do you prefer multisig over a single sig + passphrase for storing life savings?
Every bitcoiner needs privacy if they don’t want a gun in their face.
Cold storage protects your keys.
Not your face. Not your family. Not your location.
And if you’ve stacked anything worth noticing, you’re not paranoid.
You’re a walking payday.
Criminals don’t need to hack your wallet.
They just need to know you have one and where to find you.
https://untraceabledigitaldissident.com/why-every-bitcoiner-needs-operational-privacy/
Discussion
If you are a business or in a partnership multisig just makes sense.
But for "most" individuals it is probably overkill. I think most people are more at risk of locking themselves out of their wallet than a hack.
Especially since a single seed can become infinite backup wallets, saving wallets, for the kids wallets, decoy wallets all with just a different passphrase. If someone is threatening physical harm for your wallet then give it to them. They don't have to know about the other 20 ones you have.
I like that take and I certainly prefer the simplicity of single sig + passphrase over multisig.
However, while you can probably avoid a $5 wrench attack by using multiple passphrases, there are still a couple of things I worry about with single sig.
1) Bad entropy in the random number generator of your chosen hardware wallet
2) Some type of manufacturer attack. They 'preprogrammed' the hardware wallets to generate known seeds and will one day 'retirement' attack all of their wallets by sweeping everything.
3) Malicious firmware update
4) Supply chain attack on your hardware wallet while enroute to you
I think most of these attacks can be mitigated by using a 2/3 multi-vendor multisig. But I'm not sure any of them can be mitigated with confidence using a singlesig + passphrase.
Perhaps these are extremely low probability that they aren't worth worrying about or perhaps there is a way to mitigate using singlesig I'm not aware of...
Oh yeah, I also like multisig for inheritance.
Do you have any suggestions on good ways to do inheritance planning with single sig where you still have control over your funds while you're alive but your heir gets control once you pass?
There are several services for this. If you want to roll your own then tell your loved ones where the seed backup is hidden. Then have a Deadman email set up with your passphrase.
Thanks, I'll look into that.
Related to my prior response on the 4 attacks multisig may help combat, do you have any thoughts?
Also, is there a given dollar threshold at which you think it may be worth 'upgrading' to multisig even for an anon holder? Like say some guy has a 100k, 500k, 1 million dollars? At some point does the added complexity become worth the effort for (even if only slightly) better security?
There is no way I can answer that. There are just too many variables and it is going to depend on the person and their situation.
$1,000 is a fortune to some people while others spend $500k on a fun night in Vegas.
Perhaps it would be better if I rephrase.
If you are securing what to you is a fortune (however you define it), would you opt for the additional security (& complexity) of multisig, or as a non-public bitcoiner, would you feel comfortable with single sig + passphrase?
A single sig is plenty secure. Satoshi has a single sig and no one has hacked him.
Multi sig is intended to protect you if you lose one of the keys. For some people and certain situations that is good and they should use it. But multi sig increases the complexity. Most people are better off with one seed with multiple physical copies in different locations.
If you are air gapped your possibility of being hacked remotely is basically zero. The threat then becomes physical. Single sig + passphrase makes a two part secret. Don't keep them together for the evil maid.
Don't become a target by connecting your name and location to a stack. Have multiple wallets and UTXO's, obscure how much you have.