Author

Topic: Sparrow and Electrum export related question - private keys accessible? (Read 189 times)

legendary
Activity: 2268
Merit: 18771
I searched through the Sparrow GitHub and found a few similar issues from other users, but they all seemed to be related to using signing devices which were not grinding for low R value, which is not the case for my transaction. Without sharing the transaction (because I don't want to compromise my privacy), the R value for each of my signatures was 32 bytes.

So I can't really explain it. I don't want to open an issue on Sparrow for the same privacy reasons, but as far as I can tell it was just that Sparrow was incorrectly estimating the size prior to the transaction being signed.
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
-snip-
Is there a way around this while using Sparrow? I'm so used to just setting 1 sat/vbyte on Electrum and not thinking twice.
Honestly, I never experienced this since I rarely use 1sat/vB and haven't consolidated UTXO in Sparrow.
I tried to reproduce it but it's limiting the fee rate to 1.1 sat/vB ("Create Transaction" is grayed out for 1sat/vB) if the software computed that 1sat/vB wont match to the absolute fee and size.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
For clarification in Sparrow wallet's fee rate, it must be because the transaction isn't final which is generally lower in size than a signed raw transaction.
After signing it, click "View Final Transaction" and you'll see the correct fee rate that you've set in the send tab.
I've only meddled with Sparrow thus far, and have only actually made a single transaction using it, but I ran in to this problem. I set the transaction fee as 1 sat/vbyte, signed it, tried to broadcast it, and was hit with a relay fee too low error from my node. The signed transaction ended up being 2 vbytes bigger so my transaction fee ended up as just under 1 sat/vbyte. Resigned it paying a fee of 1.1 sats/vbyte and it broadcast fine, but again, the signed transaction size was marginally bigger.

Is there a way around this while using Sparrow? I'm so used to just setting 1 sat/vbyte on Electrum and not thinking twice.

Although Sparrow is written in Java, it should be fairly straightforward to introduce a code change where the tx fee (in bytes, not sats/byte) is ensured to be a least the size of the transaction, only requiring some simple computer science to implement.
legendary
Activity: 2268
Merit: 18771
For clarification in Sparrow wallet's fee rate, it must be because the transaction isn't final which is generally lower in size than a signed raw transaction.
After signing it, click "View Final Transaction" and you'll see the correct fee rate that you've set in the send tab.
I've only meddled with Sparrow thus far, and have only actually made a single transaction using it, but I ran in to this problem. I set the transaction fee as 1 sat/vbyte, signed it, tried to broadcast it, and was hit with a relay fee too low error from my node. The signed transaction ended up being 2 vbytes bigger so my transaction fee ended up as just under 1 sat/vbyte. Resigned it paying a fee of 1.1 sats/vbyte and it broadcast fine, but again, the signed transaction size was marginally bigger.

Is there a way around this while using Sparrow? I'm so used to just setting 1 sat/vbyte on Electrum and not thinking twice.
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
-snip-
Yes I saw you can adjust it on Sparrow as well, but I don't know quite yet why Sparrow has a tendency to make the fee something like 1.3-1.4 sat/vByte even when I explicitly tell it do make it 1.
Where as Electrum would actually do it and not fool me (I was checking the transaction size and fee total value).
But it's fine now, I even did some multisig setups with Electrum now directly, also does the job.
Okay, Electrum is a good alternative anyways.

For clarification in Sparrow wallet's fee rate, it must be because the transaction isn't final which is generally lower in size than a signed raw transaction.
After signing it, click "View Final Transaction" and you'll see the correct fee rate that you've set in the send tab.
Optimizing it for "Privacy" could also meddle with the output amounts and fee.
newbie
Activity: 21
Merit: 21
I didn't quite like it that Sparrow would not let me lowball the fees as much as I wanted so I decided to export this Multisig wallet to a format compatible with Electrum wallet.
You can also manually edit the absolute fee in Sparrow just like in Electrum's advance transaction preview.
Just make sure that the fee "Rate" above it wont fall below 1 sat/vB or "Create Transaction" will be grayed-out.
Yes I saw you can adjust it on Sparrow as well, but I don't know quite yet why Sparrow has a tendency to make the fee something like 1.3-1.4 sat/vByte even when I explicitly tell it do make it 1.
Where as Electrum would actually do it and not fool me (I was checking the transaction size and fee total value).
But it's fine now, I even did some multisig setups with Electrum now directly, also does the job.
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
I didn't quite like it that Sparrow would not let me lowball the fees as much as I wanted so I decided to export this Multisig wallet to a format compatible with Electrum wallet.
You can also manually edit the absolute fee in Sparrow just like in Electrum's advance transaction preview.
Just make sure that the fee "Rate" above it wont fall below 1 sat/vB or "Create Transaction" will be grayed-out.
newbie
Activity: 21
Merit: 21
I just got spooked it still does display some private keys. So are these keys legit or just some private keys needed in part of the software seed to make the whole scheme work?
This is just partial keys and you need other parts in your setup to make it complete.
You can test multisig setup with bitcoin testnet coins and you don't have to waste any transactional fees using real Bitcoin.
There could be some issue with hardware wallets you used, because some of them like ledger and trezor don't have very good implementation for multisig, or it's incomplete and not totally safe.
Got it, thanks for letting me know.
I just did some test runs with with a 2 of 2 multisig setup with a Trezor and another Hardware Wallet. Successfully sent some dollars, wiped the devices, reactivated the seeds back onto them and recreated the initial multisig tree address and sent the funds back out from it.
Not sure if I should do another test run just to feel safer, haha. Before dumping in the big stack  Cheesy
legendary
Activity: 2212
Merit: 7064
I just got spooked it still does display some private keys. So are these keys legit or just some private keys needed in part of the software seed to make the whole scheme work?
This is just partial keys and you need other parts in your setup to make it complete.
You can test multisig setup with bitcoin testnet coins and you don't have to waste any transactional fees using real Bitcoin.
There could be some issue with hardware wallets you used, because some of them like ledger and trezor don't have very good implementation for multisig, or it's incomplete and not totally safe.
newbie
Activity: 21
Merit: 21
Hello everyone,
I am currently tinkering around with small fund amounts to learn how to use Multisig and I came across something weird that I cannot quite figure out myself.
In short, I set up a multisig 2 of 3 on Sparrow that was 1 software wallet (seedwords directly into the local machine) + 2 other hardware wallets.

I didn't quite like it that Sparrow would not let me lowball the fees as much as I wanted so I decided to export this Multisig wallet to a format compatible with Electrum wallet.
When I got to signing the transaction as I wanted it to, I ended up being asked to only provide signing by one of the hardware wallets (I supposed the seedphrase from the local software wallet also got expored).
Here is the part that worries me:
On Electrum if I go to Wallet > Private Keys > Export and I happen to want to open that, it will actually open a list of the miltisig address tree together with what appear to be secret keys (P2WSH type), without even asking me for a hardware wallet or it even being connected to the local machine, just the local software wallet seems to be enough.

Now maybe I am missing something here, even the Electrum software itself tells me in a warning message:
"WARNING: This is a multi-signature wallet.
It cannot be "backed up" by simply exporting these private keys."

I just got spooked it still does display some private keys. So are these keys legit or just some private keys needed in part of the software seed to make the whole scheme work?
My initial impression was they were somehow the actually private elements of the corresponding Multisig addresses listed on this wallet.
Just wanted to hear your thoughts on this. I might be just worried for nothing seeing this stuff (since my expectations were: no access to hardware wallets, no showing private keys)
Jump to: