25 sats \ 4 replies \ @hugohanoi OP 25 Mar \ parent \ on: I'm Hugo Nguyen. AMA! bitcoin
The decryption process happens entirely locally on the claimant's device. At no point in time Nunchuk possesses two keys.
Got it.
So it’s the Claimant unlocking their Tapigner locally, signing a PSBT, then Nunchuk adding its key to comprise the 2 of 3 for transfer of fund and initiate the send?
Essentially the same process as if you signed a “normal” with your recovery key, along with one signature from your client from one of their keys, to make a transfer.
This makes sense.
Thanks for the transparency and education about your product Hugo!
reply
@hugohanoi Are you able to provide a bit more info here?
When Claimant puts in Magic Words and Backup Password from Tapsigner to unlock, and does this in the Nunchuk app, how does this not potentially give Nunchuk access to this key and your key (giving you 2 of 3)?
Just want to be completely clear on this and appreciate your time.
reply
You got it mostly correct the first time.
So it’s the Claimant unlocking their Tapigner locally, signing a PSBT, then Nunchuk adding its key to comprise the 2 of 3 for transfer of fund and initiate the send?
- Encrypted file downloaded onto Beneficiary's device
- Decryption happens locally
- Recovered Tapsigner's private key now is in Beneficiary's device
- Beneficiary selects a withdrawal address
- Sweep transaction is created
- Beneficiary signs the sweep transaction with the recovered Tapsigner key
- Platform Key co-signs the sweep transaction
- Sweep transaction is broadcast
You can test this flow out on testnet for free by the way.
reply
Fantastic. Thank you Hugo for the more in-depth answer.
I think your overall solution is very well thought out., and applaud you for your efforts.
I’d also encourage you to add more of this info to your website, to allow potential clients of Nunchuk to have a more complete picture, as this should only serve to have people gain more confidence in what you’ve built.
reply