Replying to Avatar GHOST

If you are a business or in a partnership multisig just makes sense.

But for "most" individuals it is probably overkill. I think most people are more at risk of locking themselves out of their wallet than a hack.

Especially since a single seed can become infinite backup wallets, saving wallets, for the kids wallets, decoy wallets all with just a different passphrase. If someone is threatening physical harm for your wallet then give it to them. They don't have to know about the other 20 ones you have.
Avatar
The Stacker Monster 5mo ago 💬 2

I like that take and I certainly prefer the simplicity of single sig + passphrase over multisig.

However, while you can probably avoid a $5 wrench attack by using multiple passphrases, there are still a couple of things I worry about with single sig.

1) Bad entropy in the random number generator of your chosen hardware wallet

2) Some type of manufacturer attack. They 'preprogrammed' the hardware wallets to generate known seeds and will one day 'retirement' attack all of their wallets by sweeping everything.

3) Malicious firmware update

4) Supply chain attack on your hardware wallet while enroute to you

I think most of these attacks can be mitigated by using a 2/3 multi-vendor multisig. But I'm not sure any of them can be mitigated with confidence using a singlesig + passphrase.

Perhaps these are extremely low probability that they aren't worth worrying about or perhaps there is a way to mitigate using singlesig I'm not aware of...

Reply to this note

Please Login to reply.

Discussion

Avatar
The Stacker Monster 5mo ago

Oh yeah, I also like multisig for inheritance.

Do you have any suggestions on good ways to do inheritance planning with single sig where you still have control over your funds while you're alive but your heir gets control once you pass?

Avatar
GHOST 5mo ago 💬 2

There are several services for this. If you want to roll your own then tell your loved ones where the seed backup is hidden. Then have a Deadman email set up with your passphrase.

Avatar
The Stacker Monster 5mo ago

Thanks, I'll look into that.

Related to my prior response on the 4 attacks multisig may help combat, do you have any thoughts?

Also, is there a given dollar threshold at which you think it may be worth 'upgrading' to multisig even for an anon holder? Like say some guy has a 100k, 500k, 1 million dollars? At some point does the added complexity become worth the effort for (even if only slightly) better security?

Avatar
GHOST 5mo ago 💬 1

There is no way I can answer that. There are just too many variables and it is going to depend on the person and their situation.

$1,000 is a fortune to some people while others spend $500k on a fun night in Vegas.

Avatar
The Stacker Monster 5mo ago 💬 1

Perhaps it would be better if I rephrase.

If you are securing what to you is a fortune (however you define it), would you opt for the additional security (& complexity) of multisig, or as a non-public bitcoiner, would you feel comfortable with single sig + passphrase?

Avatar
GHOST 5mo ago 💬 2

A single sig is plenty secure. Satoshi has a single sig and no one has hacked him.

Multi sig is intended to protect you if you lose one of the keys. For some people and certain situations that is good and they should use it. But multi sig increases the complexity. Most people are better off with one seed with multiple physical copies in different locations.

If you are air gapped your possibility of being hacked remotely is basically zero. The threat then becomes physical. Single sig + passphrase makes a two part secret. Don't keep them together for the evil maid.

Don't become a target by connecting your name and location to a stack. Have multiple wallets and UTXO's, obscure how much you have.

Avatar
The Stacker Monster 5mo ago

Much appreciated my friend!

Avatar
GHOST 5mo ago 💬 1

Going to start charging 😜

Avatar
The Stacker Monster 5mo ago

If you opened a consulting type service I have no doubt you'd have customers!