Nostr Web Client

#asknostr, is a 2-of-2 multi-sig wallet when 1 of the seeds has been compromised any less secure than a single-sig wallet? I'm pretty sure the answer is 'no', but am I missing something?

Let me elaborate a little more:

Most people will be familiar with a single-sig setup on a mobile wallet that uses an external hardware device to sign transactions. In this setup, the seed is on the hardware wallet, and you would have backup(s) of the seed stamped onto steel, or written on paper; stored in a safe, or whatever you feel works best for you.

I'm wondering if it would make sense to just turn this setup into a 2-of-2 multi-sig simply by adding a 'hot' key seed in the mobile wallet. Then, put copies of this 2nd 'hot' seed anywhere you can to make sure it's virtually impossible to lose. Heck, even store it on the blockchain if you have to (sorry for the arbitrary data 😉). Even if everyone knows the 2nd 'hot' key, it's still no less secure than a single-sig setup. Also, since you really only have to keep track of and guard the other key (which you would have to for single-sig setup anyway), the extra effort is negligible.

It seems to me one of the downsides of storing a backup of a single-sig seed is if someone happens to stumble across that 1 item (for whatever reaseon), they could easily take your funds. At least with this 2-of-2 setup, there's a very good likelihood they wouldn't even be aware that there is a 2nd key involved to even go looking for it.

I hope I've explained my thinking well enough. Again, am I missing something here?

*PLEASE NOTE: I'm well aware of passphrases, and that a conventional 2-of-3 mult-sig, etc. scattered geographically/jurisdictionally would be much better. I'm just curious if my proposed 2-of-2 setup would be at least marginally better (and absolutely no less secure) than a single-sig. I'm trying to come up with an easy noob setup that I feel comfortable recommending for smallish amounts; and, I've never liked the idea of being outright screwed if someone happens to stumble across the backup of your single-sig seed.

db 7mo ago

This is a great question that I don’t know the answer to. If someone was to happen upon a set of seed words, I wouldn’t think that they would be able to know that they were associated with a multisig setup but I don’t know for sure.

Reply to this note

Please Login to reply.

Discussion

Judge Hardcase 7mo ago

That's a good line of thinking. I'm pretty sure the best they could do is generate xpubs for potential derivation paths for that set of seed words; then, if they also happened across a multi-sig wallet descriptor backup that contained a matching xpub as one of its keys, they could then conclude that the set of seed words was indeed used as part of that particular multi-sig wallet

BTW, since a 2-of-2 would absolutely require both keys (by a single user in this case) to be useful, there wouldn't be as much reason to save a wallet descriptor backup (that someone else might happen upon) as you probably would/should for a 2-of-3, etc,

db 7mo ago

Sounds legit to me. There would be advantages to this over just a single sig. Even if the one set of words wasn’t as secure,like you mentioned, distributed among multiple places(easy to access and not lose) the other key could be secured as one would do as a typical single sig. This setup could have advantages over a single sig setup but not as robust as a 2 of 3. Food for thought anyways, brain food.

Judge Hardcase 7mo ago

It also occurred to me that you could easily have many 2-of-2 wallets - all with same same secure seed combined with a different 'insecure' seed.

Though, I believe this would allow for block analysis that could link outputs to addresses of different 2-of-2 wallets that were reusing the same signing address from the the secure seed - but, I'm really starting to getting beyond my knowledge here.