What's your favorite multi sig set up? #asknostr
Discussion
I don't trust my technical ability not to fuck something like that up. Single sig, for me, for now. Will probably do a deeper dive on it at some point in the not too distant future.
That’s why play and test with small amount. Repeat until comfortable
I suppose I'll have to take the plunge at some point. Multi vendor, multi sig, is the way to go for the ultimate in security.
Been going through this discussion a lot with a few friends. From technical security perspective, I agree and want to try and play around with. But I keep coming back to fiat world mentality in a way. The government bullshits people that deposits are safe to a certain amount so people naturally open multiple bank accounts. Key safety targeted with multi sig, multi device but I think maybe worth considering multi device / seeds division. Stack on a wallet to certain amount and hide and start another. I have never had only one bank account
You're right. I currently have all my stack on one device. I recently received 2 Jades so the least I can do is split it between the 2 of them. (I've still not done it because I'm lazy😂), I have 4 bank accounts, the total amount in all 4 is less than 4 figures😬.
I think it’s partially what comes naturally. As someone who worked internationally all his life and also got paid in different currencies and have always had to manage currency fluctuation risks, I’ve always had multiple accounts with multiple institutions in multiple countries and had to juggle things. When FATCA and CRS happened, had to juggle further just cause many banks couldn’t deal with the bloody regs and told me to shut accounts. It just became normalised. It seems normal for me to have multiple devices and wallets in different locations using different devices
complex 25th word on your standard seed does a damn good job. I’ve seen people post their seed phrases online as a challenge but because their 25th word was too complex for a brute force crack nobody ever got the money. Another option is single vendor, single seed multisig wallet created by using the same seed/HW but different 25th words on each key you add to the multisig setup using your HW
That’s a good option. Like it.
similar idea but instead of passphrases, using BIP85 child seeds to construct a multisig wallet using a single hardware device
zero transaction history at the master seed and child seed levels (suggests zero usage for anyone who might discover)
optional passphrase on "child seed 2" to add more "what you know" in recreating the wallet descriptor (think 3rd xpub)
backup requirements are 12/24 words, index of child seeds (out of 10,000) and optional passphrase, if used
note: not a recommendation, more of a thought exercise to poke holes
Neat ideas folks.
I could manage, but I dunno about teaching my wife to handle it. much easier with single sig. I'll have to look into it eventually I think, the paranoid in me will win out in the long run
I like sparrow with cold card and steel or titanium backup
I do have a seed signer as backup tho
Ditto
A solid setup
Thoughts on using different vendors for seed generation? I like coldcard for seed generation, and my thought is to confirm the math on a separate vendor's device. Just exploring nostr frens thoughts on this for the convo,
Could distribute the risk by using different vendors. I've never gotten down to the point of verifying the math or doing manual dice rolls etc...
Respect to those that do
The coldcard ultra paranoid walk through, even if you dont do it that way, is great explainer on this. For me, confirming a device is "mathing" correctly was just a fun thing to do with the added benefit of then being able to trust the device
Do the dice once and you’ll always do it in future. It’s really not that much effort for the additional entropy and personal verification. First time I did it, I just followed southern bitcoiners walk through for mk4. Was awesome. It’s worth the extra steps as gives you confidence too
Bit-key if non technical
2 of 3
Practicing on sparrow however, I am intrigued by the new time lock, inheritance design with nunchuk or possibly Unchained.
I love all the companies building solutions like this. I I don't know Bitkey well but I'm hoping more self-hosted user friendly multisig solutions get built up over time. I'm also very interested in exploring multsig custodial solutions provided by lawyers, like myself, to mitigate against some of the disclosure risks attendant to non-legal service provider custodians who are more susceptible to subpoenas, etc.
