pull down to refresh

Nunchuk (I): Fundamentals and Security Mindset
0 sats \ 0 comments \ @villawolf 28 Sep DIY

Nunchuk (I): Fundamentals and Security Mindset

TL;DR: Nunchuk is a collaborative multisig wallet designed so that self-custody is resilient (you lose one key and remain secure) and programmable (inheritance/recovery with timelocks). It integrates inheritance plans without KYC, supports PSBT, and coordinates with hardware wallets.
👉 For background, check the previous post: MiniScript in Simple Terms: the “Grammar” That Makes Bitcoin Policies Secure

Design Philosophy (in one idea)

  • Collaborative and non-custodial: your keys rule; third parties (family, advisor, “agent”) only act as co-signers or optional backups.
  • Private inheritance in consensus: inheritance plans rely on cryptographic secrets and timelocks, not identity/KYC.
  • Standard operation: PSBT for on-chain signing (each cosigner adds their signature until the threshold is met).
Practical names to think about your architecture —not “official” labels, but they reflect real-world flows in Nunchuk:
  • Key-User (operational): your main day-to-day key(s) (e.g., hardware + mobile).
  • Key-Backup (redundancy): a key stored offline (another hardware wallet in a safe or different city) for loss/failure.
  • Key-Agent (optional co-signer): a trusted third party (family/advisor/service) that cannot move funds alone but helps meet the threshold when needed. This is the basis of collaborative custody.
Key benefit of multisig: robust and secure —you can lose one or more keys and still retain access; spending requires multiple signatures.

First Steps (minimum viable)

1) Create your vault (example 2-of-3)

  1. Install Nunchuk and connect two hardware wallets + 1 software key (or third hardware).
  2. Create a 2-of-3; save the configuration file (BIP-129) and seeds (BIP-39).
  3. Verify each device recognizes the vault and can sign PSBT. (Coldcard and others require importing PSBT/descriptor to sign).

2) Add timelock policies (recovery/inheritance)

  • Idea: “2-of-3 to spend today; if X months pass, an inheritance key can spend with 1-of-1.”
  • In Nunchuk, this is implemented via an inheritance plan (time-locked key + beneficiary) while maintaining privacy.

3) Partial signing tests (PSBT)

  • Create a transaction on testnet, sign with Key-User, export PSBT, pass it to the second cosigner, complete the threshold, and broadcast. Standard flow in Nunchuk.

Security Mindset (how to think about your setup)

  1. Define your threat: loss of 1 device, home theft, travel, inheritance.
  2. Map key roles: which keys do you use daily? which one is your backup? who could be an agent?
  3. Physical separation: store keys in different geographic locations.
  4. Plan B with a clock: set a reasonable timelock (e.g., 90 days) to activate an emergency/inheritance key.
  5. Written procedures: key rotation, agent contacts, recovery steps if X is lost.

Best Practices (what truly saves you)

  • âś… Testnet first: practice the full PSBT cycle before mainnet.
  • âś… Double backups: seeds (BIP-39) + config file (BIP-129). Without the config file, rebuilding multisig is harder.
  • âś… Simulate key loss: use the key replacement function and document the process.
  • âś… Hardware diversity: mix vendors (reduce systemic risk) and confirm PSBT compatibility.
  • ❌ Don’t centralize all keys in one house or bag.
  • ❌ Don’t rely on memory: print/store a playbook (what to do if X happens).

Practical Case (2-of-3 inheritance template)

  • Today: spend with Key-User + Key-Backup.
  • If 6 months pass with no activity: the Inheritance key can spend alone (timelock triggered).
  • Who is who:
    • Key-User = your primary hardware,
    • Key-Backup = hardware in a safe,
    • Key-Agent = advisor/family member helping complete signatures when needed.
  • How it runs: Nunchuk coordinates PSBT between cosigners; the inheritance plan uses secrets/timelocks (no paperwork).

Useful Resources and Guides

  • How Nunchuk works (multisig): nunchuk.io/how-it-works
  • Plans (Honey Badger) and inheritance info: nunchuk.io/individuals • nunchuk.io/inheritance
  • Recovery/PSBT step-by-step: resources.nunchuk.io/wallet-recovery/collab-wallet/
  • Hardware + PSBT compatibility: coldcard.com/docs/ready-to-sign/
  • Key replacement (secure rotation): nunchuk.io/blog/key-replacement

Closing (today’s action)

  • Create a 2-of-3 vault on testnet, save BIP-39 + BIP-129, run a PSBT send, and document how to rotate a key if you lose one.
  • Question for the community: what threshold/timelock would you use for a realistic inheritance plan and why?
Next post: Nunchuk (II) — inheritance, family co-custody, and daily operation (key rotation, quarterly testing, anti-panic checklist).
write
preview
related posts