Douglas Bakkum: Building Bitcoin Hardware Wallets to Empower Individuals


My guest is Douglas Bakkum. He is the Co-Founder and CEO of the Swiss hardware wallet manufacturer Shift Crypto. Douglas holds a Phd in neuroscience and shifted his career from starting a scientific research lab in academia to building a hardware wallet manufacturer at a time, when no hardware wallets existed on the market. Douglas saw a problem and the need for a solution and started the company together with bitcoin core maintainer Jonas Schnelli in 2015.

Shift Crypto is one of my sponsors, and after this conversation I have to say I am even more impressed with their work. The BitBox02 has some additional features that set it apart from the other hardware wallets in the market. Like the dual-chip approach. I did not know how that works before and as I want to have a general understanding of the concepts, his explanations strengthened my trust in this new technology even more.


  • Robotics and artificial intelligence
  • Parallels between academia and the start-up world
  • Neuroscience, the brain and artificial intelligence
  • Stress and routines to stay stable
  • Launching SHIFT Crypto
  • Trusting new technologies
  • Bitcoin self-reliance, privacy and freedom
  • How SHIFT handles user-data
  • Gaining privacy with your hardware wallet
  • Apple as tollgate
  • What is more secure: using a hardware wallet on the desktop or on a mobile?
  • How are hardware wallets more secure than software wallets?
  • Paper wallets
  • What is the dual-chip approach of the BitBox02 and how does it compare with Trezor and Ledger?
  • What he would put on a giant ad on social media


Support the podcast



Recording Date: September 8, 2020
Location: Online




    This is the human edited transcript for Episode 75 with Douglas Bakkum, CEO and Co-founder of SHIFT Crypto..

    Anita Posch [00:04:33] Hello Douglas. Great to have you on the show. I had an interview with Jonas Schnelli in German some months ago but I'm very pleased to have you too now.

    Douglas Bakkum [00:04:46] Hi Anita, thank you very much for this opportunity. I'm looking forward to it.

    Anita Posch [00:04:51] Please introduce yourself. That's obviously the first thing we do here so that the listeners know who you are, what you do and what you did before.

    Douglas Bakkum [00:05:00] Sure, let's see where should I start? I guess from my birth, start early on. I'm from Wisconsin originally. I was born and raised there in the US and from the earliest age, I liked school. I was good at it, so I tried to stay in school as long as I could.
    I ended up going to university and got a degree in mechanical engineering. I went to grad school, I studied mechanical engineering some more. I researched with the focus on robotics and artificial intelligence and some cognitive science also. Then I ended up getting a PhD in neuroscience which is a bit different. Getting into AI, at the time at least, it felt very primitive. So I thought in order to advance that field it makes sense to study a bit more about real intelligence - so neurons. I decided to get a PhD in neuroscience. That led me to Atlanta, where I got my PhD and then traveling around the world a bit. I had an opportunity to live in five different countries and three continents, including going to Tokyo, then eventually into Switzerland where I am now. I've been here for almost a decade already.
    Of course, none of that is about Bitcoin. There came a point in my life where I needed to decide, "Okay, what am I going to do next now that school is basically ending?" So I ended up getting into Bitcoin around that time. What I'm doing now, I started a company called Shift Crypto and we make the BitBox hardware wallet. Now I'm working on that and I guess we'll get into a bit more details about that.

    Anita Posch [00:06:42] Yes, exactly. When and how did you hear about Bitcoin in the first place?

    Douglas Bakkum [00:06:48] The first time was 2013 in Tokyo, in Japan, and Bitcoin was a really big headline on the front page of the newspaper. That really confused me. I didn't know what it was. I took a quick look I was like, "Okay this is some kind of Monopoly money that people have on computers. This is really strange. Why is this on the front page of a Japanese newspaper?"
    I spent a bit of time digging in and it didn't take me long to figure out this is actually important. Having a scientific background, I was most interested initially in the scientific problems that Bitcoin solved. It formed a solution to the Byzantine Generals Problem. Basically, a way to not have to trust anybody if you're doing something online and so it basically formed the foundation for digital money. As we all know, Bitcoin with all of these really fascinating properties of censorship resistance, not needing to trust anyone, no centralized authority controlling it and things like that. Initially, it's a deep rabbit hole to figure out what Bitcoin actually means and what its impact actually means. Initially, just very superficially, I saw, "Okay this solves an important problem and there could be a lot of things that could come out of this."
    So that really fascinated me. I started getting involved a bit more and more. Probably like a lot of people with technical backgrounds when they first got involved, I tried to create trading algorithms. To try to play the spread and arbitrage and shorts and whatever. I quickly learned that that's not my forte. [chuckles] If you want to deal with that, it's a full-time job and there's a lot of people who know what they're doing. So I got out of that. I was still in neuroscience at the time and we can continue from there.

    Anita Posch [00:08:46] So it was the novelty, the revolutionary scientific solution, that was interesting you?

    Douglas Bakkum [00:08:54] Yes, initially, at first and then of course the further down you go into the rabbit hole. It's like that wanting to stay in school. I was more interested in researching things that I thought were important so money really never had an impact for me. It was never really a consideration for me. Not that I had money. It was just that I felt money doesn't buy happiness, common saying, but getting involved in Bitcoin it actually opens your eyes a lot to what money actually is. What money means and how governments are, what the role is in money and commerce and things like that. It really opens your eyes. Then, that's the start of the rabbit hole and you get deeper and deeper. I guess a question then is, 'What was the actual thing that pushed me over the edge into leaving neuroscience and getting into Bitcoin?'
    I would say that was probably more pragmatic things as opposed to ideological things. In general, I like to work on things that I think can change the world. Most of my life decisions have been based off of doing things I find interesting, find fun. Neuroscience is definitely something that can change the world but Bitcoin is also. Since I had to leave school, the next step in an academic career would be to become a professor. I wasn't sure if I'd like to be a professor and I was thinking instead maybe a startup is interesting. I think there's a lot of parallels there. Between starting your own lab as a professor at the university versus having a startup. For example, you need to have a good idea. You need to be able to convince people to give you money for that idea. In academia, it's the governments with grants. In the startup world, of course, venture capitalists and angel investors and so on. You need to be able to convince other people to work with you. Recruit a lab or recruit a team and the potential payoff is a bit different. So if you really hit on it in academia, you get tenure which is good but in startup world, you can have a bit higher payout in the end. I was like, "Okay, why not? Let's try something new. Bitcoin seems pretty cool. How can I get into it?"
    I didn't think anyone would want to give a neuroscientist a job so I just decided to start a company and get myself a job.

    Anita Posch [00:11:16] Yes, that's the best option. Build your own, let's say, empire in a way.

    Douglas Bakkum [00:11:23] Yes you can try.

    Anita Posch [00:11:24] Yes you can try, exactly. I guess in neuroscience you can always do scientific research and stuff but it's not something so novel and new. I mean, it can change the world but I think Bitcoin can change the world more at the moment.

    Douglas Bakkum [00:11:42] Yes, I think Bitcoin has a potential to affect a lot more different aspects of society and it's a lot newer, of course. Just to give neuroscience a little
    shout out, neuroscience is also relatively new. It's only about a hundred years old since people really started studying it seriously. The brain itself is really complex and there's a lot unknown and I think there's going to be, maybe not anytime soon, but some pretty fascinating results that come out of that also.

    Anita Posch [00:12:15] Interesting. I heard you say in another interview that the brain is much more complex than artificial intelligence and machine learning can be, at the moment, and that they cannot compete. When do you think they can compete? Can they ever?

    Douglas Bakkum [00:12:33] So I would say, competing is probably the wrong word because it really depends on what problem space you're talking about. Of course, you know computers can far outcompete humans at mathematical formulas and computation and stuff like that.
    I guess part of this question stems from a more fundamental issue of, 'is AI going to take over the world' which in some circles people talk about that a lot. I guess my comments in the past are more so on, in general, I think people underestimate a lot what the brain is actually capable of, what actually happens inside of your body. It's just as an example the brain has, I think, about 80 - 90 billion neurons inside. I just looked it up, the latest microchips have around that many transistors. The more advanced ones about 50 billion but the thing is a transistor does really one thing. A cell in your brain, a neuron, it's really like a supercomputer in itself. You have a lot of different molecular processes happening. All happening in parallel, all inside the same cell and this has a huge amount of computational complexity that's possible and the architecture is a significant difference. So the brain, it's all interconnected. There's more connections in the brain than there are stars in the universe, for example. I think if you start to deal with quantifying the computational capacity, the brain far outpaces computers. So if you give a computer a specific task it's going to do really well but the world's not a set up like that. The world's quite noisy, a lot of different things happening and the brain has evolved over millions of years in order to deal with this situation in a great way and it works, so in that aspect. I think for AI to compete, it's dangerous to say it can never compete but I think certain things will have to change. In particular the computational architecture of computers it's going to have to be a lot more massively parallel. Maybe have some kind of evolutionary mechanisms involved and so on and so on. I think this actually happening will be a long time away.

    Anita Posch [00:15:12] Do you have any ideas, examples, or vision how AI or machine learning machines could interact with Bitcoin?

    Douglas Bakkum [00:15:24] I hadn't thought about it.

    Anita Posch [00:15:25] Yes, it just came to me, this question. [laughs]

    Douglas Bakkum [00:15:29] I think of course if you have a task. Where computers work well is when they have a specific task that they're given and in that task, it can be a noisy environment but it has a specific goal to achieve. I'm quite confident that there's a lot of artificial neural networks and machine learning out there trying to figure out how to trade Bitcoin. For example, high-speed trading and things like that and so I guess that's the most obvious example. Deeper down, I'm sure you could think of some more. [chuckles]

    Anita Posch [00:16:10] I have really no idea about neuroscience, to be honest, but I read that the brain is plastic and it's very changeable and you said that also before. What is your brain capable of? Do you have examples?

    Douglas Bakkum [00:16:28] Yes, so the brain is pretty fascinating. I would say, just to touch on AI again, I think what will come probably sooner than AI taking over the world would be the merger of biology and AI so books, for example. Early on when I was doing my PhD a book that I read, that was quite inspiring to me, it's called Natural-Born Cyborgs.
    It talked about how humans, due to their brain, are basically already a form of cyborgs. One of the examples that I remember is something as simple as a pencil. We learn how to use a pencil to write words down on a piece of paper and so the pencil becomes a bit of an extension of our body and the words on the piece of paper become an extension of our memory. There's other examples like something as simple as glasses. Helps your vision better. Then, some people would even consider cyborgs are walking among this today. In the sense of some people who can't hear anymore. They have cochlear implants so that's a direct electric connection to neurons in your brain. It can help them hear. There's some retinal implants to help people see.
    One of the fascinating things about the brain is it's designed to adapt to environments. You can connect, let's say machines, electrodes to the brain and in both directions, you can send signals into the brain and it will be able to use those and learn about them. To have some kind of meaning. There's a lot of work on prosthetic arms, in order to give some kind of sensory feedback of how the muscles would move or the skin would feel. You can send electrical signals into the brain and the brain can learn about that and vice versa, you can connect electrodes in the brain to record neural signals and the brain will learn how to adapt its signals in order to, for example, move the prosthetic arm. There's a lot of work that's been done for decades now in monkeys, showing this and there's a few companies trying to commercialize that technology for people also.

    Anita Posch [00:18:40] This adapting to surroundings or circumstances reminds me a little bit of Bitcoin's capability to regulate the hashing difficulty, depending on the current hash rate. Do you see other parallels of organism or brain to Bitcoin?

    Douglas Bakkum [00:19:02] No.

    Anita Posch [00:19:03] Me neither. I thought maybe he knows something.

    Douglas Bakkum [00:19:10] Not yet. I guess, more broadly, there's a science in emergent phenomenon like cognition in the brain and things like that. I've seen emergent phenomenon from the network of activity so I'd say maybe a step higher than the brain. There's emergent phenomenon all around nature and probably, there's some that could be found in Bitcoin and the society around it.

    Anita Posch [00:19:35] I have another question about the brain. I read that stress affects the brain mostly negatively, I guess. Now due to the pandemic, many people are worried over contracting or spreading the virus and the economical situation is tense. Everything is uncertain. How does this affect our brain and our bodies and what are the consequences?

    Douglas Bakkum [00:19:58] I can't say too much there because it wasn't my specialty in neuroscience. I was more on the network and cellular level as opposed to behavioral level but of course, we have stress for a reason so it's not always bad.
    You know the 'fight-or-flight' response stress really primes your body to run away from danger or fight danger. So it really prepares your body state and your mental state for that but of course, that's something that can't sustain itself. So if you have constant stress, eventually it eats away at your brain and your body because it's depriving resources that would normally go to, I don't know, I'm just speculating but maybe fixing things. Fixing your muscles, fixing your brain, recovery and so on. Yes, with the pandemic it's a tough situation for a lot of people around the world. The only advice I guess is try to reduce the stress as much as you can. I guess there's no silver bullet for that. It's going to be different for different people.

    Anita Posch [00:21:03] What are you doing? Entrepreneurship is a wild ride in a way. [laughter]
    What are your routines? Do you have routines to help you stay stable?

    Douglas Bakkum [00:21:14] Yes so entrepreneurship is definitely not trying to avoid stress, at all costs.
    So I'm contradicting myself. There's a lot of stress in entrepreneurship. I would say, with respect to the virus and lockdowns and stuff. I feel a bit lucky to be in Switzerland, in the sense that there's a lot of beautiful nature all around so it's easy to get out into that. For me, personally, I grew up in a very small town in the countryside. Just being in nature is very very peaceful. I think that that's helped me a lot through the whole lockdown and also just in general with stress. Every day I walk along a beautiful little river from my apartment to get to the office and the mountains are really amazing.

    Anita Posch [00:22:07] Okay and you said you are in Switzerland almost a decade now. Why did you go to Switzerland in the first place?

    Douglas Bakkum [00:22:15] Neuroscience again [chuckles] So I actually came to be a postdoc at the university here, at ETH Zurich, and so I had my own small group in another laboratory working on the brain.

    Anita Posch [00:22:31] Is this, the ETH Zurich, where you met Christian Decker and other people who are now into Bitcoin?

    Douglas Bakkum [00:22:38] No, actually. Getting into Bitcoin I guess I didn't really touch on how I transitioned but interestingly enough, initially our company was a spinoff of ETH. Bitcoin company was a spinoff of a neuroscience lab at ETH and the technology was similar. The lab I was in was a neuro-engineering lab so they built tools to better study neurons. That included PCB design, microcontrollers, manufacturing things like that so somehow I could convince the university that this was enough of a commonality to become a spinoff. They're very supportive of it which was cool. So was my old advisor and using some of these skills, I started playing around with making hardware. At the time when I got involved in Bitcoin, there was no hardware wallets in existence. The idea existed but nothing was on the market. If you were around in that time you may also recall that there's a lot of scams with hardware in Bitcoin at the time, in particular with mining equipment. I wasn't sure if hardware wallets would actually come to the market so I just decided to start building my own. Early on, when I got into Bitcoin, I recognized the security implications so it took me a long time before I actually felt comfortable holding Bitcoin. I said, "Okay, there's there's an obvious need here so I'm going to make something."
    Then getting to know the rest of the Bitcoin community was really thanks a lot, to the Bitcoin meetups organized by the Swiss Bitcoin association and that was really great. Switzerland is a very small country but it really is becoming a center of Bitcoin, a center cryptocurrencies in general so you had a lot of opportunities to meet some very fascinating people. I met my co founder, Jonas Schnelli, who's one of the Bitcoin Core maintainers. He just happened to be living in the same city as me and we met at a meetup. I got a lot of great feedback when I talked about what I was doing and the whole meetup space was really the key to actually finding people to join me and launch a company.

    Anita Posch [00:24:48] When was that? When did you launch Shift?

    Douglas Bakkum [00:24:51] I would say before launching is more so the start point and I would say that would be sometime in mid-2014. That's when I had a prototype and started talking to people and so on. We launched the company with Jonas in October 2015, about a year later. A lot of that was you polishing up the hardware, polishing up the software in order to use it, figuring out supply chains and manufacturing partners and stuff like that.

    Anita Posch [00:25:26] What was the first time when you had a big change? A move upwards, in a way, in the company like getting venture money or something else. What was the first time you grew?

    Douglas Bakkum [00:25:40] I would say both Jonas and myself have a lot of self-confidence, maybe that's the best way to put it. We thought we could basically do everything ourselves and we tried. [chuckles] I think we did okay. In, I think, April 2016 we launched so we started selling BitBox devices on the market. The BitBox01 and we ended up getting customers in about a hundred countries. We really didn't know what we were doing as far as business goes. In the sense of, I think the technology we had down but the other aspects of business like marketing, the internal operations and stuff like that.
    In 2017 we joined a FinTech Accelerator program, F10 program, in Zurich and this was really great for us. It really brought together the company as more of a professional business. We got some other people to join the team, contacts to investors and so on. Later in 2017, we took some angel investment round and then again, a much bigger fundraise in 2018.

    Anita Posch [00:27:45] You said before, that before there were hardware wallets, it was so difficult to secure your coins and you didn't feel comfortable with the solutions that there were. I think also Mt Gox was at that time. Now since we have hardware wallets and it's a lot easier, I would say, to use Bitcoin it's still difficult for new people to come in. I can remember when I bought my first Bitcoin and then a hardware wallet and used it. It's so completely new and you have to learn to trust these things. There is no long history behind it. Basically, I think you can only learn to trust. What's your approach to that?

    Douglas Bakkum [00:27:41] Yes. It was interesting early on. It was very much the Wild West. I would say I still wasn't even that early on, compared to Jonas and others but it felt so much like the Wild West. Where everything was up to you to figure out. Securing was really complicated - securing your coins if you don't have a hardware wallet. So I had basically Electrum an offline computer. Took me a long time to set that up and feel comfortable around it but getting coins. So Mt. Gox. How do you Transfer money into Mt Gox when basically you couldn't do it through your own bank? Yes, it was very interesting times. Like you say, jumping in even later, even now it still seems super complicated. Our goal as a company, of course, a lot of other companies also, is to try to make it as simple as possible. I'll tell you, that's an ongoing battle but there's some just fundamental concepts that you have to shift your perspective a little bit in order to handle. That's, like you said, being responsible. Bitcoin is great because it can give you financial sovereignty, financial freedom. One of the early statements was 'Be your own bank with Bitcoin' and Bitcoin allows that. If you're your own bank, you also have to be your own security team which is not necessarily an easy thing to do. So with hardware wallets, the concept was to make that a lot easier, to be a security team for you. There's a lot of UX focus that's still needed in order to make the experience as simple as possible. It's a high priority for our company and some of the concepts where people just have to let it sink in, you know, the concept of passwords. So everyone's very Laissez Faire with passwords because in their whole life if they lose their password, there's always some kind of recovery mechanism. And so it really sinking it into people that if you lose your password, your coins can be gone. Your finances can be gone. It requires a mental change and then, of course, behavioral change. I'd say it's still, I don't know if the unsolved problem is is the right word, but it's still an issue that needs to be tackled.

    Anita Posch [00:30:02] Yes, I just think it's very early still and it's also a great a big learning process that's going on. Just take me as an example, I'm used to secure passwords and have a password manager and stuff but for instance, of course, I also use the Google authenticator for 2FA. I think for many people this is a step that is not so easy to take. Then, maybe even go one step further to use these keys, no these USB sticks that you put in -

    Douglas Bakkum [00:31:32] Like a YubiKey.

    Anita Posch [00:31:34] - yes like a YubiKey, exactly. I didn't do that until now to be honest because I'm not sure about the concept. If you don't have anybody who shows you how it works or have great videos, then you have to find those educational videos, it's really difficult.

    Douglas Bakkum [00:31:51] Yes, indeed. It's a bit of a new paradigm but I think it's a healthy step in that direction. These big companies are chipping away at privacy, for example. Self-reliance and so on is less of a life skill, I would say, in the last decades but I think that's maybe not necessarily a healthy thing. So having some responsibility for your own privacy and your own freedoms. I think that is important. Of course, the goal of companies is to make things as convenient as possible. Users shouldn't have to think about every little technical detail. I think also with Bitcoin the technology can allow that but also still preserve the privacy in some of your self freedoms.

    Anita Posch [00:32:41] Yes but still, it's a step more. You have to think of so many things. I mean, just about the fact in the last months there was a that the breach at Ledger, another hardware wallet manufacturer. Where the marketing database with the shipping addresses was leaked. So basically, if you buy a hardware wallet you also have to think about where to send it. Don't send it to your home.
    It's really much. I understand that one should do it but I think for people, like newbies and people who are not used to that, won't do this. What are you doing? What's your security measures on the marketing database you have?

    Douglas Bakkum [00:33:32] Well, first of all, our marketing database doesn't have any delivery details so it's just names and emails, whatever people give us in order for us to send out newsletters, updates and things like that. Of course, people can have fake names and fake email addresses so that's a bit better. Of course, our shipping database has to have delivery addresses in order for us to ship goods to people, that's inevitable. Our policy there is to remove any sensitive data, such as delivery addresses, after a certain amount of months say like three months to help protect people's privacy. I think you asked something else in that question too but I lost track.

    Anita Posch [00:34:17] I did too, to be honest.
    I think, in general, how does Shift secure privacy of people and that data?

    Douglas Bakkum [00:34:28] Of course protecting privacy is something we take to heart and so any personal details, if we don't need it, we'll get rid of it and try to go beyond that also. That reminds me of one example, where we also allow people the opportunity to connect their own node to the hardware wallet. This enables you to have more privacy on your personal finances and personal finances situation. So to explain that a little bit, a full node is a copy of the Bitcoin blockchain and so the Bitcoin blockchain is the public repository where all of your coins are recorded. So how many coins you have and your address is recorded on the public blockchain.
    What a lot of people don't realize when they buy a hardware wallet is a hardware wallet that gives you security but it doesn't give you privacy. In order to use a hardware wallet, you have a software interface to it. That software interface needs to ask the blockchain how many coins you have for your addresses. By default, you're going to ask the wallet or the wallet manufacturer basically. So Ledger, Trezor, Shift Crypto. Basically, you're exposing your whole financial history, Bitcoin financial history, through our servers. I don't think any of us record that or keep track of it but it's possible that we could. It's possible that a government agency, some legal agency, comes and forces us to do that. I'd say that would probably be a bigger risk. That's never happened to us yet but that's a possibility. How do you gain back your privacy there? You should have an option to be able to connect to your own node. The node could be a service on the cloud or it could be something that you have in your home and things like that. We're conscious of privacy. We're trying to stay at the forefront there and try to figure out how to help our customers stay private. Of course, as with anything, we're always open to feedback from others. If they have ideas how we can improve.

    Anita Posch [00:36:47] What's possible, at the moment, with the BitBox02? I can connect it to a full node, like a RaspiBlitz for instance, or I could also have Bitcoin core on my computer and connect the BitBox.

    Douglas Bakkum [00:37:03] So we have some blog posts explaining the technical details of how to handle that but yes, basically yes, you can have your own full node. You could connect to that. It's through the Electrum server. I believe that can also connect to the core blockchain.

    Anita Posch [00:37:25] You also have the possibility that the hardware wallet, the BitBox02, can be connected to a smartphone. Is it Android and iPhone?

    Douglas Bakkum [00:37:36] At the moment it's only Android. Technically iPhone is possible, the issue there is more so with Apple themselves. They like to, I guess, be a tollgate. They have a lot of rules and regulations to follow and a lot of profit sharing. So if we connect to iPhone, we have to set all that up. I'd say that's the primary roadblock for all hardware so far with them but that said, something down the line, I'm sure that will come.

    Anita Posch [00:38:06] But do they also want money from you then?

    Douglas Bakkum [00:37:21] Yes, they do. [chuckles]

    Anita Posch [00:37:22] For what? For instance, I have an iPhone and I would use the BitBox02 to send Bitcoin to my hardware wallet to store it there. Then they would take a share?

    Douglas Bakkum [00:38:23] No. So they wouldn't take a share of actually using it. They would take a share, not from the individual customers, but they'd take a share from the manufacturer. This would come during sales. So each hardware wallet we sell that would be for iOS, they would like some money.

    Anita Posch [00:38:38] Wow Okay.

    Douglas Bakkum [00:38:40] That's Apple.

    Anita Posch [00:38:41] But that's not the case for Android so it's more open than Apple. That's the advantages of open systems. From the security standpoint, what do you think? Is there a big difference between using it with a smartphone or on the desktop computer?

    Douglas Bakkum [00:39:06] I would say not so much because part of the threat model that we have, is we just automatically assume the worst. The worst, in this case, would be that the app you're using on the desktop or the app you're using on the smartphone is already compromised. Our security model would already make that assumption so it shouldn't be dependent on that.
    How you get around that is basically on the hardware wallet itself. On the BitBox, we display all of the important information. So the address you're sending coins to, the amount of coins, the fee and you can confirm it that way. That said, it's still a challenge for people to hack the desktop app or the mobile app. Considering that, I would say the security is not so different. In fact, the security might be a little bit better on the mobile because of all the sandboxing that different apps have. So the operating system's a bit more designed for segregating apps and data storage.

    Anita Posch [00:40:08] That's interesting but I think it's only the case when I update all my Android versions all the time.

    Douglas Bakkum [00:39:28] That's a good point, that's a very good point. So the Android version, of course, needs to be updated. That's a lot easier process in desktop and unfortunately, a lot of mobile phone manufacturers tend to be lazy about giving security updates and operating system updates. That's a good point.

    Anita Posch [00:40:33] Yes because for instance, I have an older Android phone. I bought it in 2016 and I still use it. I think I don't get any Android updates anymore so I think I have to change to a new one now, unfortunately.
    Can you maybe explain for people who are not very tech-savvy? How it's possible that if I plug in the hardware wallet into my computer, I always say to people, to explain it in easy words, that the data is not touching the internet in that way. How does this work? How does this BitBox do this?

    Douglas Bakkum [00:41:13] I can try to explain that. The BitBox are hardware wallets in general. They try to isolate all the secrets and keep the secrets on the hardware wallet itself. So that they never touch the computer or your mobile phone or your operating system because on your computer, your mobile phone, your operating system there can be malware. There can be hackers involved in some way. It's called a wallet but a wallet's maybe not the best terminology, not the clearest terminology. It's more like a key chain, like your keys for your apartment or your car. In order to secure your apartment or your car, you put your keys in your pocket and you don't want anyone to touch it. With Bitcoin, what a wallet really is, is just a bunch of keys and these keys are random numbers. Each random number controls access to your coins and like I said before, your coins are on the public blockchain. These keys, you don't want anyone else to have them, you want to keep them in your pocket. How that works with the hardware wallet is a little bit like signing a bank check. Americans are maybe more familiar with this than Europeans but basically a bank check or a contract. Let's say you want to buy a pizza or some Satoshi's so you write a contract.
    I want to pay this pizza place this much Bitcoin and then you send that into the hardware wallet. The hardware wallet has the keys there and all it does is sign it. So signs your name to it or signs, "It's okay to send this amount of coins to this address."
    Then the private keys stay inside the hardware wallet and this contract, the signed contract, or the signed check now comes back out. Due to cryptography, no one can manipulate it anymore and you can send that off, then the transaction happens. So I don't think that was exactly simple but I guess that's kind of the concept. These keys, how did they get into the hardware wallet in the first place? These hardware wallets are basically general-purpose computers. They have a small microcomputer inside. There's a random number generator to generate entropy and you create these keys on the device itself. So you can create the keys on the device, you can use the keys on the device, you can load keys if you need to recover from backup onto the device itself and these keys never touch the computer.

    Anita Posch [00:43:51] But how are the keys then created? When I initialize the hardware wallet?

    Douglas Bakkum [00:43:58] Yes. When you first initialize the hardware wallet, when you create a wallet, the keys are created. So different manufacturers will have different processes depending on the hardware. What we do is, we actually have, they're called true random number generators or pseudo-random number generators. We have two of them. One on a secure chip, one also on a general purpose microcontroller and they create enough randomness in order to create these keys. Part of our security model is to try not to trust anything and we try to add security in depth. Like if a secure chip is backdoored or if the microchip is backdoored, then we add extra entropy also which would come from some randomness that's generated during the factory installation. So randomness we input but also randomness that comes from the user. In the form of user password that they enter and some other forms of randomness. So randomness is really the key because you don't want that to be predictable. If it's predictable then someone can predict what keys are being created and then, offline, be able to basically simulate your wallet and steal your funds. This has happened in the past with some online wallets. Where there was some predictability in the JavaScript, the web code that was used to create entropy.

    Anita Posch [00:45:16] And that's why it's so important to have a hardware wallet. To use a hardware wallet.

    Douglas Bakkum [00:44:32] Yes. I would say a hardware wallet is, in my opinion, by far the safest way to generate keys and store cryptocurrencies. There's a lot of attentions made specifically to design it for this specific purpose. Whereas websites, a lot of it's general purpose. It's designed to be general, as opposed to specific so there's less of a focus on security.

    Anita Posch [00:45:45] I often see people write or say on forums or something like that you can do your paper wallet on your own. It doesn't cost you anything. What do you think about paper wallets?

    Douglas Bakkum [00:45:58] Yes so paper wallets or metal wallets, I think they're a good thing but there's a couple of issues. One is creating the entropy. People can use a dice, for example, to roll dice. That's a very good way to create random numbers but the problem is, if you want to use this random number, you still need a computer because you have to create the receiving addresses. So all the addresses you send to someone else to send you coins, it's derived from this secret key, this private key and that's not something that can be done by hand. You're going to need some kind of computer already in order to use this private key so you're already touching a computer. It's not purely paper. Then, another issue is that when it comes time to spend your coins, you can't spend coins from a piece of paper. I guess, of course, you could treat them like banknotes and hand it to someone else that works. If you actually want to create a transaction and send some Bitcoin over the internet, then you need a computer again. So there comes a point where you have to load your private keys back into a wallet and you're back at square one. You need to use a software wallet or a hardware wallet.

    Anita Posch [00:47:16] I think the thing that is so dangerous is then you need a computer. You need a machine and how do you prevent that from not going to the internet?

    Douglas Bakkum [00:47:27] Exactly. It's a challenge.

    Anita Posch [00:47:31] I have one last question regarding the magic of hardware wallets. You said you have a secure chip and a microchip. Can you please explain what those are? What's the difference between them?

    Douglas Bakkum [00:47:42] Yes, so we have a dual chip approach which distinguishes ourselves from Trezor and Ledger. Whereas Trezor, for example, uses only a general purpose microcontroller but the problem with general purpose microcontrollers are they're not designed for security. So there's various ways that you can, if you have possession of one of these chips, there's ways you can for efficient costs or for low cost, you can get secrets out of it.
    Secure chip, that's Ledger's approach, secure chips are basically microprocessors again, small computers. They're designed to make it very difficult to extract secrets out of them. So they're hardened, physically, in different ways to prevent physical attacks and also algorithmic attacks and so on. That's very good. It gives a lot of security but the problem is with secure chips, oftentimes it requires an NDA to be signed with the secure chip manufacturer. So any code you put onto it cannot be published and so closed source code.
    You talked a lot about trust and we think having open source code is crucial for people to be able to have trust in you or, I would say, better to not have to need to trust you. Our approach is like a middle ground or maybe a best of both worlds approach. We use a general purpose microcontroller where we run all the code on there. All the code is open source. Then we harden our hardware wallet with a secure chip. We don't run the Bitcoin crucial code on there, we just use it to make it more difficult. To have some key storage and also make it a requirement that a hacker, if they possess the device, would also need to hack both microcontroller but also the secure chip. We think it adds security but also maintains the open source nature where people can vet our code independently.

    Anita Posch [00:49:35] Oh okay, that's interesting. Thanks for the explanation. Okay Douglas, thanks. Let's get a little bit back to more general questions. What I would be interested in is, you've been in the Bitcoin space for a long time. You are the founder of a company in this space. You are working on Bitcoin security hardware and software. How did all these experiences change the way you see Bitcoin from early on to now?
    Or maybe just, as another idea, did the use of Bitcoin or your life with Bitcoin in a way change your behavior or maybe your perspective to life? Anything like that.

    Douglas Bakkum [00:50:28] Hard to say. I'm sure it did, so I changed careers.
    No longer in academia. I'm in the entrepreneurial world and so, of course, that's a fundamental life change in my behavior. I would say as far as my outlook on life, I'd say generally probably not because I think if Bitcoin didn't exist, I'd probably still be living my life in a similar way. Maybe it's a different startup in a different field. Again, somewhere where I think somehow, in some little way, I could contribute to something special that changes the world. I think it's the right place at the right time for me with Bitcoin. Where opportunities presented themselves. Where I could jump in and try to contribute to something I think is very special. I would say, I guess my answer was no because my philosophy is a bit of eternal optimists kind of thing. Where I think if you work hard on something you love and you believe in, you can make an impact in the world. I guess I'm grateful that it can be Bitcoin at this moment.

    Anita Posch [00:51:44] Great. Yes, it gives life meaning in a way.

    Douglas Bakkum [00:51:50] I think that's a nice statement, in the sense that it gives a way or it gives you a reason to do something. It gives you a reason to do something important.

    Anita Posch [00:52:00] Do you have any message for our listeners or not only for our listeners? What would you put in an ad? If I would buy for you an ad to be displayed on all social media platforms. What would you say?

    Douglas Bakkum [00:52:17] Oh no. [laughter] I'm not a marketing person.

    Anita Posch [00:52:22] What do you think is important for people to know?

    Douglas Bakkum [00:52:24] I think, like you said earlier, it's still really early in the space. I really like the direction, the new direction you're taking your podcast to try to open up this complicated world to new people. I think it doesn't have to be complicated and when you actually try to do things, for example just making an online purchase with Bitcoin, I think people will be surprised at how easy it is actually. I was really surprised all the way back in 2013/2014 how much simpler using Bitcoin was then than credit cards. It just felt so clean and easy. I think just letting people be aware that there's this technology and now this ecosystem and this whole philosophy exists now. It's out there. That people may not be aware of and the power that can come from it. So one of the things that really attracted me to Bitcoin early on was this concept of empowering individuals. So part of the philosophy of our company is to help support that. To equip individuals so that they can empower themselves. I think Bitcoin brings us to the people and it's hard to predict where that's going to lead to in the future but I think it's going to be quite special. If you look back on the history of technology, anytime there's a great revolution where power is brought to the people, you have huge advances in society. Starting with agriculture or the wheel. Written language with the printing press. The internet. I think Bitcoin is the next step. So opening people up to appreciate these aspects of Bitcoin is something that I think would be special for an ad that's spread across all social media. How to stick that into a tweet with the limited word count, maybe I'll leave to you.

    Anita Posch [00:54:25] [laughs] Yes, I always have this challenge when I find the titles for the podcast I did. Like the interviews, you know, also with you. I'm always then trying to find the essence of the interview. Okay, great. Thank you very much. That was very interesting. I hope not only for me but also for our listeners. Please tell us where they can find Shift Crypto and maybe yourself and follow your work.

    Douglas Bakkum [00:54:56] Again, thank you very much for the opportunity. It was great to be on the podcast. If your listeners are interested in learning more about us, the best place to start is our website Ch is a country code for Switzerland and from there, you can scroll down to the bottom of the page and find links to all of our social media. Twitter, Telegram and so on.

    Anita Posch [00:55:22] Yes, I will also put it in the show notes. Okay, thank you very much, Douglas. It's exactly one hour. Thanks for that and have a nice day.

    Douglas Bakkum [00:55:32] Yes, thank you very much.

    Leave a Reply

    Your email address will not be published.

    Scroll to top