reply on: I'm Hugo Nguyen. AMA! \ stacker news ~bitcoin

10 sats \ 5 replies \ @Max_Maxi 23 Mar \ on: I'm Hugo Nguyen. AMA! bitcoin

@hugohanoi Question about security.

I understand with Honey Badger that Nunchuk keeps 1 of 3 keys. But at time of inheritance, with proper authentication, you will unencrypted/unlock the Tapsigner Inheritance key, which you also hold, as well.

It seems that at that time (but only at that time), you will possess two keys, which essentially gives Nunchuk complete control over the multisig wallet and it’s funds (as you will then have 2 keys in a 2 of 4 set up).

So to be clear, at that time, there is at least some counterparty risk, and trust required, that you/Nunchuk will dutifully fulfill your obligation and transfer the funds to the Inheritor, as at that time your are in control. Is that correct?

If so, anything one can do to mitigate that risk, or is that just something that a user of your service would need to be comfortable with?

I like the overall elegance of your solution, but want to be crystal clear on any risks that might exist. Thanks for responding!

25 sats \ 4 replies \ @hugohanoi OP 25 Mar

The decryption process happens entirely locally on the claimant's device. At no point in time Nunchuk possesses two keys.

0 sats \ 3 replies \ @Max_Maxi 26 Mar

Got it.

So it’s the Claimant unlocking their Tapigner locally, signing a PSBT, then Nunchuk adding its key to comprise the 2 of 3 for transfer of fund and initiate the send?

Essentially the same process as if you signed a “normal” with your recovery key, along with one signature from your client from one of their keys, to make a transfer.

This makes sense.

Thanks for the transparency and education about your product Hugo!

0 sats \ 2 replies \ @Max_Maxi 26 Mar

@hugohanoi Are you able to provide a bit more info here?

When Claimant puts in Magic Words and Backup Password from Tapsigner to unlock, and does this in the Nunchuk app, how does this not potentially give Nunchuk access to this key and your key (giving you 2 of 3)?

Just want to be completely clear on this and appreciate your time.

0 sats \ 1 reply \ @hugohanoi OP 27 Mar

You got it mostly correct the first time.

So it’s the Claimant unlocking their Tapigner locally, signing a PSBT, then Nunchuk adding its key to comprise the 2 of 3 for transfer of fund and initiate the send?

Encrypted file downloaded onto Beneficiary's device
Decryption happens locally
Recovered Tapsigner's private key now is in Beneficiary's device
Beneficiary selects a withdrawal address
Sweep transaction is created
Beneficiary signs the sweep transaction with the recovered Tapsigner key
Platform Key co-signs the sweep transaction
Sweep transaction is broadcast

You can test this flow out on testnet for free by the way.

10 sats \ 0 replies \ @Max_Maxi 27 Mar

Fantastic. Thank you Hugo for the more in-depth answer.

I think your overall solution is very well thought out., and applaud you for your efforts.

I’d also encourage you to add more of this info to your website, to allow potential clients of Nunchuk to have a more complete picture, as this should only serve to have people gain more confidence in what you’ve built.