Topic: [Guide] How to Create MultiSig Electrum Wallet for Beginners (Read 586 times)

The fact that YOU are relying on a copy, doesn't change the fact.
A seed is pure information. Something you know. Not something you have.

No one can take the seed away from you. Once you have (know) the seed, it is yours. Therefore it is something you know, not something you have.




Again, it is not really a second factor. It is just an additional part which is missing.
This is like writing down a password except for the last 2 characters. This is not something they have to steal from you.
They just have to get to that information.. Either via stealing OR through different techniques (e.g. bruteforce).

It is pure information. Something you know (again).




Of course it does. Noone said encryption is a 2FA (this wouldn't make any sense at all).




Not necessarily. A non-multisig wallet, whose seed is split via shamir's secret sharing is also a safe solution.

even if you are using a seed extension you still have to write down that extension too to prevent forgetting it and being locked out. writing it alongside seed wouldn't provide any security. and if you want to store them separately then you can always split your seed itself and store parts in different locations instead.

there are other ways of obfuscating the 'thing" you write down too. for example:
is the seed from wiki pages and the numbers are indexes in the wordlist (starting from 1 not 0)
and since these are just numbers you can have more fun with them:
which is the hex representation of it...
or with dashes

The seed is something you have in this case since you are not memorizing it but writing it down and relying on that written copy alone. The extension is something you know.

If someone were to discover the seed you've written down they would not be able to restore your wallet since they lack the second factor which is the seed extension.

Yes it's possible that if a committed attacker discovers your seed they can attempt to bruteforce your seed extension.  However this applies to any encryption you apply on the seed too. Once again the weak point is the human generated password/seed extension. So non of these methods will stop a committed attacker only casual snoopers.

If you want something more secure you need to create a multisig wallet and store the seed backups in different locations so that the compromise of one backup does not compromise your whole wallet.

The seed extension feature does NOT replace 2FA protection.
Data secured with 2FA needs 2 things to be accessed: Something you know (seed, password, secret information, ...) and something you have (token, mobile phone, ...).

Using the seed extension just adds another thing you need to know. This adds plausible deniability, but that's not 2FA - by definition.




I wouldn't be too sure about that.
Depending on the extended word (which basically is just a password) it might be able to be bruteforced.
The whole security (if you rely on the seed extension as security factor) is dependent from the password (lenght, char set, comlexity, ...) used. And humans are known to choose weak passwords.

If someone has access to the seed, bruteforcing a medium password is definitely an option.

The easiest way to add 2fa protection to your seed in electrum is to use the seed extension feature. On the seed re-entry step click on options and choose to extend the seed with custom words. Then in the following steps you will have the option to add your own password/passphrase as a seed extension. Your backup will then consist of the seed words that your right down and the seed extension that you memorize. Without both of those your wallet cannot be recovered.

Alternatively if you're comfortable with soft copy backups simply putting a password on your wallet (wallet menu > password) will encrypt it and then you can place a copy of that encrypted wallet file on a removable drive via file > save copy. Each co-signer will have to do this with their wallet file separately.

first thing you need to know about encrypting is that it is not something bitcoin specific. you basically have a text that you want to encrypt so you can use any tool that does that for you. for example you can play around in this site: http://cryptojs.altervista.org/secretkey/aes_cryptojs-v3.html (obviously it is not safe for private keys since it is online).
for instance Electrum wallet uses AES-256-CBC for encrypting the wallet file/keys.

as for BIP38 it is using the same scheme as AES-256 (i believe without padding) and then does a bunch of other stuff, adds a prefix and encodes it with base58 so that it looks like a private key.

all the wallets have encryption feature although they don't have an interface for you to easily use it if you want to export encrypted. the only thing that is focused on this that i know of is bitaddress.org. which you can take a copy and run offline. then go to the last tab saying "wallet details" enter your private key, select BIP38 Encrypt" enter a password and click the "encrypt BIP38" button. then copy the result from the bottom of the page.

Thanks for bringing this up. I have been planning to look into BIP38 a little bit more. Is there a recommended software for encrypting/decrypting of this type?

the idea is to hold them separately and preferably not in one place. bank safety deposit box was just an example. you can leave it with your parents for example. and there is always encryption option where you encrypt your private key (or your seeds) with a strong password then even if you leave it in the open nobody can rob you.
for example it will look like this:
this is the private key in bitcoin wiki that i encrypted using BIP38 and the password is
as you can see it is base58 (like a private key) but starts with 6 and it is pretty convenient to print or write down and store.

Thanks a lot. I was thinking about this idea myself. It makes perfect sense, of course, the only requirement is that the bank is reliable enough (not to be robbed or something). I will edit the OP to include this.

it is worth mentioning that when you create a multisignature wallet for yourself, unless you keep the keys that you just created separately there wouldn't be any additional security gained. for example you should print 1 xprv on a paper and keep it in your home safe, and print the second xprv and keep it in a bank's safety deposit box or with a family member if you can trust any!

Thanks a lot.


No, I didn't know about that. A couple of weeks ago I tried to see if this forum had a guide about a creation of multisignature wallet, but I couldn't find it. So I decided to try to make one.

I wasn't able to find a beginner's guide to creating a MultiSig Electrum Wallet, so I'm going to try to explain how it goes here.

This is the first time I've ever created a multiSig wallet, so I'd appreciate your feedback.

This guide will be specifically tailored to a 2 out of 2 solution, but I think you can easily extrapolate it to any other M out of N signature wallet.

Why would you want to create a MultiSig Wallet?

For one, it improves security. You need both signatures for any outgoing transaction, so if one of the wallets gets compromised, the other hopefully won't be and this may save your coins.  

You can install 2 wallets on 2 different computers by yourself, without any other person involved. In this case, you will control both private keys. This is what I did in this guide.

Of course, you can create this multisig solution together with someone else, for example, with your spouse or friend. In that case, you will control just one of the private keys, while your spouse the other. However, this is NOT the best idea if you ask me, considering how a good marriage (or friendship) may turn sour very quickly.

Multisig wallets are probably the most useful in various business endeavors, where several partners (cosigners) control mutual funds by holding one of the several keys necessary to unlock the funds. Exchanges store the majority of their coins off-line in multisig wallets as well. Some exchanges, like Bitmex, use 2 out of 3 multisig solutions for all customer funds all the time. So there is no doubt that multisig wallets are very useful.

For the purpose of demonstrating this concept (and because I won't use this wallet in real life), I selected my normal PC to install Wallet 1. Wallet 2 was installed in a virtual machine [Linux]. (You can also use a hardware wallet as wallet 2 Ref. [1].)

1) Start the Creation of Wallet 1

This section is essentially just to get the seed and Master Public Key of Wallet 1. We will stop the creation of Wallet 1 half way down the road, to return to it after creation of Wallet 2.

1. Choose New/Restore



2.Give it a name



3. Choose Multi-signature Wallet



4. Choose the number of signatures



The first slider indicates the total number of cosigners (wallets). The second slider indicates how many of them are needed for signing. We have here 2 of 2.

If we wanted to create a 2 out of 3 multisig wallet, it would look like this: https://i.imgur.com/N8CqQre.jpg

5. Choose Standard



6. Write down the seed and store it somewhere safe. Remember, this is equivalent to your private key. Don't share it with anyone.



7. Next comes the Master Public Key (MPK)



The MKP starts with xpub... You should save the MPK in a file and transfer it to the other computer. This is the only thing you should share with your cosigners in case you are creating MultiSig Wallet with someone else.

8. Now it asks for cosigner's info



You can stop here, because you don't have the MPK of wallet 2 just as yet. Just abort the creation.

Two important things are:

a) we have our seed of wallet 1 written down
b) we have our MPK of wallet 1 saved in a file

2) Start and Finish the Creation of Wallet 2

In this step, we go to the second computer and pretty much repeat the steps as for Wallet 1. But now, since we know MPK of wallet 1, we can finish the creation of wallet 2.

For example, we start here:

1.



....

we write down the seed of Wallet 2, and save the MPK of wallet 2 in a file
....

and follow the steps as in the previous chapter to this point:


9.



Here we enter the MPK of Wallet 1 saved from earlier.

This concludes the creation of Wallet 2. You can go to Addresses tab and something like this will appear.



3) Finish the Creation of Wallet 1

We go back to the first computer and finish what we have started with  Wallet 1.

Choose I already have a seed



enter the seed of wallet 1, and then enter MPK2 when asked for it in step 8.

When the creation of Wallet 1 is completed, compare the addresses. They should be the same as in Wallet 2.

---

Notes

• The fact that the addresses are equal, means that you now have a working 2 out of 2 multisignature wallet.
• Anyone can send you coins to one of these addresses. You should learn how to spend coins from this type of wallet, as described in Ref [2].
• The seed is virtually identical to your private key. Keep it safe. In this guide we own both private keys, so we should probably store them in two different physical locations. For example, you can use a bank's safety deposit box as one of these locations, as indicated in the post of @pooya87 below.
  
• If you create a multisig together with someone else, never show them your seed. If you do, they will have full control over the funds.
• If you create a multisig together with someone else, give them only your MPK. You should also receive their MPK.
• If you create a multisig together with someone else, show your MPK only to them. If you share it with a third person, they will know all your addresses and you will potentially lose your anonymity/privacy.

References

[1] https://freedomnode.com/blog/109/how-to-create-and-use-a-multi-signature-wallet-with-electrum-and-trezor
[2] http://docs.electrum.org/en/latest/multisig.html