Collaborative Custody is becoming an increasingly popular way for people to secure their Bitcoin. But given that Bitcoin was designed to operate without relying on trust in their parties does it really make sense and what are the trade-offs?
It should be obvious by now that leaving your Bitcoin with an exchange is a surefire way of losing your stack. We’ve seen multiple exchanges fail over the years, so by now we know better than to trust a third-party custodian to hold our wealth in exchange for an ‘IOU’.
But it seems there is still a great deal of fear and trepidation out there when it comes to taking full self-custody of your Bitcoin, and sole responsibility for your wealth.
In many ways this is completely understandable. For decades now our society has become completely accustomed to outsourcing everything. We don’t fix our own cars anymore; we go to the garage. We don’t grow our own food; we rely on the supermarket. And in most cases, we don’t even educate our own children, we outsource this to the state!
And not only did we learn to outsource these essentials, but we also grew worryingly accustomed to outsourcing our trust when it comes to who looks after and manages our money. Most of us have grown up in a world where your money has always been held by banks or other financial institutions who might manage your money, your pension or your stock portfolio.
The very idea of being the sole arbiter of your wealth remains a completely alien concept to most of the population. And even for some who do understand that Bitcoin is the ultimate bearer asset, and that they can fully own it themselves, they can still find this paradigm shift in personal responsibility too intimidating to tackle. This is the result of a society that his continually drifted farther and farther away from self-reliance.
And this has left a lot of would-be Bitcoiners stuck between a rock and a hard place. They don’t have the skills or are too nervous to take self-custody of their Bitcoin, but at the same time know they can’t simply leave it on an exchange. It’s quite the conundrum….
In turn, this has given rise to a new kind of custody solution, known as ‘collaborative custody’. It acts as sort of a halfway house between leaving your Bitcoin on the exchange and taking full responsibility for it yourself.
Collaborative custody is starting to become a very popular way for people to secure their stack. The trouble is, most people get sold on the benefits, but aren’t properly informed about the potential risks. In this article we want to explore this custody method in a little more detail and explain why it’s not something The Bitcoin Way will ever offer to our clients.
First, it’s worth providing a quick explanation of what collaborative custody actually is, and how it works.
Collaborative custody is where you and a 3rd party provider have shared control over your Bitcoin wallet. It differs from leaving your Bitcoin on an exchange because collaborative custody makes use of what is known as a ‘multi-signature' or ‘m’ of ‘n’ address setup that prevents your 3rd party from ever being able to spend your Bitcoin without your participation.
A multi-signature (‘m’ of ‘n’) setup achieves this by generating a wallet where funds can only be spent from it when multiple keys are used to sign atransaction. In most cases, collaborative custody solutions create a ‘2 of 3’ wallet where there are 3 private keys but at least two are required to sign a transaction and spend funds.
In a collaborative custody arrangement, you will typically hold 2 of the private keys and your 3rd party provider will only hold one. As this is a ‘2 of 3’ wallet, you are now the only one who has enough keys to sign a transaction. The advantage here vs an exchange is that the 3rd party doesn’t hold enough private keys to make a transaction themselves and move your Bitcoin without your co-operation.
There’s no question that this is a preferable arrangement to simply leaving your Bitcoin on an exchange where a 3rd party has full control. And there are other potential benefits like knowing that if you lose one of your keys, that you’re not suddenly locked out of your funds because your 3rd party has a backup. The companies offering these services would also claim it’s more secure by helping to remove a single point of failure.
So far, so good right? You’re in control of your money, the third party can’t spend or steal your funds, and you have some sort of backup if you misplace a private key. You’ve managed to remove your counterparty risk without having to shoulder all the responsibility, right? And there are no downsides, right? Right...?
Well, not exactly. There is no such thing as a perfect solution and convenience ALWAYS comes with a cost. So, let’s explore some of the potential risks associated with collaborative custody that you aren’t likely to find in the fancy marketing brochures….
One of the biggest concerns we have about collaborative custody arrangements is the often-total lack of privacy.
By allowing a third-party access to one of your private keys you are giving them the ability to monitor everything you do. In most cases, your collaborative custody partner will know your total balance, see every transaction you make, and know the destination addresses you send to. You have entered a financial panopticon. And when you consider that most of the companies who provide self-custody will want KYC information, you now find yourself in a situation where your personal data is linked to every financial move you make. This is far from ideal for any privacy focussed Bitcoiner. Having your personal information on a 3rd party server somewhere is never a good idea, especially when it can be linked to your Bitcoin holdings.
There are two key risks that this exposes you to:
First, your data could be compromised. You have no way of knowing how well your 3rd party provider has protected your information. You’d better hope they invested heavily in cyber security because they now hold your info in a very attractive honeypot. If your information does get leaked either by a breach or a rogue employee, and you’ve got a significant stack, then this is a very serious security concern. Unfortunately, in collaborative custody these things are completely outside your control.
Second, there is the ever-present threat of Government coercion. By giving up all your privacy you will always be open to Government surveillance. Very few third parties would be willing to stand up to Government pressure if they requested information about you.
Completely forgoing your privacy creates unnecessary risk for you and your family. By taking full self-custody of your Bitcoin in the right way, you can mitigate these threats far more effectively.
Bitcoin Collaborative Custody, A False Sense of Control
Collaborative custody is often positioned as putting you in ‘full control’, just with an additional safety net. It is sold in such a way as to make it appear only additive to a security model rather than just another option with its own set of trade-offs.
But as always, convenience and safety never come without compromise. So, do you really retain as much control in collaborative custody as you do in full self-custody?
Well on the surface things appear ok, you are the one with the most control over your multi-sig wallet. You hold two keys allowing you to spend, and your 3rd party only holds one which prevents them from moving your funds. But having the ‘most control’ over your funds is not the same thing as having ‘full control’, and it’s important to underline that there is a difference.
If you lose one of the keys to your multi-sig setup then one benefit of collaborative custody is that your 3rd party can help you recover your funds. Great! But understand that if you have lost one of your private keys you now find yourself in quite a vulnerable position. You now hold equal control over your Bitcoin stack with your collaborative custody partner in something that resembles a Mexican stand-off.
This is of course an upgrade from having your Bitcoin on an exchange because your 3rd party still can’t take it from you with only one key. But they do have the ability to hold it hostage. You are completely dependent on their cooperation, and this is a vulnerable position to be in. What happens if the company’s systems go down, or if they take too long to respond? What if they refuse to co-sign on the grounds that they were instructed not to by Government?
The extent to which these scenarios are likely or unlikely is up for debate, but to deny these risks exist would mean you’re not making a thorough enough assessment of your security model.
The diminished control vs a full self-custody setup becomes even more apparent when you interact with these services. We have helped countless customers transition from collaborative custody into full self-custody and the process is not always smooth. We have seen 3rd parties impose delays on large transactions and in some cases restrict withdrawals to only certain addresses, such as your personal custody account with the same company. We have managed to solve these challenges every time for our clients but in some cases the process has taken days to complete and get them back in full control over their funds.
These types of scenarios completely defeat the purpose of Bitcoin acting as a permissionless system where you have full control over your money. The only way your financial activity is truly permissionless is when you hold Bitcoin in full self-custody.
Using Bitcoin to its full potential is about so much more than just who holds what private keys in what configuration. Yes, the private keys might be the answer to who can sign transactions from a particular address, but only worrying about that completely dismisses some of the most incredible and beneficial things about Bitcoin.
To view Bitcoin through such a narrow lens is a crying shame. Unfortunately, a lot of collaborative custody providers encourage their customers to do exactly that.
One of Bitcoin’s core principles is that you don’t have to trust anyone else to verify that transactions are legitimate because running your own Bitcoin node allows you to do that for yourself. Instead of trusting that someone else is keeping score correctly, you can keep your own scorecard. Running your own node is again about putting YOU in control and removing the need for you to keep outsourcing your trust like we do in the traditional financial system.
Unfortunately, many collaborative custody providers won’t let clients connect their multi-sig setup to their own node. And in the cases where they do support this feature, it is rarely presented as an option, and is rarely easily accessible.
If you forgo using your own node and instead rely on 3rd party infrastructure, then you’re putting your trust in their node, their verification process and their servers. You cannot be fully sovereign because you are reliant on their infrastructure to maintain your connection to the Bitcoin network. Bitcoin was designed to be trust-less, this model forces you to outsource your trust again.
The compromises you might have to make when it comes to collaborative custody don’t stop there.
Many collaborative custody companies push their users to interact with their wallets via apps hosted on centralised app stores like the Apple App Store or Google Play. Both organisations are known for tracking your device, your location and your app usage which compromises your privacy. They both also have a history of censorship and have the power to block or remove these apps at any time, cutting off access to your Bitcoin wallet.
In a situation where their service becomes unreachable most collaborative custody companies do offer methods to recover your funds. But we’ve read the documentation. While it is possible, you’re going to need to be comfortable with Linux, and even we would be brewing a very strong coffee before embarking on these processes. If you chose collaborative custody looking for convenience and simplicity and this situation occurs, then you're going to end up with quite the opposite. The funny thing about responsibility is, it’s like aboomerang, it always eventually comes back to you.
In some cases, collaborative custody companies even limit the ways in which you can access your wallet by limiting you to certain internet browsers. If you were hoping to only use a privacy focussed browser, you might find yourself out of luck. You might find yourself being forced to compromise on your privacy and your collaborative custody provider might even be tracking your browser interactions and tracking your IP and device data to share with third party advertising partners and analytics companies.
Ultimately you can find yourself locked into your collaborative custody partner’s ecosystem where it is difficult to opt out and use alternative and better tools. The issue here is a lack of flexibility. If you’re locked into one browser or app, you’re subject to their policies, security flaws, and potential censorship.
Bitcoin is about freedom. This is quite the opposite.
When you see collaborative custody solutions being promoted, you’re likely to see phrases such as ‘upgrade to multi-sig’ as part of their marketing messaging. To the uninitiated, this might suggest that collaborative custody is superior to self-custody.
Whilst the marketing is careful never to make this assertion directly, it does position a multi-sig security model as an upgrade to single-sig. Given that they offer collaborative multi-sig, and their model precludes a single-sig setup, it suggests that working with a third party is always preferable to going it alone. There are a couple of problems with positioning both multi-sig and collaborative custody in this way.
First, it is important to point out that multi-signature (‘m’ of ‘n’) addresses are a feature of Bitcoin and can be used by anyone. You can create your own multi-signature address without working with a 3rd party. We haven’t seen any collaborative custody companies suggesting you can’t, but you’re also unlikely to find any of them suggesting that you might want to do this for yourself. That wouldn’t be a very good way to drive business. The bottom line is, you don’t need anyone’s permission or assistance to create your own multi-sig security model, if that’s the most optimal setup for your circumstances.
Second, the assertion that a multi-signature setup should automatically be considered an ‘upgrade’ to a single-signature setup is overly simplistic. Every security model comes with different trade-offs and the same is true of a multi-signature setup. There are both benefits and drawbacks. For the avoidance of doubt, let’s share this quote again:
We hope we’ve provided some useful information that will help you properly assess the risks you might expose yourself to if you decide to go with collaborative custody as your chosen method for storing your Bitcoin.
Yes, collaborative custody is a better option than storing your Bitcoin on an exchange. But it is in no way superior to being your own bank and taking full self-custody. Collaborative custody limits your options, your privacy and your self-sovereignty. There are trade-offs and you should consider them.
Collaborative custody is designed for people who aren’t yet ready to take the training wheels off, take full responsibility and harness Bitcoin to it’s full potential. The most compelling argument collaborative custody solutions rely on is that user error means self-custody is ‘too risky’ or ‘too challenging’ for most.
We wholeheartedly reject this messaging, and you should reject it too. We have trained people in their early twenties through to people in their 80’s to become masters of their own destiny and sole arbiters of their wealth. We have trained technical and completely non-technical people alike. With the right training we know that anyone can master these skills. Our services don’t prey on your insecurities but instead seek to empower you and arm you with the skills required to navigate the future.
Remember. Satoshi designed Bitcoin explicitly to not require 3rd parties. Collaborative custody companies are surplus to requirement.
When you’re ready to do things the right way, upgrade your knowledge and become more capable and confident, we are here waiting with all the expert training you’ll need.
Remember, whether you think you can, or think you can’t, you’re right.
Book a call today, and let’s prove that you can!
Learn from our 25 years of cybersecurity expertise