Bitcoin Forum

Let`s say you setup a multi sig wallet or you setup a QT wallet and set a passphrase for everytime you`ll send coins. So these are pretty secure options right?

But what if someone gets your private key? then can still just import that in another wallet and send your balance to another address right?
so all those multisigs, passwords and passphrases are good within that particular wallet brand like QT or electrum.

Am I getting this right?

Yes it's just an extra step for secuirty. The private key is normally encrypted in some way that can only be decryptedwith the verification or using another service to hold a section of the private key that sends the encryted from for decryption using a specific key you use.

It is true that is someone gets the unencrypted parts of the key and puts them together then they will be able to deduce the private key and use it and there is a way to revert a multisig wallet private key back to a regular address private key (I'm fairly sure there is at least).

No there isn't... as there isn't a "MultiSig Wallet Private Key"...

MultiSig "addresses" are actually hashed scripts that are crafted from two or more (N) different public keys... and specify some minimum number (M) of signatures (generated by the private keys that match the public keys) that are required to be provided with a transaction before the network will recognise that transaction as valid.

Hence, "M of N"... if you have N = 4, and M = 2, then there would be 4 public keys in total used to generate the MultiSig in the first instance, but you'd only need 2 signatures (generated by the matching private keys) to be able to spend any coins controlled by that particular address.

You can't revert it back to a regular address private key.

Sure.

In the case of a passphrase, the wallet will use that to encrypt your private keys.  That way, if someone gains access to your computer while you aren't around, or if someone is able to take a copy of your wallet files, they won't be able to decrypt your private keys and use them without first figuring out your passphrase.


While it is still encrypted with your passphrase?  Then they won't be able to use it until they figure out the correct passphrase to decrypt it (I hope you chose a strong passphrase).

If you are somehow so careless that they get your UNENCRYPTED private key, then they don't need the passphrase anymore, since the key is already unencrypted.


Once they have access to your unencrypted private key, they have access to your bitcoins.

If you don't have exclusive access to your private keys, then you don't have any bitcoins.


The passphrases are good for encrypting your private keys.

MultiSig is reduces your risk even more.

With a MultiSig address, I can require, for example, that 3 out of 7 private keys be necessary to spend the bitcoins.  Then I can encrypt each private key with a different passphrase and store it in a different location.  Now if a thief gains access to one or two of my private keys, they still can't spend the bitcoins.  If 3 or 4 of my private keys are destroyed in a fire, flood, earthquake, tornado, hurricane, etc, then I can still gain access to my own bitcoins with 3 of the remaining keys.  If a thief gains access to 3 (or more) of my private keys, then they still need to figure out three different passphrases.  During the time when they are trying to figure out the passphrases, if I become aware that they have the encrypted keys, I can just send my bitcoins to a new address and they won't be able to touch them.


I don't know.  Are you?

Really good and useful information. Thanks everyone. Especially thank you @DannyHamilton