Author

Topic: Deterministic wallet backups and multisig lockboxes (Read 846 times)

sr. member
Activity: 476
Merit: 250
You are correct. If you have an m-of-n multisig address then you should keep regular backups of each of your "n" private keys in the same way that you would backup your private keys that can be used for a "traditional" bitcoin address. The difference is that you should store each of these keys separately.

I would argue that using multisig is generally not good for long term storage, but is better for shorter term transactions, for example when you pay for a good on the internet but don't release the funds until you receive the goods.
sr. member
Activity: 467
Merit: 267
Deterministic wallets have a very good backup feature: They only require you to backup a single piece of data - the seed (Electrum) or the root key (Armory). All present and future keys are created from it.
It's a very comforting idea to know that regardless of what I do to my computer - as long as I have the seed stored somewhere safe - nothing can happen to my funds.

But now what happens if I use multisigs? They use P2SH scripts which basically moves the responsibility of remembering the participant public keys to the redeemer. It's easy to fund a lockbox, it's just an address.
If I create a lockbox for a trust fund, it may take years before someone wants to redeem it. By then, if no one has a copy of the lockbox definition, the fund is lost.
Essentially, when using multisigs I am back to having to maintain individual backups for every multisig address - less I risk a permanent loss. It's much more work than the deterministic wallet case, don't you think?

Am I missing something?

Thanks

PS: As a workaround, I considered sending a small transaction to the participants when the lockbox is created in order to store its definition in the blockchain.
Jump to: