Topic: Solution for 2-of-3 paper wallets without multisig feature (Read 1720 times)

Ok, so here's the script that I use to generate 2-of-3 paper wallets (can easily be modified for N-of-M). Hopefully some people can use this until the time when bitcoin clients support multisig transactions.
It generates a html file with three parts of one paper wallet.

I've tested it for bitcoin and peercoin. Whatever vanitygen can generate is supported.
Linux Dependencies: vanitygen ssss qrencode (zbar-tools)


use the following lines to test recovery


be aware that the files generated contain your private key and are not cleaned up by this script. Only generate paper wallets on an offline computer running LiveCD.

Here's an improved version of the OP: edit: See next post for further improved version

To generate the QR codes for the private key in file testprivkey

To recover the private key:

I will give this a go and probably add some comfort to the scripts

Unfortunately, not all tools used are on standard ubuntu liveCD. You need to
But anyway, I'd prefer to use the satoshi client to generate the bitcoin address (minimum trust)

No, not a surprise. But adapting armory for altcoins is out of reach for me. So I'm looking for a solution that solves my problem for any coin (or any secret)

Since sss works on data of any kind there's really no limitations on where it can be used, altcoin or not

Well considering most altcoins are clones or near clones of bitcoin, that's not really much of a surprise

Great, thanks. But it seems this is not yet an official, mature feature (and currently everybody's waiting for the next release including important fixes anyway). And I would prefer a very simple solution that could be run from a liveCD. Your hint leads me to the following:


This seems like a very elegant solution to me, as it is very easy to reproduce. One could even print the necessary bash script next to the QR code on the paper wallet.

And there's more: This solution can be applied to any altcoin as well

yep - armory has the most advanced wallet features out there.

BIP38 is supported by http://www.bit2factor.org/
It can be saved and run offline.

I think armory already implemented m-of-n backups based on shamir's secret sharing algorithm. Check the armory subforum for details.

As the multisig feature is not yet supported by any bitcoin client (at least not for spending the coins) I was thinking about another way to get a 2-of-3 paper wallet.

edit: You can directly jump to the improved version

The basic idea is:

• split private key in two files
• use parchive to generate a recovery file
• generate qr codes for the three files

now you only need two of those three QR codes to recover your private key.

I tried this with the following detailed procedure:

Private Key: 5JYTix96fp8JtwWF1Vq3gBaM5p31GyYK94K5ezLdUaF3VBZkJ7G

file testprivkey1

file testprivkey2


generate PAR recovery file

you get an index file test.par and a recovery file test.p01. You don't need to keep the index file, it's only used for checksum validation

generate QR codes

print it. make sure you mark which code stands for which file

To decode with only testprivkey1 and test.p01:

now you just need to concatenate the two sides. done.


The only question that remains is: Can I be sure that the private key cannot be recovered from only the recovery file itself? Not with parchive tool itself, but as parchive is not designed to make this impossible (quite the opposite) I would apprechiate educated comments on my proposal

One approach to make sure the recovery file is not sufficient to recover the private key could be to add random data to the files testprivkey1&2.
The amount of random data would be limited by reasonable QR code size. The recovery file should then have the same size as the input files