Topic: I just created Bitcoin multi signature wallet for the first time. (Read 304 times)

Of course, having multiple backups for your keys in a single-sig setup will enable you that you can still access your assets even if one set of keys becomes lost for some reason. However, you still have a single point of failure. If any of these locations are compromised and your key is exposed (for example, stolen), your assets are lost. Therefore, multi-sig (or Shamir's secret sharing algorithm in the case of seed phrases).


Not true. Read how the multi-sig wallet actually works because I don't think you fully understand.



I disagree. We can argue that multi-sig wallets can indeed be seen as a bit more complex and require careful management, but, the added complexity comes with a higher level of security.
However, there are no "simpler viable alternatives" that offer the same, or at least nearly the same, level of security. This is evident from the simple fact that multi-sig wallets are preferred choice for those who prioritize safeguarding their assets, especially in business settings, when it comes to holding hundreds of thousands of bitcoins in cold wallets.

In a multisig set up you are not entrusting your private keys to anyone to keep it safe for you, take note that a multisig set up must not be for business purposes or for a group of people, you can set up one for yourself only and keep each key in separate devices to eliminate a single point of failure. Even if you set up a multisig wallet within a group, the right thing to do is ensure only one person cannot spend the funds, let's say in a group of 3, a 2-of-3 set up is good.
A passphrase is also a good extra layer of security, it also provides lesser backups than a multisig set up and can be used to create a situation of plausible deniability. So it is up to the user to decide which extra layer of security suits them.

Storing your keys in more than one place under single-sig provides you with multiple backups.


That doesn't seem much different than having a single-sig setup with backups.



Who said it did? Sure multi-sig may be a great option for you depending on your situation. I'm sure many institutions, companies and organizations make use of multi-sig.
But for the average individual joe, it is rather complex and difficult to manage, and there are more simple viable alternatives.

With single-sig, all your eggs are in one basket.  Lose the key, lose everything. But multi-sig spreads things out so you need more than one key to unlock the funds.  Even if one key is lost you can still recover access with the others (for example two-out-of-three signature setup).  This gives you backups. Multi-sig wallets have clear benefits, especially for redundancy and security and  you can't really compare them to single-sig wallets since they serve different purposes and give you varying levels of protection.


That's a wrong assumption. You can, for example, create a multi-sig wallet and be the sole owner of all keys.


This has nothing to do with a multi-sig wallet setup.

It is not that there is a standard seed that everyone uses to except maybe you used a master seed to generate all the private keys for the multi Sig wallet. But this increases the risk because if the seed gets compromised all the private keys associated to it will also be revealed.

But the standard way of creating multi sig wallet is where each Co-signer creates their individual seed phrase and also master public key. The co-signers would then share just the master public key with each other to be able to complete the wallet set up. This master public keys of yours and that of other co-Signers need to be backed up to been able to recover the wallet back. But the seed phrase isn’t shared between the co-signers.


The other way that they won’t be able to spend from a multi sig wallet if one seed phrase or key gets lost or the holder dies, is when it was specify from the creation of that wallet that the affect seed or key must be a singer of each transaction from that wallet. So if that seed or key isn’t available they can’t spend from the wallet

No, each person keeps his own keys safe. The person who has the seed phrase creates a public key and sends it to others, who inturn use it to create their private keys and they don't share it with each other.

Multisig wallet is mainly created to hold organizational funds and one of the importance is that when one of the keys is compromised, the funds cannot be stolen. The only way the funds could be lost forever when one of the consigners dies is when it's a 2 of 2, 3 of 3 or 4 of 4 multisig wallet. Having said that, a 2 of 4 multisig wallet (only needs 2 consigners to process the transaction) while a 3 of 4 multisig wallet (only needs 3 consigners to process the transaction).

What if the others who you are entrusting to keep your private keys safe for you, loses your keys? Well then I guess you are screwed.

The problem with a multisig setup is you have to trust someone else to secure your keys for you, which introduces counterparty risk.
That seems to go against the ethos of bitcoin which is supposed to be trustless.

I think for most a better and much more simple solution would be making use of passphrases/hidden wallets.

You can be the cosigners, and you can lost the seed phrase of a single signature wallet just as Z-tight commented. If more than one person want to have a wallet together, single signature wallet can not be used. If you properly know how to setup a multisig wallet, it is the most bitcoin wallet that people can have.

Most of the hack I have heard of are online wallets, which are commonly used by people that do not care about security and safety of their coins. Backup also matters and cloud storage also means a wallet is online even if you set it up on an air gapped device. Expect less mistake from someone that is using a multisig wallet than a person that only just go for online wallet, because online wallets are most vulnerable and required newbie-like knowledge.

You'll also lose your funds stored in your single signature wallet if you lose your keys, on that basis it is the same risk as a multisig wallet, but a multisig set up is more secure because it eliminates a single point of failure. Nobody should ever store their keys in the cloud or electronically. A multisig set up can protect you from being hacked if you set it up properly, and by that i mean in different devices, if the keys in one device is compromised, you have time to move your funds into another wallet.

What kind of safety are you looking for in the first place? It definitely improves your security if you want to prevent some random person from spending your money with one key if they manage to exploit it, at the same time it also introduces risk if you (and your co-signer) lose their keys. But if you store your keys recklessly I doubt it would help you that much. Multi-sig or not, it can't help you from being hacked due to social engineering or something similar. As far as I can remember, most Bitcoin hacks are related to those things (storing keys on cloud storage, etc). CMIIW.

The number of signatures required depends on your setup and it can be anything, even zero signatures but that gets too technical.

You have to find an actual scenario first and then design a script (smart contract) based on that scenario that predicts special cases like one of the cosigners passing away. Your script does not have to be a simple multi-sig, it can be a complex one with branches/conditionals, timelocks, etc.

For example in a company you can define a "senior authority" that has full control over spending the coins without needing anybody else. Then there are multiple "junior authorities" each with partial control that can spend the coins together. So two branches, one with a single sig and another with a 2of2 multisig for example.

It did count, because you need to have two wallets, and you cannot run two wallets to sign the transaction on one device, which means you will use 2 different devices, and the security level added here is, that when you will make a transaction, you have to sign the TX from the other wallet, but if in case, your main wallet got hacked and or the device got hacked, then your other device will avoid the hack, because hacker or scammer need access to both wallet, means both devices.

Well, at an organizational level, one can't be the only owner of the whole funds, because a company is run by many partners, so it would be wise to not hold all the funds by yourself only for many reasons, and some of which are briefly explained in this topic:

• Dangers of combining company and personal funds in the same account

You don't have to pass the phone, I don't understand which wallet are you using for multi-sig, but yeah, if you guys are truly want to hold funds for an organization then it is more than good to keep your recovery keys of yours to yourself only, because if your key is gone and the funds moved, then they will blame you not the hacker or thief of your key.
If two people die due to some unexpected incidents or their wallets are gone, then it becomes a problem for you, because you don't know where are the keys and how to get them. But my friend, IMHO, when you make a wallet, you get a recovery phrase, and you have to keep it safe, then another member makes a wallet and has to safe his own recovery phrase, and then the other one, the thing is, the public key is the one, that will be shared by you with both of them. That would connect you to them. And then they can sign your TX.

You can create a multisig wallet with people that are continents away from you, that means when setting up a multisig wallet for business purposes, your partners do not have to be present with you, and they shouldn't because each co-signer must never reveal their seed phrase or xprv to another cosigner. Each co-signer would create their own wallet in their own device, and everyone would communicate their xpub to each other, to complete the set up. Take note that each co-signer must back up their own seed phrase, xpub and the xpub's of the other co-signers, because it may be needed in the future if the establishment wants to recover the wallet.
When creating a multisig wallet for business purposes, the m-of-n should depend on what the owner or co-owners of the business want, if there are 5 co-owners, then a 3-of-5 multisig set up is good, if there are 3 co-owners, then a 2-of-3 set up is fine. The owners would make that decision after checking what the risks are.

1. Multisig wallet provides extra security for users that an intruder can not by any means gain access to funds by just having one key. To a degree it adds more security level since it can't be accessed by one one alone unlike single key wallets.

2. The idea behind multisig wallet is to protect co-partners from each other not to have access to funds without the knowledge of other partners, therefore if all multisig are made visible  to the knowledge of the three partners then the idea behind the multisig has been defeated even before you guys started it. Thus No, it shouldn't be visible to all.

3. It's possible two partners may die at same time particularly if they should happen to be in same car with a ghastly motor accident or anything in that manner, although it's rare both should die at same time but if that be the case it means the funds in the wallet is lost without.

Every wallet standard has its own affiliated risk it all depends on how we decide to manage these risks.

If the co-signers know each other's private key, there is no benefit from a multi-signature wallet. The weak point is that all of these signatures are created in one device, which means that if there is a virus or side doors in this computer, all the money will be lost.
One of the signatures could be a hardware wallet, and the second is a different software. This is an explanation of how to set up a Passport-Sparrow-multisig wallet. Passport is a hardware wallet.

https://bitcointalksearch.org/topic/m.62935342

If it is your personal Bitcoin wallet, only you has access to it is a mandatory condition for your bitcoin safety. If you lose access to someone else, you can lose your bitcoin.

Storing your private key offline, for either a single signature wallet or a multisig wallet, is a good practice.

If it is a business wallet, it should be shared by different people in a company. Because a company should not be collapsed because of a single person death.

You know it is one of reasons force Bitcoin developers to make multisig wallets for us to use.

A Crypto Exchange CEO Dies—With the Only Key to $137 Million

With multisig, there is increase in security.

The seed phrase or the private key an be used for spending.
The master public key or the public key is needed to completely setup the wallet (the seed phrase or the private key can be used but do not use it, I mean do not give other co-signers).
When you are setting up the wallet, all of you have seed phrase or private key, you will have that and do not share it.
The wallet will generate you the master public key from the seed phrase or the public key from the private key which is what you will share with co-signers.
The co-signers do not have each other seed phrase. Read further below for the other explanation.

If it is 5 people that are needed, you can make it 3-of-5 multisig. Which means 3 people are needed to make transactions, out of 5 people that setup the wallet. If two people died, then you have to transfer the coin to a newly setup multisig wallet. That can be done because only 3 people are required for making transaction. So it t depends on how you setup the multisig wallet. Assuming 4 signatures are required and 2 people died, that means the coin on the wallet has been lost.

Such wallet you're using is electrum wallet, if you pay attention well to what you called it, multisig means you can have more than one cosigners, which i believe electrum support upto three, this will help you increase the wallet security practice, this is now your decision to know how you could handle the keys depending on the cosigners having access to the same wallet.


If you're using multisig in this regard, you should be only concerned about your own keys, never mind about others because everyone will be handled with individually as a cosigner.


Am sure two people cannot die at the same time, if at least two can sign then there shouldn't be much difficulties in having access to the account.
 

It's safe because some account are good as being manage by two or more people, a good example are coorperative accounts, joint group or family account needs more than one cosigners, that's why you're choosing this purposely because you want more than one persons have access to the account being a joint account.

Yes it definitely gives you more security because instead of trying to duplicate your private keys into various locations you can just store each seeds into different locations and if one gets compromised the scammer or hacker wouldn’t be able to do anything with it without the other seeds and that could give you time to either move the funds out to another wallet.
But one thing about creating your a multi sig wallet is if you use one device for it and also to regularly sign a transaction then the point of failure still remains one, which defeats the purpose of having multi sig.


This is a bad idea to set up a multi sig, never use a single device just like I have said above it makes the risk high. All other co-signers should have their device and it should be an offline device then you create your seed and a master public key then you share your public key with other co-signers and then wait for them to create there’s and then send you their master public keys and once you get them all you can finish up the wallet creation.
Two things to note;
1. The address should be check and compared with all co-signers so that they are the same.
2. All co-signers master public must begin with same letter as prefix so compare it to check of it is done well.


Only the number of co-signers set up as been able to sign a transaction can do that, if the other seeds are lost then one seed can never sign a transaction from that wallet and it is all

1. Multisig wallet should be secured if your wallet is 2of3 multisig when making a transaction it requires two cosigners to be able to process a transaction. If you only have one signature without another cosigner you won't be able to process a transaction.

2. Depending on how you create a multi-sig wallet the other two parties should provide only a public key when creating a multi-sig wallet. Meaning you don't have control of their keys.
Unless the company lets you create all the keys to create a multi-sig wallet.

3. If it's 2 of 3 multi-sig wallets then you won't be able to process a transaction without one more key.

Never heard someone hack a multisig wallet so for me it should be safe.