Electrum + Ledger Multisig? - page 2.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18509

Quote from: Husna QA on December 04, 2023, 09:02:36 AM

Here's an example:

This is only the case if you are using two separate computers for your 2-of-2 multi-sig; one with an Electrum wallet storing the Electrum seed phrase, and another with an Electrum wallet storing no seed phrases but interacting with your hardware wallet.

OP seems to have a set up a single wallet with contains the Electrum seed phrase and which he also connects to his hardware wallet. This is less secure than using completely separate devices, but still much more secure than a standard single sig hot Electrum wallet. With such a wallet, he does not need to interact with this xpubs since Electrum provides one seed phrase and the hardware wallet provides the other.

Husna QA

legendary

Activity: 2254

Merit: 2852

#SWGT CERTIK Audited

Quote from: Charles-Tim on December 04, 2023, 07:56:26 AM

Quote from: Husna QA on December 04, 2023, 07:00:58 AM

When creating a new multi-sig wallet, make sure to use the Master Public key that you previously used so you can reaccess the wallet address on the multi-sig wallet you created.

Did you mean master private key?

It is not 2-of-3 multisig wallet, neither the number of signature needed are more than the number of cosigners. To recover 2-of-2 multisig wallet, everything needed are the two seed phrases, master private keys or private keys.

Master Public key, if you use a multi-sig wallet such as Electrum + hardware wallet because the hardware wallet already represents the master key or seed phrase.
However, if you use a multi-sig wallet on Electrum without selecting the "Use a Hardware Device" option, you need a seed phrase or master key.

Here's an example:

Quote from: Husna QA on July 08, 2022, 11:23:34 AM

-snip-
Under wallet type, select Multi-Signature wallet.

Then specify the Consigner and also the number of signatures needed to be able to process transactions in the wallet.

On "Add cosigner (1 of 2)", I selected the option "Use a hardware device".

In 'Hardware Keystore', select the connected device, then clicks 'Next'.
- Device on Wallet (Cosigner) 1:

- Device on Wallet (Cosigner) 2:

Select the wallet address type; For "derivation path", I leave it by default.

Then write the 'Master Public Key' it generates, then clicks 'Next'.

- Master Public Key on Cosigner 1:

- Master Public Key on Cosigner 2:

On the 'Add Cosigner (2 of 2)', select 'Enter cosigner key'.

In wallet 1, fill in using the master public key (xpub) of wallet 2:

In wallet 2, fill in using the master public key (xpub) of wallet 1:

Create a password to encrypt each wallet on both 'Cosigners'.

Go to the 'Addresses' tab (View Menu -> Show Addresses), and make sure the addresses in all Cosigners are the same:

- Address Wallet (cosigner) 1:

- Address Wallet (cosigner) 2:

-snip-

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: Husna QA on December 04, 2023, 07:00:58 AM

When creating a new multi-sig wallet, make sure to use the Master Public key that you previously used so you can reaccess the wallet address on the multi-sig wallet you created.

Did you mean master private key?

It is not 2-of-3 multisig wallet, neither the number of signature needed are more than the number of cosigners. To recover 2-of-2 multisig wallet, everything needed are the two seed phrases, master private keys or private keys.

Husna QA

legendary

Activity: 2254

Merit: 2852

#SWGT CERTIK Audited

Quote from: julerz12 on December 04, 2023, 05:51:18 AM

I've setup a 2/2 multisig wallet on Electrum and cosigned it with a hardware wallet (Ledger).
From what I've understood, your keys never leave the hardware wallet when signing transactions, correct?

Yes, that's right, the private key is stored in a secure chip hardware wallet.

Quote from: julerz12 on December 04, 2023, 05:51:18 AM

And since if I try and make a transaction on the electrum multisig wallet, I still need to sign it with the hardware wallet then broadcast it; it is an added security. Is my understanding correct?

Yes, that's correct. You still need the hardware wallet to sign transactions on the previously created multi-sig wallet.

Quote from: julerz12 on December 04, 2023, 05:51:18 AM

If so, are there any possible vulnerabilities in this setup? A possible means of someone accessing the multisig wallet I've setup and actually spending the coins, without access to the hardware wallet.

He still needs a hardware wallet (or private key from the multi-sig address) to access the multi-sig wallet and all cosigner access from each wallet.

Quote from: julerz12 on December 04, 2023, 05:51:18 AM

Also, if the hardware wallet gets lost, I wouldn't be able to spend the coins too unless I restore it on another device. Correct?

Yes, that's correct; You can restore to another hardware wallet;
When creating a new multi-sig wallet, make sure to use the Master Public key that you previously used so you can reaccess the wallet address on the multi-sig wallet you created.

Quote from: julerz12 on December 04, 2023, 05:51:18 AM

Sorry if I sound dumb, I tried searching specific answers and couldn't find any and as you know, some sources also cannot be trusted so I think it is better to get answers here instead.

The following is one of my practices when creating a multi-sig wallet using 2 Electrum wallets + 2 Hardware wallets on different OS and devices:
https://bitcointalksearch.org/topic/m.60534500

Quote from: Husna QA on July 08, 2022, 11:23:34 AM

Multi-Signature Wallet using the Electrum and the Hardware Wallet.
-snip-

Wallet 1
Wallet: Electrum Testnet 4.0.9 (macOS)
Hardware wallet: Trezor T

Wallet 2
Wallet: Electrum Testnet 4.0.9 (Windows OS)
Hardware wallet: Ledger Nano X

Dump3er

hero member

Activity: 1274

Merit: 520

Cashback 15%

I was about to say a few words concerning the fees and a comparison between single-sig and multi-sig, but I recalled this overview, which I think is quite helpful as fees are often underestimated when the setup is chosen:

But I can only support your intention to keep funds secure especially when the amounts are significant.

Cutting corners may save you time, but not money, as it is only a question of time until it costs you money! Wink

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: Zaguru12 on December 04, 2023, 06:16:26 AM

What I understand is when a hardware wallet is connected to software wallets like electrum it creates something like a watch only wallet. A watch only wallet doesn’t have any risk because no keys or seed phrase is stored on it, just the master public key I think.

Watch-only wallet is created when you import master public key generated by seed phrase or master private key, or when you import address or addresses. This is not the same as when you connected your wallet to a hardware wallet, or when you setup a multisig wallet with a software wallet and a hardware wallet. You did not connect Electrum with the Ledger with 2-of-2 multisig, it is just that you will need the two wallets to make transaction.

Zaguru12

hero member

Activity: 672

Merit: 855

Yes the keys and seed phrase are actually stored on the hardware wallet and does not leave the wallet.

What I understand is when a hardware wallet is connected to software wallets like electrum it creates something like a watch only wallet. A watch only wallet doesn’t have any risk because no keys or seed phrase is stored on it, just the master public key I think.

If the hardware wallets gets damaged or spoiled then you can import the seed phrase into another wallet either software or hardware to recover those funds

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Multisig wallet are more secure and safer than single signature wallet. There is increase in security in this wallet setup.

Quote from: julerz12 on December 04, 2023, 05:51:18 AM

And since if I try and make a transaction on the electrum multisig wallet, I still need to sign it with the hardware wallet then broadcast it; it is an added security. Is my understanding correct?

I am not a Ledger wallet user, but if it is 2-of-2 multisig wallet, you will need the two wallets to sign the transaction.

Quote from: julerz12 on December 04, 2023, 05:51:18 AM

From what I've understood, your keys never leave the hardware wallet when signing transactions, correct?

Yes, your Ledger seed phrase and keys never go online.

Quote from: julerz12 on December 04, 2023, 05:51:18 AM

Also, if the hardware wallet gets lost, I wouldn't be able to spend the coins too unless I restore it on another device. Correct?

Yes.

julerz12

legendary

Activity: 2310

Merit: 1108

Telegram: @julerz12

I've setup a 2/2 multisig wallet on Electrum and cosigned it with a hardware wallet (Ledger).
From what I've understood, your keys never leave the hardware wallet when signing transactions, correct?
And since if I try and make a transaction on the electrum multisig wallet, I still need to sign it with the hardware wallet then broadcast it; it is an added security. Is my understanding correct?

If so, are there any possible vulnerabilities in this setup? A possible means of someone accessing the multisig wallet I've setup and actually spending the coins, without access to the hardware wallet.

Also, if the hardware wallet gets lost, I wouldn't be able to spend the coins too unless I restore it on another device. Correct?

Sorry if I sound dumb, I tried searching specific answers and couldn't find any and as you know, some sources also cannot be trusted so I think it is better to get answers here instead.

Topic: Electrum + Ledger Multisig? - page 2. (Read 248 times)