• Welcome to forex.pm forex forum binary options trade. Please login or sign up.
 

Setting Up Multisig Correctly

Started by Bitcoin, Feb 25, 2022, 03:59 pm

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Bitcoin

Setting Up Multisig Correctly

I'm looking into setting up a multisig setup using sparrow, and wanted to see if anyone can find any flaws in my set up, and potentially accessing my funds if I lose a key.


set up = 2 of 3


Key store 1 = Passport HWW


Key store 2 = Cold Card HWW


Key store 3 = Gordian Seed Tool (mobile hot wallet)


I will set up the Cold Card and Passport as per the instructions in the below video


https://www.youtube.com/watch?v=Gx0mke_4BJU


Seeds for these will be written onto a seed plate (one seed phrase per plate)


After setting up the Gordian Seed Tool and importing to sparrow/exporting back to the seed tool, I will deposit (the smallest amount possible) into the multisig wallet.


I will then restore the wallet using all 3 seeds to a different cold card and passport device, and import the wallet as a new wallet in Sparrow.


If the funds are available in the wallet I have the seed phrases all stored correctly.  I wipe the original cold card and passport HWWs.


The seed plates for the 2 HWW's will be stored robustly at different physical locations.


I will destroy the copy of the seed phrase for the gordian seed tool.


I will then test spending the BTC on the wallet in 3 seperate transactions (signing with all 3 of the possible combinations of the 2 of 3 key stores.)  If I can complete these 3 transactions I am satisfied I have the ability to access my BTC should any 1 of the 3 keystores become compromised.


My questions are 1) is there any obvious flaw in this sort of storage setup?
and more importantly



  1. the only other information I will need in the event that one of my keys becomes physically compromised is the xpub/zpub of each of the 3 keys?


Furthermore storing these xpub/zpubs together (whilst it may create a privacy risk) doesnt create a security risk?  e.g with each of the 2 seed plates I would store the xpub/zpub for ALL 3 KEYS on an encrypted SD card.  If someone somehow managed to gain access to a seed plate (highly unlikely given the robust physical set up, but worst case), they would have access to 1 of the 3 seed phrases, AND access to all 3 xpub/zpubs?  this would not give them access to my BTC, and I would still have access to it and could spend it (transfer it to another wallet) when it became apparent one of the seed phrases could be compromised?


Thanks in advance.  I just want to make sure I'm not shooting myself in the foot by using a more sophisticated setup than a standard cold storage.  In reality I consider the chance of making a mistake setting up a multisig solution and exponentially more likley threat than standard cold storage becoming compromised.


Source: Setting Up Multisig Correctly