Author

Topic: How to check I have the seeds of my multisig 2/3 (Read 226 times)

legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
For example, I first sign a transaction with seed 1. Then I sign this transaction with seed 2. The transaction is valid because it is a 2 out of 3 multisig.
Then I copy the first transaction and signed it with seed 3 this time (instead of seed 2). 
So now I have two signed transaction (actually this is the same transaction). Every signature is done offline on my airgapped computer. 
What « happened » if I then don’t broadcast this or these two transactions over the internet ? Is it ok ?
Yeah, its fine unless someone broadcasts it. The two signed transactions are both valid and either of them can be broadcasted at any point in time. If for some reason, you didn't manage these two transactions properly and someone else gets access to it, they can still broadcast it because they are valid.

These two transaction are valid until any of the inputs in that signed transaction gets spent.
hero member
Activity: 560
Merit: 1060
For example, I first sign a transaction with seed 1. Then I sign this transaction with seed 2. The transaction is valid because it is a 2 out of 3 multisig.
Then I copy the first transaction and signed it with seed 3 this time (instead of seed 2). 
So now I have two signed transaction (actually this is the same transaction). Every signature is done offline on my airgapped computer. 
What « happened » if I then don’t broadcast this or these two transactions over the internet ? Is it ok ?

If you are afraid that you may have privacy issues broadcasting transactions, since you need internet for this purpose, I suggest running your own node + electrum server. Then connect a wallet, like Sparrow for example, to your personal electrum server using TOR. I think you can't really do much more to avoid connecting to the internet at all. Bitcoin needs the internet.
legendary
Activity: 2268
Merit: 18711
What « happened » if I then don’t broadcast this or these two transactions over the internet ? Is it ok ?
If you don't broadcast the transactions, then nothing happens. The network never learns about them, your coins never move, and you pay no fees. As far as the wider network is concerned, those transaction do not exist until you broadcast them. If you never broadcast them and delete them instead, then it is as if they never existed.
jr. member
Activity: 48
Merit: 27
For example, I first sign a transaction with seed 1. Then I sign this transaction with seed 2. The transaction is valid because it is a 2 out of 3 multisig.
Then I copy the first transaction and signed it with seed 3 this time (instead of seed 2). 
So now I have two signed transaction (actually this is the same transaction). Every signature is done offline on my airgapped computer. 
What « happened » if I then don’t broadcast this or these two transactions over the internet ? Is it ok ?
newbie
Activity: 4
Merit: 0
Yes. if 3rd device is a Coldcard MK4 (I highly recommend) go to "Advanced" menu > "Danger Zone" > "Seed Functions" > "View Seed Words"

You should have written down the Electrum seeds to verify.

if 2nd hardware device is a Coldcard MK4 ....repeat *Above*
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
No they don't. You need all the words and in the right order.
Yep, with relative ease but not directly of course. Though you could mistype one or two of the words and still be able to recover it since they are still using the same fixed wordlist. If you miss out a word or two, that's still fine. You can't get the correct versioning without a few specific phrases which would automatically eliminate most of the seeds without the need for further key derivation.

Jumbling them up sounds quite intentional, so that shouldn't be too much of an issue.
legendary
Activity: 3682
Merit: 1580
Not necessarily.

Your seeds have a certain threshold of redundancy, where you can afford to get a word or two wrong while still being able to recover them with relative ease.

No they don't. You need all the words and in the right order.
hero member
Activity: 560
Merit: 1060
Make sure to back up your 3 xpubs as well. In case you lose one of your seeds, if you don't have all the 3 xpubs, you will not  be able to recover your keys, even if 2 out of 3 seeds are needed to sign transactions.
To be more accurate, if you lose one of the seed phrases, you will need the master public key associated with the lost seed phrase to recover your wallet. You won't need all three master public keys. Two of them can be derived from the two existing seed phrases.

To recover you wallet and spend fund from that, you will need:

Seed A, Seed B, MPK C
or
Seed B, Seed C, MPK A
or
Seed A, Seed C, MPK B

(MPK = Master public key)

Correct. If OP doesn't want to backup all the xpubs with each cosigner's seed, they could back it up as follows:

1. Seed A, MPK B
2. Seed B, MPK C
3. Seed C, MPK A

Therefore, losing 1 of those packets OP will still be able to recover their wallet. At the same time, if an attacker steals one of the packets, they will not be able to monitor your wallet.
legendary
Activity: 2380
Merit: 5213
Make sure to back up your 3 xpubs as well. In case you lose one of your seeds, if you don't have all the 3 xpubs, you will not  be able to recover your keys, even if 2 out of 3 seeds are needed to sign transactions.
To be more accurate, if you lose one of the seed phrases, you will need the master public key associated with the lost seed phrase to recover your wallet. You won't need all three master public keys. Two of them can be derived from the two existing seed phrases.

To recover you wallet and spend fund from that, you will need:

Seed A, Seed B, MPK C
or
Seed B, Seed C, MPK A
or
Seed A, Seed C, MPK B

(MPK = Master public key)
hero member
Activity: 560
Merit: 1060
Hello,

I created an electrum 2/3 multisig Wallet on an air-gapped device.
The three seeds are geographically distributed.

I want to verify that I have well written the three seeds.
I have to create a "fake" transaction on electrum then sign it with the first key then export the PSBT then sign it with the second seed ? What about the third seed to check it's correct ?

Is there any other solution to check I own the correct seeds ?

Make sure to back up your 3 xpubs as well. In case you lose one of your seeds, if you don't have all the 3 xpubs, you will not  be able to recover your keys, even if 2 out of 3 seeds are needed to sign transactions.
legendary
Activity: 2268
Merit: 18711
Where are your xpubs backed up? They should be backed up alongside your seed phrases.

I have to create a "fake" transaction on electrum then sign it with the first key then export the PSBT then sign it with the second seed ? What about the third seed to check it's correct ?
What is contained by the wallet you plan to create this fake transaction on? All of the seed phrases? Or just the xpubs? Or some combination?

How are you planning to sign it with second seed phrase? Are you importing that seed phrase in to a clean device alongside the two other xpubs? Again, where are your xpubs backed up?

I would not create a transaction at all. What I would do instead would be to access each seed phrase back up individually, use each back up to derive the necessary xpub, then take all three xpubs together and recover a watch only copy of your multi-sig. If the addresses match up, then your seed phrases are correct.

I would also point out that creating a multi-sig on a single device negates the whole point of a multi-sig, which is to remove a single point of failure.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
First write seed words on paper, than erase wallet or reset device/s, and than import seed words from scratch.
Only if everything works good you should accept coins on addresses generated by this wallet.
If a multisig wallet has been created already, you can check the seed phrase, master public key and make sure the addresses are the same on all the m wallets. Even if the addresses are correct, the multisig wallet is properly setup. If there is a mistake in the setup, likely the wallet will not be created at all. I do not think reimporting the seed phrase is necessary.

Multisig wallet or Singlesig wallet, you always have to do three steps.
Create your wallet with seed
Backup your wallet seed
Recover your wallet to test your wallet seed backup
You do not have to recover multisig or single sig wallet just like I mean above. You can still always double check that your seed phrase (and master public keys) are correct and properly backup the seed phrases and master public keys.
sr. member
Activity: 966
Merit: 306
Multisig wallet or Singlesig wallet, you always have to do three steps.
Create your wallet with seed
Backup your wallet seed
Recover your wallet to test your wallet seed backup

With Multisig wallet, the recovery process will include checking seeds of all cosigner wallets and their Master Public Keys.
If the multisig wallet created has the same address as an initial wallet has, all from wallet creation, wallet backup, wallet recovery are good.

Creating a multisig wallet.
legendary
Activity: 2212
Merit: 7064
Is there any other solution to check I own the correct seeds ?
Word of advice, whenever you are creating bitcoin wallet, either regular or multisig, you should ALWAYS check if your seed phrase backup work, only after this you can consider your setup safe.
First write seed words on paper, than erase wallet or reset device/s, and than import seed words from scratch.
Only if everything works good you should accept coins on addresses generated by this wallet.

legendary
Activity: 2534
Merit: 6080
Self-proclaimed Genius
I want to verify that I have well written the three seeds.
I have to create a "fake" transaction on electrum then sign it with the first key then export the PSBT then sign it with the second seed ? What about the third seed to check it's correct ?
By following that method, just make two copies of the PSBT with 1 signature and send each to the other two cosigners.
Either one should be able to sign it.

Is there any other solution to check I own the correct seeds ?
Check each cosigner wallets' addresses if they are all the same, then go to each cosigner's menu: "Wallet->Seed" if the seed if correct.
legendary
Activity: 2380
Merit: 5213
Last few bytes are checksum and there is a fixed number of words in Electrum wordlist.
Since OP has generated the seed phrases using electrum and they are not BIP39, the checksum isn't the last few bytes.
Instead of having a checksum in the way a BIP39 seed phrase is generated, electrum hashes the words and then checks if the result matches any of the correct versions numbers.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Not necessarily.

Your seeds have a certain threshold of redundancy, where you can afford to get a word or two wrong while still being able to recover them with relative ease. Last (First*) few bytes are checksum and there is a fixed number of words in Electrum wordlist. For the maximum security, I wouldn't generate the multisig using the three seeds at the same time on the same computer. Rather, I would get the master public key and combine them to get the MultiSig wallet and compare their addresses.

You have to import each seed into separate computers and derive the master public key individually. I'm assuming that you're able to do this, given that this would be the ideal setup for a secure airgapped multisig.
legendary
Activity: 2380
Merit: 5213
You may want to make a transaction to see a how a multi-signature wallet works, but if you only want to check if you have written down the seed phrases correctly, there is no need to make a transaction.
Just create a new 2 of 3 multi-signature wallet using the three seed phrases you have. If electrum generates the correct addresses, it means that you have written down the seed phrases correctly.
hero member
Activity: 840
Merit: 932
In 2/3 multi sig wallet two of the keys are actually ok to approve a transaction, so to test the other third key, I would just say you should try it out manually. Initiate another transaction and sign in with the third key and any one of the other ones just to check
jr. member
Activity: 48
Merit: 27
Hello,

I created an electrum 2/3 multisig Wallet on an air-gapped device.
The three seeds are geographically distributed.

I want to verify that I have well written the three seeds.
I have to create a "fake" transaction on electrum then sign it with the first key then export the PSBT then sign it with the second seed ? What about the third seed to check it's correct ?

Is there any other solution to check I own the correct seeds ?
Jump to: