pull down to refresh
68 sats \ 9 replies \ @takaponka OP 31 Mar 2023 \ parent \ on: Stop pushing HWW and complex multisig setup to normies bitcoin
Single sig is still the best for most usecases ...
Maybe I don't realize the need for multisig because I lack tech knowledge.
In case of 5 dollars wrench attack, multisig won't save your ass
"you understand bro I only have this key right now can't give you the money bro" => you will die
If I have my 12 words in my head and some steel plates which can be recovered by instructions if I have big accident or die, how is that a single point of failure ?
I don't know if I express myself good enough, for me cold wallet is necessary for big savings, multisig is not. Lot of people have lost their funds because of a complex multisig setup, losses due to single sig are laughable.
"Hold up let me call my mom. She has the other key."
"Hey mom I'm um trying to buy a possum can you sign this tx for me?"
Possum is a distress word in this example. Mom was told if she got a phone call like that, to call the cops.
Its basically the same thing we got with bank accounts. Get someone else involved who can delay long enough to get law enforcement to resolve the situation.
reply
This so much
I see multisig like this:
- Even if you want, you can't hand over your keys
- in case they want you to collect enough keys to sign a tx, there is a chance to get help
- if they really would kill you (even though they gain nothing from it), multisig or singlesig doesn't matter.
- if enough people use multisig, attacks on bitcoin people will make less sense because of high risk/low reward
reply
The only defense to a $5 wrench attack is having a decoy wallet you can hand over with hopefully sufficient amount on it to appease the attacker. Multisig works for the scenario where someone breaks into your home when you're not there and gets your coldcard.
reply
Multisig does not nullify $5 wrench attack defense.
First off, multisig is long term savings, deposit only. Ideally, you don't even have that wallet anywhere on you. If you want to keep a smaller amount of bitcoin accessible to spend from, you can totally do that.
Second, if for whatever reason, you want to keep a multisig HWW on you, you can still use something like cold card that has duress defense options.
But IMO, a multisig wallet is a GREAT decoy wallet. You can just hand it over, give them the PIN and everything.
reply
What about a own $5 wrench?
reply
Wrench sword fight!
reply
See my response to TheL0wner above, that addressed a lot of this. This is definitely a good conversation to have.
reply
"They have to, that's the only way bitcoin survives without everyone losing their money all the time. The only good practice is air-gapping your wallet"
I don't agree with this statement. So only good practice is airgapped or multisig or both ?
It's a good conversation indeed !
For now the 7M BTC lost are due to :
- human errors (loose single sig private key, in the case or you don't even understand singlesig multisig won't save you)
- attacks that requires human error (SE, phishing)
Always human errors involved, if they exist with singlesig I don't even imagine the amount of learning and education not to have more with multisig.
So I'm not persuaded that all users with multisig/HWW solution would have reduced these losses. For me it's absolutely necessary when people know that you or your entity has big funds.
reply
There are no real numbers on this, but…
A lot of people lost their bitcoin by:
- losing a HWW
- losing a passphrase to a HWW, thinking it was similar to a website password
- trying to make single-sig too complicate because they recognize it‘s a fragile setup
Collaborative custody multisig w/ unchained / referencing their step by step resources avoids ALL of that. W/ multisig, there’s no need to make anything complicated, and no single points of failure means no human error is going to result in loss in loss of funds all of a sudden. If you make a mistake, it’s really easy to fix it and move your bitcoin to a new wallet.
Secure single-sig is WAY more complicated and fragile than multisig
reply