Hey Bitcoin community,
As my stack of Sats grows, I've been considering multi-sig setups, but I want to keep things simple. Currently, I store my coins on a hardware wallet. I'd love to hear your thoughts on Casa. Are there any alternative solutions you recommend? Additionally, I'm interested in learning about best practices and resources to prevent the loss of my Bitcoins.
I appreciate your input and any valuable suggestions you can provide!
Thanks a lot in advance!

Nunchuk.io / Nunchuk wallet

Pros

  • AFAIK this is the only non-KYC multisig custodian.
  • Their app has a encrypted chat feature which can come in handy when trading BSMS or PSBT files.
  • Supports a wide range of hardware wallets.

Cons

  • Their desktop app is in beta but I found it to have lots of bugs.
  • Linux desktop app uses a very outdated libssl package that you can't install in modern distros.
  • Their mobile client does not work with hardware wallets like the ledger nano s plus.

Unchained

Pros

  • Does not cost anything for the basic model until you actually need to use them as a signer.

Cons

  • Does not support seedsigner
  • KYC Required.

Casa

This is the one I have the least hands-on experience with.

Cons

  • The most basic model costs money even if you never use them as a signer.
  • They now support Ethereum ( might be a pro for some ).

DIY method

If you have a friend who uses bitcoin you can create a 2/3 multisig and use their signature as one of the sigs.

Pros

  • If you use your friends sig that they use for themselves they have an incentive to keep it safe/backed up.
  • non-KYC.

Cons

  • If you give the descriptor to your friend, or a BSMS, your friend can see how many sats you have.
  • Probably more likely your friend looses their signing device/backup than a company loosing theirs.
reply
Nunchuck is the solution for me. Pricing is also attractive.
reply
I'd love to use Nunchuck with my brother and trusted friend as signers in case something happens to me and my keys. My wife could then reach out to one of them and they'd be able to sign together to get the 2 needed keys.
Only issue that I'm trying to work out is if there is a way to allow my brother and trusted friend to be part of the multi-sig but otherwise not be able to watch the balance.
Anyone know if this is possible?
reply
We're working on something that will enable you to do this. Stay tuned!
reply
You can kind of do this already with 1 of your friends. Here is a rough idea of how you would do it:
  • Have your friend send you their multsig xpub and derivation path for their signing device.
  • Create a 2/3 multisig and use their xpub + derivation path as one of the sigs in the multisig.
Your friend wouldn't be able to see your wallet since they don't have the other 2 xpubs + derivation paths, but if they needed to sign a tx they could.
Downside to this is your wife would need 1 of the sigs to get your Bitcoin. You could do a 2/3 and have your friend and brother be signers but they technically could get together and steal your Bitcoin.
reply
Thanks a lot. Will check it out!
reply
Unchained is ideal for passing your wallet on to a loved one if you pass, from my understanding
reply
I have used Casa for a couple of years. The idea of colaborative custody appeals to me but I decided to cancel my subscription. In the end it was a buggy app, the high price (now even higher) and the need for more privacy (they can see all your utxo's) that made me leave.
Eventually ended up rolling my own 2-of-3 which takes a bit of work but in the end provides a great feeling of calm hodling.
reply
Is it just Casa that can see all your UTXOs, or any collaborative custody service that holds your multisig descriptor file?
reply
Hehe blast from the past post. At this time, every collaborative custody service will be able to see amounts. To be able to sign a (recovery) transaction for you, they need al three public keys. It's the technical state of things right now unfortunately.
reply
just backup all the seed phrases and derivation path and you're good.
reply
Is this the same as backing up xpubs? Or do you need the derivation path separately stored?
reply
You can also recover the respective xpub with the seed phrase and derivation path.
reply
the purpose of a multisig is, in part at least, to be resilient to losing 1 or more seeds (depending on the exact setup). so, the best practice is to keep a backup of ALL xpubs with EACH seed. this way even if 1 (or more) seeds are lost (less than quorum) you can still use all xpubs and remaining seeds to recover and sweep to a new wallet.
reply
You can start here
reply
Thanks!
reply
If you want to keep things simple but have more than a seed phrase, would you consider SeedXOR instead of multisig?
reply
I like Casa. There are a ton of options with how to do multisig and I think that’s one of the toughest parts. Taking the time to learn everything takes a really long time. Casa has an opinionated view that makes it easy to follow a secure setup.
reply
i wouldnt use casa, their model doesn't make any sense and they are shitcoining
reply
If you’re gonna say their model doesn’t make sense, you gotta explain why. Same thing with shitcoining. I agree on the second part a little, if a business starts focusing away from bitcoin they are screwing themselves in the long run, but a little more info is needed regardless
reply
another good resource to explore the tradeoffs of different options: https://btcguide.github.io/
reply
I’d highly recommend getting familiar with the topic first, before actually sending a bigger stack of sats to a multi-sig wallet of your own! (I mean, that’s why you here ^^)
Here’s a very good guide by one of the co-founders and creators of the BitBox02 hardware wallet. All signers will be from the same vendor. Many will point out that this may be bad practice (danger of supply chain attacks), but there are good reasons for it! Especially in the case of BitBox02!
He uses Electrum, but it also works with SparrowWallet (which has a nicer UI, IMHO).
There’s also an in-depth article about some of the dangers of multi-sig (drawbacks if not set up correctly): https://bitbox.swiss/blog/how-nearly-all-personal-hardware-wallet-multisig-setups-are-insecure/
reply
Is specter still preferred over Sparrow for multisig? I'm familiar with Sparrow, but haven't used spector yet.
reply
I like Nunchuck, but you forgot to mention Sparrow and Specter maybe to the
DIY method
reply
Specifically why do you need multi-sig? People latch on to this as a solution all the time and it is very specific to individual needs. Most of the time you can simplify your situation by using a single seed phrase + password phrase.
reply
I would say single-sig + passphrase is a middle ground between single-sig (no passphrase) and multi-sig. Here is the way I see it:

Pros of single-sig + passphrase

  • Simpler than multi-sig.

Pros of multi-sig

  • If you do a 2/3 multi-sig you can loose 1 private key and you can still get to your Bitcoin.
  • You can utilize one of the multi-sig custodians (Unchained, Nunchuck, Casa, etc).
  • You can use a friend/family as one of the sigs in a 2/3 multi-sig.
At the end of the day everyone has to decide what works for them. I could see a situation where you start with single-sig with no passphrase, than as you stack more sats you go to single-sig with a passphrase, then more multi-sig when you stack even more stats.
reply
Passphrases are simpler but also highly dangerous. If you use passphrases, make sure that you understand their weaknesses first: https://hugonguyen.medium.com/passphrases-are-not-the-solution-for-bitcoin-custody-4f967a339b1b
reply
Some more pros for SS+P:
The wallet balance isn't so easily revealed, as one doesn't need to backup any xPubs.
The backup process itself is much easier (perhaps this is what you mean by "simpler"). For SS+P, everything can be human readable and etched on steel. For multisig you again have the issue of backing up all xPubs, which are either digital or on paper. There should be multiple copies in case of bitrot.
reply
deleted by author
reply