Bitcoin

Patrick Moore’s 2021 book Fake Invisible Catastrophes and Threats of Doom makes a simple observation: most modern scare stories are built on phenomena that are either invisible, remote, or both. CO2. Radiation. Ocean acidification. Coral bleaching in reefs you’ll never visit. The average person can’t observe or verify any of it firsthand. They have to trust activists, media, politicians, and scientists — all of whom have financial or political skin in the game — to tell them the truth. ...

This is the fifth and final post in a series about SMSF Bitcoin audit evidence. The first post covered what auditors need to verify. The second compared evidence standards. The third covered the regulatory pressure making this urgent. The fourth explained why auditors need the wallet descriptor. You’ve received a CertainKey report in an audit file. Maybe the trustee sent it unprompted. Maybe their accountant attached it. Either way, you’re looking at a document full of terms like “wallet descriptor,” “block height,” and “BIP-322 message signature” — and you need to decide whether it’s sufficient evidence. ...

This is the fourth post in a series about SMSF Bitcoin audit evidence. The first post covered what auditors need to verify. The second post compared evidence standards. The third post covered the regulatory pressure making all of this urgent. This post covers multisig — why it’s best practice for SMSF custody, and why it creates a new audit evidence challenge. If you’re holding Bitcoin in your SMSF with a single key, you have a single point of failure. One lost seed phrase, one compromised device, and the fund’s assets are gone. No insurance, no recovery, no phone number to call. ...

This is the third post in a series about SMSF Bitcoin audit evidence. The first post covered what auditors need to verify. The second post compared evidence standards. This post covers the regulatory pressure that is making all of this urgent. Self-custody is the right call. No counterparty risk, no exchange insolvency exposure, your keys, your coins. Most serious bitcoiners wouldn’t have it any other way. But the Australian government is tightening the screws on how SMSF crypto holdings are audited, and if you can’t prove what you hold, your auditor has no choice but to qualify your audit and report you to the ATO. ...

Key Ceremony is a free tool for documenting your Bitcoin multisig wallet setup. You record who holds each key, where devices and backups are stored, and how to recover. It generates a professional ceremony record as a PDF. That’s it. Getting to that simplicity took some work. Origin The idea came from Dale Warburton’s Bitcoin self-custody quiz. Taking it highlighted real gaps in my own setup. Not in the keys themselves, but in the documentation around them. I knew where my keys were. I hadn’t written down how someone else would find and use them if I couldn’t. ...

This is the second post in a series about SMSF Bitcoin audit evidence. The first post, Your SMSF Holds Bitcoin — What Does Your Auditor Actually Need?, covered what auditors need to verify and why most of what trustees currently provide falls short. This post goes deeper into the evidence itself — what makes some forms of evidence stronger than others, and why it matters. Auditing is fundamentally about evidence. An auditor’s job is to assess whether the evidence supporting a claim is sufficient and appropriate. For most financial assets, this is well-trodden ground. Bank statements, share registries, property titles — each comes from a recognised institution with its own governance and reporting obligations. The auditor evaluates the source, assesses the risk, and forms a conclusion. ...

I run CertainKey, a service that provides ownership and control verification reports for self-managed super funds (SMSFs) holding bitcoin. Part of that process involves proving that the fund trustee controls specific keys in a multisig wallet — not by moving funds, but by signing a message with each key individually. For this I built Gatekeeper, a tool that verifies BIP-322 message signatures. The flow is simple: the customer signs a known message with their hardware wallet at the relevant derivation path, and Gatekeeper confirms the signature matches the expected public key from the wallet descriptor. ...