Topic: Wallet Security (Read 383 times)

@OP
If you are considering a multi-sig setup, you should have several devices where you can generate the needed keys safely. If you are working with a single device, particularly if it's a mobile phone, there is no point setting up a multi-sig setup all in one place. So, what kind of combination of devices and how many units did you have in mind for your future multi-sig setup?

For example, you could say I have two hardware wallets, a desktop software wallet, and a mobile wallet, etc.
What were you thinking of using?

Well, I didn't say regularly, I have said - add extra layer.

In my view three hardware wallets (preferably airgapped) from different makers would be enough to make multisig to hold the stash of reasonable value.

Right now my 2-2 multisig is assembled with the use of two wallets - Passport 2 and Sparrow. In the nearest future the last will be replaced by Coinkite  product, most  likely by   ColdCard Q1 when it will appear.

Regularly buying a new hardware wallet from a different manufacturer will only give you a false sense of security, more backups and the possbility of making a mistake due to complexities, you should only change your hardware wallet if the manufacterer becomes shady or untrustworthy, just like the situation with Ledger and their recovery service.

If you have a properly set up 2-of-3 multi-sig wallet, using either 2 hardware wallets and an air-gapped device, or a hardware wallet, one air-gapped device and a hot wallet, that is already a safe set up if you did everything correctly and have backups of the seed phrases and master public keys, so there may be no need to add any other extra layer of protection.

As already said this thread, you can't recover your 2 of 3 multi-signature wallet, if you have lost one of seed phrases and you don't have the master public key derived from that.
Take note that for recovering a 2 of 3 multi-signature, all three master public keys are required. If you have two of seed phrases, two of master public keys are derived from them and you need to have the master public key derived from the lost seed phrase as well.

You have to keep in mind that higher the wallet security, the higher the responsibility is.
If you create a standard wallet, you'll make yourself totally dependent on that particular seed phrase, so, your concern will be to maximally secure your seeds, to hide it in a perfect place. You should store your seed phrase on indestructible plate or write it down on paper (not good idea) or on something else more secure and save it in solid metal capsule. I give you this advice because you need your seed phrases to survive in extreme conditions, including earthquakes, heavy fire, heavy rain and so on.
You can also copy your seed phrases and have a two same copies, two storage. But you should always keep in mind that no one should have an access to them, otherwise your coins will get lost.

Now I want to say something about Multisig, since it seems a better option for you. Yeah, it's true that in case of 2-3 multisig, if you lose one part of seeds or if someone steals one part of seeds, you'll still be able to fully recover your wallet but you have to keep in mind that you should save their seed phrases in three different locations and as always, it's a good idea to have a backup of them, you should have a back up of at least two of them. Now you have to find five secure place to store seeds + you have to buy five indestructible plate or solid metal capsule.
Multisig offers better security but the responsibility is so high that I think standard wallet will be a better option.

It's easier to take care of one wife/kid instead of three

If someone thinks that there's a 100% solution for securing their stash, they are deeply mistaken. Such a solution doesn't exist and is unlikely to emerge in the future.

Security must be built step by step, adding layers to cover the weaknesses of the previous ones, providing overall protection against emerging threats.

In the context of hardware wallets, this might mean that if a user chooses them to store their stash, each new layer would imply a new wallet from a different manufacturer and a new signature for their new multi-signature wallet. Of course, this multi-signature scheme becomes more complex, and it should correspond to the size of the stash itself.

Hello, technically you can use your single signature wallet as one of the cosigners of your multi-sig wallet. I don't suggest it though cause if anyone ever gets your seed phrase they could empty your single sig wallet and at the same time, they will have access to one of the cosigners of your vault.

I suggest you create a 2-of-3 multisig vault.

You will need the 3 seed phrases and their 3 corresponding xpubs.

You will be able to monitor your wallet (view UTXOs, generate addresses etc.) using only your 3 xpubs.

You will be able to sign transactions using 2 of your 3 seed phrases.

I suggest you back up your wallet as follows (S1 = seed phrase of wallet 1, X1 = xpub of wallet 1 etc):

Packet 1: S1, X2
Packet 2: S2, X3
Packet 3: S3, X1

You will need 3 distinct places to store each of your packets.

If you lose any of the packets, you will still be able to recover your wallet with the other 2. If an attacker stills one of your packets, they will be unable to do anything with it.

Also pay attention that XPUBs are vital. If you lose one of them, and don't have access to the seed phrase that produces it, you will lose your funds.

Finally, make sure to generate both the cosigners and the multi-sig wallet on an airgapped device. If you can use your own node to connect to, it is much better.

Personally, I use Sparrow for storing the XPUBs and monitor my wallet and I also use Blockstream Jade to enter my seed phrases offline and sign transactions if I need to.

It surely can be quite frightening but if you're decently technically literate (don't necessarily need to be an expert), it's very doable! Try making one for fun for just a small amount of BTC, then look back at the steps you did and check if there are potential security loopholes.

Yes, but if only one co-signer makes their setup airgapped, it is superior than an airgapped single-sig wallet in terms of security.

One very recommended solution for handling multi-sig wallets is SeedSigner. It lowers the cost of multi-sig security and setup of an airgapped environment. You don't have to carry abandoned computers, and the process of airgapping it is much less complex.

Multisig wallet with the other device for signing is offline is the best way to do it.
But you should include the saving of the seed in very safe and secured manner. Because no matter how secured your devices are if your backup seed will be compromised, it's useless.

Multisig wallet, with the seed phrase generated online on different devices, that is safe because it has more keys. But the wallet owner(s) must be conscious of malware. He/they must also backup the seed phrases and master public keys appropriately. If you generate the seed phrase offline, you added to its securely. Backups should be offline. Multisig is a means you can have safer online wallet setup on different devices.

Thanks for this crucial info. I edited my post to make sure no one does get the wrong idea.
Generally speaking, if anyone tries to advanced mode with a multi-sig wallet I would advice to test run their setup without crucial funds thorougly first and only then start using it for bigger amounts of Bitcoin.

It is not in itself safer than a single signature wallet set up in a completely safe enviroment. If you set up a multi-sig wallet online, with all the keys and seed phrase generated and stored online, it is easier for an attacker to steal your funds than when you use a single signature wallet in an open source hardware wallet, or when you set up your own air-gapped single signature wallet.

Exactly, cause I think not everyone is supposed to run their full nodes unless there is some necessity for them to do. Here in case OP just wants to have better security for his assets that are stored in a wallet like Electrum and looking to increase the security further.

But running their nodes on their own servers is mandatory for anyone who seeks the utmost privacy and is not willing to rely on third part servers.

SPV wallets are wallets that are not full clients. Meaning that you do not need to download the whole blockchain before you can use them. Neither does SPV wallet needs pruning.

All hardware wallets that I know are designed in a way that they can be SPV wallets. Although, you have the option to connect some to your own node or your own server.

Exactly. Op don't have to follow the general public for some personal decision, if he can't use such wallet. multi-signature wallet is secure and there is no dispute in it but single signature wallet is more easy to use. And if you can't manage multi-signature wallet it is better you stick to the one you are using. Well experience is the best teacher so if you want to test it, OmegaStarScream has given you the full guide to go about it. You can try it and compare the two and choose one to use. And as Charles-Tim said, you don't have to use one device but two.

If you feel you aren't capable of holding multiple keys on your own then there is an option that offers paid multisig setup like Casa which ensures that your keys will be will be stored in multiple places but its all based on trust which is against the nature of bitcoin since it encourages trustless system.

I will suggest you go for hardware wallets that are better than SPV wallets cause its less likely to be affected by malware and no burden of managing multiple keys.

But there are different kinds of wallets available for different user needs so pick yours based on your needs. And if you are just okay with a small amount then single signature Electrum wallet is enough along with passwords that ensure unauthorized access when device gets stole and buys you enough time to import the wallet with seeds and move the balance in that wallet to the new when the person is trying to brute-force your password.

The simplest among the ones you mentioned is the use of passphrase. It is not hard at all to setup. It can be an extra layer of offline security, but it may not be online security. 2FA wallet is better for both online and offline, if done properly. But to have all your keys, multisig is better for both online and offline security and safety if done properly.

You have to setup multisig on different devices, that is correct. Setting up using airgapped devices or hardware wallet makes it more secure, but online multisig wallet too are not bad and safer than just single sig wallets.

This is not true.
If you lose one of the seed phrases and all you have are the two other seed phrases, you wouldn't be able to recover your wallet. For generating your wallet, you will need the master public key derived from the lost seed phrase as well. To avoid such problem, you can save the backups in the way mentioned above by Charles-Tim.

Multi-sig wallet is an extra layer of security for your funds, but you have to know exactly what you are doing. Setting up any extra layer of security is kind of complicated for any newbie, either a passphrase, multi-sig wallet or setting up an air-gapped wallet; but if you learn how to do it correctly you'll not have any problem doing it.

The difficulty with multi-sig wallet is that you need to set it up in different secure devices, either an air-gapped wallet or a hardware wallet, and it is difficult for a newbie to set up a wallet on an air-gapped device. Another thing with multi-sig set up is you have many seed phrases and master public keys to back up, and you have to keep them in safe and different locations.

Tiny info on multi-sig by our OG Andreas Antonopoulos: https://www.youtube.com/watch?v=Vhedu2XD3hU
It's three years old but still valid.

Personally I love the 2-out-of-3 multisig option. 3 seed-phrases is still manageable and it gives extra security, because if one key is compromised /stolen, the funds can still not be accessed.
While at the same time if one key is LOST, you can still just use the other two keys to generate your actual wallet.
Great combination of security and feasibility.

EDIT: Important to also SAVE the master public key, otherwise restoring with able to restore your wallet with only 2 of 3 seed phrases. Thanks @hosseinimr93 for the info.

Above is an excerpt from the first reply/link on this topic.

that and most of the replies here are impactive as well as frightening and as such having some aspects of red flag for me right now via my proposal.

I think I need to first get very advanced first in order to make this move. I would appreciate more leads through.

Single signature wallets are the standard wallet, and you can't use non-custodial crypto if you don't know how to manage them.

It is also worth to know that the wallet should be on different devices.

And it is advisable that the backups can be in this order, safe in different locations:

Seed 1, MPK 2
Seed 2, MPK 3
Seed 3, MPK 1

I saw this on a post recently and I saw it to be a good backup option for 2-of-3 multisig. The approach would be good for others m-of-n multisig if done correctly.

It depends on how you set it up correctly, 2 out of 3 multisig wallets are fine if one is a hardware wallet, the other is in a safe place away from your home, and the third is in a safe place in your home. It's an extra layer of protection. If you can't manage a single-signature wallet, then managing a multi-signature wallet might be a bad option.

You can increase your security, if you create your multi-signature wallet in a correct way,.
If you are going to create a multi-signature wallet and keep all the seed phrase in one place, you won't increase your security.

Create your multi-signature wallet, if you know what exactly your are doing and don't forget to keep all seed phrases and master public keys is safe places.

Yes, you're going to need to create a new wallet. You can't keep the one you currently have.

I'm guessing you're using Electrum? If so, you can check this step by step guide on how to create the wallet: https://bitcoinelectrum.com/creating-a-multisig-wallet/

I've a single signature wallet but I heard recently that the  multi-signature wallet has more security and that interests me as my stored assets increases.

However, I want to know if I'd be needing to create a fresh wallet, getting new seed phases then move assets to the new wallet Or there's a way I could upgrade to multi-signature using the former wallet.