Topic: Trying to run Coinbase multisig-tool locally on Linux (Read 698 times)

I just read how Coinbase multisig vault works and it seems to be regular 2-of-3 multisig address[1]. Creating multi-sig wallet on Electrum isn't hard either[2]. But if Electrum generate different address, you'll need to check why it happens (such as different derivation or spend script) which could be tricky.

[1] https://help.coinbase.com/en/coinbase/managing-my-account/other/the-multisig-vault
[2] https://bitcoinelectrum.com/creating-a-multisig-wallet/

Is it a 100% certainty that the addresses it generates are going to be the same?

Because when I enter the public keys from her Coinbase multisig PDF into the deprecated online tool, it generates the exact same addresses as the ones that Leo generated using the dlajarretie fork (using the same public keys). The addresses it generates all have zero transactions.

If there is even a fraction of a percentage chance that there is a chance the addresses it generates are not the correct ones, I still want to try different ways to check it.

Also, is this idea of Leo a viable option that could potentially generate different results/addresses? If yes, how hard is it to set this up?

99% of the time deprecated in software means that it does work to an extent but is no longer supported.
In this case it is no longer supported and certain things do not work like the API call but, the addresses that it generates are going to be the same.

The math the generates the addresses did not change.

-Dave

AFAIK "deprecated" doesn't necessarily mean it's broken (generating wrong address in this case). forked/dlajarretie version have 3 additional commits, where the commit message mention about fixing API which used to fetch UTXO/address and adding redeem address field[1]. So i would also guess the original/coinbase version have warning "deprecated" because it can't show balance.

[1] https://github.com/dlajarretie/multisig-tool/commits/master/

Sorry again for taking so long to respond back to the thread. Thank you a lot for taking the time to do this.

I can confirm that I see the exact same addresses that you do after I enter the 3 xpub's you provided into tool (see screenshot):

https://ibb.co/zQC2KYr

My question now is, why would the "deprecated" multisig tool provide the same addresses as the functional forked version?

If the deprecated online tool is broken, shouldn't it generate different addresses?

Does it mean that the deprecated multisig tool shows the addresses correctly but is only called deprecated because it simply can't display the balance and shows "Failed!"?

Or could it mean that the functional forked version has also become deprecated recently without anyone's awareness? I have seen o_e_l_e_o use the dlajarretie forked version successfully in previous threads (~1 year ago) and retrieved funds for other people, so it means the tool was working correctly at some point.

If indeed there is a possibility that the forked version has stopped working, would there be any way to figure that out?


Also alexeyneu, I see you also were able to run the tool in your own way. I would very much appreciate if you could also enter the same xpub's as ABCbits in your own locally run version of the tool to see if your version generates the same addresses. He generated these xpub's on https://coinb.in/#newHDaddress but it shouldn't matter or be different than the xpubs from a real coinbase multisig to run this experiment right?

Coinbase key: xpub661MyMwAqRbcGqtAaT4hM49fAHjAcjwFAjJ5Mm6jvj7i3gShCFBZCP3KTK77LMsRaoMEWnxfQVm rSQzwkKTkRLTzGAbVW6VALJLbYTZB6Xv

Shared key: xpub661MyMwAqRbcFmLMQnbT1nCWXifijB3oT5FTzxpDnGUHKdzfuZgrBnr72LTwYvdr2nHr9Y2bzgS r2sP2GphvhsjxSVAP3Agr5UXbw4rtQLr

User key:
xpub661MyMwAqRbcGsXgZhydEeP6tbbsJUMuPQDoyq4fiwWC4ZBqgoe96VkG7mGbPop67pkKLB6uj9N PFwPbV8v85o7i62N7phFCXcSTBtAn12Z

now the whole thing

let me show it

thing i've written early (with exception of libssl-dev )  +


dpkg goes without --force-all 

Nowadays the best way to get python 2.7 quickly is by using a Docker image, or else you're going to be dealing with dependency hell while you compile the Python source code because it needs a few older dependencies which are not packaged by most distributions anymore. (In particular: PyQt4 is the worst offender).

I actually prefer this method to booting up a VM and installing 2.7 from source.

Here's what i promised few days ago. I use Debian 11 installer from https://cdimage.debian.org/cdimage/unofficial/non-free/cd-including-firmware/archive/11.9.0-live+nonfree/amd64/iso-hybrid/debian-live-11.9.0-amd64-xfce+nonfree.iso and install it on Virtual Machine (VM).

Use these command to prepare the environment.


Here's version of the environment.


Use https://coinb.in/#newHDaddress to generate xPrv and xPub.


Setup and run multisig-tool.


Open browser and type "http://127.0.0.1:8000/", then enter 3 xpub and click button "Continue". Afterwards, i see following page.



Here's screenshot when i do same thing on https://coinbase.github.io/multisig-tool/ on different OS. At a glance, both https://github.com/dlajarretie/multisig-tool and https://coinbase.github.io/multisig-tool/ generate same address.



https://coinbase.github.io/multisig-tool/ shows many "Loading..." due to error when obtaining balance of the generated address.

It's not python but an older version of python.
You can't run the 3.x for this you need 2.x which as @ABCbits said can be a PITA to install.

Same with old versions of other things too.

It's why I have a bunch of linux DVDs from 2012. Just in case I have to install some package that disappeared off the internet.

-Dave

I never say i'm programmer, although i know how to operate computer. I also never say i don't know to install Python. What i said is difficulty installing Python 2 on newer Linux distro.

you're programmer right? but you say you do not know how to install python

I need to install Debian 11 on VM and setup few things. I'll give an update (whether success or failure) in next few days.


I don't understand why you quote my old post and said "wtf really".

wtf really

I know it's a hassle for you to set up the environment again but if you could do this one last time I'd really appreciate it.

Could you please run the Coinbase tool (the forked version that's apparently the one that works): https://github.com/dlajarretie/multisig-tool

And then use the exact same 3 pub keys and use it on the online tool https://coinbase.github.io/multisig-tool/

So that I can see if both versions give you the exact same results (addresses generated)?

Please make sure that for the forked "dlajarretie" version, you use the correct computer environment and run the tool locally. And for the online website version tool, make sure you do NOT use the computer environment and do not run it locally.

If it does, then it means that either the forked "dlajarretie" version isn't working correctly, or it means that the online website version is working correctly.

If you don't mind, please also post the 3 pub keys you used here so I can check and see if I get the same results.

Thank you.

I would like to know if the *Coinbase Multisig Vault recovery tool* (https://coinbase.github.io/multisig-tool/) (which is supposedly no longer working correctly) would generate the EXACT same addresses as the "functional" forked version which is supposedly working correctly (https://github.com/dlajarretie/multisig-tool).

I want to know that for certain. Is there any way to find out if both (non-functional and functional) versions of this coinbase recovery tool will generate the exact same addresses in *Step 1* when you enter all 3 public keys?

Because when I enter the 3 public keys in step 1, the addresses that are generated in the list are all empty with zero transactions. Yet, the addresses that are generated are identical in both the non-functional and functional version of the tool. Can someone who has their own PDF with their own 3 public keys test this out and let me know if the 2 tools generate identical addresses for them as well?

Can you be specific which kind of help or guidance you need? I already mention my computer environment and command used to run Coinbase tool.

I got very sad to learn that Leo has said his farewell to the community. He was extremely helpful to me and I did not get to say a proper goodbye to him. I was meaning to send him a message for weeks but I kept postponing it. I can't believe that he is now gone and I am beating myself up for not sending the message just 1 week earlier. I hope wherever he is, he can somehow find the strength to beat his disease. I want to thank you a lot for so much effort and help you put into helping me. So thank you.


And for the community who was following this thread earlier, I want to give some updates and ask for some insights.

Earlier in December I finally managed to message Leo the 3 xpub keys so that he can check the addresses for me. However the addresses that he generated for are the exact same ones that the DEPRECATED Coinbase multisig recovery website generates when I enter the xpub keys myself.

When I followed the instructions in this thread and used the forked version instead (with correct API) and ran it locally (as per instructions), it also generated the exact same addresses. I assumed I had done it wrongly, because when I clicked F12 on Chrome, it did show the errors I previously mentioned in this thread:
I am surprised that the addresses Leo generated are the exact same ones as the DEPRECATED "Coinbase Multisig Vault recovery tool" which can be found on this link: https://coinbase.github.io/multisig-tool/

Based on threads of many other users I assumed this tool is no longer working correctly and you'd need a forked version: https://github.com/dlajarretie/multisig-tool

The only difference when I used the deprecated one and the forked one is that in the latter it does not show the "Failed!" message, but both tools still generate the exact same addresess. Shouldn't they generate different addresses if it's deprecated / broken?

All addresses show 0 transactions and I am hoping that somehow there's still a way to figure this out.

Can someone here with more knowledge than me explain to me if this is correct? Does anyone have access to their own Coinbase PDF and can enter their xpub on the deprecated one and the forked one to see if it generates the same ones?

If no one can test it with a real Coinbase PDF, would it be possible to test it with the method ABCbits provided earlier on generating 3 random xpub's?
I would really appreciate any help and guidance on this. The vault belongs to my love and if there is any bitcoins in there it'll help her tremendously.

Have you at least managed to identify the addresses and balances you are trying to gain access to here? You mentioned to me in your PMs that you are not sure how much bitcoin is stored in this vault.

Since we are struggling to get this to work for you, if you like you could send me your three xpubs (not private keys) and I could at least look up the addresses and balance for you. The only thing you lose by doing so is privacy by account of me knowing the addresses - there is no way for me to steal your coins from only knowing your xpubs. At least then we would know if you are wasting all this time trying to recover a very small amount of money. If you like I can provide you with my PGP key so you can encrypt any communication.

And moving forward, since we can't seem to get this tool working for you, then we could instead try going down the path of manually extracting the necessary xprv from your two keys and then recreating the multi-sig wallet in Electrum.

In order to check if "Failed!" message is due to my setup, opposed to the xPub keys, I tried generating it through the link you provided.
I went on "https://coinb.in/#newHDaddress" and clicked "generate", then clicked on the ">" arrow next to xPub address. Then I changed "1" to "3" in the "Index (End)" section.
I copied address 1, 2 and 3 and entered them in the step 1 of the Coinbase multisig tool.
This time when I click "continue" in step 1, it generated a different list of addresses than before when I used the xPub's on the PDF, however the "Failed!" message and text turning red still occured (so "balance" never shows).

Did I generate the xPub keys correctly? If so, then the fault here lies in my setup right?

Before I started troubleshooting in this thread, I used ChatGPT for tons of hours and did a lot of things (nano editor, re-cloning and weird commands etc.) that I don't understand. So I think at this point it's better if I completely start from scratch (formatting and installing Debian 11).

However, this time I want to do it right and not enter any commands that are unnecessary.
Could you please tell me step by step what I need to do after I install Debian 11?

The lines starting with "$" are the command prompts you used right? I tried to do the same in ubuntu but this one didn't work:

This is essentially my experience on two different machines, one running Debian and the other Ubuntu, albeit with slightly different versions.

Running the clean and compile commands that I gave earlier only deletes and then recompiles the multisig.js file. There is no reason it would make http.server start throwing errors. There is something strange in OP's set up which is messing everything up.

I did quick testing on Debian 11 and it seems to works. But i can't verify whether it works on next step since i only have 3 xpub generated from https://coinb.in/#newHDaddress. Here are the steps,

1. Check my environment.


2. Setup and run multisig-tool.


3. Open on Firefox by typing localhost:8000, enter 3 xpub and click continue. Here's the screenshot some time after i click continue.



Take note i assume it works since,
1. Firefox only show error message about favicon on it's console (F12).
2. I do not see "Failed!" message or each address turning red.

-Firewall is inactive.
-I am connected to a VPN however.
-Tried both Firefox and Chrome.

After the make clean & make compile command, I did the "python3 -m http.server" again but this time got this error: BrokenPipeError: [Errno 32] Broken pipe

Also Chrome's F12 now shows 165 issues:
--
(Changed the address in the error code just in case it's not safe to share publicly).

The other issues are basically a repeat of the above but with all the other addresses in the list.

Btw, user "HCP" also mentioned something about the "Insight API" missing in this thread: https://bitcointalksearch.org/topic/--5316286

Not sure if ChatGPT explained correctly on how to do this but I typed "ls -l" in the multisig-tool directory and got the following:

If that doesn work post your permission sets of the folders/files which cause issues.

Being unable to find a favicon file is irrelevant. This is simply the little logo icon that different websites use.

In the absence of any other errors, something is stopping your browser from correctly fetching the balances. Your browser can visit other websites normally? You don't have any firewall or similar running?

The first thing I would try would be to open a terminal in the usual multisig tool directory, and then run the following two commands:

The first will delete the multisig.js file (which is responsible for this look up); the second will recompile it from scratch. This is to rule out any error in the file.

If that doesn't work then I'm afraid I'm running out of ideas...

:8000/favicon.ico:1          Failed to load resource: the server responded with a status of 404 (File not found)


Also as soon as I go on "http://0.0.0.0:8000/", then the terminal shows these 2 messages:
-code 404, message File not found
-"GET /favicon.ico HTTP/1.1" 404 -

What error do you see in the console (F12) now?

Indeed, the multisig.js file is in the multisig-tool folder. However if I'm not mistaken it was already there (the icon however is changed from a notepad thingy to "JS" in big yellow letters).

Also entering "python3 -m http.server" in the same repository terminal did indeed show "Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/)".

And typing "http://0.0.0.0:8000" in the browser did automatically show the Coinbase Multisig Vault recovery tool similar to the web version. However, after entering the 3 xpub keys, I still got the exact same list of addresses, followed by a "Failed!" message and each address turning red, as I did before (using the web version)

The make run command simply compiles the multisig.js file (which seems to be working fine for you - you can tell for sure by the presence of a file called multisig.js in your multisig-tool folder), and then attempts to launch an HTTP server. Running an HTTP server is the alternative to trying to launch chrome with --allow-file-access-from-files.

Since the make run command is trying to launch an HTTP server using a Python 2 command, and you have Python 3 installed, then instead of using make run you can just launch the HTTP server directly using the command I gave above:

You should run it from your multisig-tool folder, the one with "index.html" in it. Open a terminal here and enter the command. If it has worked, it should say something like:

Then you just open any web browser, and navigate to that address - http://0.0.0.0:8000. The tool will load and hopefully(!) be fully functional.

I think you did it wrong that is why you get this error.
Would you mind to try to put the flag on the launcher properties dialog? Look for the chrome launcher open the properties dialog and you should see something like this below


And replace it with this


This will make  --allow-access-from-files permanent but you can change it later if you didn't need it anymore. And don't forget to re-pin the launcher after modifying it.

Could well be a permission issue, Linux requieres several permission levels. Have you tried running it as sudo (root)

Is the alternative "HTTP Server method" the "Running Locally" / make run method?

I installed the BitcoinJS library. And if I'm not mistaken, I performed BIP38's step 1 & 2 correctly:

However, I haven't been able to figure out what I've to do in this following step:

I also can't make out what you mean by the "python3 -m http.server" command, I have Python 3.10.6 but what do I have to do after I enter that command (and should it be in the multisig-tool respository? I'm sorry, I'm a complete beginner and don't know what I'm doing so I need to know every step no matter how basic it is.

This means your --allow-file-access-from-files isn't working as intended. I've never used Chrome so can't advise otherwise here. I use the alternative HTTP Server method instead, which works just fine. Did you make any headway on that?

The command given above is for Python 2:

If you are using Python 3, try the following command:

Ah good to see your reply Leo!

It only says the following:

Yes, open your local copy of index.html.

Once you open it, hit F12 on your keyboard and click on the Console tab. Does it show you any errors?

I launched Chrome with the "-allow-file-access-from-files"  parameter by typing the following command: "./chrome --allow-file-access-from-files"

What is the next step? Am I supposed to open the index.html file? Because using Chrome to simply use the web version is not an option as the API is broken (I tried it again, which resulted into "Failed!" addresses.)

All your replies are much appreciated.

I will try to install either Debian 11 or one of the older Ubuntu versions.


The hosted version is not working correctly anymore (since years). According to other threads it's due to an SSL handshake error with an api at bipay.com. After inserting the 3 xpub keys in step 1, it generates a list of empty addresses followed by the "failure" message next to each address.


Could you please tell me how I can set this up in Linux? Would I still need to perform the other steps?

Not only Ubuntu, but most newer version of linux distro. And i'd recommend to use Debian 11 since it's newest version of Debian and still ship Python 2.7[1] rather than using EOL version of Ubuntu.

[1] https://packages.debian.org/bullseye/python2.7

The error is trying to tell you that you need to install Python (2, not 3). SimpleHTTPServer is a Python 2 class and it has been deleted in Python 3.

And Ubuntu makes it particularly hard to install Python 2 in recent versions of the distro, so you should start with an older Ubuntu version such as Trusty (14.04) or Precise (12.04) that have Python 2.7 bundled.

Never use this Coinbase vault recovery before but based on what I understand from the guide on Github under the "make run" it looks like a permission issue.


That is I think it suggests running Chrome with this parameter "--allow-access-from-files"

Why don't you just use the hosted one since it's ready to use?
They do only need the online on the first step when pasting public keys after they found balances you can now turn internet off and start the recovery process.

After Coinbase multisig vault was discontinued in 2018, a third-party multisig-tool was introduced on Github.
But that one stopped working as well.

According to this thread: https://bitcointalksearch.org/topic/m.61722006 the forked version (https://github.com/dlajarretie/multisig-tool) still works correctly but needs to be run locally.

I am stuck halfway in the instructions provided on Github and would appreciate if someone could guide me through the rest.

My progress so far:
-I installed Linux Ubuntu on a spare computer
-I installed npm and browserify
-I cloned the repository from: https://github.com/dlajarretie/multisig-tool

I entered the following commands in the multisig-tool repository in the terminal:
-npm install bitcoinjs-lib
-npm install --save bip38
-npm install bip38 crypto-browserify --save
-browserify -r bip38 -s Bip38 > lib/multisig/bip38.js
The latter command didn't show anything in the terminal, but I do see the "bip38.js"  file in the lib/multisig folder so  it could've been successful.

Are there any other steps I've to perform before going further?

When I enter "make run", I get the following error:
cd lib/multisig && \
../../node_modules/.bin/browserify -r ./vault -r ./views/addresses_view > ../../multisig.js
python -m SimpleHTTPServer
make: python: No such file or directory
make: *** [Makefile:2: run] Error 127

I look forward to hearing from the community and very much appreciate the help.
Also shoutout to o_e_l_e_o for being extremely helpful in the DM's.