The problem
Bitcoin custody is tricky. It’s always a trade-off between convenience and security when your two choices are to keep your bitcoin on a centralized service, such as an exchange or a custodial wallet, or keep it on your own device.
The first option means trusting the platform not to turn your bitcoin into a proverbial pumpkin (as FTX did, for example); the second option means knowing that if you lose your device and backup, no one will be able to help you.
Hardcore bitcoiners would say that you only truly own your bitcoin when you store it yourself, not entrusting to anyone else. But noncustodial storage is not easy to get right, and the idea of not having a reliable backup plan if you lose your keys – a private code consisting of a series of alphanumeric characters to provide access to your bitcoin – might make you feel as uncomfortable as storing your life savings under a mattress: In both cases, the loss would be permanent and irreversible, and the responsibility all yours.
The idea: Fedi
Fedi is approaching bitcoin custody with an assumption that, although full self-custody is the best solution, most people would choose to trust someone else to keep their bitcoin safe. Many users start their exploration of bitcoin by asking a more experienced friend or family member to buy and store their bitcoin for them, Obi Nwosu, CEO of Fedi, wrote in a company blog post last March.
“As a long-time Bitcoin exchange operator, I have heard so many anecdotal examples of this happening that I would not be surprised if the majority of bitcoin ‘owners’ are actually acquiring their bitcoin through guardians already – but there is no way to know for sure,” Nwosu wrote.
By guardians, he means more tech-savvy friends, family members, etc. – someone you trust who helps you set up your wallet and buy your first bitcoin, so that you don’t worry about making a mistake and losing your money.
Fedi is building a product to help communities store bitcoin together and simplify crypto transactions between members. Using an open-source protocol called Fedimint, Fedi is offering a compromise between the comfort of custodial storage and autonomy of self-custody: outsourcing backup storage to people you personally know and trust.
Users wary about the difficulties of self-custody would lock their bitcoin into a joint multisignature wallet guarded by several people they know – the guardians mentioned by Nwosu.
To be clear, Fedimint creators say right away: “If you are confident taking self-custody of your bitcoin and running your own nodes, we highly recommend you do so.” But Fedi allows you to share the burden with some people you know and trust, not big companies you hardly know anything about and have no reason to trust.
Bitcoin Ekasi, a community of people paying each other with bitcoin in a South African township, is piloting FediMint, said Herman Vivier, founder of Ekasi. He told CoinDesk it simplifies bitcoin custody for older and nontechnical people.
“Currently the only alternative to full self-custody is foreign custodial services. And these prove themselves untrustworthy time and time again,” Vivier said.
Encouraging new bitcoin communities
But there is more to it. Fedi’s ultimate ambition, according to Nwosu, is to achieve the functionality of other, more nimble cryptocurrencies, without surrendering the security of the Bitcoin protocol.
“It runs on top of Bitcoin alongside Lightning, providing the missing pieces to the Bitcoin ecosystem. We wanna be able to have more privacy if desired, similarly to zero-knowledge proofs; have additional functionality, similarly to smart contracts; and scale bitcoin to millions, similarly to rollups,” Nwosu told CoinDesk.
The concept of Fedi is that once a community – or “Federation” – has pooled their bitcoin together, they can mint tokens –“fm-BTC eCash notes” – running on top of the Bitcoin blockchain, and use those tokens for payments inside the community, while the bitcoin backing them is sitting inside the joint custodial wallet. This way, payments in the community will be faster and more private because they will be invisible to outside observers, unlike bitcoin transactions that can all be seen on a public blockchain.
The Fedimint protocol also allows members to pay each other inside the community using Bitcoin’s second-layer Lightning Network, according to the protocol’s website.
In this sense, Fedimint can be viewed as a bitcoin version of a popular privacy system on Ethereum: zero-knowledge rollups. “We take transactions off the Bitcoin network, provide privacy within the community and [additional] features inside the community,” Nwosu said.
A community can also agree to store other things in a joint backup wallet using Fedi, Nwosu said. For example, if they use decentralized identity tools, they can store backups for their credentials in joint storage instead of keeping them in a Google Docs or Dropbox file. They also can manage a joint cloud file storage for content important to this community.
Federations can also start small local funds to finance something the community wants to build, buy or do together. However, Fedi won’t offer any functionality for online voting as exists in decentralized autonomous organizations (DAO). Nwosu believes communities of people whose livelihoods are naturally tied together can govern themselves without any sophisticated technical mechanisms.
DAOs are, essentially, an attempt “to reinvent the way people have been making decisions,” and people actually don’t need it on the everyday level, Nwosu said:
“There might be ten thousand communities, and they can make decisions in ten thousand ways. Communities already have their own processes, we just want to supercharge what they already do,” he said.
All the voting as to how to manage community funds can happen offline – or online, if a community decides – but definitely outside the Fedi environment.
According to Nwosu, likely users of Fedi are communities like a small village or town, a church or a friends’ circle. Over a hundred communities in Latin America and Africa have already signed up for a pilot version of Fedi, Nwosu said. These communities are large ones, counting tens of thousands of members, but Nwosu hopes that in the future, smaller groups will also start using Fedi.
For now, Fedi is still in a pilot phase. The public launch is tentatively expected by the end of this year, Nwosu said, but the long-term ambitions are big: “Hundreds of thousands of federations would be a target for the next several years.”
A potential weakness: too much trust?
The potential issues with federations stem from the very concept of the Fedimint protocol: It’s based on trust, which Fedimint’s creators admit on the project’s website.
The well-being of a community using Fedi relies on a group of technical maintainers from this community – the so-called guardians. They run Fedimint nodes, which can be, depending on the particular federation’s needs, any device: “laptops, towers, smartphones, mobile phones, single board systems or remotely operated computers in the cloud,” the website says.
Guardians take care of the community’s multisignature wallet as a group and authorize spending of that bitcoin outside of the community, as well as bitcoin withdrawals by members. In a sense, they replace a centralized exchange or custodial wallet for the community they serve. Unlike an exchange, however, the Fedimint guardians cannot see users’ balances or who is transacting with whom inside the federation, according to the description.
And just as with any custodial system, there is a risk guardians would abscond with the community bitcoin or get hacked or just fail to properly secure their backups, and thus lose access to the bitcoin they had been entrusted to hold.
There are no technical safeguards against that in Fedi: The only guarantee against the guardians’ failure or fraud is the off-chain, offline trust they have already earned within their communities in real life.
“I have no doubt in my mind with all these different federations building up there will be some scandals in there,” Peter McCormack said on his podcast “What Bitcoin Did” in March, adding that he expects to hear news of federation guardians here and there absconding with community bitcoin. In this regard, reputable institutions such as Coinbase or Fidelity look like better guardians of one’s bitcoin than a federation, McCormack suggested.
Another risk is that a federation might issue more community tokens than its members’ bitcoin can back, unbalancing the community’s inside economy. This is possible due to the shortcomings of the eCash protocol Fedimint is using – it was invented by the legendary cryptographer David Chaum in 1982 and first deployed in his Digicash system in 1989.
Users cannot see how many tokens are circulating inside the federation, and no external auditor can do that either, leaving the control over the federation’s balance sheet exclusively up to the guardians’ discretion.
The only motivation for the guardians not to go rogue and blow up their own communities is their good faith and willingness to maintain their good reputations among people they know and live with.
Fedimint critics say this principle effectively undermines the core value proposition of bitcoin: You don’t need to trust anyone but yourself to know your money is safe.
Bitcoin Ekasi’s Vivier told CoinDesk the community hasn’t “really considered using the other features” of the Fedimint protocol besides joint custody, but it might think of them once the federation is up and running.
What the experts say
Nick Neuman, CEO of a bitcoin custody provider Casa, believes Fedi has a good chance of success in furthering bitcoin adoption in Africa and Latin America: “Fedi is explicitly trying to target communities in the Global South. And those kinds of cultures, from what I hear, are much more familiar with community-based models of using and protecting wealth, and they can adapt this technology more readily than we in Europe or the U.S., where the approach is more individualistic,” Neuman said.
Casa is providing a custody system in which clients set up multisignature wallets using several devices they own along with Casa, as a third-party custodian, holding one more key, so that if a client loses several devices and don’t have enough keys to access the multisig, Casa would help with the one it holds.
Neuman believes that in the future, when the Fedimint technology gains some traction, Casa might offer its service to federations as a professional guardian.
Alex Gladstein, chief strategy officer of the Human Rights Foundation and a bitcoin educator, believes that Fedi is not a replacement for self-custody, but complements it.
“Unlike current arrangements, you trust a quorum of people, who are unlikely to rug you. They will be best used or thought of as spending wallets or checking accounts. For savings, self-custody will of course be recommended,” Gladstein told CoinDesk, adding:
“I’d never recommend someone use a Fedimint [federation] operated by people whom they do not know.”
Edited by Christie Harkin and Jeanhee Kim.
https://www.coindesk.com/consensus-magazine/2023/04/17/fedi-community-based-custody-solution/?utm_medium=referral&utm_source=rss&utm_campaign=headlines