advice or recommendations. Every investment and trading move involves risk, and readers should conduct their own research when making a decision.

The views, thoughts and opinions expressed herein are those of the author alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Jameson Lopp actively building in the bitcoin space since 2015 and has become one of the most respected voices in the bitcoin developer community. He was previously an engineer at BitGo, developing its high-quality multisig custody service before joining Casa, a company providing secure wallets and plug-in-play infrastructure solutions for Bitcoin.