Video: Paul Puey on Edge Wallet and Bitcoin Privacy
After becoming involved in the Bitcoin space in 2013, Paul Puey founded a unique and innovative wallet called Airbitz. Even at the time, the focus was on encrypting data by default, backing up the private keys and simplifying the user experience. But after deciding to enter multiple partnerships in order to seamlessly integrate various exchange services directly into the user interface, the wallet was rebranded as Edge.
“You would choose Edge as a way to buy bitcoin, and actually I think that’s its biggest value proposition,” said Puey. As opposed to the process of users purchasing coins from a centralized exchange and transferring them to their own wallets, Edge operates as a noncustodial exchange where it allows users to buy, sell and trade bitcoin.
As such, the wallet has established multiple partnerships with various bitcoin sellers and decentralized exchanges, allowing users to minimize their data exposure to third-party services. Most recently, Edge has started offering non-KYC bitcoin purchases in Europe through their Swiss collaborator Bity.
Key Management: Keeping It Simple
“The ease by which Edge does key management is a huge differentiator.”
Key management is one of the biggest concerns among bitcoin holders. Correspondingly, there is an entire industry that produces backup devices stored offline that are able to withstand physical hazards (such as Cryptosteel). Edge doesn’t try to compete with cold storage in terms of security — instead, it offers the kind of interface that users of traditional banking services will find familiar and grants the kind of encryption that mainly focuses on preventing individual errors.
A mobile app is still a hot wallet, but strong cryptography makes it as robust and resilient to attacks as possible. Correspondingly, Edge uses client-side storage to encrypt private keys and unlocks them only when the right input data gets submitted (just as in the case of a credit card).
“While the user holds their own bitcoin private keys, they never have to write them down or back them up manually. Everything is automatically encrypted client-side on their device, and then backed up,” said Puey.
Security doesn’t focus exclusively on threats from external attackers. The users themselves can sometimes put their keys in jeopardy: Plenty of bitcoin have been lost due to negligence in key management. Edge is more forgiving with its automatic backups. As soon as users create their accounts, they will be able to access their bitcoin from any device and never have to worry about losing all of their BTC in the event of a boating accident or mobile phone theft.
Trustless Client-Side Authentication
“Our automatic one-touch two-factor makes it all a lot less tedious. With other wallets, you have to set up an app and compromise your privacy by giving away your phone number or e-mail address.”
As a privacy enthusiast, Puey is not a fan of two-factor authentication services that rely on third-party trust. Revealing a phone number and email address to an application can generate a security hole in itself, so the Edge lead developer has conceived a workaround. According to Puey, the second-biggest differentiator between Edge and other mobile wallets is the trustless and client-side approach to authentication.
“I wanted something that is invisible, where the user doesn’t have to do or see anything. That’s why we built one-touch two-factor: You go to the ‘Settings’ menu and simply tap ‘enable’ on the ‘Two-Factor’ menu. That’s it, your account gets two-factored and you don’t have to provide any personal information. We think this is a fundamental change in authentication and security, and it’s easily the second most popular feature in Edge.”
Puey also made it clear that Edge doesn’t collect data about how users interact with their wallets: “The app is very client-side and we don’t track our users. So we don’t know what they use the most.”
Privacy as a Default
“Don’t make it so that privacy tools are only available to the Edward Snowdens of the world.”
With regard to Bitcoin privacy, Puey believes that it should exist as a default option for all users. In his view, there shouldn’t be a divide between those who want privacy and those who are indifferent about it, as neither side will win. Unless privacy is universal, the anonymity set for those who opt in for privacy will be smaller, and therefore the opt-in confidential transactions become easier to track.
As an occasional GitHub contributor to Monero projects, Puey is a firm believer that Bitcoin should also transition to privacy by default. “The thing that makes me sad is that there are many people who don’t want privacy,” he said. In his view, it’s transparency that should be voluntary when users decide to reveal their private keys to the world for audit purposes.
Puey is also an advocate of the three-years principle, whereby a new protocol requires at least 36 months of public testing before being deployed at scale.
Different “Buckets” of Privacy
“I’d like to break down privacy for currencies into four different buckets: sender privacy, recipient privacy, privacy of the actual amounts, and network-level privacy.”
In Puey’s view, sender privacy in Bitcoin is pretty good thanks to CoinJoins, as users can make transactions where the source is very difficult to track. On the other hand, recipient privacy is terrible because one public key that can be associated with a person can get tracked and reveal every incoming transaction. In order to improve this situation, Puey recommends Stealth Addresses and Payment Codes.
The third type of privacy identified by Puey concerns the amounts being transacted; this is quite problematic in Bitcoin. If all amounts are public and link to previous transactions from the sender, then some kind of amount obfuscation would greatly benefit the protocol. His best recommendation is Confidential Transactions, but the main issue is that the implementation (at least in its current form and understanding) requires a hard fork.
Last but not least, Puey talks about network-level privacy, which takes place at the wallet-to-node level and requires Tor support. Some wallets, such as Wasabi on desktop and Blockstream Green on mobile, offer Tor by default. Given the creation of multiple Tor-related libraries for bitcoin wallets, Puey is also considering integrating the IP-mixing technology in Edge: And when it happens, it will be on by default, just like private-key encryption and every other privacy feature.
“With 300 kb blocks you harm privacy more than you improve it.”
Though Puey understands the incentives involved in smaller blocks (such as moving transactions to second layers and sidechains), he still regards mainchain privacy as essential for Bitcoin. With smaller blocks, he argues, CoinJoins are going to become too expensive, and other improvements such as Payment Codes become untenable.
“While you make things private due to very little network traffic, I think I’d rather tackle the network privacy in other ways such as Tor,” concluded Puey.