Open-Source

Key Ceremony is a free tool for documenting your Bitcoin multisig wallet setup. You record who holds each key, where devices and backups are stored, and how to recover. It generates a professional ceremony record as a PDF. That’s it. Getting to that simplicity took some work. Origin The idea came from Dale Warburton’s Bitcoin self-custody quiz. Taking it highlighted real gaps in my own setup. Not in the keys themselves, but in the documentation around them. I knew where my keys were. I hadn’t written down how someone else would find and use them if I couldn’t. ...

I recently submitted a small PR to SeedSigner — the multisig message signing fix I wrote about in my previous post. After opening it, I tagged two maintainers in a comment asking for feedback. One of them, kdmukai, was not happy about that: I consider it rude to directly “@” reference any of us just to call for our attention. Notice that your “@” message adds nothing that is not already stated in the PR description. Reserve “@” call outs for when there are specific questions that the targeted person is the best resource and the discussion may be stalled until they weigh in. ...

I run CertainKey, a service that provides ownership and control verification reports for self-managed super funds (SMSFs) holding bitcoin. Part of that process involves proving that the fund trustee controls specific keys in a multisig wallet — not by moving funds, but by signing a message with each key individually. For this I built Gatekeeper, a tool that verifies BIP-322 message signatures. The flow is simple: the customer signs a known message with their hardware wallet at the relevant derivation path, and Gatekeeper confirms the signature matches the expected public key from the wallet descriptor. ...

This is a follow-on to my SimpleX CLI Docker Setup post. If you read that, you might remember the socat workaround I used to get around the WebSocket server only binding to localhost: command: > sh -c "socat TCP-LISTEN:5225,fork,bind=0.0.0.0 TCP:127.0.0.1:5226 & simplex-chat -p 5226" It worked, but it always felt like a hack. The underlying issue was that simplex-chat hardcodes the bind address to 127.0.0.1 when you use the -p flag. ...