BITCOIN

Pollock warns vaults fix Bitcoin's physical vulnerability

Monday, May 18, 2026 · from 3 podcasts

3 SOURCESAll-In Citadel Dispatch What Bitcoin Did

All-In Citadel Dispatch What Bitcoin Did

New wallets replace seed phrases with biometric vaults and timelocks to defeat wrench attacks.
Miniscript inheritance tools automate access for heirs, cutting lawyers and custodians.
A tiered custody path from mobile wallet to multisig makes self-custody accessible.

The weakest link in Bitcoin security isn’t code, it’s coercion. Jonathan Pollock argued on What Bitcoin Did that vault designs using biometrics and time delays make kidnapping a Bitcoin holder pointless - the attacker can wait days or weeks, but the coins still require a second biometric scan to finalize. The goal is to outlast the attacker’s patience, as 99% of documented assaults end within a week.

Pollock contends the industry’s reliance on exportable seed phrases is an ‘instant compromise’ vector. By moving to seedless architectures where keys stay on hardware behind a fingerprint - like BitKey’s 2-of-3 setup with Block’s servers - the system protects users from self-sabotage. Matt Odell noted on Citadel Dispatch that many opt for ETFs or proxies like MSTR out of fear of losing access, but new tools are closing that technical gap.

"The industry must design for a scenario where the attacker has full knowledge of your setup and the victim is compliant, yet the coins remain unreachable."
- Jonathan Pollock, What Bitcoin Did

Inheritance, the persistent problem, is now automated. Bitcoin Keeper co-developer Ben Kaufman uses Miniscript to create absolute time locks on-chain. He explained on Citadel Dispatch that an heir’s key activates automatically after a preset period - two years, for example - if the owner doesn’t refresh the lock with a transaction. This turns the protocol into a self-executing trust, removing attorneys or central vaults.

Kaufman guides users from mobile hot wallets for small amounts to geographically distributed multisig for life savings, treating multi-sig as the gold standard. The progression makes self-custody feel like a natural extension of an app, not a leap into complexity. The choice, Pollock concludes, is no longer about complexity, but about which catastrophic failure you prefer: trusting politicians with an ETF, or trusting yourself with tools that are finally good enough.

BTC Markets Adoption Protocol

Matt Odell Square Bitcoin Bitcoin Keeper Bitkey Miniscript

Source Intelligence

- Deep dive into what was said in the episodes

All-In with Chamath, Jason, Sacks & Friedberg

Trump-Xi Summit, Benioff: "Not My First SaaSpocalypse," OpenAI vs Apple, Multi-Sensory AI, El Niño • May 15

Also from this episode: (16)

Politics (5)

The Trump-Xi summit is the first U.S. presidential visit to China since 2017 and their seventh face-to-face meeting.
China agreed the Strait of Hormuz should remain open without military commitment and that Iran should not obtain nuclear weapons.
Polymarket traders place only a 6% chance of China invading Taiwan in 2024, but a 17% chance by the end of 2027.
President Xi committed to buying more U.S. soybeans, oil, LNG, and 200 Boeing jets during the summit.
David Friedberg argues economic entanglement is the surest path to U.S.-China detente, as bidirectional trade replaces the previous one-way flow of cheap Chinese goods.

Big Tech (1)

Mark Benioff says Salesforce operates in China solely through an exclusive partnership with Alibaba to comply with data residency laws, with no offices or employees in the country.

AI & Tech (5)

Benioff calls Elon Musk the world's greatest salesman for operating Tesla in China with no local partnership, a unique arrangement where American-made AI cars with cameras drive freely.
Benioff argues the latest AI chips are irrelevant for Chinese competitiveness, as their models are already excellent and fast-following U.S. developments within six months.
David Friedberg contends technology proliferation increases global productivity and reduces conflict, arguing against withholding advanced chips from China.
Chamath Palihapitiya predicts Taiwan's strategic importance to the U.S. will diminish within 18 months as domestic chip fab capacity scales and new nanometer-scale manufacturing tech emerges.
Chamath Palihapitiya supports Anthropic's move to negate layered SPVs, calling them a recipe for disaster with double carry and 10% load-in fees, and argues companies should go public sooner to rationalize their equity.

Enterprise (4)

Mark Benioff dismisses the 'SaaS-pocalypse' fear, noting the top 10 enterprise software companies posted great quarters but are now trading at two times sales due to AI hype.
Salesforce expects over $46 billion in revenue this year, generates more than $16 billion in cash flow, and has over 83,000 employees.
Chamath Palihapitiya argues low-end SaaS is finished but large monoliths like Salesforce are safe, citing OpenAI's $4 billion deal to build an AI services competitor to firms like Ernst & Young as proof enterprise integration is harder than prompting.
Benioff says Salesforce will spend $300 million on Anthropic tokens this year to power coding agents, but believes an intermediary layer is needed to route queries efficiently and avoid unnecessary costs.

Climate (1)

David Friedberg forecasts a record-shattering El Niño will release 11 million terawatt-hours of stored ocean energy, leading to the hottest year on record and potential crop failures in Brazil, Australia, and India.

Macro Big Tech Trade Agents Markets

Citadel Dispatch

CD203: HERMANN AND CAREL - ATTACK ON BITCOIN IN SOUTH AFRICA • May 15

Coinbase is rebranding its wallet app as 'Base,' positioning it as a Web3 super app akin to WeChat that will include a shitcoin wallet, a social feed, games, and USDC payments.
Spectre Wallet launched in 2020 to simplify multisig by connecting directly to Bitcoin Core, eliminating the need for an Electrum server. Ben Kaufman notes the ecosystem now includes many alternatives like Sparrow, Nunchuk, and Kasu.
Bitcoin Keeper is a mobile app that guides users from a single-sig hot wallet up to long-term, multisig cold storage and inheritance planning. It supports ten major hardware wallets via QR, file, NFC, or a companion desktop app for USB connections.
Bitcoin Keeper's multisig setup uses encrypted 'magic links' stored briefly on its servers for collaboration. Users can share keys, wallet descriptors, or partially signed transactions via these links, QR codes, or files.
Ben Kaufman argues multisig provides superior security and fault tolerance for life savings or corporate treasuries, while a single-sig hardware wallet with a passphrase offers simpler plausible deniability for most users.
Bitcoin Keeper uses Miniscript for inheritance, allowing users to add a time-locked 'inheritance key' that activates after a set period, turning a 2-of-3 multisig into a 2-of-4 or enabling a single-key emergency spend.
Ben Kaufman explains Bitcoin Keeper's inheritance uses absolute time locks set to a future date, not relative locks. Users must create an on-chain transaction to renew the time lock, which the app automates but requires a backup update.
Odell notes Argentina's black market has dollarized into Tether on Tron, and Trust Wallet dominates globally due to its Tether support, creating an opportunity for Bitcoin Keeper to attract international users with strong Bitcoin features.
Ben Kaufman observes Bitcoin's financialization is shifting culture toward paper Bitcoin and away from hardcore self-custody, though absolute user numbers for freedom money are still rising and tools are improving.

Also from this episode: (5)

Custody (4)

Ben Kaufman says major hardware wallet theft is rare; the primary risk is users mishandling seed backups or falling for social engineering scams that panic them into entering seeds online.
Bitcoin Keeper monetizes via a subscription tier model: a free tier offers core features, while paid tiers start at $15/month for automated backups, Miniscript, inheritance planning, and a server-key option with spending limits.
Bitcoin Keeper supports USDT on Tron, using a BIP85 child seed from the user's main backup and a service called 'gasfree' to pay fees in USDT. The team plans to add swap functionality and support more chains based on demand.
Bitcoin Keeper is building a contacts feature to enable in-app messaging for collaboration and future social recovery. Ben Kaufman views its current Miniscript inheritance as a form of social recovery where trusted parties hold time-locked keys.

Lightning (1)

Bitcoin Keeper omits Lightning support to focus on long-term savings, reasoning users should separate spending and storage wallets. Ben Kaufman has not deeply explored self-custody Lightning solutions like Spark or Arc.

BTC Markets Adoption Stablecoins Protocol Custody

What Bitcoin Did

Danny Knowles

The Future of Owning Bitcoin | Jonathan Pollock • May 11

Pollack proposes the wrench attack test: industry solutions should protect Bitcoin even when an attacker knows your setup and you are fully compliant. He believes seedless architectures and transaction-based exit mechanisms offer more protection than instant-compromise seed phrases.
BitKey is a seedless multisig wallet with three keys. Pollack explains users hold two keys: one on the hardware and an encrypted app key uploaded to cloud storage, while Block holds a third key that cannot view transactions due to chaincode delegation.
Pollack states BitKey's new hardware wallet features a screen to verify all system actions, including transactions, security settings, and recovery configurations, moving beyond simple transaction signing.
Pollack views quantum computing as a supply shock risk rather than an existential threat to Bitcoin, preferring a price crash over protocol changes that confiscate coins and break property rights.
Pollack defines a hardware wallet as a system needing internet connectivity for wallet functions, not just an air-gapped signing device. He advocates evaluating self-custody as a holistic system covering security, recovery, privacy, and usability.
Pollack argues comparing BitKey's full system to a standalone hardware signer like Coldcard is incomplete; one must include the DIY multisig, recovery, and inheritance setups, which BitKey integrates elegantly.
Danny Knowles mentions a wrench attack statistic: approximately 50 attacks per week in France this year, citing a friend's report of a London attack where a significant amount was stolen from an exchange.
Pollack references James Lopp's GitHub data on wrench attacks: extending the attack duration beyond one week reduces incidents to 1% of listed cases, and no attacks lasted longer than a month.

Also from this episode: (7)

Custody (6)

Jonathan Pollack argues that wrench attacks exploit a structural flaw in self-custody: when something more valuable than Bitcoin is threatened with violence, security collapses because keys can be coerced.
Pollack criticizes duress pins and decoy wallets as flawed solutions, noting they rely on deception and don't end the attack - they merely shift the threat location or potentially escalate the attacker's anger.
Pollack argues self-custody products must balance security, recovery, privacy, and ease of use, noting the biggest threat to Bitcoin is often user error rather than external adversaries.
Pollack critiques conflating self-reliance as a virtue with lacking good products. His ethos is to enable permissionless money access through safer, easier solutions rather than DIY complexity.
Pollack outlines BitKey's proposed wrench attack vault solution: a two-of-two door requiring biometric checks and a configurable time delay, and a self-custody door unlocked after a preset period like two years.
Pollack and Danny Knowles discuss a potential final vault destination for stolen keys, suggesting a KYC exchange address might be optimal despite being custodial, as institutions are not susceptible to physical coercion.

ETFs (1)

Pollack believes ETFs offer permissioned price exposure, not permissionless money utility. He argues users must choose between self-custody key risks and political/business risks like forced conversion, custodial fraud, or market restrictions.

Custody Adoption ETFs Privacy