pull down to refresh
130 sats \ 2 replies \ @scampy 1 Dec 2022 \ on: Multi sig question bitcoin
One thing I didn't see mentioned in the replies is the need to back-up your xpubs for every key in the quorum. So if you went with a 2-of-3 for example, you'll still need all 3 xpubs to recover the wallet.
This is an important distinction from other popular schemes like seed + passphrase, where the public key isn't necessary to recover funds.
The xpubs themselves cannot be used to spend funds, so keeping these secure isn't as big of a deal as your private keys / seed phrases. You can make many copies for redundancy. Leaking them can compromise your privacy, of course.
Personally I think that multisig is best left to experts or collaborative custody models (where an entity like an exchange holds one of the keys). You should assess your own desired security model, but it could be that a simple seed + passphrase is sufficient for your needs.
This deserves stressing: if you ever have to recover your multisig wallet you'll need:
- the required quorum of private keys (e.g. 2 of 3); and
- the xpub of ALL co-signers, i.e. 3 xpubs in case of a 2 of 3 setup.
People have lost money because they did not properly back-up all co-signer xpubs.
reply
I like the tip, however, I will never personally shy people away from doing things that are more secure. Having full comprehension of what's going on is important, but that knowledge should not scare people away.
xpubs are the one backup need that I would actually confidently say "Go ahead an back that up on google drive" (you should encrypt it anyway just for privacy, but unencrypted won't affect your security) whereas with private keys, I would never dare say something like that, not even an encrypted google drive backup, mostly because people's passwords are bad! Password reuse and limited imagination and poor ability to do random really have killed the password.
That all being said, it is true that a cold card and a seed backup in steel is probably all the average person needs, but a multi-sig with your mommy and your in-laws with everyone's xpubs on google drive would also be pretty good. It would protect your money from a house fire the same way a steel plate would.
So basically I'm saying, everything is a matter of trade offs and preferences, but don't go scaring people away from things. Explaining how to be safe with it is much better.
reply