Author

Topic: Multisig wallet (Read 341 times)

dhs
newbie
Activity: 9
Merit: 8
August 18, 2023, 02:18:14 PM
#25
My only concern then is the custom obfuscation method you have come up with. If your brother (for example) can recover an encrypted back up and a decryption key, then he can fairly easily try multiple standard decryption algorithms until he can recover your funds. If you've done something weird and again not backed it up on paper, he might be unable to figure it out.

If it is not me then three pieces (encrypted seed, how to decrypt it and encryption key) required in order to move funds. Six people divided in two groups and each group can access the funds. I tried to have in each group people that are not related for example little brother and a friend of mine who maybe met once or twice or mother and mother in law. I worked with multiple scenarios to see how I can be f@cked and I came up with something that is the least risky. Of course I will keep improving it. My previous encryption method was with books, I had the ISBN and then page and then the number of the word in the page but it was really hard to do it and I changed it to something much easier. A dictionary though would be a good alternative.   
legendary
Activity: 2268
Merit: 18771
August 18, 2023, 02:56:33 AM
#24
My TIN for example is impossible to forget so if I die lose my memory or whatever there are instructions and everything needed in a lot of different places.
Well, in that case you are not relying on your memory then. Tongue If you are one of the unlucky millions to experience memory loss each year, then you have multiple back ups of your TIN.

My only concern then is the custom obfuscation method you have come up with. If your brother (for example) can recover an encrypted back up and a decryption key, then he can fairly easily try multiple standard decryption algorithms until he can recover your funds. If you've done something weird and again not backed it up on paper, he might be unable to figure it out.
dhs
newbie
Activity: 9
Merit: 8
August 17, 2023, 03:37:04 PM
#23

I strongly advise to experiment and test every recovery procedure, be it something standard or be it homebrewed. Testnet bitcoins and wallets are also very neat for such desaster or heir recovery checks. If it doesn't work, you know you've done something wrong but it will only hurt your pride and not your real wallet. It doesn't make much sense to me to risk real coins for experiments and testing.
Not saying that Testnet coins aren't real but they are supposed to be worthless and the Testnet blockchain is made for, wait for it, testing!

Electrum e.g. can be invoked in Testnet mode simply by adding a command line switch --testnet. You can get free Testnet bitcoins from a faucet like https://testnet.coinfaucet.eu.

I didn't know about the electrum testnet I will try it thanks. I do a recovery test twice a year and I update things if needed.

None taken. The idea behind this is mostly to mislead. Like you see all the gibberish but you actually need very few of them, it's impossible to forget (though I have instructions in case I die or something) plus you would need another phrase (again impossible to forget it) in order to crack  it. I read all sorts of things people do for extra security only to overcomplicate things and end up losing their coins and made it really simple. The decryption key would be impossible to remember and losing it would cause the same problem as losing my seed phrase so why not just keep my seed as it is and store it somewhere safe?  Anyway the risk here is that my wife, brother and mother conspire all together to complete the puzzle, get my private keys and steal my money and all that over few sats? Then so be it I am ok with that. Thanks for everything I learned a lot of new things I will keep experimenting.
If you are using a proper method of encryption, you are not going to back up the decryption key to your memory for it to be impossible to remember like you said, you are going to back it up on paper and keep it as safe as you will keep your seed phrases separately.

You say everything is fine with your method of obfuscation, so be it! But the message here is just that many people have thought that their method of obfuscation is great and their memory is enough to protect their funds, but it usually turns out to be a terrible idea because we can't trust our brains with things like these for many reasons. So to avoid locking yourself out of your funds, a plain backup of your seed phrases and master public keys in more than one location is probably the best idea, but like i said, if you say everything is fine, then each to their own.


I wouldn't trust my mind for anything worth more than a dime. When you hide something and nobody else knows about that whether is seed phrase, decryption key or your own encryption method the risk is the same. You forget where you hid it you lose your funds that simple.

it's impossible to forget
Nothing is impossible to forget. A simple accident and blow to the head can result in you forgetting who your family members are. It can certainly result in you forgetting your homebrewed encryption.

Anyway the risk here is that my wife, brother and mother conspire all together to complete the puzzle, get my private keys and steal my money and all that over few sats?
So all three of them only know a part of the puzzle? So again, if anything happens to one of these people, your funds are inaccessible?

I would prefer to use something like 2-of-3 multi-sig here, where each of your three trusted contacts hold a single seed phrase (and the necessary xpubs). That provides security against a single malicious party as well as redundancy against the loss of one share.

My TIN for example is impossible to forget so if I die lose my memory or whatever there are instructions and everything needed in a lot of different places. What nobody as of now knows is that they need my TIN which is easy for my family to get from the tax agency when something bad happens to me. Two people are instructed to tell my brother who is more tech savvy to find my TIN and use it as a "decryption key. I have to brothers so if one dies I have the other one, If we all three die then it will be little bit difficult for my wife to get everything but still no funds lost. If everybody dies except me and I don't lose my memory still ok. If we all die then BTC becomes more scarce so all good Smiley
Bottom line is whatever method used has its risks you can not eliminate them, just minimize them as much as you can that's why I'm looking for potential mistakes that I have made and correct them.
legendary
Activity: 2268
Merit: 18771
August 14, 2023, 02:30:18 AM
#22
it's impossible to forget
Nothing is impossible to forget. A simple accident and blow to the head can result in you forgetting who your family members are. It can certainly result in you forgetting your homebrewed encryption.

Anyway the risk here is that my wife, brother and mother conspire all together to complete the puzzle, get my private keys and steal my money and all that over few sats?
So all three of them only know a part of the puzzle? So again, if anything happens to one of these people, your funds are inaccessible?

I would prefer to use something like 2-of-3 multi-sig here, where each of your three trusted contacts hold a single seed phrase (and the necessary xpubs). That provides security against a single malicious party as well as redundancy against the loss of one share.
legendary
Activity: 994
Merit: 1089
August 13, 2023, 05:42:54 PM
#21
None taken. The idea behind this is mostly to mislead. Like you see all the gibberish but you actually need very few of them, it's impossible to forget (though I have instructions in case I die or something) plus you would need another phrase (again impossible to forget it) in order to crack  it. I read all sorts of things people do for extra security only to overcomplicate things and end up losing their coins and made it really simple. The decryption key would be impossible to remember and losing it would cause the same problem as losing my seed phrase so why not just keep my seed as it is and store it somewhere safe?  Anyway the risk here is that my wife, brother and mother conspire all together to complete the puzzle, get my private keys and steal my money and all that over few sats? Then so be it I am ok with that. Thanks for everything I learned a lot of new things I will keep experimenting.
If you are using a proper method of encryption, you are not going to back up the decryption key to your memory for it to be impossible to remember like you said, you are going to back it up on paper and keep it as safe as you will keep your seed phrases separately.

You say everything is fine with your method of obfuscation, so be it! But the message here is just that many people have thought that their method of obfuscation is great and their memory is enough to protect their funds, but it usually turns out to be a terrible idea because we can't trust our brains with things like these for many reasons. So to avoid locking yourself out of your funds, a plain backup of your seed phrases and master public keys in more than one location is probably the best idea, but like i said, if you say everything is fine, then each to their own.
hero member
Activity: 714
Merit: 1010
Crypto Swap Exchange
August 13, 2023, 04:50:24 PM
#20
I'm not a fan of homebrewed obfuscation schemes because sometimes it doesn't provide the security the inventer thinks it should have and it might easily shoot you in your foot. Good to read you have presumably documented it well in case something happens to you or memory fades. As long as your heirs know where to find that documentation and all necessary other details, it should be fine.

I strongly advise to experiment and test every recovery procedure, be it something standard or be it homebrewed. Testnet bitcoins and wallets are also very neat for such desaster or heir recovery checks. If it doesn't work, you know you've done something wrong but it will only hurt your pride and not your real wallet. It doesn't make much sense to me to risk real coins for experiments and testing.
Not saying that Testnet coins aren't real but they are supposed to be worthless and the Testnet blockchain is made for, wait for it, testing!

Electrum e.g. can be invoked in Testnet mode simply by adding a command line switch --testnet. You can get free Testnet bitcoins from a faucet like https://testnet.coinfaucet.eu.
dhs
newbie
Activity: 9
Merit: 8
August 12, 2023, 03:06:20 PM
#19
No, they are encrypted by me, like you add something you multiply something and you get the word. It is really simple but really hard to crack it.
No offense, but this is a terrible idea.

You are in one of two situations here. Situation one is that you have backed up your method and the numbers/patterns/whatever used on a separate piece of paper. If this is the case, then whatever system you have come up with will be vastly inferior to using a proper encryption method such as AES, with the decryption key backed up on paper. Situation two is that you are relying on your brain remembering what you did to transform your seed phrase. It's widely known that you should never rely on your memory alone for something as important as your back ups, and I've spoken about why before: https://bitcointalksearch.org/topic/m.60342177.

So either you have much less security than you think you do, or you have a much higher risk of being unable to access your back ups if you need them. If you want to use something like this, then you should use a proper encryption method with the decryption key backed up on paper separately.

None taken. The idea behind this is mostly to mislead. Like you see all the gibberish but you actually need very few of them, it's impossible to forget (though I have instructions in case I die or something) plus you would need another phrase (again impossible to forget it) in order to crack  it. I read all sorts of things people do for extra security only to overcomplicate things and end up losing their coins and made it really simple. The decryption key would be impossible to remember and losing it would cause the same problem as losing my seed phrase so why not just keep my seed as it is and store it somewhere safe?  Anyway the risk here is that my wife, brother and mother conspire all together to complete the puzzle, get my private keys and steal my money and all that over few sats? Then so be it I am ok with that. Thanks for everything I learned a lot of new things I will keep experimenting.
legendary
Activity: 2268
Merit: 18771
August 12, 2023, 10:33:28 AM
#18
No, they are encrypted by me, like you add something you multiply something and you get the word. It is really simple but really hard to crack it.
No offense, but this is a terrible idea.

You are in one of two situations here. Situation one is that you have backed up your method and the numbers/patterns/whatever used on a separate piece of paper. If this is the case, then whatever system you have come up with will be vastly inferior to using a proper encryption method such as AES, with the decryption key backed up on paper. Situation two is that you are relying on your brain remembering what you did to transform your seed phrase. It's widely known that you should never rely on your memory alone for something as important as your back ups, and I've spoken about why before: https://bitcointalksearch.org/topic/m.60342177.

So either you have much less security than you think you do, or you have a much higher risk of being unable to access your back ups if you need them. If you want to use something like this, then you should use a proper encryption method with the decryption key backed up on paper separately.
dhs
newbie
Activity: 9
Merit: 8
August 12, 2023, 09:50:41 AM
#17


I don't really get that. There are two devices and when I spend I need to sign the transaction both with ledger and trezor. Am I missing something here?
Sorry - as nc50lc explained, I assumed you were importing two seed phrases in to the same copy of Electrum, rather than connecting two hardware devices. Using two hardware devices with the same copy of Electrum is perfectly fine - the two hardware wallets will only share their respective extended public keys with Electrum, with the seed phrases and private keys remaining secured within the hardware devices themselves.

So I still don't understand how would that be possible to import both seed phrases in one device.
Because you can import seed phrases directly in to Electrum itself. If you did this, then you would be completely negating the point of the hardware wallets.

As for the seed phrase I have so many backups that it is almost impossible to lose it and if somebody gets his dirty hands on it good luck getting the words out of something like this *sd67HqwΓχ9>11!äqQ7/&.0ψAξ.
What do you mean by that? Are you back ups encrypted? I hope you've also securely backed up you decryption key if that's the case.

Yeah it was a little bit confusing since it was pretty clear in my question that I'm using hardware wallets. I'm by no means an expert but I use hardrware wallets the last five years and found really weird to import two seed phrases at the same hardware wallet.

No, they are encrypted by me, like you add something you multiply something and you get the word. It is really simple but really hard to crack it.
legendary
Activity: 2268
Merit: 18771
August 12, 2023, 09:23:48 AM
#16
I don't really get that. There are two devices and when I spend I need to sign the transaction both with ledger and trezor. Am I missing something here?
Sorry - as nc50lc explained, I assumed you were importing two seed phrases in to the same copy of Electrum, rather than connecting two hardware devices. Using two hardware devices with the same copy of Electrum is perfectly fine - the two hardware wallets will only share their respective extended public keys with Electrum, with the seed phrases and private keys remaining secured within the hardware devices themselves.

So I still don't understand how would that be possible to import both seed phrases in one device.
Because you can import seed phrases directly in to Electrum itself. If you did this, then you would be completely negating the point of the hardware wallets.

As for the seed phrase I have so many backups that it is almost impossible to lose it and if somebody gets his dirty hands on it good luck getting the words out of something like this *sd67HqwΓχ9>11!äqQ7/&.0ψAξ.
What do you mean by that? Are you back ups encrypted? I hope you've also securely backed up you decryption key if that's the case.
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
August 11, 2023, 11:35:56 PM
#15
-snip-
I don't really get that. There are two devices and when I spend I need to sign the transaction both with ledger and trezor. Am I missing something here?
He just thought that you've created the 2-of-2 MultiSig wallet with seed phrases rather than hardware wallets.

In case of the latter, it's safe since the wallet only contains both device's mater public keys and master fingerprint.
For the former; it's what they've explained, a MultiSig containing the two cosigner master private keys defeats the purpose of a MultiSig wallet.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
August 11, 2023, 03:53:17 PM
#14
I don't know if I can do that. I will try to be more clear. Ledger and trezor two different devices. I follow this guide https://electrum.readthedocs.io/en/latest/multisig.html and as nc50lc correctly pointed I used the same electrum wallet and laptop when i set up the wallet that's why I didn't need public master keys.
From the link is this:

After generating a seed (keep it safely!) you will need to provide the master public key of the other wallet.

You can use the seed phrase instead, but not safe like using master public key.

But for backup, you will backup the two seed phrases differently in like two or three different locations because it is 2-of-2.
dhs
newbie
Activity: 9
Merit: 8
August 11, 2023, 03:18:17 PM
#13
As I see it right know this multisig seems like unnecessary risk. I already have my funds in a wallet that I created with ledger and then immediately reset but the recent ledger upgrade (although not happening) got me thinking alternatives. Though even if there is a backdoor as long as I don't recover the wallet in a ledger device I should be ok. As for the seed phrase I have so many backups that it is almost impossible to lose it and if somebody gets his dirty hands on it good luck getting the words out of something like this *sd67HqwΓχ9>11!äqQ7/&.0ψAξ.



How you setup the wallet?
On device one, you use seed phrase one and the seed phrase from device 2.
On device two, you use the seed phrase two and the seed phrase from device one.

I don't know if I can do that. I will try to be more clear. Ledger and trezor two different devices. I follow this guide https://electrum.readthedocs.io/en/latest/multisig.html and as nc50lc correctly pointed I used the same electrum wallet and laptop when i set up the wallet that's why I didn't need public master keys. then I reset both devices and import one seed phrase to ledger and one to trezor. but then I use the same electrum wallet and I have been asked to sign the transaction with both devices. So I still don't understand how would that be possible to import both seed phrases in one device. 

[moderator's note: consecutive posts merged]
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
August 11, 2023, 03:03:21 PM
#12
I don't really get that. There are two devices and when I spend I need to sign the transaction both with ledger and trezor. Am I missing something here?
What Leo means is that:

How you setup the wallet?
On device one, you use seed phrase one and the seed phrase from device 2.
On device two, you use the seed phrase two and the seed phrase from device one.

That means you expose your seed phrase on the two devices and that makes it to be less secure.

This is how it supposed to be:
On device one, use seed phrase one and master public key from device two seed phrase.
One device two, use seed phrase two and the master public key from device one seed phrase.

For the setup which is more secure, it should be like it. This in summary:

Device one
Seed phrase one. Master public key two

Device two
Seed phrase two. Master public key one.

So, this is not about the signature but about how you setup your 2-of-2 multisig wallet in a way that you will not expose the other seed phrases on the other devices.
dhs
newbie
Activity: 9
Merit: 8
August 11, 2023, 02:55:49 PM
#11
But if it's on the same Electrum wallet and machine, the master public key is already saved there with the first cosigner so it wont have to ask during the set-up of the second cosigner.

Yeah you're right that's exactly what I did.

This means you have imported both seed phrases in to the same wallet. While this will certainly let you spend your coins, it is a bad idea since it removes all the benefits you gain from a multi-sig wallet. Importing both seed phrases in to a the same wallet means that you now have a single point of failure, and compromise of that one wallet will lead to your coins being stolen. You should only import a single seed phrase and use the master public keys from the other cosigners. That wallet will then only be able to provide one signature, and not both. You would then move your partially signed transaction to a wallet on a different device which can provide the second signature.

I don't really get that. There are two devices and when I spend I need to sign the transaction both with ledger and trezor. Am I missing something here?

One the devices, you used the seed phrases for recovery, although with the master public key of the other device. That means you used the two seed phrases to recover or setup the wallet again. Also you will need the two seed phrase (private keys) to spend on the wallet.


Yeah maybe I didn't explain that right. I did reset the hardware wallets but the electrum wallet that I used was the same so when I had to move funds I just signed the transaction with ledger and trezor. 
legendary
Activity: 2268
Merit: 18771
August 11, 2023, 01:48:03 PM
#10
The thing is that when I created the wallet i didn't need the first master public key for the second cosigner although in the instructions it was clear that I would need that.
This means you have imported both seed phrases in to the same wallet. While this will certainly let you spend your coins, it is a bad idea since it removes all the benefits you gain from a multi-sig wallet. Importing both seed phrases in to a the same wallet means that you now have a single point of failure, and compromise of that one wallet will lead to your coins being stolen. You should only import a single seed phrase and use the master public keys from the other cosigners. That wallet will then only be able to provide one signature, and not both. You would then move your partially signed transaction to a wallet on a different device which can provide the second signature.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
August 11, 2023, 10:49:24 AM
#9
I would advocate for 2-of-2 as well. 2-of-3 introduces redundancies, but that model is more suitable for situations where you're facing the problem with uncooperative signers and doesn't necessarily improve your security. It just seems like an overkill. It might just provide the same security if you're using on a device than something less secure than the two current devices that you have.

Backing up your seeds multiple times in secured locations would be a given, no matter how redundant your Multisig system is.
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
August 11, 2023, 09:03:08 AM
#8
The thing is that when I created the wallet i didn't need the first master public key for the second cosigner although in the instructions it was clear that I would need that. I will try to recover the wallet with exodus this time and see what happens.
Have you setup the cosigners on different Electrum wallet on separate machines?
Because if so, Electrum will ask your the other cosigner's master public key which will be displayed after setting up the hardware wallet.
This must be what the instructions are for.

But if it's on the same Electrum wallet and machine, the master public key is already saved there with the first cosigner so it wont have to ask during the set-up of the second cosigner.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
August 11, 2023, 06:54:34 AM
#7
Thanks a lot for the replies. I have already created 2 of 2, did some test transactions and deleted and recovered the wallet no problem so far. The thing is that when I created the wallet i didn't need the first master public key for the second cosigner although in the instructions it was clear that I would need that. I will try to recover the wallet with exodus this time and see what happens.
One the devices, you used the seed phrases for recovery, although with the master public key of the other device. That means you used the two seed phrases to recover or setup the wallet again. Also you will need the two seed phrase (private keys) to spend on the wallet.

I think it can be done with 2 devices since I can create a seed phrase reset the device and create a new one. But I think 2 of 2 is ok.
If I have two hardware wallets, I will prefer to create 2-of-3 multisig wallet instead. The third device will either be my laptop or phone, the one that I know to be more secure between both. I will prefer my laptop which I do not use to browse than to watch Netflix and YouTube no ad version.

The reason I will prefer to go for 2-of-3 is the backup which I posted above, it is better than 2-of-2 backup that I will have to backup the seed phrases differently in different locations.
dhs
newbie
Activity: 9
Merit: 8
August 11, 2023, 06:06:19 AM
#6
Thanks a lot for the replies. I have already created 2 of 2, did some test transactions and deleted and recovered the wallet no problem so far. The thing is that when I created the wallet i didn't need the first master public key for the second cosigner although in the instructions it was clear that I would need that. I will try to recover the wallet with exodus this time and see what happens.




But the best is 2-of-3 which can make the backup better. But you will need three devices for it. Like 2 hardware wallets and 1 online wallet should be good and have the backup in different locations in this order:



I think it can be done with 2 devices since I can create a seed phrase reset the device and create a new one. But I think 2 of 2 is ok.

[moderator's note: consecutive posts merged]
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
August 11, 2023, 03:38:47 AM
#5
Do I need the master public keys of the cosigners in order to recover my wallet? The plan is to create a multisig with two hardware devices send some btc and then reset the devices and keep only the seed phrases.
It's not necessary since the master public key can be derived from the seed phrase or master private key,
but in 'N-of-M' when 'N' is lower than 'M', you must back them up to guarantee that you can still restore the wallet in case one of the cosigner seed became inaccessible.

In terms of 2-of-2 MultiSig, don't bother backing up the master public key since as I've mentioned, Electrum will show you the derived xpub during wallet restoration.
Moreover, losing one seed phrase will lock you out of your funds.
You don't need to include the other cosigner's xpub with the seed since a single backup of "Cosigner1 seed" + "Cosigner2 xpub" will just restore the wallet but wont let you spend.
Just keep the seed phrases safe in this case.

In terms of 2-of-3 MultiSig (in case you want to include another cosigner), you can back them up as:
(don't replace xpub with xprv since one backup will have two cosigner secrets)
  • "Cosigner1 seed" + "Cosigner2 xpub"
  • "Cosigner2 seed" + "Cosigner3 xpub"
  • "Cosigner3 seed" + "Cosigner1 xpub"

That way, even if you lose one backup, you can still restore the wallet since you still have access to the lost seed's xpub.
Since it only requires two signatures, having two seed phrases is enough to spend.

legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
August 10, 2023, 07:23:20 PM
#4
Adding to the reply above, make sure the seed option is on bip39 and since it is multi sig hardware wallet the derivation should be changed from the standard wallet which is m/44'/0'/0' to that of hardware wallet which is m/45'/0
This is BIP39 derivation paths for legacy address and multisig. Electrum is using different derivation paths.

If you want to know if the multisig setup is correct, the wallets on all the devices you used to setup the multisig wallet will have the same bitcoin addresses.
sr. member
Activity: 630
Merit: 298
August 10, 2023, 03:48:53 PM
#3
Adding to the reply above, make sure the seed option is on bip39 and since it is multi sig hardware wallet the derivation should be changed from the standard wallet which is m/44'/0'/0' to that of hardware wallet which is m/45'/0
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
August 10, 2023, 03:38:30 PM
#2
If it is 2-of-2, you will need the 2 seed phrases.
If it is 2-of-3, you will need the first and second seed phrases and the master public key generated by the third seed phrase. You can make anyone the first or second but I think you should understand what I mean.

Using two devices, it is 2-of-2 that you want to create. Make sure you backup your seed phrase differently in like two or three different locations.

But the best is 2-of-3 which can make the backup better. But you will need three devices for it. Like 2 hardware wallets and 1 online wallet should be good and have the backup in different locations in this order:

Seed phrase 1, master private key 2
Seed phrase 2, master private key 3
Seed phrase 3, master private key 1
dhs
newbie
Activity: 9
Merit: 8
August 10, 2023, 03:21:27 PM
#1
Hi,

I have a question about creating a multisig with electrum wallet. Do I need the master public keys of the cosigners in order to recover my wallet? The plan is to create a multisig with two hardware devices send some btc and then reset the devices and keep only the seed phrases. Thanks in advance.
Jump to: