Topic: Trying to run Coinbase multisig-tool locally on Linux (Read 401 times)

I would like to know if the *Coinbase Multisig Vault recovery tool* (https://coinbase.github.io/multisig-tool/) (which is supposedly no longer working correctly) would generate the EXACT same addresses as the "functional" forked version which is supposedly working correctly (https://github.com/dlajarretie/multisig-tool).

I want to know that for certain. Is there any way to find out if both (non-functional and functional) versions of this coinbase recovery tool will generate the exact same addresses in *Step 1* when you enter all 3 public keys?

Because when I enter the 3 public keys in step 1, the addresses that are generated in the list are all empty with zero transactions. Yet, the addresses that are generated are identical in both the non-functional and functional version of the tool. Can someone who has their own PDF with their own 3 public keys test this out and let me know if the 2 tools generate identical addresses for them as well?

Can you be specific which kind of help or guidance you need? I already mention my computer environment and command used to run Coinbase tool.

I got very sad to learn that Leo has said his farewell to the community. He was extremely helpful to me and I did not get to say a proper goodbye to him. I was meaning to send him a message for weeks but I kept postponing it. I can't believe that he is now gone and I am beating myself up for not sending the message just 1 week earlier. I hope wherever he is, he can somehow find the strength to beat his disease. I want to thank you a lot for so much effort and help you put into helping me. So thank you.


And for the community who was following this thread earlier, I want to give some updates and ask for some insights.

Earlier in December I finally managed to message Leo the 3 xpub keys so that he can check the addresses for me. However the addresses that he generated for are the exact same ones that the DEPRECATED Coinbase multisig recovery website generates when I enter the xpub keys myself.

When I followed the instructions in this thread and used the forked version instead (with correct API) and ran it locally (as per instructions), it also generated the exact same addresses. I assumed I had done it wrongly, because when I clicked F12 on Chrome, it did show the errors I previously mentioned in this thread:
I am surprised that the addresses Leo generated are the exact same ones as the DEPRECATED "Coinbase Multisig Vault recovery tool" which can be found on this link: https://coinbase.github.io/multisig-tool/

Based on threads of many other users I assumed this tool is no longer working correctly and you'd need a forked version: https://github.com/dlajarretie/multisig-tool

The only difference when I used the deprecated one and the forked one is that in the latter it does not show the "Failed!" message, but both tools still generate the exact same addresess. Shouldn't they generate different addresses if it's deprecated / broken?

All addresses show 0 transactions and I am hoping that somehow there's still a way to figure this out.

Can someone here with more knowledge than me explain to me if this is correct? Does anyone have access to their own Coinbase PDF and can enter their xpub on the deprecated one and the forked one to see if it generates the same ones?

If no one can test it with a real Coinbase PDF, would it be possible to test it with the method ABCbits provided earlier on generating 3 random xpub's?
I would really appreciate any help and guidance on this. The vault belongs to my love and if there is any bitcoins in there it'll help her tremendously.

Have you at least managed to identify the addresses and balances you are trying to gain access to here? You mentioned to me in your PMs that you are not sure how much bitcoin is stored in this vault.

Since we are struggling to get this to work for you, if you like you could send me your three xpubs (not private keys) and I could at least look up the addresses and balance for you. The only thing you lose by doing so is privacy by account of me knowing the addresses - there is no way for me to steal your coins from only knowing your xpubs. At least then we would know if you are wasting all this time trying to recover a very small amount of money. If you like I can provide you with my PGP key so you can encrypt any communication.

And moving forward, since we can't seem to get this tool working for you, then we could instead try going down the path of manually extracting the necessary xprv from your two keys and then recreating the multi-sig wallet in Electrum.

In order to check if "Failed!" message is due to my setup, opposed to the xPub keys, I tried generating it through the link you provided.
I went on "https://coinb.in/#newHDaddress" and clicked "generate", then clicked on the ">" arrow next to xPub address. Then I changed "1" to "3" in the "Index (End)" section.
I copied address 1, 2 and 3 and entered them in the step 1 of the Coinbase multisig tool.
This time when I click "continue" in step 1, it generated a different list of addresses than before when I used the xPub's on the PDF, however the "Failed!" message and text turning red still occured (so "balance" never shows).

Did I generate the xPub keys correctly? If so, then the fault here lies in my setup right?

Before I started troubleshooting in this thread, I used ChatGPT for tons of hours and did a lot of things (nano editor, re-cloning and weird commands etc.) that I don't understand. So I think at this point it's better if I completely start from scratch (formatting and installing Debian 11).

However, this time I want to do it right and not enter any commands that are unnecessary.
Could you please tell me step by step what I need to do after I install Debian 11?

The lines starting with "$" are the command prompts you used right? I tried to do the same in ubuntu but this one didn't work:

This is essentially my experience on two different machines, one running Debian and the other Ubuntu, albeit with slightly different versions.

Running the clean and compile commands that I gave earlier only deletes and then recompiles the multisig.js file. There is no reason it would make http.server start throwing errors. There is something strange in OP's set up which is messing everything up.

I did quick testing on Debian 11 and it seems to works. But i can't verify whether it works on next step since i only have 3 xpub generated from https://coinb.in/#newHDaddress. Here are the steps,

1. Check my environment.


2. Setup and run multisig-tool.


3. Open on Firefox by typing localhost:8000, enter 3 xpub and click continue. Here's the screenshot some time after i click continue.



Take note i assume it works since,
1. Firefox only show error message about favicon on it's console (F12).
2. I do not see "Failed!" message or each address turning red.

-Firewall is inactive.
-I am connected to a VPN however.
-Tried both Firefox and Chrome.

After the make clean & make compile command, I did the "python3 -m http.server" again but this time got this error: BrokenPipeError: [Errno 32] Broken pipe

Also Chrome's F12 now shows 165 issues:
--
(Changed the address in the error code just in case it's not safe to share publicly).

The other issues are basically a repeat of the above but with all the other addresses in the list.

Btw, user "HCP" also mentioned something about the "Insight API" missing in this thread: https://bitcointalksearch.org/topic/--5316286

Not sure if ChatGPT explained correctly on how to do this but I typed "ls -l" in the multisig-tool directory and got the following:

If that doesn work post your permission sets of the folders/files which cause issues.

Being unable to find a favicon file is irrelevant. This is simply the little logo icon that different websites use.

In the absence of any other errors, something is stopping your browser from correctly fetching the balances. Your browser can visit other websites normally? You don't have any firewall or similar running?

The first thing I would try would be to open a terminal in the usual multisig tool directory, and then run the following two commands:

The first will delete the multisig.js file (which is responsible for this look up); the second will recompile it from scratch. This is to rule out any error in the file.

If that doesn't work then I'm afraid I'm running out of ideas...

:8000/favicon.ico:1          Failed to load resource: the server responded with a status of 404 (File not found)


Also as soon as I go on "http://0.0.0.0:8000/", then the terminal shows these 2 messages:
-code 404, message File not found
-"GET /favicon.ico HTTP/1.1" 404 -

What error do you see in the console (F12) now?

Indeed, the multisig.js file is in the multisig-tool folder. However if I'm not mistaken it was already there (the icon however is changed from a notepad thingy to "JS" in big yellow letters).

Also entering "python3 -m http.server" in the same repository terminal did indeed show "Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/)".

And typing "http://0.0.0.0:8000" in the browser did automatically show the Coinbase Multisig Vault recovery tool similar to the web version. However, after entering the 3 xpub keys, I still got the exact same list of addresses, followed by a "Failed!" message and each address turning red, as I did before (using the web version)

The make run command simply compiles the multisig.js file (which seems to be working fine for you - you can tell for sure by the presence of a file called multisig.js in your multisig-tool folder), and then attempts to launch an HTTP server. Running an HTTP server is the alternative to trying to launch chrome with --allow-file-access-from-files.

Since the make run command is trying to launch an HTTP server using a Python 2 command, and you have Python 3 installed, then instead of using make run you can just launch the HTTP server directly using the command I gave above:

You should run it from your multisig-tool folder, the one with "index.html" in it. Open a terminal here and enter the command. If it has worked, it should say something like:

Then you just open any web browser, and navigate to that address - http://0.0.0.0:8000. The tool will load and hopefully(!) be fully functional.

I think you did it wrong that is why you get this error.
Would you mind to try to put the flag on the launcher properties dialog? Look for the chrome launcher open the properties dialog and you should see something like this below


And replace it with this


This will make  --allow-access-from-files permanent but you can change it later if you didn't need it anymore. And don't forget to re-pin the launcher after modifying it.

Could well be a permission issue, Linux requieres several permission levels. Have you tried running it as sudo (root)

Is the alternative "HTTP Server method" the "Running Locally" / make run method?

I installed the BitcoinJS library. And if I'm not mistaken, I performed BIP38's step 1 & 2 correctly:

However, I haven't been able to figure out what I've to do in this following step:

I also can't make out what you mean by the "python3 -m http.server" command, I have Python 3.10.6 but what do I have to do after I enter that command (and should it be in the multisig-tool respository? I'm sorry, I'm a complete beginner and don't know what I'm doing so I need to know every step no matter how basic it is.

This means your --allow-file-access-from-files isn't working as intended. I've never used Chrome so can't advise otherwise here. I use the alternative HTTP Server method instead, which works just fine. Did you make any headway on that?

The command given above is for Python 2:

If you are using Python 3, try the following command:

Ah good to see your reply Leo!

It only says the following:

Yes, open your local copy of index.html.

Once you open it, hit F12 on your keyboard and click on the Console tab. Does it show you any errors?

I launched Chrome with the "-allow-file-access-from-files"  parameter by typing the following command: "./chrome --allow-file-access-from-files"

What is the next step? Am I supposed to open the index.html file? Because using Chrome to simply use the web version is not an option as the API is broken (I tried it again, which resulted into "Failed!" addresses.)

All your replies are much appreciated.

I will try to install either Debian 11 or one of the older Ubuntu versions.


The hosted version is not working correctly anymore (since years). According to other threads it's due to an SSL handshake error with an api at bipay.com. After inserting the 3 xpub keys in step 1, it generates a list of empty addresses followed by the "failure" message next to each address.


Could you please tell me how I can set this up in Linux? Would I still need to perform the other steps?

Not only Ubuntu, but most newer version of linux distro. And i'd recommend to use Debian 11 since it's newest version of Debian and still ship Python 2.7[1] rather than using EOL version of Ubuntu.

[1] https://packages.debian.org/bullseye/python2.7

The error is trying to tell you that you need to install Python (2, not 3). SimpleHTTPServer is a Python 2 class and it has been deleted in Python 3.

And Ubuntu makes it particularly hard to install Python 2 in recent versions of the distro, so you should start with an older Ubuntu version such as Trusty (14.04) or Precise (12.04) that have Python 2.7 bundled.

Never use this Coinbase vault recovery before but based on what I understand from the guide on Github under the "make run" it looks like a permission issue.


That is I think it suggests running Chrome with this parameter "--allow-access-from-files"

Why don't you just use the hosted one since it's ready to use?
They do only need the online on the first step when pasting public keys after they found balances you can now turn internet off and start the recovery process.

After Coinbase multisig vault was discontinued in 2018, a third-party multisig-tool was introduced on Github.
But that one stopped working as well.

According to this thread: https://bitcointalksearch.org/topic/m.61722006 the forked version (https://github.com/dlajarretie/multisig-tool) still works correctly but needs to be run locally.

I am stuck halfway in the instructions provided on Github and would appreciate if someone could guide me through the rest.

My progress so far:
-I installed Linux Ubuntu on a spare computer
-I installed npm and browserify
-I cloned the repository from: https://github.com/dlajarretie/multisig-tool

I entered the following commands in the multisig-tool repository in the terminal:
-npm install bitcoinjs-lib
-npm install --save bip38
-npm install bip38 crypto-browserify --save
-browserify -r bip38 -s Bip38 > lib/multisig/bip38.js
The latter command didn't show anything in the terminal, but I do see the "bip38.js"  file in the lib/multisig folder so  it could've been successful.

Are there any other steps I've to perform before going further?

When I enter "make run", I get the following error:
cd lib/multisig && \
../../node_modules/.bin/browserify -r ./vault -r ./views/addresses_view > ../../multisig.js
python -m SimpleHTTPServer
make: python: No such file or directory
make: *** [Makefile:2: run] Error 127

I look forward to hearing from the community and very much appreciate the help.
Also shoutout to o_e_l_e_o for being extremely helpful in the DM's.