Pages:
Author

Topic: Multisig and paper wallet (Read 289 times)

legendary
Activity: 2268
Merit: 18711
May 07, 2023, 10:03:58 AM
#24
In the cases of compromised wallet information a hacker or bad actor at least needs to access more than one device to steal the funds.
But this is only true if you have backed up your master public keys as you should have done. If you only have seed phrases, then to recover your wallet you must import all those seed phrases in to the same device, which completely removes the benefit of a multi-sig wallet requiring the compromise of multiple devices.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
May 07, 2023, 03:34:59 AM
#23
My point was one does not need to keep the Master Public key saved as they can find the keys when they try all three seeds one by one and each time they will get each Master Key. Then combine the master key and seed to recover the wallet. For a 2 of 3 wallet, two set is enough.
Half the point of a multi-sig is to have redundancy in the set up. A 2-of-3 wallet allows you to lose one seed phrase and still be able to recover your wallet, provided you have all three master public keys. If you don't save the master public keys, then you need all three seed phrases in order to recover the wallet, even if the wallet itself is 2-of-3.

You should absolutely back up your master public keys alongside your seed phrases. Without a copy of your master public keys, then you need to recover every single one of your seed phrases, which defeats the point of having a threshold number of signers.
I agree with the part of redundancy. But a multisig wallet is better than a standard wallet in terms of security. In the cases of compromised wallet information a hacker or bad actor at least needs to access more than one device to steal the funds.

If anyone as me how to keep their coins securely? My first suggestion is to buy a hardware wallet. And the second suggestion is to set up a m of n multi sig wallet.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
May 06, 2023, 11:19:28 AM
#22
Use a QR code generator to create QR codes of the public keys, and then print those codes on paper. This will save you from having to write out the long strings of characters by hand, and also reduces the risk of mistyping.
It introduces another risk: QR-code generators and readers often contain malware (such as replacing Bitcoin addresses by another one), and you don't want to use an online phone to scan a paper wallet. Clear text is much safer, just take a few minutes to type accurately.
copper member
Activity: 511
Merit: 63
3JGWcqUePDp5LqRNkTHuxcq8AX9iqu1HFz
May 06, 2023, 11:03:09 AM
#21
Use a QR code generator to create QR codes of the public keys, and then print those codes on paper. This will save you from having to write out the long strings of characters by hand, and also reduces the risk of mistyping.
legendary
Activity: 2268
Merit: 18711
May 06, 2023, 10:22:52 AM
#20
My point was one does not need to keep the Master Public key saved as they can find the keys when they try all three seeds one by one and each time they will get each Master Key. Then combine the master key and seed to recover the wallet. For a 2 of 3 wallet, two set is enough.
Half the point of a multi-sig is to have redundancy in the set up. A 2-of-3 wallet allows you to lose one seed phrase and still be able to recover your wallet, provided you have all three master public keys. If you don't save the master public keys, then you need all three seed phrases in order to recover the wallet, even if the wallet itself is 2-of-3.

You should absolutely back up your master public keys alongside your seed phrases. Without a copy of your master public keys, then you need to recover every single one of your seed phrases, which defeats the point of having a threshold number of signers.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
May 06, 2023, 10:14:27 AM
#19
Then you're turning your 2 of 3 into a 3 of 3. Imaging one of the seeds is in a safe deposit box in another country.
May be I don't understand you but I agree with Charles-Tim here. The seeds are what the OP needs to take care.
Obviously, you can recover your funds when you have all 3 keys. However, the point of using 2 of 3 multisig, is that you can recover your funds without the third private key. I didn't want to type a lot on mobile last night, luckily hosseinimr93 explained it nicely already:
Assuming you have seed phrases A, B and C, for generating your 2 of 3 multi-signature wallet and spending fund from that, you need:

Seed A, Seed B, MPK C
or
Seed B, Seed C, MPK A
or
Seed A, Seed C, MPK B

(MPK = master public key)
Didn't I say the same? But that's not my point. My point was one does not need to keep the Master Public key saved as they can find the keys when they try all three seeds one by one and each time they will get each Master Key. Then combine the master key and seed to recover the wallet. For a 2 of 3 wallet, two set is enough.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
May 05, 2023, 09:47:25 AM
#18
Assuming I have the three wallets on three devices and I lost one seed phrase, I will create another 2-of-3 multisig wallet and send my coins there.
That's exactly the scenario in which you need the pubkey from the third address.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
May 05, 2023, 09:03:35 AM
#17
I'd say: try it (on testnet). Multisig is quite annoying to deal with for the first time, but by doing it you'll know how it's done.
I know that 3 public keys are needed for making transaction in 2-of-3. Where the confusion is from is the fact that if I want to create a multisig wallet, I will create it on online wallet just as I explained above, or to better use hardware wallets for it. I can not think to the extent of creating a paper multisig wallet because that is not even the purpose of multisig wallet. Assuming I have the three wallets on three devices and I lost one seed phrase, I will create another 2-of-3 multisig wallet and send my coins there. But just the changes I can make is to never use seed phrase where master public keys can be used so that each seed phrase will not go beyond each single device.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
May 05, 2023, 08:01:56 AM
#16
Then you're turning your 2 of 3 into a 3 of 3. Imaging one of the seeds is in a safe deposit box in another country.
May be I don't understand you but I agree with Charles-Tim here. The seeds are what the OP needs to take care.
Obviously, you can recover your funds when you have all 3 keys. However, the point of using 2 of 3 multisig, is that you can recover your funds without the third private key. I didn't want to type a lot on mobile last night, luckily hosseinimr93 explained it nicely already:
Assuming you have seed phrases A, B and C, for generating your 2 of 3 multi-signature wallet and spending fund from that, you need:

Seed A, Seed B, MPK C
or
Seed B, Seed C, MPK A
or
Seed A, Seed C, MPK B

(MPK = master public key)

Assuming you have 2-of-3 multisig wallet and you have the 3 seed phrases in different locations. It is kind of confusing me because to me it is still 2-of-3 multisig wallet in which only two seeds are need to make transaction, not three seeds. And also this setup to me is still 2-of-3, not 3-of-3.
I'd say: try it (on testnet). Multisig is quite annoying to deal with for the first time, but by doing it you'll know how it's done.
legendary
Activity: 2268
Merit: 18711
May 05, 2023, 07:36:44 AM
#15
But you can use seed phrase to create the wallet without the use of the master public key too? The seed phrase can generate the master public key.
Yes, but doing so is pointless. If you are going to create or restore the wallet only using seed phrases, then why have a multi-sig wallet at all? The whole point of a multi-sig is to remove the single point of failure. Each wallet should only be created or restored using a single seed phrase, and the master public key from all the other shares, so that any single wallet is insufficient to spend the coins. If you are going to create or restore your multi-sig by putting all three seed phrases in to the same device, then all you have achieved with your multi-sig is increasing the size of your transactions and the fee you have to pay.

Each seed phrase should never leave the device on which it was generated, other than to be written down by hand as a back up. The only thing which should be transferred between devices are the master public keys.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
May 05, 2023, 07:26:48 AM
#14
You need two of three seed phrases for signing your transaction, but to create your wallet, you need the master public key that is derived from the other seed phrase too.
But you can use seed phrase to create the wallet without the use of the master public key too? The seed phrase can generate the master public key.

I did not understand the question correctly before. But according to what o_e_l_e_o posted, I understand that unknowncustomer wants to create multisig wallet offline. Never mind that I did not understand it that way before because that is not even the purpose of the creation of multisig wallet.

I will just prefer to make it simple for myself and create a standard wallet with just one seed phrase instead and I can use passhrase to extend the word. Having two more seed phrase backup in different locations instead.

The purpose of multisig wallet is for someone having more than one devices, or like an organization that set it up for the purpose of paying. Why should multisig wallet should be offline when its online safety is very high because of the multiple private keys on different devices.

If seeing it that a seed phrase can be lost, also the master public key can be lost either and the coins would be lost forever.

But if having three devices, like a laptop and two phones, it is an encouragement to setup 2-of-3 multisig wallet after knowing how to protect yourself from hackers and protecting your three devices. If you lose one seed phrase, you can setup another 2-of-3 multisig wallet and move your coins their immediately.

If you do not want to let your private key to be created online, there is nothing bad to get yourself a reputed open source hardware wallet and use it to setup the multisig wallet instead of creating a paper multisig wallet. Better to do it in a way that if you lose one seed phrase backup, you will still be able to setup another multisig wallet and move your coins there.
legendary
Activity: 2268
Merit: 18711
May 05, 2023, 06:40:43 AM
#13
Assuming you have 2-of-3 multisig wallet and you have the 3 seed phrases in different locations. It is kind of confusing me because to me it is still 2-of-3 multisig wallet in which only two seeds are need to make transaction, not three seeds. And also this setup to me is still 2-of-3, not 3-of-3.
The wallet itself is still 2-of-3, but if you have neither the seed phrase nor the master public key from the third share, then the first two seed phrases alone cannot regenerate your wallet and so cannot spend the coins. If you only back up three seed phrases and lose one of them, your coins are lost.

You can have digital copy of the pub keys. Anyone who have access of all the Master Pubic key does not mean they can restore the main wallet. As per my understanding it will restore a watch only wallet. With a watch only wallet they can not move the coin so you are safe.
You are correct in saying all the master public keys only allow the creation of watch only wallet which cannot spend your coins, but such a wallet also completely compromises your privacy and makes you a target for the attacker who was able to compromise your master public keys to now attempt to compromise your seed phrases.



I can write the 3 seeds on a paper with a pen but what about the pub keys Huh
Too many characters and a huge risk of mistyping.
You have three options, ranked in order of security from best to worst:

1) Write them by hand carefully, double check your work, and then test that you can recreate the wallet from what you have written. If you can, then you can rest assured you have not made any mistakes.
2) Print them using a dumb printer.
3) Save them electronically.
legendary
Activity: 2380
Merit: 5213
May 05, 2023, 03:37:47 AM
#12
It is kind of confusing me because to me it is still 2-of-3 multisig wallet in which only two seeds are need to make transaction, not three seeds.
You need two of three seed phrases for signing your transaction, but to create your wallet, you need the master public key that is derived from the other seed phrase too.

You create a 2 of 3 multi-signature wallet, so that you will be still able to spend your fund even if you lose one of the seed phrases.
Assuming you haven't saved the master public keys, will you be able to spend your fund if you lose one of the seed phrases? Can you generate your addresses? Note that before signing and broadcasting a transaction, you should create your wallet.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
May 05, 2023, 03:13:13 AM
#11
If you have a 2 of 3 multi-signature wallet and you have two of seed phrases and nothing else, you won't be able to restore your wallet.
Assuming you have 2-of-3 multisig wallet and you have the 3 seed phrases in different locations. It is kind of confusing me because to me it is still 2-of-3 multisig wallet in which only two seeds are need to make transaction, not three seeds. And also this setup to me is still 2-of-3, not 3-of-3.

I only see the master public key to be necessary if you are not the only one setting up to multisig wallet where the people that setup the wallet will not want to leak their seed phrase or private key to themselves, but want to let it remain known individually.
legendary
Activity: 2380
Merit: 5213
May 05, 2023, 02:56:59 AM
#10
May be I don't understand you but I agree with Charles-Tim here. The seeds are what the OP needs to take care.
LoyceV is right. You should keep the master public keys too.
If you have a 2 of 3 multi-signature wallet and you have two of seed phrases and nothing else, you won't be able to restore your wallet.

As I said in my previous post, if you have seed phrases A and B, you will need the master public key that is derived from the seed phrase C too.
legendary
Activity: 2800
Merit: 2736
Farewell LEO: o_e_l_e_o
May 04, 2023, 08:21:44 PM
#9
I can write the 3 seeds on a paper with a pen but what about the pub keys Huh
Too many characters and a huge risk of mistyping.

Any solution/idea ?
You can have digital copy of the pub keys. Anyone who have access of all the Master Pubic key does not mean they can restore the main wallet. As per my understanding it will restore a watch only wallet. With a watch only wallet they can not move the coin so you are safe.

Seeds are what you need to keep very safe. Worry about the seeds.

You'll need them to be able to use 2 out of 3 sets of seed phrases.
What I mean is that he has the seed phrase, the seed phrase can be used to always setup the wallet and spend from it. It is true that the public key is needed for to make transaction, but the seed phrase can always generate the public key and the private key needed for spending.
Then you're turning your 2 of 3 into a 3 of 3. Imaging one of the seeds is in a safe deposit box in another country.
May be I don't understand you but I agree with Charles-Tim here. The seeds are what the OP needs to take care. Even if he lose the Public Key [all of them], still he is safe. With individual seeds when you try to restore the wallet the first Master Public key will be it's own Public key. This way you can collect all three public key and restore the wallet.
legendary
Activity: 2380
Merit: 5213
May 04, 2023, 04:54:55 PM
#8
I don't understand what you mean, if he saves the 3 seeds he won't need to save also the 3 private keys to be able to sign the transactions because he can already spend from the wallet he accessed with the seeds.
In a 2 of 3 multi-signature wallet, you need two of seed phrases for signing transactions and all three master public keys for generating the wallet.
If you save three seed phrases and don't save any of master public keys, you will need all three seed phrases for making any transaction from your wallet and as mentioned by LoyceV, your wallet would be like a 3 of 3 multi-signature wallet.
You should save master public keys too, so that you can be able to spend fund even if you lose one of the seed phrases.


Assuming you have seed phrases A, B and C, for generating your 2 of 3 multi-signature wallet and spending fund from that, you need:

Seed A, Seed B, MPK C
or
Seed B, Seed C, MPK A
or
Seed A, Seed C, MPK B

(MPK = master public key)
hero member
Activity: 504
Merit: 625
Pizza Maker 2023 | Bitcoinbeer.events
May 04, 2023, 04:14:48 PM
#7
You'll need them to be able to use 2 out of 3 sets of seed phrases.
What I mean is that he has the seed phrase, the seed phrase can be used to always setup the wallet and spend from it. It is true that the public key is needed for to make transaction, but the seed phrase can always generate the public key and the private key needed for spending.
Then you're turning your 2 of 3 into a 3 of 3. Imaging one of the seeds is in a safe deposit box in another country.
I don't understand what you mean, if he saves the 3 seeds he won't need to save also the 3 private keys to be able to sign the transactions because he can already spend from the wallet he accessed with the seeds.
hero member
Activity: 1659
Merit: 687
LoyceV on the road. Or couch.
May 04, 2023, 03:22:23 PM
#6
You'll need them to be able to use 2 out of 3 sets of seed phrases.
What I mean is that he has the seed phrase, the seed phrase can be used to always setup the wallet and spend from it. It is true that the public key is needed for to make transaction, but the seed phrase can always generate the public key and the private key needed for spending.
Then you're turning your 2 of 3 into a 3 of 3. Imaging one of the seeds is in a safe deposit box in another country.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
May 04, 2023, 03:18:49 PM
#5
You'll need them to be able to use 2 out of 3 sets of seed phrases.
What I mean is that he has the seed phrases, the seed phrases can be used to always setup the wallet and spend from it. It is true that the public key is needed for making transaction, but the seed phrase can always generate the public key needed to setup the wallet and he can spend from it.
Pages:
Jump to: