What Multi-signature really means & are they less safe ??

coinableS

legendary

Activity: 1442

Merit: 1188

Quote from: achow101 on July 22, 2015, 08:24:09 PM

Quote from: OmegaStarScream on July 22, 2015, 02:43:33 PM

Quote from: dothebeats on July 22, 2015, 01:54:10 PM

A multi-signature address is a special address in which you need 2 out of 3 priv keys before you can create a transaction with that address. With that said, any user who has control of a single key wouldn't be able to spend the balance on that certain address--that user needs another private keys to create a transaction. A multi-signature address is a safe way of keeping your balance. Just make sure that the private keys are separated so in case an attack occurs, you are able to still keep those precious btc's intact if ever the attacker only acquired one out of three keys.

So what I said is true about the Hardware wallets ? I gave an example with "Case" Hardware wallet and Iquoted since they control one key . and they got hacked and all private keys gets removed from their Database or wherever they store the private keys on their server .. does that means that we will lose our funds forever ? since they can't get our funds without us and we can't get our funds with them . Multi signature isn't really safe as I thought then ...

You are misunderstanding them and multisig. The multisig address needs 2 OUT OF 3 keys. THERE ARE 3 KEYS, NOT JUST 2!!! Case only has 1 of those keys. If they are like other companies that do this kind of stuff, then YOU WILL RECEIVE THE REMAINING 2 KEYS!!! You keep one key safe in a separate location while the other key is one that you use normally. That way, if their key is no longer safe or accessible, you can still spend your Bitcoin with the 2 keys that they gave you.

Not only that but you also must have the redeemscript in order to spend from the multisig address. Multisigs are not less safe at all. The only way I can see them being "less safe" is because they are harder to spend from and if you don't know what you are doing or know how to create raw transactions you might lock yourself out from your own funds.

achow101

staff

Activity: 3458

Merit: 6793

Just writing some code

Quote from: OmegaStarScream on July 22, 2015, 02:43:33 PM

Quote from: dothebeats on July 22, 2015, 01:54:10 PM

A multi-signature address is a special address in which you need 2 out of 3 priv keys before you can create a transaction with that address. With that said, any user who has control of a single key wouldn't be able to spend the balance on that certain address--that user needs another private keys to create a transaction. A multi-signature address is a safe way of keeping your balance. Just make sure that the private keys are separated so in case an attack occurs, you are able to still keep those precious btc's intact if ever the attacker only acquired one out of three keys.

So what I said is true about the Hardware wallets ? I gave an example with "Case" Hardware wallet and Iquoted since they control one key . and they got hacked and all private keys gets removed from their Database or wherever they store the private keys on their server .. does that means that we will lose our funds forever ? since they can't get our funds without us and we can't get our funds with them . Multi signature isn't really safe as I thought then ...

You are misunderstanding them and multisig. The multisig address needs 2 OUT OF 3 keys. THERE ARE 3 KEYS, NOT JUST 2!!! Case only has 1 of those keys. If they are like other companies that do this kind of stuff, then YOU WILL RECEIVE THE REMAINING 2 KEYS!!! You keep one key safe in a separate location while the other key is one that you use normally. That way, if their key is no longer safe or accessible, you can still spend your Bitcoin with the 2 keys that they gave you.

unamis76

legendary

Activity: 1512

Merit: 1012

Websites with Multisig addresses have them, but never really give us keys, as far as I know... How is multisig enforced here? This method does not protect us from "inside jobs". Is there any website that does provide the keys?

funkenstein

legendary

Activity: 1066

Merit: 1050

Khazad ai-menu!

Quote from: OmegaStarScream on July 22, 2015, 02:43:33 PM

Quote from: dothebeats on July 22, 2015, 01:54:10 PM

A multi-signature address is a special address in which you need 2 out of 3 priv keys before you can create a transaction with that address. With that said, any user who has control of a single key wouldn't be able to spend the balance on that certain address--that user needs another private keys to create a transaction. A multi-signature address is a safe way of keeping your balance. Just make sure that the private keys are separated so in case an attack occurs, you are able to still keep those precious btc's intact if ever the attacker only acquired one out of three keys.

So what I said is true about the Hardware wallets ? I gave an example with "Case" Hardware wallet and Iquoted since they control one key . and they got hacked and all private keys gets removed from their Database or wherever they store the private keys on their server .. does that means that we will lose our funds forever ? since they can't get our funds without us and we can't get our funds with them . Multi signature isn't really safe as I thought then ...

You misplace the blame. It's not that "multisignature isn' t safe" it's that "giving your keys to an untrusted person" is unsafe. Doesn't matter if they are straight up 1 of 1 keys or multisig m of n keys. If you give some person or company control of your asset, you have given some person or company control of your asset.

OmegaStarScream

staff

Activity: 3500

Merit: 6152

Quote from: dothebeats on July 22, 2015, 01:54:10 PM

A multi-signature address is a special address in which you need 2 out of 3 priv keys before you can create a transaction with that address. With that said, any user who has control of a single key wouldn't be able to spend the balance on that certain address--that user needs another private keys to create a transaction. A multi-signature address is a safe way of keeping your balance. Just make sure that the private keys are separated so in case an attack occurs, you are able to still keep those precious btc's intact if ever the attacker only acquired one out of three keys.

So what I said is true about the Hardware wallets ? I gave an example with "Case" Hardware wallet and Iquoted since they control one key . and they got hacked and all private keys gets removed from their Database or wherever they store the private keys on their server .. does that means that we will lose our funds forever ? since they can't get our funds without us and we can't get our funds with them . Multi signature isn't really safe as I thought then ...

dothebeats

legendary

Activity: 3542

Merit: 1352

A multi-signature address is a special address in which you need 2 out of 3 priv keys before you can create a transaction with that address. With that said, any user who has control of a single key wouldn't be able to spend the balance on that certain address--that user needs another private keys to create a transaction. A multi-signature address is a safe way of keeping your balance. Just make sure that the private keys are separated so in case an attack occurs, you are able to still keep those precious btc's intact if ever the attacker only acquired one out of three keys.

achow101

staff

Activity: 3458

Merit: 6793

Just writing some code

Quote from: OmegaStarScream on July 22, 2015, 08:57:26 AM

I never used any kind of those transactions of adresses , only on Bit-x.com and on BlockTrail.com and as most of you know ,those adresses starts with a 3 instead of 1 .

If basically Multi signature adress means having one private key with me and another with a friend or family member ... then how come we don't have control on a "part" of our private keys on Bit-x.com (this topic isn't about them , just giving an example)
basically what hacker need to do is steal the database and connect to our accounts (I know they have 2FA , just assuming)

I reading some articles on CoinTelegraph and jumping from a topic to another till I found my self on "The world's most secure and easy-to-use bitcoin wallet" which seems like it's this : https://choosecase.com/

when I checked their website I found this :

Quote

We're building the world's most secure wallet platform. Case is a multi-signature, multi-factor wallet that requires 2-of-3 keys for a transaction to take place. Each key is generated and stored in a different location and protected by a different authentication factor so there’s no single point of failure.

Dedicated hardware that's malware/virus proof
Case servers only control one key so we don't have possession of funds
Open source firmware and third party security audits of all systems
Designed to meet CryptoCurrency Security Standard Level III

Check the one on bold , What does that means exactly ? If they control one key and we control one key ... Let's say we are safe ,what if they get hacked I know funds won't be moved because it need our confirmation but we can't spend our Bitcoins either can we ? if the private keys on the Server-side was damaged or lost Huh

please explain and tell me if im missing something maybe

Since the multisig address only requires 2 out of 3 keys to sign the transaction, then if they were to say go out of business or get hacked, the only have 1 key so the attacker will be unable to spend the funds. However, they will give you the remaining two keys. That way, should they be compromised, you can still spend the funds. If someone is able to hack you, then they could spend the funds too. In that case, you should keep the keys separate. One key that you generally use, the other for backup on paper somewhere safe. That second key is only if the service is unable to sign the transaction.

cellard

legendary

Activity: 1372

Merit: 1252

It means exactly that. To confirm a movement in your wallet you'll need 2 or more signatures, which can be divided by several private keys.

As far as I know, the best way to go is still good ol paper addresses. Print 3 addresses, all containing both private key and public key, put those in 3 different places where no one would search, or give them to people you really trust (if you can trust anyone that much) then when you need to make a transaction you'll need all of 3 to make a move, plus ideally a password that only you know.

OmegaStarScream

staff

Activity: 3500

Merit: 6152

I never used any kind of those transactions of adresses , only on Bit-x.com and on BlockTrail.com and as most of you know ,those adresses starts with a 3 instead of 1 .

If basically Multi signature adress means having one private key with me and another with a friend or family member ... then how come we don't have control on a "part" of our private keys on Bit-x.com (this topic isn't about them , just giving an example)
basically what hacker need to do is steal the database and connect to our accounts (I know they have 2FA , just assuming)

I reading some articles on CoinTelegraph and jumping from a topic to another till I found my self on "The world's most secure and easy-to-use bitcoin wallet" which seems like it's this : https://choosecase.com/

when I checked their website I found this :

Quote

We're building the world's most secure wallet platform. Case is a multi-signature, multi-factor wallet that requires 2-of-3 keys for a transaction to take place. Each key is generated and stored in a different location and protected by a different authentication factor so there’s no single point of failure.

Dedicated hardware that's malware/virus proof
Case servers only control one key so we don't have possession of funds
Open source firmware and third party security audits of all systems
Designed to meet CryptoCurrency Security Standard Level III

Check the one on bold , What does that means exactly ? If they control one key and we control one key ... Let's say we are safe ,what if they get hacked I know funds won't be moved because it need our confirmation but we can't spend our Bitcoins either can we ? if the private keys on the Server-side was damaged or lost Huh

please explain and tell me if im missing something maybe

Topic: What Multi-signature really means & are they less safe ?? (Read 520 times)