Check out this tool. It's in Beta. It lets you challenge your key holders by getting them to sign a message. They need the private key but they don't need the multisig xpub.
What is the best method to verify the multisig addresses on all devices that are part of the set up?
When I signed a tx with cold card, it became aware of the other XPUB and I was able to export the addresses to a file and compare them to what sparrow was showing.
Is the same possible with nostr:npub17tyke9lkgxd98ruyeul6wt3pj3s9uxzgp9hxu5tsenjmweue6sqq4y3mgl
?
Discussion
From the GitHub: "Confirm that cosigners to multisignature bitcoin wallets can sign using signatures. Do they have a key that works?"
nostr:npub1jz0rlhp9ngs3at2kfhzcnc62sxh0y9rxt40x3z003wmdguljky9quaaju6