Safe deposit boxes aren't safe

On the roots of Bitcoin multi-signature wallets

When Jacob met Rachel at the well (Genesis), she was waiting for the rest of the shepherds to arrive. The shepherds didn’t trust each other, and didn’t want the others to take more water than necessary. They devised a solution: they would place a very heavy rock on the opening—too heavy for one person to lift by themselves. Then they would wait until all the shepherds arrived so they could remove the rock in unison, and water their flocks together.

This story reminds me of wise words that Jeff Bezos shared with Basecamp’s founders that personifies Amazon’s strategy,

“Focus on the things that don’t change.”

The brilliance of Amazon is that it’s identified timeless jobs-to-be-done, and figured out how to deliver them faster and cheaper to customers.

  • Need a dongle for your iPhone X? Push a button and have it delivered. Don’t get up.

  • Need to change a song? Tell Alexa. Don’t get up.

The jobs to be done framework is an excellent lens to view the world, especially for value-creators (arguably the only types of jobs that will exist in the next 10-20 years). JTBD focuses on the outcomes people want to achieve and the feelings they want to feel, enabling value-creators to grok what people want and illuminate a path to build products that address them.

The job-to-be-done of storing value and distributing trust is unchanging through time.

At the well, at the bank, and in your pocket.

People want their money to be absolutely safe, they want to feel secure, and feel confident that their money will have the same buying power tomorrow (otherwise what’s the point in keeping it).

For centuries, bankers have delivered and distributed this job to be done, because there weren’t viable alternatives (I don’t recommend keeping cash under your mattress). As such, the bankers have extracted an enormous amount of influence and financial benefit from being granted this power, with little recourse. Their compliance models actually factor in fines for mishandling user data and other flubs. It’s just business as usual and whoever has the gold makes the rules (until there’s new gold).

What bankers fail to realize is that software is eating the world, and just like the internet has made information free and borderless, software is disrupting The Internet of Money—how value is transfered, programmed, and stored. In other words, there are new methods of delivering and distributing this job to be done.

In banks we (used to) trust

Six days ago, the New York Times reported that safe deposit boxes aren’t safe!

Mr. Poniz, who rented out several different safety deposit boxes, was shocked to open them up and find nothing. 😱

So what happened?

Wells Fargo had apparently tried to evict another customer for not keeping up with payments, and bank employees had mistakenly removed his box instead. After drilling No. 105 open, the bank shipped its contents to a storage facility in North Carolina. After Mr. Poniz discovered the loss, Wells Fargo sent back everything it had in storage, but some items had vanished.

Mr. Poniz trusted the bank but alas it was security theater.

He and the bank each had a key, and both keys were needed to access the safety deposit box. Mr. Poniz felt safe—after all, his valuables were in a bank vault with a foot-thick steel door. And even though he had a key, they just drilled it open!

Related image

What can we learn from this?

  1. Distributing trust to 2 parties is not enough

  2. Your security is only as good as it’s weakest link; in this case a brute-force attack

  3. Banks are showing their weaknesses and trust is breaking down

  4. Distributing trust and value storage is ripe for disruption

Enter Bitcoin Multi-signature wallets

Multi-signature wallets, a.k.a. multisigs, are wallets that need more than one key to unlock spending rights of your Bitcoin. In other words, they are like accounts that need more than one password.

Again, we’ve seen this before:

This is a 3 of 3 “multisig” lock box from 1170 at the British Museum. Humans have always sought mechanisms to distribute trust for centuries and beyond.

Mulitsig wallets are one innovation Bitcoin employs that enables us to build some pretty useful things and little by little remove trust from third parties:

  • Single-party multisigs so you can physically distribute your keys to thwart in-person attacks (truly hold and own your own money)

  • Multiparty multisigs so you can recover your funds even if you lose your keys, without giving away control of funds

  • Lightning network and scaling solutions - sending money for almost nothing at instant speeds

  • Taproot - expanding Bitcoin’s programmability while increasing privacy

  • …any many more!


  • Distributing trust is a timeless job-to-be-done

  • Information was disrupted, now value is being disrupted

  • Software will replace and automate existing distributed trust mechanisms

  • Bitcoin multisigs are a mechanism for distributing trust via software, which further enable more use cases on top of the network and forge a path to a trust-minimized future.

In future articles, I’ll dive into the details of these multi-signature schemes and breakdown what they’re useful for. I’ll also share which products and services can help you set up these multisigs easily.

If you like these articles, sign up free to receive these directly in your inbox. Also, if you have any feedback, ideas, or questions, you can video/voice/text me directly:


Jacob from Rabbit Hole