Quest For The Perfect Bitcoin Wallet

7 First Principles

1. Security

If there is one thing you want to do with your money is that you want to keep it secure. Thus security is the first, most important principle.

2. Privacy

If there is another thing you want to do with your money is that you want to keep the knowledge about it to yourself. I don’t want to tell you how much money I have, and you don’t want to tell me how much money you have. Thus the second most important principle is privacy.

3. Trustlessness

Trustlessness is the third most important principle. Even if you are able to keep your money secure and private, you will also have to be certain about that your money is secure and private. You don’t want to ask your custodial wallet service provider if your money is secure and private, you don’t want to trust in third parties on this information, you want to trust in the architecture of the system you are using.

4. Open Source

In this paper open source is a means to achieve trustlessness. Nothing more, nothing less.

5. Accessibility

The accessibility principle wants the wallet to be accessible and usable by most of the World’s population. However it does not mean the wallet has to satisfy the needs of niches, in fact satisfying the niches are contradictory to the accessibility principle, because every single additional UI element makes the system a little bit more confusing for everyone else who does not use the feature.
Similarly adding a translation for a language that is only spoken by a few million people makes the system less maintainable. Every time a new feature is added, it will have to be translated also. Because of this, the developers would be crippled, or more likely make dirty decisions, thus the target audience of this system would suffer. And, there goes my native language.

6. Stability

There is no worse crime a wallet developer can commit than building an instable system. The responsibility of a developer cannot be understated when this tremendous amount of money is flowing through it.
Interestingly the accessibility principle is an aid for the stability principle. If the developer knows for certainty, that this system will never be handling Dogecoin, running on x86 architectures, on raspberry pies, on Windows 8 with a language setting of Sumerian Cuneiform. If there is certainty about future development direction from the get-go, the developer is much more likely to be able to avoid the inevitable unreliability that comes with cross platform systems.

7. Sustainability

The last principle wants to emphasize that, it is not enough to build something. It also has to be maintained. Historically, large open source projects without revenue streams were only be able to thrive if they acted as backbones of other systems, if their target audience were also developers, or if entities with sufficient resources decided to keep these projects alive.


What systems need to be in place in order to be able to server most of the World’s population?


Web, tablet, desktop and mobile. There are many important considerations here, and the first one is to drop the web platform. At the first glance, building a web wallet seems to violate the security principle, but that’s not true if we ensure that, the web wallet can only be used through a hardware wallet. It also seems like it violates the privacy principle. Building network level privacy to a web wallet, as of today is not possible, however I am not short on ideas on this topic, more on this later. Why the web platform should be dropped is because web-apps are second class citizens, while an application that aims to handle most of the value, the user accumulated over his life, should be one of the most important, if not the most important application, which deserves to run natively. This notion does not yet rule out the web platform, but it establishes the need for a software on desktop, tablet or mobile platforms.
Everyone has a smartphone, but not everyone has a tablet or a laptop/desktop computer. Based on the same logic, building software for tablets and desktops are redundant. However with such great project, the stability of this software stack also depends on the health and censorship resistance of the Bitcoin network as the whole, which makes desktop software necessary. I will dive into how the desktop achieves this and how mobile doesn’t later on.

Hardware Parameters

x86 vs x64, CPU, GPU and such shall also be subjects to upfront considerations.


Although localization can be a bottleneck for any software project and huge maintenance burden for developers, supporting only the 10 most spoken languages in the World won’t even serve 80% of the population, so the number of languages those need to be supported, just like smartphone models are have to be numerous.

Network Health

Large projects must also make sure of the stability of the system they build upon. This is why a Bitcoin full node and an LN hub and a Tor relay node must be built into the desktop client. To also ensure practicality these systems shall be opt-in, but also easily opt-in.


To minimize the possibility of dependency attacks, the used software packages must be kept minimal and ideally have developers working on both this project and on the software dependency project.
Small dependencies must be either copypasted (with proper attribution) or forked.
Test coverage should approach 100% of critical parts of the system.


Unlike my current project, Wasabi Wallet, this system shall not thrive for ultimate privacy, rather for sufficient privacy instead. Unfortunately it may very well be the case that sufficient privacy is impossible to achieve in a grandma friendly and cost-efficient way with today’s Bitcoin, without Confidential Transactions and Bulletproofs.
What can be achieved in a grandma friendly way is privacy against mass surveillance, but not against targeted attackers. Just like with hardware wallets, we will have to accept this trade off here, too.

Revenue Streams

As mentioned above, the software stack’s revenue would come from hardware wallet sales and a VPN service, but also the software stack can implement a “pay as much as you want” model for downloads and the Red Hat model: charging for support.

Putting It All Together


I presented a rough plan for an infrastructure that can be built upon Bitcoin to get ready for mass adoption. This plan requires a large amount of resources and expertise, this plan is large, but so is its impact.

 by the author.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store