Jan. 11, 2023

CD86: Miniscript with Rob, Vivek, and NVK

The player is loading ...
Citadel Dispatch

support dispatch: https://geyser.fund/project/citadel

EPISODE: 86
BLOCK: 771467
PRICE: 5770 sats per dollar
TOPICS: miniscript, multisig wallets, inheritance planning, corporate treasuries, hardware wallets, tradeoffs
GUESTS: @Rob1Ham, @Seardsalmon, @nvk

twitch: https://twitch.tv/citadeldispatch

youtube: https://www.youtube.com/@citadeldispatch

bitcointv: https://bitcointv.com/video-channels/citadeldispatch/videos

podcast: https://www.podpage.com/citadeldispatch

telegram: https://t.me/citadeldispatch

stream sats to the show: https://www.fountain.fm/

join the chat: https://matrix.to/#/#citadeldispatch:bitcoin.kyoto

Transcript
Unknown:

Good morning, freaks. Happy Bitcoin Wednesday.

It's your host, Odell, here for another CIL dispatch,

the interactive live show focused on

actual Bitcoin and Freedom Tech discussions.

Dispatch has no ads or sponsors.

We're funded by donations from our audience. Huge shout out to

everyone out there who continues to support the show and make it possible.

It's extremely empowering seeing the stats flow in from you all,

not having to rely on sponsors, having the incentives fully aligned,

just here to serve you,

have great conversations with great guests.

The easiest way to support the show is by going to cildispatch.com.

On the bottom of cildispatch.com,

there's a link where you can go to our geyser dot fun page.

You can donate through Bitcoin,

On Chain, or Lightning.

You can attach a message to it.

You can sign in with Twitter if you want a little Twitter badge. There's a whole leaderboard there.

That leaderboard is combined with podcasting 2.0

supporters.

What is podcasting 2.0? Podcasting 2.0

is

the ability to listen to it listen to the podcast while streaming sats to the show, streaming Bitcoin to the show.

You simply install a podcasting 2.0 app like fountain podcasts, echo ln,

podverse.fm,

Breeze Wallet,

search sale dispatch, press that subscribe button. Choose how many sats per minute you think the show is worth, and then as you listen,

it automatically streams sats directly to my node, and those will show up on geyser.fund

as well.

That combined leaderboard is really fucking cool. We have,

at uncle thinks is now number 7 on the leaderboard. He has 500 450,000

sats he's contributed to the show. We have at Auburn Citadel at number 10 at a 174,000

sats. We have rider die freak Chad Farrow at number 17 with 83,000

sats, rider die freak Vake,

a number 18 with 75,000

sats. At godfamilybtc,

number 19

with 70 3,000 sats. Pretty cool seeing people climb the leaderboard. Appreciate you all who continue to support the show. Another way of supporting the show through podcasting 2.0 is something called boostograms.

That's a message, a comment that you can leave

on the episodes and choose

how many sats you want to attach to those messages.

I

will read out the top 4 boostograms from the last show that we had with Dylan LeClaire. I know, Freaks, by the way, that this has been a long week

of dispatches, and we have more lined up too. So I hope you have been enjoying them.

We have at cryosats with 20,000 sats saying, stay humble, stack sats stack sats, stay wise, boost sats. Thank you, freak. We have at apemithrander

with 7,777

saying Dylan clearly getting lost in your eyes a few times during that.

We have at johnbeo with 6,000

Winnie the Pooh version of stack stats. And then we had we have at Sean Dunn with 200 and

at Sean Dunn 206 with 3,333

sats, and he has the cool smiley face,

the sunglasses.

Thank you, Freak, for supporting the show. That rep with Dylan was fun. I've

funny taking financial advice from someone who was born after September 11th, but that's another topic.

Guys, I know it's a bear market. I know it's a recession. If you can't support the show with Sats,

with Bitcoin,

another great way of supporting the show is just subscribing on your favorite platform. It's available on Twitch, Twitter, Rumble, YouTube, Bitcoin TV, every podcast app.

You just search Zillow Dispatch, and you can subscribe, leave a review, share with friends and family. It really does help. And then last but not least, this is a live unedited show with audience participation.

That's what makes it unique.

I like to think that I'm not the only host, that we're all hosts together.

You can join the live chat by

going on Twitch or YouTube or our matrix chats, and all links for all of these things are at syloudispatch.com,

so thank you all.

Nailed that intro considering it's morning and I'm a little bit hungover. So

thank you for for sticking with me through that. With with all this said, I have a great group here, great group of guys,

true friends.

We enjoyed bit devs yesterday together at Bitcoin Park.

We have Vivek here, return guest, multiple time return guest. How's it going, Vivek? It's going well, Matt. Great to be back. Welcome to the studio.

Unknown:

It's fantastic as well as the Bitcoin part.

Unknown:

First time. Right? Yeah.

Unknown:

It's magnificent.

Unknown:

And we have ride or die freak and good friend. First time on the show, Rob Hamilton. How's it going, Rob? Doing well, Matt. How are you? How long have we known each other for?

At least 4 years. Like like, through Twitter? Like, we ramped and stuff. Yeah. We're Internet friends. Yeah. But then we met in person at Bitcoin 20 19 or 2020.

2021? 2021. Yeah. It's the first time we met in person? Actually met in person. Yeah.

Unknown:

Yeah. Bitcoin 2020 didn't exist. You and I that's right. It got canceled. You and I probably were in the same room because I got into Bitcoin at BitDevs. New York. Yeah. I was a New York BitDevs guy, and I started going in 2013.

And through 2013 through, like, 2016 is when I was there all the time, and then I kinda dropped off. Life got busy. That'll always be the best bit devs. If The OG New York bit devs. It's what got me Jay running it. Yeah. It's an amazing it's a true unique experience. And, yeah, it's a it was a magical time. One of my big wins was we got Jay down here to,

Unknown:

give a BitDevs Talk, in September.

And I was like I was like, nobody understands the significance of this. Like, I was like, you think you'd be excited if, like, Michael Sailor comes in? Like, this is this is 10 x that, a 100 x that. This is Nerd Sailor. Yeah. What a great fucking dude.

First time at the park, you guys enjoying

Unknown:

yourself? Yeah. It's an incredible space. Like, you have a multi building compound here with a courtyard. We prefer the term comp campus. Campus. Okay. I got lost on campus several times, Matt.

Unknown:

That's a good sign.

Unknown:

Yeah. The campus is great. To keep exploring. Great coffee shop. You have the, you know, the great open space where we did bid devs last night. There's separate spaces for, like, larger event planning. There's so many nooks and crannies for, like, either taking a call or doing a podcast. This podcast studio is fucking ridiculous. Yeah. We're in a podcast studio, and there's a producer window on the side. Like, this With no producer, by the way, because this is dispatch, so I just do it all myself.

Unknown:

Where are you, Carr?

Need to get Carr to move to,

Nashville? Nashville. Working on it. Yeah. That'd be a big win. But, anyway,

boys, we're talking about,

mini script today.

Rob particularly is obsessed with mini script.

Pretty much every morning over the last, like,

2 months. I just feel like he's just texted me with some other mini script thing that he's wants to talk about.

Unknown:

Guilty.

Unknown:

So I decided that instead of having that conversation every morning, it would be better.

He came on dispatch, and we could all have the conversation together, and then you can listen to it at 2 x,

instead of replying back to the text all the time. So what is Mini Script? Why should we care?

Unknown:

Yeah. I'd I'd even take a step back before we talk about Mini Script. What is Bitcoin script?

So,

Satoshi, when he invented Bitcoin,

he also invented his own programming language, which is Bitcoin script. And it's,

best described if you're a programmer as a reverse Polish 4th like language, which is something from, like, decades old. Like, so you'd be, like, you know, 60 plus years old if you actually use this stuff in production somewhere.

But it's a stack that you would use, like, in a lot of computer, science concepts where you push things in. It's first in, first out,

and

it's how you actually encode a Bitcoin address to be able to spend it. So most people know, a single sig is a pay to public key hash. You have the public key. You have a hash. That's your basic single sig. And then you have multisigs, right, which is using op check multisig where you actually push for 2 of 3, you push the number 2, you push 3 public keys, and then you push op check multisig. And those are kind of like that would encompass most of Bitcoin use today, single sig, multisig.

There's a wide

swath. There's actually

256 opcodes that exist in Bitcoin.

And

a lot of them are legacy deprecated ones. Some of them, if they get executed, they fail. Some of them, if they're even in the script, it'll actually just kill the program. So Bitcoin script is something that's been around since Bitcoin's inception. And given the nature of Bitcoin, you have to always be backwards compatible. So there's a lot of, like, landmines and things people just don't bother touching because

it's too complicated to try and worry about edge cases. And what MiniScript does ultimately is it smooths out those rough edges so you can have much more robust Bitcoin smart contracts on chain, and it doesn't require a soft fork, because we're already using the tools that are in the protocol as is.

Unknown:

And it That soft fork part is really important. No fork required. Yeah. And it makes it more intuitive from, like, a spending condition.

It makes it more intuitive from a spending condition policy perspective

versus more of, like, a a programming language that,

is only fit for the best of best devs who still encounter those footguns. Yeah. And and to emphasize Vik's point,

Unknown:

what MiniScript does is it makes more complicated Bitcoin scripts very accessible for someone who's not very technical to visualize

and read and understand what's happening on the other side. So you don't have to be a wizard at Rust or c plus plus to actually use these more complicated scripts. And,

just actually before we go deeper into many scripts, some fun, Bitcoin factoid trivia. For some of these old opcodes that are floating around, there used to be op version that would actually push whatever current version of the Bitcoin client you were using onto the stack for a transaction, which just guaranteed that you would have a hard fork. Because if I'm running version 1 and VIX running version 2, him and I can't get consensus on what's actually going on. So a lot of opcodes are just sitting there, and there's dead. Like, and they you cannot touch them. Additionally, they used to be multiplication

and division.

That was got forked out back in, like, 2011, and those are, if you touch those opcodes, it will actually fail the script even if it's not part of the active, like, path that you're calling. So there's a lot of, like, roadblocks and things that are put in there. So in in total practice though,

you have, those 256 op codes and, like, 50 of them have actual, like, day to day value that you would mind maybe find a use for. Explain to the freaks what an opcode is. Yeah. So an opcode is basically an instruction,

that allows you to do certain actions. A very simple one we already mentioned was op check multisig. So it takes in a certain number of required signatures,

and it reads in the public keys and then evaluates the signatures and says, okay. Like, have you satisfied this multisig threshold condition?

Another very simple one would be,

op if. If something happens, you know, you execute some code. Otherwise, you execute some other code just like in very simple, like, computer programming.

Other opcodes are things like hash locks that's used in lightning where you

have to reveal a pre image, and this is kind of how the justice transactions work as well. If someone cheats you, you've actually can provably,

you know, revoke that money. That's another op code, And there's a lot of other ones,

but the the very simple just nature of it though is that, there's around 50 that actually have day to day value and use, op if else.

There's certain ones that, do the hash images I mentioned and checking signatures are kind of, like, the basic building blocks of what most people use on a day to day basis. And for, like, the average user,

Unknown:

they're never actually

Unknown:

They're never touching us. They're right. The wallet's handling it. The wallet does all of this under the hood. And,

what you could say so far is that for single sig and, like,

op check multisig, like like, I call legacy multisig, that's very just very you have 2 of 3 or 3 of 5. The wall it's very standardized, and because of that, it just kind of dissolves into the background. The user never have to think twice about this. And what MiniScript does is it takes this whole basket of 256 opcodes and says, okay. We're gonna take 20 of these opcodes, and we're gonna kind of, create a logic around them like Lego bricks so they can click into and interface with each other.

And if you keep it very simple with those primitives, you actually can get really

involved in Nuanced smart contracts.

So you basically have 3 main checks. You have signatures, which we all know and love we use in Bitcoin today. You have hash locks where if I reveal a pre image, I can actually show a hash of something, and if I can satisfy that condition, I pass the check.

And then the final one is a time lock, and the time locks can be either,

block height based or epoch, like, wall time based.

One of the things though, Miniscript checks for this and just in general to know if you combine a block height and a wall time lock in the same thing. If I say block height a1000000

and after January

5th,

2050,

it will fail. You have to pick 1 or the other within a single Bitcoin script. So these are one of, like, the foot gun things that mini script checks for when you're trying to populate a new thing is that you have to pick 1 or the other. You can't use both. If it's greater than 5,000,000, I believe it's block higher. Right? And then if it's under 5,000,000, it's

time stamp. Yeah. So this is one of the interesting quirks is that,

the the time lock opcodes, op, check,

lock time op CLTV, op check lock time verify, and op c s e op sequence verify,

actually

change behavior based on if it's 4 bytes or 5 bytes of code. So if it's a 4 byte, it treats it as a number,

like a block height. And if it's 5 bytes, it actually treats it as,

wall time. And this is, like, very deep in the weeds, but what I'm trying to communicate is that there's all these weird little quirks in how Bitcoin script works. And what mini script does is it dissolves all of those foot guns away, so you can just focus on writing more complicated and involved Bitcoin smart contracts on the base chain in a way that's verifiable,

and you could feel safe and secure interfacing with it. So you don't have to worry about this stuff. Just like today, you don't worry about op check multisig for your multisig. It just works. MiniScript enables that, it just works,

template playing field. So you can do, whatever customization you want within the rules.

Unknown:

Awesome. I mean, before we dive in deeper,

because I assume

there's a bunch of freaks out there that are

very confused right now. Sure.

In practice,

what does this enable for users?

Unknown:

Yeah.

I think

think,

a very simple straightforward example would be a decaying multisig.

Right? So let's say you have a 5 of 5 multisig

Unknown:

and Where you need every key

Unknown:

to sign a transaction. That's right. All 5 key. All 5 keys have to sign. And you can have it so that over either by block height or by, like, time passing by year or every 100000 blocks,

you can do some math and take a look and say, you know what? If the money doesn't move,

I'm actually gonna change it to be a 4 or 5 multisig.

And if it doesn't move for another year, you can make it a 3 or 5 multisig. Right? So this Doesn't case one key is lost, 2 keys are lost. That's exactly right. Right? So you you you can start mapping out contingencies in different ways you can spend your money. Right? And that empowers the user to be able to have more flexibility because when you put money into a Bitcoin address,

you're locked

to the rules that you set up at that time. And this is why it's called, like, pay 2 witness script hash, like, a that's a Segwit script hash. So you take this whole complicated Bitcoin script, and you hash it, and you encode it into a Bitcoin address. With meaning, when you put the money in, you can't change the rules after the fact. So if you can extend the flexibility and kind of the edge cases and how you can interact with your money, it empowers you as an individual to have more control,

for corporate governance situations allows you to have more contingencies to make things that are

much, much lower likelihoods of loss events.

And that's why I think it was, like, the the the the thing to start thinking about

of changing the idea of what it is to have, Bitcoin, you know, in an address. Like, you can change custody models to be much more robust to your own individual needs. And then we have a comment from Zoop in the matrix chat,

Unknown:

which, by the way, Freaks, you can find by going to sidledispatch.com

and clicking that sidled chat button.

He's asking a question based on inheritance planning, which was my is my favorite example of this this idea where you can have an heir,

You can have your your son, his key doesn't activate until a certain number of blocks have passed. Mhmm. So you can make him wait 20 years, and then he his key will work. But until then, he can't spend shit. Yeah. You could do something like that for sure where you can have an air

Unknown:

based on a time lock be able to access money in the far distant future.

But in the short term, you could still spend it if you can move it. Right. You'd still be able to move it. And if you set it up as a relative time lock, each time you move the money, you would reset the timer for 20 days. Yeah. Yeah. So, like, you basically He misbehaves, and you just send the Bitcoin.

You send it to yourself. Now you're waiting another 20 years, buddy. Yeah. Well, that's the interesting thing about relative time locks. It makes a,

dead man switch functionality on chain. Because because you because you're actually being able to update

when the so there's 2 kinds of time locks. There's absolute time locks, meaning after one day or, you know, one day, that's act like, after block height a1000000. That's an absolute time lock. So if it's before block 1,000,000, you can't spend the money. If it's after, you can spend the money. Right. A relative time lock says a 1,000 blocks.

So I can do a 1,000 blocks when money enters into that address.

So that makes your own custom dead man switch you can use for any kind of scenario that you wanna plan for. And additionally because if you're alive, you just reset. You do a self send. And this is actually my personal theory on how we're gonna start, ending 1 Saff or Vbyte. We're gonna start having a bunch of people with dead man switches moving money around. It's actually gonna start bringing fee market utility to to Bitcoin.

Unknown:

I still have pie on my face from saying that

if if the mempool mempools wouldn't clear again, so I'm just gonna

Unknown:

not say anything. But this I'm I'm giving you a chance to salve to salvage your reputation on that. Yeah. The mempool clearing. Yeah. So relative time locks are really interesting and especially for inheritance planning. You can create these dead man switches,

and you can have this stuff

like,

I would I wanna give a shout out to the, Bitcoin DevKit team. If you actually go to Bitcoin DevKit, they have something called the playground,

and it does this visualization of the LEGO bricks you can actually build into mini script code. And it's a really strong tool to start thinking around. And, I have Oh, that's what this freak posted.

Unknown:

Yeah. Zoop zooppostdbk

Unknown:

playground. Yeah. No. Yeah. And so, I know this is an audio only podcast, but I'll show you after the fact. And, actually, if you go to my Twitter,

I have my pinned tweet. I go through this, and I have visuals of how I took a policy from the BDK Playground

and turned that into mini script code on chain, and I used my ledger hardware wallets to actually sign it. The whole end to end experience. So

this is where,

I think a lot of more involved custody scenarios are gonna be moving towards is the mini is is a mini script model because it just adds much more flavor and control that's customized to your needs. I I think the process of you discovering mini script is also really cool how I wanted to touch on that Yeah. Because,

Unknown:

you know, you came to me, I wanna say, around, like, Thanksgiving

and, you know, you could talk about Anchor Watch for a second, why you needed to maybe potentially write custom script.

Unknown:

Yeah. So the the idea so,

in March of last year, I I cofounded a company called AnchorWatch that's working on insurance solutions for Bitcoin.

And when you're starting to deal with large,

large amounts of, like, corporate money,

you wanna have a lot more contingency planning. And if you actually can mitigate risk, it actually translates to more affordable premiums. Right? So I came to you, Vik, saying, like,

I've messed around with a little bit of programming in Bitcoin script.

I've definitely locked coins on test net not understanding what I was doing. But, like, what would be my best path to starting to go down doing these more robust, like, contracts on chain? And he said, don't reinvent the wheel. Just check out MiniScript.

And so

I took that, basically, Thanksgiving week,

started going through all of the written material that was there, all of the interviews and podcasts that had discussed it previously.

I actually really strongly recommend and huge shout out to Andrew Polstra.

If you go to,

YouTube and type in Andrew Polstra, London BitDevs, he does a 2 hour and 10 minute talk. The first 45 minutes is just, like, this cathartic scream about how annoying Bitcoin script is and all these foot guns. And then after that, he spends the next, like, hour and 15 minutes just talking about all of the opportunities with ManyScript. And I started really quickly saying, like, okay. This is not,

this is this is so far, like, you know, hitting all of the things I'm looking for.

Is it live code that functions though? It didn't require soft fork, which was a huge win. And then looking at the Bitcoin DevKit, like, team, they have a lot of these, like, libraries out of the box that does the compilation, which we haven't talked about policy versus output descriptors. We can jump into that,

But it starts white gloving all these pieces, and you can start using this to make this all work today in production.

So it's it's not something that's very abstract. And that's what and Andrew started this, I think, in 2017 end of 2017 or early 2018.

Or was it 2018? 2018. I remember, like Okay. Sank it

Unknown:

being, like, introduced,

on, like, a what Bitcoin did podcast while Peter was talking to Peter Wella.

Like, he, like, snuck in there, and that's when, like, they originally mentioned it or something. But

I I think it's really cool because,

like you said, no soft work required. Anyone, literally me or you, can go play at a BDK Playground. I think they have Elephant now, and it was formally even earlier work from Alakos and Steve Myers. Alakos had something called magical Bitcoin wallet, which was really good. You could think of it, like, for the audience, it's like a MIT scratch sort of thing. You don't have any programming experience. It's just like drag and drop.

If this,

then that, like, 3 blocks. It's very

simple.

Keep it stupid simple. But, yeah, it it was really

it it just expanded because we can

create whatever our policy is, whatever we wanna have the conditions

for spending from that key.

And then after that, it'll then turn

whatever based on those conditions into script, and that script can then be used in our transactions.

So it's a game changer. Absolutely. Yeah. So this is,

Unknown:

all of what you said is right. And I,

like, I I think what's gonna be really happening over the next, like, year or 2 is kind of a I saw someone describe it online, like a Cambrian explosion of, like, Bitcoin use cases that people hadn't really tried to approach before. Because this just extends the this extends the functionality of layer 1 Bitcoin in a way that I think is very synergistic with layers 2 and beyond. Because we're extending the programmability and utility of layer 1. You're gonna be able to start anchoring these things into other use cases that people are working on, and it just gives us much more granular control. And And I think it's just a really powerful programming primitive.

Unknown:

And and I guess it's been out for a while, but it has been used by,

people, like, for example, Block Stream.

The brilliant engineers that wrote MiniScript itself,

tried to figure out how to do a liquid federation multisig using MiniScript versus what they did in hand. They actually ended up saving,

on the transaction size, therefore, fees. I think it's been used in Bolt 3 and HTLC stuff, I believe, from Connor

Unknown:

previously at Lightning Labs. Yeah. So they didn't actually I think did they fully push it to prod? I just know that the mini script compiler, the way it works and let's just take a step back for a moment and talk about what is a policy versus, like, the output descriptor mini script. So a policy

is kinda what we're talking about this plain

English language formation of,

the certain spending rules you're trying to do with and, or this key, this hash, this time lock,

and,

all of that

stuff is written in very plain English. And from there, there's a compiler that will actually turn it into a mini script output descriptor. And so for output descriptors, it's kind of the new format that everyone's using for addresses that encode

single SEG addresses, multi SEG addresses, including,

mini script output descriptors.

And,

it

allows you to,

and very much in plain English, start optimizing

all of these different branches. So a very interesting thing is if you're having different conditions like an or branch, like, I can spend either the coins, a or b,

You need to understand the probabilities that each outcome is gonna happen, and because you wanna understand

the one that's gonna most likely happen most often, you probably wanna put that one first,

because,

you know, you you have to push all of this data,

when you're actually doing a transaction.

So you can start optimizing the whole overall transaction size based on what outcome is more likely to happen than not.

And,

I think I was I was rewatching,

pollsters talk on this. He said that, like, they save 7 bytes

for lightning HTLCs if they use the mini script compiler because it just does all of the rules in a much more concise way. And this is where I think, like and and liquid too, like, saves, like, a byte. Like, there's a lot of thing and people who put, like, hundreds of man hours into trying to optimize this stuff, and the compiler just automatically is able to do it more efficiently because it's taking very simple rules and just rolling them up into, you know, the optimization. And it could actually help on the other side of the range to where,

Unknown:

sometimes your transaction might be too big and be nonstandard. Therefore, it wouldn't be relayed. Right? Mhmm.

Unknown:

Yeah.

This in in my like, let us know if you have questions you wanna jump in. Like, this this starts bringing into other things because, like, transaction malleability

is a thing.

It it never went away. Right? So as a recap,

in 2,017,

one of the big trade offs well, one of the big, opportunities with enabling Segwit is we ended transaction malleability. So what could happen is that a miner could add data arbitrary data to a Bitcoin transaction, and it would change the transaction ID. And when you did that, it broke some wallets, and

it's a part of the reason why Mt. Gox claims that they lost their they got they got hacked the way they did because the transaction IDs changed and all that. Bullshit, though. Right? That yeah. I'm I'm not I'm just saying that was one of the things they point pointed to saying that this is why we lost money,

but

I would I would put in the bullshit category. Yeah. And so

what happens though is that with Segwit, you actually remove the witness data,

segregated witness. You remove the witness data outside the transaction. So now a transaction ID, what's broadcasted can't be changed, but the witness

is sitting outside the transaction unsigned.

And what happens now is that you actually have to manage this witness when you're using these, arbitrary

length and style of Bitcoin codes in a way to make sure that miners can't malleate and actually influence,

unintended spend paths. And the most straightforward way you could think about this is, let's just say, I had a very let's say, I I I made a mini script contract that had no signatures. It was time locks and hash locks. Well, the second I broadcast my transaction to get my money, a miner could see the pre image to all my hashes, and then they can go try and front run me and try and steal my money. Right? So there's certain malleability checks and sanity checks that many scripts encourages to make sure that, you know,

when you're signing and you're kind of broadcasting transactions, you're doing it in a way that minimizes your attack surface area for a minor to alter stuff. Now,

the way it all works though, if you're including signatures, which almost everyone is, you shouldn't have this issue with someone being able to operate that stuff. But these are just the things to start thinking about because minors can also start pushing arbitrary data into your witness to make your transaction look larger

than you intended. So you can kinda get bumped out of the, you know, the mempool of your transaction if you're not paying enough sats for VBite.

Unknown:

And, like,

Andrew Polster talks about this at the London, Bitcoin meetup like you said. He explains how,

you know,

when you're pushing things onto the stack,

you pushing, like, just 10, or is it multiple zeros? And, like, the Boolean operations,

whether it evaluates true or false depending on what data you're pushing up there, there there is still malleability, and I was completely unaware of that. Yeah. Well, so it's actually funny.

Unknown:

Op bull and an op bull or,

they have bull in their name, but they actually take numbers, not bullions. And that was the one thing that SIPA didn't even know until they went deep in the weeds that, like, wait a second. Like, this is, like, we're talking about, like, data type architecture for the Bitcoin stack language, like Bitcoin script. But it's all of these, like, interesting little, like, side cases that miniscript just buffs out all of those rough edges and makes it kinda work out of the box.

Unknown:

Yep. There there's a lot of random foot guns there that, like I said,

or like we said, even

CIPA

or Polestra,

The people who, like, work on Mini Script itself,

were unaware of. Yeah. They were Everyone has their own,

things they are not happy about.

I think

Andrew doesn't like,

was it

Unknown:

code separator or something? Oh, code separator. So that's a that's a legacy opcode because you they originally wanted to have functionality where I could delegate a key to someone else to do operations for my Bitcoin address,

like my Bitcoin. Right. And they never actually went through with it, but they put it in the opcode. And since in in the stack, like, has to stay there forever for consensus. So it's just kinda sitting there

with, like, no real functionality, and it's just, like, you can't like, to remove it would be a fork. So it's just kind of, like, stuck, like, frozen ice. It'd be a soft fork, yeah, to change that.

Unknown:

And then we we have 11 no ops, and I guess the CSV and c t CLTV are 2 of those 11. And that's what we kinda propose when people want new op codes. Yeah. They're budgeted kind of, like, in reserve. Like, we're not using this at the moment. And then it allows you to do soft forks, add functionality

Unknown:

without having to actually remove any of the old opcodes and cause, like, some sort of consensus change.

Unknown:

Yeah.

Unknown:

I,

one other thing too just from a mental model standpoint, we always talk about, like,

you have a 3 of 5 multisig, a 2 of 3 multisig. You actually in manuscript, you're they're called thresholds. Right? You can have a threshold of 3 conditions. Those conditions, some of them can be time locks, which is really interesting. You can have

a 2 of 3 policy

where it's 2 keys and a time lock, which is why we're talking more about, like, with the decaying multisig. So it could become a one of 3 after x amount of blocks, and it all just very neatly compacts itself in a very usable way.

And it kinda actually brings it to the next point of, like,

signing devices. Right? Hardware wallets and, like, their support for this. Today, there's 2

wallets out of the box that support this, Specter DIY

and Ledger.

And Ledger just pushed the test app,

the test net version of this app,

like, 2 days ago. So you can actually go if you have a if you have a Ledger Nano, Nano s, Ledger Nano X, you can, s plus. You can

you can go to Ledger Live, up download this and actually start messing around with the MiniScript code as Don't they have a Mainnet version too? They actually,

did have a mainnet version, and they rolled it back.

Oh, so there's no mainnet version right now? I actually have a ledger here that He has more than 1 ledger there. He he has about 10 ledgers in All different colors and everything. Yeah. So a couple of mine, I actually updated and I refuse to roll it back so I can use mainnet mini script. So I have a couple ledger ledgers at the moment that can do it on mainnet, but,

Ledger had to roll back

the version that included Mini Script at the moment. Do we know why? What was the issue? Or

so looking at the Did you lose all your money? I didn't lose any money. And

so,

I'm actually pulling up the Ledger Discord. Sal, who does great work over at Ledger on the Bitcoin app, basically said that there were some

concerns with the Ledger Nano X unrelated to MiniScript. It was,

it was related to, like, some firmware updates, and they were just being, like, out of an abundance of caution. Because this was a big update in general. Right? They switched to output descriptors or It was a very big update. They removed the legacy API hooks, And,

because of that,

they were moving the output descriptors. And if you had any website that used Ledger,

and you didn't catch the update, like, your website broke functionality. And to be clear, it's not like you lost money. Your your keys are still safe. It was just from a user interface standpoint, the functionality broke. Right. Yeah.

You just weren't able to connect it. Right? Yeah. You wouldn't be able to connect it. Like, you still had all of your keys and everything, but you would have to use a website that had updated code for the output descriptor format.

Yeah. Which kind of brings it into the output descriptors

tie in really nicely. So, Specter DIY supports, Mini Scripts, and Ledger does today.

And

Ledger actually, the team at Ledger sound crew have a proposed BIP for how to what they call register

wallets

because you have these very complicated

and kind of unrestricted in the sense that, like, there isn't one way to do a certain mini script vault,

a way of actually authenticating on a hardware wallet.

How,

Unknown:

how have a surprise,

Unknown:

window appearance. And it is jumping outside of our window right now. He heard us being miniscript. He said he's gonna add miniscript tomorrow.

Unknown:

He's gonna come flying through the window. Why doesn't Coldcard have mini script yet? So that's a good question.

Having talked to NVK,

it's something that

they

it's it involves a lot of code changes and how they use multisync today. Yeah. I think they they take, like, a market approach to things. So,

Unknown:

like, he wants to validate that there is demand for that probably before adding it, and,

I think the man has just entered the building.

Unknown:

Yeah. I think he heard us say the word mini script sold card. We need a balance to the shilling. Right?

Unknown:

Wait. Am I on the splits or not? Come here. Yeah. Get over here. Come sit down.

Unknown:

We got Rodolfo in the studio. Hello? Yeah. Make sure you hold the close to your mouth.

Unknown:

Yeah. It's

no. We're not picking you up. Here. No. Take take okay.

Unknown:

So we are just going through

Bitcoin script, mini script. We were just starting to talk about signing devices and hardware wallets that support it,

and, we were just talking about how,

SpecterDIY

and Ledger are the 2 that are supporting it today, and Ledger has a BIP proposed on how you interface with it. And then,

the question came up. Matt asked, why isn't this on the cold card? And then you started jumping outside the window. So I think you have the room bug. Adding it tomorrow. Yeah. Because that's good, though. It's good timing. I just brought up my barbecue. I asked the question after I saw your face jumping up and down.

Unknown:

Let's focus on the barbecue.

So okay. So, like, you know, it's there's a lot of things that

everybody wants

on wallets.

For example, bit 1 49, BSMS

to set up a quarms for multisig.

I mean, forming

my need for mini scripts from,

from output descriptors,

and the adoption is abysmal.

So,

you know,

if people can't adopt at least,

output descriptors,

I think mini scripts are gonna happen. It's fantastic

tack, but

Unknown:

it might just take a while. That's right. I just wanna let you know the BIP you wrote is BIP 129, not BIP 149.

Unknown:

So I'm just And and

Unknown:

So they'll dispatch those live fact checking. There you go. Don't trust their data. We kick the the ball back to you. I guess, it's on you to get a mini script adoption via Anchor Watch.

Unknown:

Well,

so You know, make a PR. I I can make a PR. The classic. I

I I I may start just jumping in into micropython and updating the code, but that's a that's a very daunting task.

But I I will say

there,

like,

there are user experience things that need to be considered. Right? If you're if you're taking arbitrary

arbitrarily complex and involved,

code, there isn't, like, a standard template like there is for a multisig or a legacy single sig.

They like, you wanna make sure that users understand with full knowledge and consent when they're putting money in and when they're taking money out that they're not getting, like, attacked or anyone's messing with their stuff. Like, in a perfect example, this is for multisig. Someone can try and swap your change addresses. Right? And the cold card has great tooling on making sure, like, hey. Like, I don't recognize this change address. Like, don't spend it. Those are all kind of pieces of tooling that need to be figured out for how this works with mini script because it's that same problem, but compoundingly more, you know, compounding. That's the thing. Like, when you get into the complexity of MiniScripts and what people wanna do with it,

Unknown:

I think people are kinda in for a rude awakening.

You know?

We we barely have multisig

done

well. Mhmm.

Right?

And then we're about to change it all with music too. Yeah. Exactly. So, like, you know, I I love the the Taproot stuff. I love all these things.

I mean

but these are these are money losing

possible changes, right, to cold basis. Like and and they have intense, intense complexity. So,

I still telling people to, like, use single sega pass phrase,

and and all, like, going going from that to multisig

and then going from multisig,

to Schnorr

to then go to complex Moosig,

Unknown:

I think we're few years away from from that still. Yeah. I think the different signature schemes are slightly separate from

MiniScript in the sense that MiniScript is just code that's sitting there already. Like, we're not there isn't a fork required. It's just using different opcodes in different formats,

and most of the heavy lifting is actually done by the PSBT finalizer.

Right? What's most important is the sign the PSBT signing function.

So,

you can actually abstract a lot of, like, the crazy edge case, like, constructing a transaction witness from PSBTs Yeah. But how do software. But how do I keep cold card from being vulnerable to a grifting attack? Grifting attack being someone swaps out, like Swaps out the change address or or sends it to a derivation path,

Unknown:

you know, that it's, like,

infinite

sort of lost

or,

I I just I don't know. Right? And and remember, like,

we are very sort of limited in memory and and, like, complexity on on the hardware side. Not with the mark 4 anymore. Right? Well, it doesn't

Unknown:

I mean, yeah, this could be something be able to even fish snore Yeah. Exactly. On the mark 3.

Unknown:

You're deleting spaces. Right? Yeah. Exactly. No. Mark 4 does, give us a little bit more room.

Unknown:

Yeah. So the Ledger Nano s, I'm not sure how that compares to, like, the mark 4

Unknown:

on Well, they they have way less memory, but what they do is they they they require a computer to do a lot of stuff, so they stream

the actual application back and forth. I'm not, like, 100% familiar how they're doing now because they changed a bunch of stuff.

Unknown:

I think they actually broke some multisystem. So sorry for the freaks because this is audio only. I'm actually handing Rodolfo,

a Nano s plus that has mini script flash on it and right now going through how they go through registering a policy. And the way the way Ledger does this This is completely

ludicrous to do this. Look at this. It just It's a button, but it so it's a lot of button clicks. So this goes to Not just that. I mean, it's like a bunch of gibberish. Yeah. So not human legible. No. Yeah. So it that's the output descriptor. I know. But, like Yeah. I'm just explaining. Like so the way Ledger is tackling this is it presents the output descriptor on screen, and it presents all of the keys, all of the XPUBs

in the quorum, and then you,

verify that you're assigning it, it takes a hash of that whole policy,

and then that signature that you present is how you ever interact with that wallet ever again. So you're checking that against what's on the complex characters here. Like, what's this is very confusing. Yeah. There is upside down,

Unknown:

question marks here.

Unknown:

Let me look at that. The oh, yeah. That's Spanish. It's not upside down question mark. It's just a small screen. You have to look a little bit closer. You see, like, this is what I'm saying. Like, this is completely ludicrous. It's a parent it's a parenthesis

parenthesis and a comma. Yeah. So this is

Unknown:

Get it right, MBK. No. This is exactly my point. Right? Like,

Unknown:

listen, we want the users to verify stuff, but if the stuff we're showing for them to verify is so complex that they can't actually verify it, they're gonna have a false sense of security and send money to the infinite. So this is kind of the tooling that I'm working on building right now is you can take that output descriptor, and it would just make a visual graph of the transaction spending condition. So you can look and see on a screen, and ideally someone else would also have it written. So you wouldn't be just trusting my code, but you can take different policy visual How do I trust a computer doing that? Right? So because the the idea

Unknown:

is that the harder see,

we were trying to

and maybe that's why it's a better place to sort of back a little bit on this is that we were trying to have users check stuff on cold card, but it's kind of unrealistic, right, for change outputs and things like that. So we actually don't do that.

We check

and we say, hey, you control this change output, and you don't control this change output. Right? Mhmm. Because if you just show an address, they're not gonna actually know if it's their change address or not. Yeah. Like, it's False sense of security. Yeah. And exactly. Right? I I I really sort of trying to steer

the market

away from false sense of security because I feel like that causes people to lose more money than even bad security. And then the It seems like a completely different flow. Right? I feel like cold cards optimized for, like, the micro SD air gap,

Unknown:

kinda transaction PSB Ts. The ledger people are just, like, literally connecting it with via USB to a laptop. The whole part point of a hardware wallet is that you don't trust what's on the computer screen. Or one of the parts of the hardware wallet is you don't trust what's on the computer screen, so you check the actual

screen on the device to see that it's showing what it should be showing there.

If if you're not actually verifying on the device because you can't understand what's going on, then actually, you don't even

necessarily need to use the hardware wallet. Right? There is a is there a software wallet that does mini script right now? What's it called? Lianne or something? Lianne, that's the Revolt team. Yeah. Has Lianne? Kevin. Yeah. Yeah. Kevin. Revolt the company there. Yeah. Kevin's. Alright. Yeah. And you can download that right now and use it with mini script. Right? Yeah. And they don't have, like, the full menu of, like, picking everything you want, but it does, like, time locks, like, inheritance, like a dead man switch. Yeah. So the the point that you're trying to make though is that the the whatever mini script descriptor or output descriptor is more complex than the address and, like, the flow they already do? Yes. Yeah. Because if on an so you're doing a normal single sig ledger transaction or cold card transaction.

There's 2 things you need to verify. Right? There's the receive address, the address you're actually sending it to. Yeah. Very that's very simple. Right? Yeah. You you just look at the device and you're like, okay. That's the address I wanna send to. And then the second thing is every tran most transactions have changed, and that's what MBK was saying. Make sure that change is actually going back to an address that's controlled by the keypad By the way, I think, we are the only wall that changes that checks change output,

like, that you own it. So, like It doesn't it doesn't didn't Ledger add it after, like, there was a a I don't think they do. An attack? Maybe Bitbox.

Unknown:

I think maybe Bitbox does.

It's not a lot of wallets. So, like, we're still not even at a point where wallets are checking

for that.

See, like, I'm much more interested in this in this scenario,

on, say, for example, you know, you have Nunchuk. Right?

And and then you have more complex multisig going on there. Mhmm. And then you have top signers sort of like because they are interactive and I see doing some of that work. But then because it's multisig, you don't care as much about

verifying the mini script on the screen of the device.

Unknown:

Yeah. I mean, I just looked at the ledger. That's pretty

unreadable.

Unknown:

Yeah. It's pretty much unreadable. It's it's hopeless. It's absolutely hopeless.

Huddle text. Is it the Huddle text? Or you know, like characters or Maybe maybe what actually, fuck. I have a good idea for this.

Why don't you just make the hardware wallet show a a text QR,

okay,

of the information you want the person to verify,

and then you have, like, either, like, either just the text

reader on the phone

show that information in a sort of formatted way that looks decent for you to verify it.

Unknown:

Yeah. I think it's a bit of the form factor of the small screen. You have a very constrained design space. And I think what you're getting at, I I would agree in that you should be able to have a computer or other place and then have it cross run. No. The computer is complex. Does the ledger stacks scenario. Does the ledger stacks fix this?

The ledger stacks. I mean, so if you read the many like, if you can read the code, it is in plain enough English to be able to initially parse it. I view this as very early days, and building the tooling around this to make it more streamlined, to make it a better user experience

is going to be kind of, like, one of the missions that I'm charged with in making it better and also the larger community and just making this tooling better because

I think for

large institutional sums of money, like, you're gonna want more nuance and governance with the custody. Oh, I see. I can't believe you're right. Like, this is how it's gonna be used. So it's it's start it's gonna start off as a power user thing just like multisig started off as a power user thing. And today, it's still kind of a power user thing. I I think, like, the path to that enterprise customer is gonna be through the check marks people. Right? So it's gonna have to be, like, unchained,

Unknown:

Casa, you know, Coinbase, the people who do because, see, most,

like, proper institutions with, like, real amounts of money, they want the insurance. They want the CYA. Yep. Like, all that stuff. Right? Like and and, like, they're not gonna sit in a boardroom and set up, like, a bunch of, like, devices

Unknown:

instead of like, okay. We're ready now. I agree. And that's why I think that, like, what ManyScript enables is an idea of, like, a multi institutional custody model. Because why are we using, like, old banking paradigms that there's one person who holds your money for you? There's there's no reason to have one single party. You should use multiple institutions, people that are checking everyone else, like that that classic scene from Reservoir Dogs where everyone's pointing guns at each other's heads. Like, that's how it should work. And wrapping insurance around this too adds a compliance layer of, like, oh, like, if, like, if something were to go wrong, like, you know, you're still covered. Right? And it provides that, like, low friction ability to kinda put money in this kind of system. You know, if you can get output descriptors

Unknown:

fully disseminated,

I think you're gonna have a better path to upgrading 2 mini script. Mhmm. Like,

it's like the low hanging fruit. I'll put the scriptors is is like is like a slum dunk easy. Yeah. Right?

And and and that's gonna give you,

like, a path to

have wallets also have better UI for handling

that descriptor information Yeah. Somebody's gonna come up with, like, cool standards for, like, UI Yeah. Per se.

Unknown:

Hopefully, something better than words. Exactly. Right? Yeah. I think that's a good point. And I think, like, Ledger's pushing this forward because their new version of the Bitcoin app is only using output descriptors. So there anyone who's interfacing with Ledger is gonna have to move over to output descriptors pretty quick. So it's not gonna work with, like, all this installed base they already have? Because, like, I don't see Casa

Unknown:

or Unchained moving to that anytime soon.

Unknown:

Yeah. They're ready multi sig. Well, so the output descriptor stuff,

I mean, talk about it. That was, I think, that was one of the things that initially broke when they pushed the update last year,

in December 27th. And I found it that it that it broke Casa and Unchained. Yeah. And I I and, like, they rolled it back now, so I feel more comfortable talking about it. And from a disclosure standpoint,

like, no one lost money. There was no funds at all. No. No. No. No funds were averaged. No. I just just you can't use the signer. You can't use the signer. You couldn't. And that's I'd Well, they had a legacy app that you could install separately. You know, we have a we have a a a very, very,

Unknown:

intense thing internally,

which is,

don't break things.

It was very rare they're gonna break an integration.

Again,

complexity is often where the breaking up. Because your integration is just a very simple PSVT process. Kind of the wish. Right. Yeah.

But but, again, like, Moo sig is gonna get weird. Right? Because it's gonna have to be interactive. At least, though, there was a proposal to not interact with Moo sig maybe. I think that's more, like, the roast frost stuff, but Mulsig too, I think you're at least looking at 2 rounds. Yeah. So so, like, you're gonna have like, QRs are not gonna work,

for interactive. It's gonna be completely insanity for you to, like, be taking pictures, like, multiple times with the screen. So, like, NFC you can do it, and USB you can do it.

And, SD card is also gonna be a pain in the ass. People are gonna try and do the animated QR codes. Right? It's just gonna be so many panels. No. It's not just that. You're gonna have to do it, redo it Iterative. It's like multiple rounds. Time with multi screen. Like, it's unrealistic.

Unknown:

Yeah. You have to do multiple rounds for all that stuff. And I think for standards too, like And the bandwidth might not be enough. Right? Because that multisig

Unknown:

might be too big, so it might be, like, I don't know, like, 10 QR screens.

Unknown:

Yeah. Like, animated QR. Animated. Yeah. Yeah. With 10 It takes longer to load. Yeah. It's just

Unknown:

The one other thing too with MiniScript is it makes time locks very accessible. And I think that we're, like, talking about standards and how to interface with stuff, understanding, like, how do people,

you know, standardize how they use time locks. Like, do you wanna have a 20 year time lock? I you we mentioned that earlier on the show. Like, I probably wouldn't do a 20 year time. That's for my hypothetical son. Right. He's gonna have to deal with that. Right. That's his problem. Right? Yeah. But, like, I I think, like, annual key checks that, like, refresh the dead man switch of, like, a relative time lock makes sense because it gives you enough flexibility because 20 years is a really long time. You don't know what's gonna happen in 20 years now. You could spend Bitcoin hasn't existed for 20 years. Cancel that transaction by just spending the t the rolling the UTXOs into a new transaction too. So if you deposit money into a relative time lock? Yeah. So you do a time lock. Yeah. Right? And then you go and say in a year, you're not like, you wanna switch something. Right? Or you just make it a thing where, like, the family has to, like, sweep the funds into something else. Or at least spend one UTXO. You can keep one tiny UTXO.

Unknown:

That's the one that breaks the time lock Mhmm.

And then sort of, like, make a new one with miniscript.

Unknown:

No. We could He's just talking regular. He's just talking plain stuff. But I think other things

like doing, like, epoch time stamps. Like, I think that's the, like, search space. If you because, like, just like if if you lost all of your iClogs for a multisig, if you lose your out descriptor for the mini script, like,

you don't have access to your money even if you have the keys because it's just, like, you have this scripting logic of how you spend your money, so that becomes a new thing you have to back up and have a copy of somewhere. You have to have all of your full policy somewhere so you can recreate your transaction to match your hash of the transaction, right, for the pay to witness script hash stuff. Yeah. So these are all, like, different and so, like, if you're all of a sudden, like, you have to start brute forcing epoch time stamps, like, that search space is so massive. You wanna I, like, I was thinking, like, standardizing stuff for, like, if you're gonna use a wall time stamp, have it either be noon or midnight GMT. Like, if you're going to do it, don't have the search space be any possible second between here and the end of time. Like like, that's an insane proposition. So many said stories that we No. That's what I mean. But what if you want you I mean,

block height, like, number of blocks is way safer in general. No? Well, yeah. Because you have a much smaller search space. Yeah. For sure. Yeah.

Unknown:

Like, why even do you next time? I'm just it's an option that's in. Just because you're in until 2038,

Unknown:

so you should do it while you can. Yeah. Before we have to change it. That'll be a a fork. Right? Changing how many bytes it is? Yeah. We have to figure something out.

Unknown:

But all of this stuff is, like hard fork. None of this stuff is deal breakers for manuscript. I mean, it's early days. Yeah. Right? I mean, I thought the multisig example was pretty pretty good. I mean, the last 3 years of multisig UX is fucking insane. Right. How much is it? How far it's gone?

Unknown:

How about this controversial idea here? The least amount of integration you have on Mini Script, the least amount of install base you have on Mini Script is the thing that's actually gonna be good for you trying to develop the best Mini Script practice interoperability. Yeah. Because people start adopting. What? Should we cancel the episode so no one hears about it?

No. Because, seriously, like, if too many people start integrating mini script, you're gonna be stuck in however people did it. Mhmm. Right? And then, like, you're not gonna have a lot of room to start this very complex stuff out

Unknown:

in terms of just, like, best practice. Like, some asshole is gonna do, like, a 20 year time lock or whatever, and then you have to support that forever. Yeah.

Unknown:

Got it. I mean, I don't know if, Like, you don't have to support it because it's not, like, consensus or anything. Right? Yep.

Unknown:

You you like, they just have to keep the code, like, whatever version They use their old wallet. That's when people lost money with way with p two s h way back then. They would create their own nonstandard multisig scripts.

Unknown:

They're, like, only, like, the programmer dude knew it, and, like, the wife would never figured out how there was no copy of the script. And so that's well, so that's a lot of that stuff. Keeps their redeem scripts. Exactly. Yeah. That's the huge problem. Well, so you have to like, that's just if the moment you leave single sig, you have to keep a copy of the redeem script. Right? Whether it's legacy multisig or miniscript stuff. I think what's cool about miniscript in the compiler that uses it, all of the logic of constructing the witness in those different pieces,

that code's just sitting there and you can use it later. So as long as you have the necessary information, the signatures, and the hash locks, whatever you're using,

like and you have the core script, there's working code out there that can assemble the rest of those pieces for you. And kind of, I think, over, you know, the coming year is just building out the foundational

tooling to make this more interfaceable

Unknown:

because multisig was a nightmare for years, and now it's, like, very easy to do, relatively speaking. Well, I mean, that's still still. Yeah. Like, multisig. Right? Single sig Maxi with XOR? No. I I have I have multisig too. Like, I just I just feel like You you don't recommend it to noobs? No. Like and even people who are just, like unless you're full time in this business, like, I I often don't recommend unless you're using it, like, assisted multisig.

Unknown:

Mhmm.

Unknown:

But then you also have, like, the opposite side where it's, like,

cold card has so many different features you can use

that you start going down that rabbit hole. You're, like, okay, you can use multisig, you can even do CDIX or on top of multisig, you can do all this different stuff, and then someone hits you back with, oh, cold card's too complicated to use. So then you go, okay. Just use it in single sig with with the passphrase and just maybe even do CDX or and they're like, but why don't you use multi sig then? I mean, it's kinda like a simple thing. Yeah. Oh, man. It's so brutal.

Unknown:

Like, there there is absolutely no winning in this in this conversation.

Unknown:

To trust the cold cards entropy. It's like, okay. Then add dice rolls to the fucking

Unknown:

It it is frustrating. Right? It is very frustrating, the the self custody conversation on on on Twitter special. It's more of an art than a science. Yeah. American Huddle just texted me saying he's the asshole who wants to do a 600 and year time lock. There you go. There you go.

Unknown:

Nice. A relative one that every time he sends, it restarts? Maybe. Keep keep all the keys, the descriptors, everything Huddle.

Unknown:

He's 1 You're gonna probably wanna punch that in in a gold plate. A gold plate? If it has to last that long,

you know, that's what they do with the the vinyl discs, on, probes that we send to space. You know? Like The gold. Yeah. Why not steel?

Because, you know, even stainless steel, like, given enough time in bad circumstances, we'll we'll go.

Yeah. And I'm talking about, like, you know, 100 years, 100 years. Some sort of gold alloy. Right? Because gold's really, like, malleable and stuff. Yeah. I should make a gold plated,

Unknown:

seed, seed plates. Seed plates. Cold. Yeah. Cold plated gold card. Yeah.

Unknown:

Plus, so you can feel like a proper gangster.

Unknown:

Yeah. They're gonna steal your seed play and just keep it. They should try to keep it.

Unknown:

They'll

Unknown:

try to melt it down and sell it to someone.

Unknown:

That would be ironic. Can you imagine? Like, there is a a a a gold

seed plate out there. It's like maybe there is, like, you know, $10,000,000

on it. Right? The guy gets it, and he just melts it down. Yeah. For, like, 20 k or something. Yeah.

Unknown:

The spot price. Beautiful.

Unknown:

So where do we wanna go from here, boys?

Unknown:

At at the high level, I think we did a good job kind of talking through

the design space, the opportunity,

why Bitcoin script is a nightmare to work with directly Yep. What mini script fixes around that,

Transaction malleability we hit on.

Do you wanna talk about you had some call to action stuff. And, like, I guess also shout out to, like, Alakos

and the original magical

Bitcoin wallet that rolled into BBK for a lot of this functionality in the Rust compiler Yeah. Make it very accessible for other devs to start playing with this stuff.

Unknown:

Yep. Yeah. There there's another great video, I think

from LA

Bitcoin devs or something like that. Like, ecurrency holler invited,

Alcos to explain stuff so you could check out that

YouTube video from back in the day, I think, 2020.

Yeah. The main call to action is we want to probably see MiniScript

adopted,

by more hardware wallet providers.

And, you know, Coldcard's a competitor, and they're not gonna do it, so hopefully, you will.

Unknown:

I think that's the So just make a PR.

Unknown:

Yeah. Make a PR.

Unknown:

No. I mean, listen. If it if it wasn't so scary in terms of, like, bugs that could happen and, like, people lose money, I I'd put a bounty out and sort of, like, see if people wanna sort of, like, at least start to work on it.

But this kind of stuff is very sketchy in terms of, like, just accepting

contributions. Like, you have to really, really sort of, like,

feel the right the way we want it to be built and sort of test it the way we wanna be testing. It's it's,

Unknown:

I think the biggest piece is gonna be doing some sort of, mini script compiler,

in MicroPython.

That would be the biggest thing, because you have to take that output descriptor and map it into the raw script that you're actually, like, constructing transactions for. So that would be probably the biggest piece. MicroPython.

MicroPython.

Yeah. That's the biggest thing to tackle. It's it's doable, but it's just like, that's why it takes time, and it's not something you just turn on the mini scripts. It's a very involved code of state. Steve Myers here. We need, like, BDK bindings to micro Python now. Steve, if you're listening, come to the studio.

Unknown:

You know, you got you need one of those, like, supermarket dings that you just announced and More like a print It speaks out loud in the rest of the Steve Myers to the studio. Steve Myers to the studio. That's right. Exactly. The whole PA system. Yeah.

Unknown:

Yeah. But, yeah, I think I think

that's pretty much it. Like, we did a great job just explaining what

all the foot guns of script were and why a mini script is more accessible to the normies because you can just intuitively

think of whatever

spending conditions you wanna make and then get that into the script using the mini script compiler.

But, yeah, it is very fluid.

You got Rob here who's the app dev who's trying to do cool shit with it. You got NVK in the middle with the hardware wallet who, like, will like, his Rob's clients might use for using it, and he's like, I don't know. And then separately, you have the protocol people at the top who are now need to adapt MiniScript for Taproot. So there's a lot of moving pieces here, and,

honestly, we all don't know where this will end up, but I hope we see more people play with it this year.

Unknown:

Yeah. I'm very bullish on getting more people interested and engaged with this. And that was for me, like, 2 months ago when we started this conversation. I've been around Bitcoin for a while. I hadn't even really touched or, like, even really heard of it in any real capacity.

And if that's the case for me, that's probably the case for a lot of other people. And it's more of a call to action of playing with this stuff, starting to think about the tooling and user experience aspects of how do we avoid these foot guns, how do we make the a stronger consensus where you can

have different hardware wallets and you can have different software wallets all talk to each other and, like, cross validate and verify things, and making it in a way that users have knowledge and consent for depositing, withdrawing money out of the stuff so they, you know, have control over their money. I think we should

Unknown:

end the pod on Rob's contrarian take about layer 1.

Unknown:

Oh, you're just you wanna end with a little,

little drama. Yeah. Yeah. So, like, this is I was talking about this with Vic.

My personal theory is that there is an under

appreciation under,

under capital allocated for layer 1 Bitcoin use cases as opposed to layer 2 and beyond. And that,

basically,

layer 1 Bitcoin and, like, the store value and the, like, the vault technology of what we're using Bitcoin for,

is kind of what confers a lot of, like, the safety and, like, a lot of the use cases on the higher layers. Like, Lightning works because layer 1 Bitcoin you can't mess with, and you can always remote back to it. And I just believe that as you extend the usability and programmability of layer 1, so it has more utility for more use cases, it's going to strengthen layer 2 and layer 3 and beyond. So that's just kind of,

you know, that was a conversation we were having. I'm not sure if there was any specific point there. Thread too. But It was like a a 2, 3 tweet Twitter thread. Yeah. They yeah. I have a take on that. I think that maybe maybe Bitcoin is already good enough.

Unknown:

Maybe it resolves the problem for what we need for the next 10 years. And,

because

we haven't complicated

layer 1 yet too much,

you know, because Taproot is not used, most of it is not used and other stuff,

Maybe we just don't need more stuff. Like, it's it's like, hey. This thing is great.

We can use it for the next 10 years for the needs we're gonna have for the next 10 years. So, like, you're just not gonna see and it's a terrible place to make money too in in the layer 1. Right? Because it's the place where there really isn't a man in the middle. Right? Like, there really isn't a a middle man,

sort of business model there,

because it just works. You send your transactions,

and they get put into a block. And

Unknown:

Yeah. I mean, that's part of what we're working on as an insurance solution for Bitcoin is that we are part of that in between of kind of, holding the risk for you so you can hold your you know, you can hold keys, not risk. Right? We're that we're that middle man you pay an insurance premium. That's what we're working on. And to be clear, I'm not making a point about there needs to be forks or, like, soft forks or not. Not about funding. Like Oh, for funding per se. Yeah. Exactly. It's just that, like, it's just great as it is, and there is enough solutions out there for the size of market we have.

Yeah. Yeah. For me, personally, I just, I think the insurance space is very underdeveloped. The custodians

that have offerings today have, like, fractional reserve insurance. 100%. Like, it's like you have a couple $100,000,000 in insurance. You hold 10, you know, +1,000,000,000. Like, that's if if you had a wipeout event, you're getting paid 3¢ back on the dollar. That's not insurance. It doesn't cover the legal fees. Right. Exactly. Right. And yeah. Right. It's a so that that's kind of the stuff I'm, you know, designing solutions around. I think the mini script is a perfect example because no fork no fork required. We're we're using the stuff that's in the oven right now, and we can improve that user experience. So maybe in 10 years, we can talk about what other changes we want on layer 1. But we should be using the design space of what's accessible today Yeah. Before we even talk about those other conversations.

Unknown:

Yeah. Great. Yep. It's gonna be hard, man, to do insurance on, on on Bitcoin units versus dollar units.

Unknown:

Yeah. So, I'm I'm not I don't wanna turn the end of the podcast into my business and stuff. Do it. Yeah. Well, I mean It's a great business.

Yeah. So at a very I'm a one investor.

Disclosure, NVK is an investor.

Unknown:

So You do a good job shilling it.

Unknown:

So very quickly, Anchor Watch, is the name of the company. It's an old nautical term referring to the crew of sailors who watch the ship at night when you're at anchor. And,

out of the gate, we're focusing on US dollar denomination,

for insurance policies just because that's where there's a lot more deeper liquidity and access to capital. I have aspirations and I'm exploring ways right now on how to do things Bitcoin denominated out of the gate.

Nothing,

to announce or kind of talk about in detail today. But the idea though is that, we are skin in the game aligned holding your risk, so we're able to offer better insurance premiums based on what kind of security scheme you have. And,

you know, those go into a bunch of different branches of conversations

and about how insurance works. But,

very quickly at a high level, I think that insurance,

is a very strong unlock for institutional capital, additional money to coming into this, industry, seeing all of the shenanigans that went on this past cycle.

Very obviously insurance underwriters would never touch this stuff with a 1,000 foot pole. And it kinda talks about how much

insurance is pricing risk, and you actually can have a market pricing of risk because people put money behind their assessment of the risk, and that's a very healthy function for derisking markets. And I think it's a large thing for institutional capital

Unknown:

to start unlocking this. Would you take Luke Dasher as a client?

Unknown:

Not with his setup. No. But, like but, see, like, when you think about it, think about his setup and provided that that's what we know.

It all did. The key was backed up to a server encrypted.

Unknown:

Yeah. That's one of the I I I'm just speculating. Of course. Well, the one thing we do know for a fact he was using legacy addresses, single sig. So, like,

single sig, single point of failure would have more risk than some sort of distribution of keys, distribution of counterparties. Right? And This is why you like MiniScript is because you you ideally, your ideal client is using

Multi institutional. Right. Multi custodial. Sig. Multiple points of failure. And that brings more affordable premiums because you're distributing risk in different pockets, and you don't have to worry about a single key man at a custodian somewhere running off with all the money. So internal and external collusion can be mitigated with this stuff. Or losing a backup. Like, I think someone did, like, Fireblocks, I think. Oh, does that happen? I I forgot who so so there is, like, some controversy because someone lost their keys, and they're relying on a backup.

Unknown:

There was ETH, Fireblocks, and ETH, I think. Yeah. Yeah.

Unknown:

Well, not your backups, not your coins. Well, that's the other thing too is that,

crypto custodians use MPCs because,

multiparty computing with, HSMs like hardware signing modules because they can take one single private key, and it could be an ETH key,

a Polygon key, you know, a Bitcoin key, a Litecoin key. It could be whatever you want, and it all uses the same architecture. Whereas, many scripts are interesting because this is something that's afforded to Bitcoin uniquely because of the UTXO model and Bitcoin script as a language. Right. I thought they were using MPCs because it just doesn't have native multisig. Well, that too. Right. Right. But it makes it a one size fit all architecture. Right. It's a conversation that we've had many times on the show. Right? Which is, like, if a company is trying to support all these different shit coins, they're not able to take advantage of Bitcoin native features. It's a very hard problem, like, trying to, keep shit coins secure. Mhmm. You mean, remember Cripsy?

Unknown:

You know, like, when yeah. That's before he MintPal. Yeah. Before he took everybody's money,

and ran,

there was actually an actual hack. Mhmm. Was what was the coin again?

Unknown:

It was some complete garbage coin. Right? Yeah. But it was like

Unknown:

I forgot the name of the coin. But, anyways, that coin's client

had a backdoor on it or something, and then they hack you to the server through that, and they they drained it, one of their one of their, wallets. The other coins too. Yeah. Yeah. Yeah. It's before my time, but that's not, like, barbecue coin or whatever. Right? No. Barbecue coin was sold. Lucky 7 coin?

Unknown:

Barbecue coin was the true one. Was it lucky 7 coin? Lucky. No. We have crypt loco in the chat saying that. I can't remember, man. Crypt loco also has another question about

privacy risk when using something like Anchor Watch. Obviously,

Unknown:

if you're if you're getting your your coin insured, like, you're Oh, yeah. Trusting them with your privacy. That's the trade off. One of the main trade offs. Yeah. So if you're talking about our relationship with customers, we understand exactly which UTXOs we're insuring. Right? So you can't just be like, oh, I have 10 Bitcoin. Take my word for it. Yeah. Right? So we we are a counterparty, and it's a legal contract. Right? So it's a legal contract which requires if you want us to hold the risk, we need to understand your keys and what you're using. So, yeah, that's a necessary trick. And that's what's cool about MiniScript or at least MiniScript in the future is that, presumably,

if you don't want to trust your privacy with an insurance company, you can architect your setup in a way that you are relatively protected in a sovereign way with with key decay or time locks or Exactly right. And that's part of the tooling I'm building right now is to make it so that an individual doesn't have to use my company services, but they can just start playing with this stuff. Right? And making it accessible so individuals

can also have access to this control of, like, their money.

Unknown:

Awesome, gents.

This has been a great converse would you agree with me that for someone to play around with manuscript right now, a freak, the easiest way would be using Lian,

Unknown:

the software wallet. Yeah. So Lianna Lianna software wallet is if you wanna download a program and use it. I also have been recommending to people, Steve

at BDK does a really great command line tutorial

of how to use BDK in the command line.

And it's not a pretty GUI, but it does mini scripts, and he goes through the whole process. Where do you find that?

Unknown:

I can So for Liana, you can go to wizardsardine.com

and click Liana.

Unknown:

Is Yeah. It's supposed to be wizard sardine? Wizard sardine is like yeah. They're they're project manager. But but, there's BDK playground also. The BDK playground is cool, but you don't actually do the signing and, like, the moving. But that's a good point. Right? Yeah. Elephant. Yeah. So the, if you just type in, BDK elephant, that's the name of their, like, demo wallet that you actually can create a mini script policy, deposit test net coins into, and spend and broadcast to the network. So Elephant is the full end to end customized experience,

and then Liana is, like, the program that they're using right now if you wanna download, like, an actual executable, like, on your computer. Yeah. Okay, gents. This was a fantastic conversation. Before we wrap up, let's end with some final thoughts. Final thoughts, NVK.

Unknown:

Use a hardware wallet, and don't lose your money. Cheers. Thanks, MBK. Final thoughts,

Unknown:

Vivek.

Unknown:

When miniscript on cold card, I think.

Unknown:

I'm sorry. I can't hear you.

Unknown:

Thanks, Vivek. Final thoughts, Rob.

Unknown:

Final thoughts are if you have any questions, you wanna talk about this stuff, you can hit me up on Twitter at Rob 1 Ham.

Our company's website is anchorwatch.com.

If you wanna talk about manuscript,

anything I'm building or working on, open book.

I'm kind of obsessed about this stuff if you couldn't tell, so always happy to have someone else I can talk their ear off to. And,

yeah, looking bullish on the future for,

multi institutional

insurance solutions.

Unknown:

Thanks, Rob.

We'll definitely do we'll do a follow-up conversation on Mini Script and Anchor Watch in the future, maybe next time you're in Nashville. Sure. That'll be fun.

Huge shout out to our wonderful guests for joining us. Huge shout out for all the freaks who continue to support the show and contribute Bitcoin to it and join us in the live chat. I appreciate you all.

We have a big week at Bitcoin Park.

You can

follow what's going on at Bitcoin Park at bitcoinpark.co.

Also, a lot of the content that will be recorded a lot of the content and discussions that are happening at the park will be recorded and posted to the Bitcoin Park podcast feed. You can just search Bitcoin Park in your favorite podcast app and click that subscribe button. Anyway, freaks, I love you all. Thank you for the support. Thank you for joining us again. I hope to see many of you in Nashville at Bitcoin Park at our events. Stay humble, stack sets.

Cheers.