pull down to refresh

Hey all, trying out my first multi sig setup (as an experiment/learning experience mostly) and I'm curious to see what people think of what I've come up with.
Currently all my btc is on a single hardware wallet that can't interface with my iphone, only my computer. I just got a Tapsigner that I'm planning on using as the second signature in a 2-of-3 via nunchuk. For the third signer, I'm planning on generating a hot wallet within nunchuk and importing that onto both my phone and computer. That way I can sign TXs from the same wallet using either my phone (Tapsigner and hot wallet) or computer (hw wallet and hot wallet).
I know using a hot wallet as one of the sigs takes some of the security away, and that basically makes this into a 1-of-2 "multi" sig, but it'll still be more secure than a hot wallet bc you'll need one of my two devices. It's better (for my situation) than using a single sig with either of the two signing devices bc they are both restricted to the one platform that they can connect to. I know I could buy an NFC reader for my computer or a HW wallet that can connect to both but they're expensive so maybe another day.
I'll be experimenting with small amounts at first to minimize the chances I make an accidental donation to everyone else.
Curious what you all think and if there's any obvious security issues I may have overlooked.
Cheers!
Yeah I think this setup has a place, you just have to understand what that place is. I sort of see this fitting in with the 3-6 month expenses savings (If you're out of the job and you need money to pay bills until you find another one, this is the savings you pull from). However, cold storage multi-sig for larger amounts is focused around geographic separation of the signing devices all in locked secure locations.
reply
That's a great analogy! I also see it as a way to get comfortable using multi-sig and my shiny new Tapsigner until I have more saved up and more geographic locations to spread the seeds out over.
Appreciate the feedback :)
reply
The biggest risk here seems to be that you don't have enough backups (or didn't mention them, which is fine). Think through a situation if you would pass away today. Would people you care about be able to recover coins?
reply
Ahh yes that's a good point, I was planning on replicating what I have for the single sig but I'll have to get more creative I think (and write up some instructions or something!)
reply
In order to rate your setup, it is crucial to understand how you are dealing with your seed phrases backups.
If your seed phrase backups for each multisig device are all located in the same house, the multisig setup wouldn't bring much additional benefit vs your original single sig setup. Both setups protect your savings against online/hacker attacks, due to its cold storage nature. However, they don't protect you against 1) house invasion/robbery; or 2) catastrophic loss (house burns).
In your 2-of-3 multisig setup, you are able to mitigate these 2 mentioned risks by keeping your seed phrases backups in different locations, such as:
  • phone/computer: backup in a cloud-based password manager
  • hardware wallet 1: backup at home
  • hardware wallet 2: backup at a family member's house
You could keep improving the setup from here... Always ask yourself which risks you are eliminating/mitigating and which ones you accept (due to lower likelihood of happening). This exercise should help you to find the right balance of security and complexity for yourself 😀
reply