top of page

Legal

Image by Tingey Injury Law Firm

Technical-Legal Memo – Bitcoin Key Backup via Miniscript (Liana)

Date: April 2025
Author: ResKey – Tobias Grünenfelder

1. Introduction and Objective

This memo outlines the planned operation of a Bitcoin key backup service using Miniscript via the open-source software Liana.
The goal is to explain the technical functioning of the wallet setup and demonstrate why this setup does not constitute 'custody of digital assets' under Swiss financial market regulations – specifically pursuant to Art. 2 para. 3 AMLA and related FINMA interpretations.

2. Wallet Setup Overview

The wallet is based on a multi-phase, time-dependent control model using Miniscript (via Liana).
It uses a deterministic script that enables different spending paths depending on block height:

🔐 Phase 1 – 2-of-2 Multisig (Secure Wallet)
Initially, both keys (Customer + ResKey) must sign any transaction.
ResKey can never act alone.
This provides strong protection against unauthorized or fraudulent transactions.

🔐 Phase 2 – 2-of-3 Multisig (Recovery Mode)
After a set time period, the setup transitions to 2-of-3 multisig:

  • Customer's hardware wallet

  • Customer's software key

  • ResKey's key (backup / co-signer)

Two out of three keys are required. The customer (or their heir) retains full control, while ResKey can never spend alone.
This setup allows recovery of funds in case a key is lost and enables migration to a new secure wallet.

The software key can be entrusted to a beneficiary for inheritance purposes.

🔐 Phase 3 – 1-of-2 Singlesig (Inheritance and unilateral Exit)
If ResKey becomes inactive or loses access, the customer can still access their funds using just one of their own keys (e.g., hardware or software).
This ensures full independence and long-term accessibility.
The software key can be entrusted to a beneficiary for inheritance purposes.

🛠️ Optional: Customized Policy Adjustment
Upon request, a backup key held by a trusted third party chosen by the customer can be integrated.
This ensures that the customer’s funds can still be recovered even if all their keys are lost – without ever granting ResKey sole control over the funds.

3. Technical Safeguards (Miniscript, Liana)

  • Use of timelocked spending paths via OP_CHECKSEQUENCEVERIFY

  • No unilateral access by the service provider to customer funds

  • Verifiability by third parties via openly viewable scriptPubKeys

  • Software: Liana is fully open source and auditable

 

4. Regulatory Assessment

According to FINMA guidelines, custody is deemed to exist when:

  1. The service provider has effective control over client assets

  2. The provider can execute transactions on behalf of the client

  3. There is technical or economic access to the assets

In the described model, none of these conditions apply.
ResKey never has sole control.
The service is clearly a backup and security function, not custody.

5. Summary

The described setup does not constitute traditional custody, but rather a technically restricted, time-delayed backup mechanism that aligns with FINMA’s interpretation – specifically because no sole control over client assets is ever granted to ResKey.

bottom of page