Subnostr

Honest question:

How does Multi-Sig protect you from $5-wrench attacks?

#asknostr #btc #bitcoin #askaboutbitcoin #studybitcoin

I would say that it protects your Bitcoin, not you. If someone is physically threatening you, you will not be able to give them your keys if the multisig is geographically separated. Multisig just creates an additional necessary access requirement. It's excellent security but it has its own risks, drawbacks, and limitations.

If the attacker doesn't know what multisig means or doesn't believe you, you might be in a bad spot.

Using a duress wallet or a decoy seed would be a complimentary risk management strategy so that you can 'give them what they want' without compromising your entire stack.

Reply to this note

Please Login to reply.

Discussion

binsky 2y ago

That last paragraph sparks my interest. A duress wallet? A decoy seed?

Entropy 2y ago

Yeah, like you could have a seed phrase written down and stored in a safe. It may or may not have funds on it. It's a decoy that you can give up while appearing to comply with an attacker.

Similarly, you can set up a duress wallet on some hardware wallets. You would have a normal PIN, and a duress PIN that, when entered, accesses a different seed that you can have funds on to fool an attacker. You would have to determine how much to put into the duress wallet to give it an appearance of authenticity, enough to appease an attacker and make them go away none the wiser.

binsky 2y ago

Oh like that. Yeah that’s clever indeed. Do you know which hardware wallets work with that duress pin?

Entropy 2y ago

Coldcard does, I think passport does as well, not sure about others I haven't really explored signing devices to a great extent. Coldcard is what I've used for years.