I haven't tried a Multi-sig wallet with just one Electrum and hardware wallet. I don't know whether Trezor can still display the receiving address on the multi-sig wallet. Maybe I'll try it another time.
I'm not 100% sure, but I think Electrum shows multisig addresses on Tresor. On Jade it does, I just checked it. It seems to work with other hardware wallets as well. Only on Ledger it doesn't work with either Electrum or Sparrow. 
Topic: Electrum + Ledger Multisig? (Read 248 times)
As far as I know, when connected to Electrum, Ledger and other hardware wallets, such as Trezor, do not display the receiving address on the hardware wallet screen. It differs when connected to the default software, such as Ledger Live or Trezor Suite. When determining the receiving address, there is confirmation on the screen of each hardware wallet.
There is a button in the form of an eye, when you press it, the address is shown on the display of the device.Thank you for the information; I just realized there is a feature to display the receiving address on the hardware wallet in Electrum.
To display the receiving address on the hardware wallet screen, you can also right-click one of the addresses, for example, Show on Ledger.
I haven't tried a Multi-sig wallet with just one Electrum and hardware wallet. I don't know whether Trezor can still display the receiving address on the multi-sig wallet. Maybe I'll try it another time.
When Ledger is connected to Electrum, you can see your receiving address via Electrum on the Addresses tab
Yes, but how reliable is it? There has to be a reason for requiring verification of the receiving address on the device display, right? I suspect that malware is capable of displaying fake addresses on the Address tab.As far as I know, when connected to Electrum, Ledger and other hardware wallets, such as Trezor, do not display the receiving address on the hardware wallet screen. It differs when connected to the default software, such as Ledger Live or Trezor Suite. When determining the receiving address, there is confirmation on the screen of each hardware wallet.
Quote
Above, I tried to provide a solution for that, especially because the Multi-Signature wallet was used this time, so you can double-check the suitability of the receiving address on the multi-sig wallet on each Electrum on a separate device.
Yes, if you use two Electrums on different computers. But it is much more convenient to have such a wallet on one Electrum, and in this case full support of multisig by hardware wallet is very desirable.Quote
So far, I have never read of a case where a hardware wallet was connected to Electrum, and all the existing addresses turned out to be different from those the hardware wallet should have had.
I didn't see it either. But it seems possible to me. When Ledger is connected to Electrum, you can see your receiving address via Electrum on the Addresses tab
Yes, but how reliable is it? There has to be a reason for requiring verification of the receiving address on the device display, right? I suspect that malware is capable of displaying fake addresses on the Address tab.As far as I know, when connected to Electrum, Ledger and other hardware wallets, such as Trezor, do not display the receiving address on the hardware wallet screen. It differs when connected to the default software, such as Ledger Live or Trezor Suite. When determining the receiving address, there is confirmation on the screen of each hardware wallet.
Above, I tried to provide a solution for that, especially because the Multi-Signature wallet was used this time, so you can double-check the suitability of the receiving address on the multi-sig wallet on each Electrum on a separate device.
So far, I have never read of a case where a hardware wallet was connected to Electrum, and all the existing addresses turned out to be different from those the hardware wallet should have had.
I have read a case where an address was copied, but the results differed after pasting it. The context is no longer in Electrum or the hardware wallet but in the OS (which was affected by the clipboard hijacker malware). If this is the case, you should ensure that your OS is free from malware or viruses, even before installing Electrum and creating a multi-signature wallet.
When Ledger is connected to Electrum, you can see your receiving address via Electrum on the Addresses tab
At least on the 3rd and final Electrum, I can see the receiving address. Sort of like final screening before broadcasting the transaction rather than Ledger broadcasting it out without knowing if the receiving address is correct.
Why do you need a third Electrum? Create the transaction on Electrum (but don't sign it), sign it with your Ledger device, then the review the partially signed transaction on the same copy of Electrum to ensure it is correct before applying the second signature and broadcasting it.Although as igor72 has pointed out, this affects the change address, not the payment address.
Let me tag @o_e_l_e_o to shade more light if it is possible
It is true that the mobile Electrum has a number of limitations as you've said, but these don't really apply here. Since the mobile Electrum would be one co-signer in a multi-sig wallet (which it is perfectly capable of), julerz12 can use his desktop Electrum to create the transaction, use coin control, set a custom fee, and so on, and then just use the mobile Electrum to sign the transaction he's already created. I use such a ledger + electrum 2-of-2 wallet for long term storage. Besides the obvious pros there are a few cons:
1. On the ledger display it is impossible to check the receiving address. Ledger can't check the change address either. There is no such problem with some other hardware wallets.
Crap, that's a bummer. I haven't tried sending a transaction yet so I didn't know. Is there any solution for this?1. On the ledger display it is impossible to check the receiving address. Ledger can't check the change address either. There is no such problem with some other hardware wallets.
You just have to create in a file or print out a list of your addresses and check against it.
When Ledger is connected to Electrum, you can see your receiving address via Electrum on the Addresses tab, like the example I made previously below:
-snip-
Go to the 'Addresses' tab (View Menu -> Show Addresses), and make sure the addresses in all Cosigners are the same:
- Address Wallet (cosigner) 1:
- Address Wallet (cosigner) 2:
Go to the 'Addresses' tab (View Menu -> Show Addresses), and make sure the addresses in all Cosigners are the same:
- Address Wallet (cosigner) 1:
- Address Wallet (cosigner) 2:
2. You cannot sign a message.
I noticed this too.The following is the statement by ecdsa and SomberNight regarding this matter.
BTW, I saw that Electrum has an Android app, would that suffice as the third setup?
You can use the Android version of Electrum to create a Multi-Signature wallet.
-Image source
Will do. I'm trying to get my hands on another device.
BTW, I saw that Electrum has an Android app, would that suffice as the third setup? A mobile phone that is air-gapped. Or that app has limitations?
BTW, I saw that Electrum has an Android app, would that suffice as the third setup? A mobile phone that is air-gapped. Or that app has limitations?
Yes there is limitation between electrum desktop and the android. The limitations I can recall it’s users complain about are lack of coin control but you can freeze addresses, it doesn’t have the manual customization fee except you use the static slider and then doesn’t sign messages. So i don’t think it would be possible to run another co-signer on it. Other phone wallets like BlueWallet are better but the problem would be to importing the electrum seed phrase into BlueWallet because electrum doesn’t use the BIP39 seed phrase.
But if there is a way to create an electrum multi sig wallet using the BIP39 seed phrase rather than the electrum seed phrase it self it could be possible.
Let me tag @o_e_l_e_o to shade more light if it is possible
You misunderstood me. You can see the recipient's address on the display. You cannot check your own receiving address.
You just have to create in a file or print out a list of your addresses and check against it.
I see. Thank you for the swift response. I'll make sure to do that. You just have to create in a file or print out a list of your addresses and check against it.
I use such a ledger + electrum 2-of-2 wallet for long term storage. Besides the obvious pros there are a few cons:
1. On the ledger display it is impossible to check the receiving address. Ledger can't check the change address either. There is no such problem with some other hardware wallets.
Crap, that's a bummer. I haven't tried sending a transaction yet so I didn't know. Is there any solution for this?1. On the ledger display it is impossible to check the receiving address. Ledger can't check the change address either. There is no such problem with some other hardware wallets.
You just have to create in a file or print out a list of your addresses and check against it.
I use such a ledger + electrum 2-of-2 wallet for long term storage. Besides the obvious pros there are a few cons:
1. On the ledger display it is impossible to check the receiving address. Ledger can't check the change address either. There is no such problem with some other hardware wallets.
Crap, that's a bummer. I haven't tried sending a transaction yet so I didn't know. Is there any solution for this?1. On the ledger display it is impossible to check the receiving address. Ledger can't check the change address either. There is no such problem with some other hardware wallets.
How about this setup?
I make a multi-sig 3/3, Electrum Desktop [1], Ledger (hardware wallet) [2] and another Electrum desktop [3] (preferably on another device).
Then, I make a transaction on 1st Electrum [1], then blindly sign it on Ledger [2] then finally sign and broadcast it on another Electrum [3] setup.
At least on the 3rd and final Electrum, I can see the receiving address. Sort of like final screening before broadcasting the transaction rather than Ledger broadcasting it out without knowing if the receiving address is correct.
Is my understanding right?
2. You cannot sign a message.
I noticed this too.After testing if you are actually using it for the large storage of funds I will advise two things.
1. After the test is done and you understand everything, do not use the exiting seed phrase or keys, just create a new one and then transfer all funds there to eliminate mistakes like the seed phrase or private touching the internet probably because you lack have knowledge before and make sure you do everything offline.
Yes, I'm currently testing everything first on testnet before actually using the multisig wallet.1. After the test is done and you understand everything, do not use the exiting seed phrase or keys, just create a new one and then transfer all funds there to eliminate mistakes like the seed phrase or private touching the internet probably because you lack have knowledge before and make sure you do everything offline.
2. I would advise you take extra cost to get another device so that each co-signer will be on different devices even though this your current set up isn’t bad but this one will be more secure. And this time the devices should be airgapped to eliminate any chance of compromise.
Will do. I'm trying to get my hands on another device. BTW, I saw that Electrum has an Android app, would that suffice as the third setup? A mobile phone that is air-gapped. Or that app has limitations?
I use such a ledger + electrum 2-of-2 wallet for long term storage. Besides the obvious pros there are a few cons:
1. On the ledger display it is impossible to check the receiving address. Ledger can't check the change address either. There is no such problem with some other hardware wallets.
2. You cannot sign a message.
3. Transaction fee (segwit 1 input/2 outputs) is 27% higher.
1. On the ledger display it is impossible to check the receiving address. Ledger can't check the change address either. There is no such problem with some other hardware wallets.
2. You cannot sign a message.
3. Transaction fee (segwit 1 input/2 outputs) is 27% higher.
I see. Thanks guys for the well explained answers. I'm a bit confident now to use what I've setup. Tho I might still try and test it first with small amounts just to be sure I didn't miss anything.
I've got no further inquiries.
I've got no further inquiries.
After testing if you are actually using it for the large storage of funds I will advise two things.
1. After the test is done and you understand everything, do not use the exiting seed phrase or keys, just create a new one and then transfer all funds there to eliminate mistakes like the seed phrase or private touching the internet probably because you lack have knowledge before and make sure you do everything offline.
2. I would advise you take extra cost to get another device so that each co-signer will be on different devices even though this your current set up isn’t bad but this one will be more secure. And this time the devices should be airgapped to eliminate any chance of compromise.
Tho I might still try and test it first with small amounts just to be sure I didn't miss anything.
That's always a smart idea. I would also recommend making a note of the first address in your multi-sig wallet, wiping your Electrum wallet, resetting your Ledger device, and checking you can recover the same multi-sig wallet using your back ups in order to verify that your back ups are accurate. Obviously you should back up your two seed phrases separately, and ideally, you want four back ups in total (two of each seed phrase) to provide protection against the accidental loss or damage of one back up.
I see. Thanks guys for the well explained answers. I'm a bit confident now to use what I've setup. Tho I might still try and test it first with small amounts just to be sure I didn't miss anything.
I've got no further inquiries.
Again, thank you.
I've got no further inquiries.
Again, thank you.
What's the security risk of having both devices on the same system? Is the ledger wallet vulnerable when connected to the Electrum wallet?
Only that having the wallets on two completely separate devices (i.e. one computer with Electrum with one seed phrase, and another computer with Electrum with no seed phrases which is used to interact with your hardware wallet) is safer than only using one device, since an attacker would need to compromise an additional device in order to steal your coins. Further, your second Electrum wallet which holds no seed phrases and only interacts with your hardware wallet could be permanently airgapped for even more security.So let's say while the hardware wallet is connected in Electrum, then Electrum somehow gets compromised, the hacker then sends a transaction; they still couldn't spend any coins unless they have physical access to the hardware wallet (ledger) to sign and broadcast the transaction, right?
Theoretically, yes. As far as I know, there are no known remote attacks against the most popular brands of hardware wallet where someone compromising your computer could remotely compromise your hardware wallet or make it sign transactions you didn't wish to sign. However, no one can guarantee 100% that such attacks do not exist. That is why the set up I described above is marginally safer, since the hardware wallet would only ever connect to a second (potentially permanently airgapped) device. The other option would be to swap out the Ledger for a permanently airgapped hardware wallet such as Passport.That's not to say your set up is not secure. It's much more secure than a standard Electrum wallet, since as you say an attacker would probably need physical access to your hardware wallet as well as compromising your Electrum wallet in order to steal your funds.
In my opinion, the Electrum wallet is more vulnerable than the hardware wallet;
Because you are using the same device, it must be online to make and broadcast transactions.
Because you are using the same device, it must be online to make and broadcast transactions.
Because you have set the hardware wallet as one of the cosigners on the multi-sig wallet, if you don't connect it to Electrum, then the wallet can't be used.
So let's say while the hardware wallet is connected in Electrum, then Electrum somehow gets compromised, the hacker then sends a transaction; they still couldn't spend any coins unless they have physical access to the hardware wallet (ledger) to sign and broadcast the transaction, right?Yes, when Electrum is compromised, let's say the hacker gets access to Electrum as cosigner 1. He still can't use the wallet because he needs the Hardware wallet as cosigner 2 to be able to complete the process of signing the remaining transactions from 2 of 2 multi-sig wallets.
Therefore, separating multi-sig wallets on different devices can be more secure because one of the Electrum wallets can be used offline to minimize compromise.
In my opinion, the Electrum wallet is more vulnerable than the hardware wallet;
Because you are using the same device, it must be online to make and broadcast transactions.
Because you are using the same device, it must be online to make and broadcast transactions.
Because you have set the hardware wallet as one of the cosigners on the multi-sig wallet, if you don't connect it to Electrum, then the wallet can't be used.
So let's say while the hardware wallet is connected in Electrum, then Electrum somehow gets compromised, the hacker then sends a transaction; they still couldn't spend any coins unless they have physical access to the hardware wallet (ledger) to sign and broadcast the transaction, right? Here's an example:
This is only the case if you are using two separate computers for your 2-of-2 multi-sig; one with an Electrum wallet storing the Electrum seed phrase, and another with an Electrum wallet storing no seed phrases but interacting with your hardware wallet.-snip-
Thank you for the additional explanation.
Correct, I'm using an Electrum (desktop) and a connected a ledger wallet on the same system.
What's the security risk of having both devices on the same system? Is the ledger wallet vulnerable when connected to the Electrum wallet?
What's the security risk of having both devices on the same system? Is the ledger wallet vulnerable when connected to the Electrum wallet?
In my opinion, the Electrum wallet is more vulnerable than the hardware wallet;
Because you are using the same device, it must be online to make and broadcast transactions.
Meanwhile, if you use a different device and a separate wallet, you can make it offline for the first Electrum Wallet. Then, to broadcast transactions that have been signed, you use the Electrum+hardware wallet on another online device.
Everytime I open Electrum (multisig) wallet, It always asks to insert/connect the Ledger device.
Because you have set the hardware wallet as one of the cosigners on the multi-sig wallet, if you don't connect it to Electrum, then the wallet can't be used.
Here's an example:
Yes, on the part where it asks to add a cosigner, I use:'Cosign with hardware device'
OP seems to have a set up a single wallet with contains the Electrum seed phrase and which he also connects to his hardware wallet. This is less secure than using completely separate devices, but still much more secure than a standard single sig hot Electrum wallet. With such a wallet, he does not need to interact with this xpubs since Electrum provides one seed phrase and the hardware wallet provides the other.
Correct, I'm using an Electrum (desktop) and a connected a ledger wallet on the same system.What's the security risk of having both devices on the same system? Is the ledger wallet vulnerable when connected to the Electrum wallet?
Everytime I open Electrum (multisig) wallet, It always asks to insert/connect the Ledger device.
Jump to: