Topic: Multisig wallet (Read 285 times)

If it is not me then three pieces (encrypted seed, how to decrypt it and encryption key) required in order to move funds. Six people divided in two groups and each group can access the funds. I tried to have in each group people that are not related for example little brother and a friend of mine who maybe met once or twice or mother and mother in law. I worked with multiple scenarios to see how I can be f@cked and I came up with something that is the least risky. Of course I will keep improving it. My previous encryption method was with books, I had the ISBN and then page and then the number of the word in the page but it was really hard to do it and I changed it to something much easier. A dictionary though would be a good alternative.   

Well, in that case you are not relying on your memory then. If you are one of the unlucky millions to experience memory loss each year, then you have multiple back ups of your TIN.

My only concern then is the custom obfuscation method you have come up with. If your brother (for example) can recover an encrypted back up and a decryption key, then he can fairly easily try multiple standard decryption algorithms until he can recover your funds. If you've done something weird and again not backed it up on paper, he might be unable to figure it out.

I didn't know about the electrum testnet I will try it thanks. I do a recovery test twice a year and I update things if needed.

I wouldn't trust my mind for anything worth more than a dime. When you hide something and nobody else knows about that whether is seed phrase, decryption key or your own encryption method the risk is the same. You forget where you hid it you lose your funds that simple.


My TIN for example is impossible to forget so if I die lose my memory or whatever there are instructions and everything needed in a lot of different places. What nobody as of now knows is that they need my TIN which is easy for my family to get from the tax agency when something bad happens to me. Two people are instructed to tell my brother who is more tech savvy to find my TIN and use it as a "decryption key. I have to brothers so if one dies I have the other one, If we all three die then it will be little bit difficult for my wife to get everything but still no funds lost. If everybody dies except me and I don't lose my memory still ok. If we all die then BTC becomes more scarce so all good
Bottom line is whatever method used has its risks you can not eliminate them, just minimize them as much as you can that's why I'm looking for potential mistakes that I have made and correct them.

Nothing is impossible to forget. A simple accident and blow to the head can result in you forgetting who your family members are. It can certainly result in you forgetting your homebrewed encryption.

So all three of them only know a part of the puzzle? So again, if anything happens to one of these people, your funds are inaccessible?

I would prefer to use something like 2-of-3 multi-sig here, where each of your three trusted contacts hold a single seed phrase (and the necessary xpubs). That provides security against a single malicious party as well as redundancy against the loss of one share.

If you are using a proper method of encryption, you are not going to back up the decryption key to your memory for it to be impossible to remember like you said, you are going to back it up on paper and keep it as safe as you will keep your seed phrases separately.

You say everything is fine with your method of obfuscation, so be it! But the message here is just that many people have thought that their method of obfuscation is great and their memory is enough to protect their funds, but it usually turns out to be a terrible idea because we can't trust our brains with things like these for many reasons. So to avoid locking yourself out of your funds, a plain backup of your seed phrases and master public keys in more than one location is probably the best idea, but like i said, if you say everything is fine, then each to their own.

I'm not a fan of homebrewed obfuscation schemes because sometimes it doesn't provide the security the inventer thinks it should have and it might easily shoot you in your foot. Good to read you have presumably documented it well in case something happens to you or memory fades. As long as your heirs know where to find that documentation and all necessary other details, it should be fine.

I strongly advise to experiment and test every recovery procedure, be it something standard or be it homebrewed. Testnet bitcoins and wallets are also very neat for such desaster or heir recovery checks. If it doesn't work, you know you've done something wrong but it will only hurt your pride and not your real wallet. It doesn't make much sense to me to risk real coins for experiments and testing.
Not saying that Testnet coins aren't real but they are supposed to be worthless and the Testnet blockchain is made for, wait for it, testing!

Electrum e.g. can be invoked in Testnet mode simply by adding a command line switch --testnet. You can get free Testnet bitcoins from a faucet like https://testnet.coinfaucet.eu.

None taken. The idea behind this is mostly to mislead. Like you see all the gibberish but you actually need very few of them, it's impossible to forget (though I have instructions in case I die or something) plus you would need another phrase (again impossible to forget it) in order to crack  it. I read all sorts of things people do for extra security only to overcomplicate things and end up losing their coins and made it really simple. The decryption key would be impossible to remember and losing it would cause the same problem as losing my seed phrase so why not just keep my seed as it is and store it somewhere safe?  Anyway the risk here is that my wife, brother and mother conspire all together to complete the puzzle, get my private keys and steal my money and all that over few sats? Then so be it I am ok with that. Thanks for everything I learned a lot of new things I will keep experimenting.

No offense, but this is a terrible idea.

You are in one of two situations here. Situation one is that you have backed up your method and the numbers/patterns/whatever used on a separate piece of paper. If this is the case, then whatever system you have come up with will be vastly inferior to using a proper encryption method such as AES, with the decryption key backed up on paper. Situation two is that you are relying on your brain remembering what you did to transform your seed phrase. It's widely known that you should never rely on your memory alone for something as important as your back ups, and I've spoken about why before: https://bitcointalksearch.org/topic/m.60342177.

So either you have much less security than you think you do, or you have a much higher risk of being unable to access your back ups if you need them. If you want to use something like this, then you should use a proper encryption method with the decryption key backed up on paper separately.

Yeah it was a little bit confusing since it was pretty clear in my question that I'm using hardware wallets. I'm by no means an expert but I use hardrware wallets the last five years and found really weird to import two seed phrases at the same hardware wallet.

No, they are encrypted by me, like you add something you multiply something and you get the word. It is really simple but really hard to crack it.

Sorry - as nc50lc explained, I assumed you were importing two seed phrases in to the same copy of Electrum, rather than connecting two hardware devices. Using two hardware devices with the same copy of Electrum is perfectly fine - the two hardware wallets will only share their respective extended public keys with Electrum, with the seed phrases and private keys remaining secured within the hardware devices themselves.

Because you can import seed phrases directly in to Electrum itself. If you did this, then you would be completely negating the point of the hardware wallets.

What do you mean by that? Are you back ups encrypted? I hope you've also securely backed up you decryption key if that's the case.

He just thought that you've created the 2-of-2 MultiSig wallet with seed phrases rather than hardware wallets.

In case of the latter, it's safe since the wallet only contains both device's mater public keys and master fingerprint.
For the former; it's what they've explained, a MultiSig containing the two cosigner master private keys defeats the purpose of a MultiSig wallet.

From the link is this:


You can use the seed phrase instead, but not safe like using master public key.

But for backup, you will backup the two seed phrases differently in like two or three different locations because it is 2-of-2.

As I see it right know this multisig seems like unnecessary risk. I already have my funds in a wallet that I created with ledger and then immediately reset but the recent ledger upgrade (although not happening) got me thinking alternatives. Though even if there is a backdoor as long as I don't recover the wallet in a ledger device I should be ok. As for the seed phrase I have so many backups that it is almost impossible to lose it and if somebody gets his dirty hands on it good luck getting the words out of something like this *sd67HqwΓχ9>11!äqQ7/&.0ψAξ.

---

I don't know if I can do that. I will try to be more clear. Ledger and trezor two different devices. I follow this guide https://electrum.readthedocs.io/en/latest/multisig.html and as nc50lc correctly pointed I used the same electrum wallet and laptop when i set up the wallet that's why I didn't need public master keys. then I reset both devices and import one seed phrase to ledger and one to trezor. but then I use the same electrum wallet and I have been asked to sign the transaction with both devices. So I still don't understand how would that be possible to import both seed phrases in one device. 

[moderator's note: consecutive posts merged]

What Leo means is that:

How you setup the wallet?
On device one, you use seed phrase one and the seed phrase from device 2.
On device two, you use the seed phrase two and the seed phrase from device one.

That means you expose your seed phrase on the two devices and that makes it to be less secure.

This is how it supposed to be:
On device one, use seed phrase one and master public key from device two seed phrase.
One device two, use seed phrase two and the master public key from device one seed phrase.

For the setup which is more secure, it should be like it. This in summary:

Device one
Seed phrase one. Master public key two

Device two
Seed phrase two. Master public key one.

So, this is not about the signature but about how you setup your 2-of-2 multisig wallet in a way that you will not expose the other seed phrases on the other devices.

Yeah you're right that's exactly what I did.


I don't really get that. There are two devices and when I spend I need to sign the transaction both with ledger and trezor. Am I missing something here?



Yeah maybe I didn't explain that right. I did reset the hardware wallets but the electrum wallet that I used was the same so when I had to move funds I just signed the transaction with ledger and trezor. 

This means you have imported both seed phrases in to the same wallet. While this will certainly let you spend your coins, it is a bad idea since it removes all the benefits you gain from a multi-sig wallet. Importing both seed phrases in to a the same wallet means that you now have a single point of failure, and compromise of that one wallet will lead to your coins being stolen. You should only import a single seed phrase and use the master public keys from the other cosigners. That wallet will then only be able to provide one signature, and not both. You would then move your partially signed transaction to a wallet on a different device which can provide the second signature.

I would advocate for 2-of-2 as well. 2-of-3 introduces redundancies, but that model is more suitable for situations where you're facing the problem with uncooperative signers and doesn't necessarily improve your security. It just seems like an overkill. It might just provide the same security if you're using on a device than something less secure than the two current devices that you have.

Backing up your seeds multiple times in secured locations would be a given, no matter how redundant your Multisig system is.

Have you setup the cosigners on different Electrum wallet on separate machines?
Because if so, Electrum will ask your the other cosigner's master public key which will be displayed after setting up the hardware wallet.
This must be what the instructions are for.

But if it's on the same Electrum wallet and machine, the master public key is already saved there with the first cosigner so it wont have to ask during the set-up of the second cosigner.

One the devices, you used the seed phrases for recovery, although with the master public key of the other device. That means you used the two seed phrases to recover or setup the wallet again. Also you will need the two seed phrase (private keys) to spend on the wallet.

If I have two hardware wallets, I will prefer to create 2-of-3 multisig wallet instead. The third device will either be my laptop or phone, the one that I know to be more secure between both. I will prefer my laptop which I do not use to browse than to watch Netflix and YouTube no ad version.

The reason I will prefer to go for 2-of-3 is the backup which I posted above, it is better than 2-of-2 backup that I will have to backup the seed phrases differently in different locations.

Thanks a lot for the replies. I have already created 2 of 2, did some test transactions and deleted and recovered the wallet no problem so far. The thing is that when I created the wallet i didn't need the first master public key for the second cosigner although in the instructions it was clear that I would need that. I will try to recover the wallet with exodus this time and see what happens.

---

I think it can be done with 2 devices since I can create a seed phrase reset the device and create a new one. But I think 2 of 2 is ok.

[moderator's note: consecutive posts merged]