Hi Stackers
I’m new to the multisig thing and wanted to share my experience about using it for a potential self custody solution.
I’ve been playing around with setting up a 2of3 multisig wallet using Electrum, and honestly, it’s been a very rewarding learning experience.
Even if I don't go down this route, the stuff I've been doing as a normie has surprised me massively!Even if I don't go down this route, the stuff I've been doing as a normie has surprised me massively!
getting electrum onto a chromebook
this was v.tricky because as you'll know, linux is sandboxxed away from the Googleness
verifying a pgp signature
this was interesting
I know this topic has been discussed a ton over the years (I’ve definitely used the search function and read a lot of the old posts)I know this topic has been discussed a ton over the years (I’ve definitely used the search function and read a lot of the old posts)
And I know there's been a lot of chat recently about how dangerous multisig can be, but I wanted to add my beginner perspective.And I know there's been a lot of chat recently about how dangerous multisig can be, but I wanted to add my beginner perspective.
Currently, I’m experimenting with a setup that uses one hot phone and two cold phones.
It actually took me ages to internalize the conceptualization of how the setup works, and I can definitely see why so many people mess up and lose everything
My main question is:My main question is:
Is this secure enough for long-term storage?
I understand the risks of the hot device being online, but having two offline (cold) signers makes me feel better about the overall security
As I've said, I'm no computer scientist, but I'm sort of aware of the servers on electrum leaking information, but to be honest, that level of knowledge is something I can learn to understand
At the moment I'm still in the testing stage and so far I have:At the moment I'm still in the testing stage and so far I have:
setup the multisig
wiped the phones
re-setup
recieved a small amount
sent a small amount
I did this by:I did this by:
using the hot phone to create tx
using cold phone to sign by qr code
using hot phone to broadcast
So my question would be:So my question would be:
when the cold phones need an app update, how do you safely update the Electrum app without connecting them to the internet?
I want to keep them air-gapped but also up to date.
I'm thinking....I'm thinking....
delete wallet uninstall when cold
reinstall and update when hot
go cold and import seed
Maybe that's too simplistic, but I didn't want this to be just another multisig post
I want you to know, I really enjoyed learning all this
In my opinion, multisig is primarily for protocol developers to build things like Lightning Network, side-chains, and for custodians who want distributed signing schemes.
Single signature is fine for individuals (especially beginners). You can achieve multisig-like properties using Shamir's secret sharing, or any number of techniques to split-combine (or even obfuscate) private key material.
At the end of the day, you just need to secure some private data to secure your sats. Multisig just means you have more material to keep secure (more keys, plus wallet descriptors).
But it's great you're learning multisig hands-on!
Android phones let you side-load APK. You can download and verify the new Electrum APK (or build from source) and load it onto the cold phones via USB drive.
Likewise, with Android OS updates, you can apply these from a linux computer over USB cable
adb sideload. Assuming you're able to download the AndroidOS update files onto the linux computer.Perfect, thank you, I didn't know about the cold side loading options, I've got zapstore and side loaded as a normal hot phone
Agree, multisig is very complicated
But I have to say , I had the 3 phones setup and then created a standard watch wallet on the chromebook by importing the zpubs
Created the tx on watch wallet, signed with 2 cold phones and broadcast with watch wallet
Very cool 😎 and to think electrum has been around since the very early days blows my mind
Another Wallet (pc) great for learning and setting up a Multi Sign is Bitcoin Safe.
My advice, use a hardware wallet instead of a phone.
Ok thanks 😊 will do it. Thanks for the recommendation 😀