Mike Burr - log

[BT®] A new kind of Custodial (or There is a great, big middle way!)

With crypto wallets, the "custodial" idea gets jeers from all the true believers: It's just like banks! Why even bother!

Why, because custodial has not been outlawed and is a concept that has been around since before we became the species we are. It's only Communism if it's coerced. Would you outlaw custodial crypto services? Ban them? Everyone must figure out Metamask, even someone with end-stage Parkinson's? Even your great grandmother, or a recently-orphaned child (ok, I'm not tryinna get blood on the doorknob.)

I for one do not like handing over my value stores over to someone in a suit, figuratively or literally. The only thing keeping them from running off with it is the threat of jail time, mostly. A bank employee can get fired for doing something inept or maybe slightly unethical, but it doesn't take much for their faux pas to land them in jail. Or has them paying fines to the government for the rest of their lives, like alimony for a spouse you never wanted.

"Do you have a policy about stealing from customers accounts?"

"No." [*We rely entirely on the threat of punishment by the government.]

It is not a great solution. Meatspace is unwieldy and will always be a mess.

For many, Coinbase et al provide peace of mind. Maybe you do know what is required to handle crypto securely and not screw up or get hacked, but you don't quite trust yourself enough and know that, like a hated old bank, Coinbase should more or less have your back for the foreseeable future. Not perfect, but perfect is the enemy of the sufficient.

What if we could handle all this stuff without the need too trust people and institutions? Isn't that what smart contracts are all about?

It sure seems like it wouldn't be too hard to come up with a system (procedures, software, cryptography...) to allow a crypto user to rest eaiser knowing that there are trustless and well-considered blockchain EVM code solutions to the problem of "where to I put all this cash?!"

Such a system is likely not a money maker idea in the medium term, any more than the authors of HTTP struck it rich (well, they all were probably independently successful in their own ways, but HTTP Inc was the regular kind of unicorn: non-existant.)

And such a system should be as simple as possible (but no simpler!) for a few reasons:

  • It should be auditable by experts, hopefully requiring fairly wide-spread expertice.
  • It should be explainable to a 5 year old, for real this time. A user putting their whole future life's security into "some system" should have an instinctual feel for how it all works. Any misaligned incentives should be apparent to anyone competent enough to use the system.
  • A well, tested, rigorous, minimal implementation is the best foundation on which to build more complex systems.

Idle thinking...

If a majority of participants are assumed to be honest, then you might be able to use something as simple as a multi-sig wallet. Everybody has a real key to a real wallet, but it's a wallet that probably has little to no value "in" it. Its purpose is to participate in the custodial system you're a part of.

Your life savings is in a contract controlled by your wallet and a few others.

If you "electronically" request a withdrawl, other key holders are allowed to poke and prod you in meatspace to make sure, on a human level, that you are of sound mind and you are also who you claim to be.

This could include a voice conversation, emails, etc. If the two parties talking are complete strangers, this might not add any value. You have no way of knowing what the withdrawal requester's paternal grandmother's maiden name actually is.

If this contract (and/or system) is for use within a community that has enough interconnectedness (family, church, neighborhood... county[??]) then it might work without much more fanciness.

Sarah, I have been chosen to confirm a withdrawal request from you. So, as you know, I need to contact you and confirm some things to ensure you're really making the withdrawal and you are no doing something you'll regret [as you voluntarily entered into this system].

Depending on the transaction being attempted, Sarah might get several such emails, phone calls, faxes, telegrams. When N% of the signers turn their key indicating approval, Sarah's transaction gets executed.

There's not a lot new here, granted. But a little bit of refining of the process would probably go a long way, I think. It's not perfect, but nor are is BoA!

What's different about Sarah's key is that it no longer has evil powers like an ancient ring. It can be lost, or even compromised and hopefully Sarah can pull through.

Banks and ilk try to mechanism this. "We can't confirm your identity in the normal human way, so instead we are going to create a big, secure house of cards to protect your account. It's brilliant: We'll ask you to choose some totally universal questions from a list of questions carefully considered for possible ambiguity!"

What could go wrong indeed. There are infinite variation on that idea that are all horrible and all meet the rigor of the SEC's lengthy guidelines.

My point being that what you are trying to and (I'm thinking) must replace is a pretty low bar. People lose their money for all kinds of stupid reasons. The new net always has holes as big or bigger than the previous net.

Speaking of Banks, such a contract could have a sort of FDIC -- Fantastic Deposit Insurance Contract. If some transaction falls through the cracks and gets approved, even though it was from a stolen wallet, a mechanism can exist for a group of key-holders to "file a claim".

- 1 toast