I would like to hear the opinion of the Bitcoin community.
While I was researching different assisted wallets for The Bitcoin Hole, I came across a case that I'm not sure how to categorize. Here's the scenario:
An assisted wallet, where the owner and the service provider need both to sign a transaction to move the funds. You can think this a 2-of-2 multi-sig, where the service provider has one key and the owner the other. However you can also implement this with MPC (Multi-Party Computation). The implementation is not the issue.
I define something as "non-custodial" or "self-custodial" when these two conditions are met: 1- The provider can't move the funds without owner's permission. 2- The owner can access its funds without the provider's permission.
In the previous case, condition 1 is satisfied, but condition 2 is not. So, my conclusion is that this assisted wallet can't be categorized as "non-custodial" or "self-custodial".
Some questions I have in my mind:
  • Is my conclusion correct?
  • Is there any difference between "non-custodial" or "self-custodial"?
  • Since the assisted wallet in this case cannot be considered "custodial" (as the provider cannot move the funds without the owner's permission), how should it be categorized?
I also opened this discussion in other networks:
You have also another scenarios:
  • Greenlight - user have the keys on his device, but the LN node and funds are on a remote custodial server. The service provider cannot touch the funds, but still the user, if the service provider close the access to the server, will not be able to recover the funds.
  • Breez - user have the keys to the funds, and run the node in the device, but if the central node of Breez shuts down, is not so easy to recover the funds.
  • Mutiny - user have the keys on his device, but many users still use the default domain app (mutinywallet.com). Service provider manage the node infrastructure, but user still have full control of the keys. but if that domain get busted user can't recover his funds.
  • LNBits - service provider offer lndhub accounts and have full control of the funds. The user have only a simple key to access that account, no option to recover them in any way.
  • Hosted channels - user have the keys to his funds but service provider still can close the access to the funds.
I will name "self-custodial" a wallet that the user:
  • have full control over the keys
  • have full control of the app hosting (his own server or mobile device)
  • have option to recover his funds easily into another wallet
  • can control all the access to his funds and manage it by himself
All the rest that do not comply these aspects will be in the custody of somebody else. You, the user are just their slave.
Self custodial necessarily mean that you are the only one who holds your private keys bit non custodial may sometime mean that you don't hold your keys.
They are defined in this way.
reply
0 sats \ 2 replies \ @az 25 Apr
deleted by author
reply
I am particularly talking about onchain, I forgot to clarify that.
Your onchain classification sounds more the implementation, I am looking for the concept.
reply
deleted by author
reply