Title: Solution for 2-of-3 paper wallets without multisig feature Post by: brenzi on December 31, 2013, 01:39:24 PM As the multisig feature is not yet supported by any bitcoin client (at least not for spending the coins) I was thinking about another way to get a 2-of-3 paper wallet.
edit: You can directly jump to the improved version (https://bitcointalk.org/index.php?topic=393159.msg4332270#msg4332270) The basic idea is:
now you only need two of those three QR codes to recover your private key. I tried this with the following detailed procedure: Private Key: 5JYTix96fp8JtwWF1Vq3gBaM5p31GyYK94K5ezLdUaF3VBZkJ7G file testprivkey1 Code: 5JYTix96fp8JtwWF1Vq3gBa file testprivkey2 Code: M5p31GyYK94K5ezLdUaF3VBZkJ7G generate PAR recovery file Code: parchive a -n1 test.par testprivkey1 testprivkey2 you get an index file test.par and a recovery file test.p01. You don't need to keep the index file, it's only used for checksum validation generate QR codes Code: cat testprivkey1 | qrencode -o testprivkey1.png print it. make sure you mark which code stands for which file To decode with only testprivkey1 and test.p01: Code: zbarimg --raw testprivkey1.png > testprivkey1 now you just need to concatenate the two sides. done. The only question that remains is: Can I be sure that the private key cannot be recovered from only the recovery file itself? Not with parchive tool itself, but as parchive is not designed to make this impossible (quite the opposite) I would apprechiate educated comments on my proposal One approach to make sure the recovery file is not sufficient to recover the private key could be to add random data to the files testprivkey1&2. The amount of random data would be limited by reasonable QR code size. The recovery file should then have the same size as the input files Title: Re: Idea for 2-of-3 paper wallets without multisig feature Post by: prezbo on December 31, 2013, 04:11:00 PM I think armory already implemented m-of-n backups based on shamir's secret sharing algorithm (http://en.wikipedia.org/wiki/Shamir's_Secret_Sharing). Check the armory subforum for details.
Title: Re: Idea for 2-of-3 paper wallets without multisig feature Post by: cbeast on December 31, 2013, 04:20:36 PM BIP38 is supported by http://www.bit2factor.org/
It can be saved and run offline. Title: Re: Idea for 2-of-3 paper wallets without multisig feature Post by: empoweoqwj on January 01, 2014, 02:37:03 AM I think armory already implemented m-of-n backups based on shamir's secret sharing algorithm (http://en.wikipedia.org/wiki/Shamir's_Secret_Sharing). Check the armory subforum for details. yep - armory has the most advanced wallet features out there. Title: Re: Idea for 2-of-3 paper wallets without multisig feature Post by: brenzi on January 01, 2014, 09:56:22 AM I think armory already implemented m-of-n backups based on shamir's secret sharing algorithm (http://en.wikipedia.org/wiki/Shamir's_Secret_Sharing). Check the armory subforum for details. Great, thanks. But it seems this is not yet an official, mature feature (and currently everybody's waiting for the next release including important fixes anyway). And I would prefer a very simple solution that could be run from a liveCD. Your hint leads me to the following:Code: cat testprivkey | ssss-split -t 2 -n 3 -w testkey -q This seems like a very elegant solution to me, as it is very easy to reproduce. One could even print the necessary bash script next to the QR code on the paper wallet. And there's more: This solution can be applied to any altcoin as well Title: Re: Idea for 2-of-3 paper wallets without multisig feature Post by: empoweoqwj on January 01, 2014, 10:55:06 AM I think armory already implemented m-of-n backups based on shamir's secret sharing algorithm (http://en.wikipedia.org/wiki/Shamir's_Secret_Sharing). Check the armory subforum for details. And there's more: This solution can be applied to any altcoin as well Well considering most altcoins are clones or near clones of bitcoin, that's not really much of a surprise ;) Title: Re: Idea for 2-of-3 paper wallets without multisig feature Post by: prezbo on January 01, 2014, 11:29:35 AM I think armory already implemented m-of-n backups based on shamir's secret sharing algorithm (http://en.wikipedia.org/wiki/Shamir's_Secret_Sharing). Check the armory subforum for details. And there's more: This solution can be applied to any altcoin as well Well considering most altcoins are clones or near clones of bitcoin, that's not really much of a surprise ;) Title: Re: Idea for 2-of-3 paper wallets without multisig feature Post by: brenzi on January 01, 2014, 12:22:53 PM I think armory already implemented m-of-n backups based on shamir's secret sharing algorithm (http://en.wikipedia.org/wiki/Shamir's_Secret_Sharing). Check the armory subforum for details. And there's more: This solution can be applied to any altcoin as well Well considering most altcoins are clones or near clones of bitcoin, that's not really much of a surprise ;) No, not a surprise. But adapting armory for altcoins is out of reach for me. So I'm looking for a solution that solves my problem for any coin (or any secret) Title: Re: Idea for 2-of-3 paper wallets without multisig feature Post by: brenzi on January 01, 2014, 12:35:19 PM To generate the QR codes for the private key in file testprivkey Code: #!/bin/bash To recover the private key: Code: #!/bin/bash I will give this a go and probably add some comfort to the scripts Unfortunately, not all tools used are on standard ubuntu liveCD. You need to Code: sudo apt-get install ssss qrencode zbar-tools Title: Re: Idea for 2-of-3 paper wallets without multisig feature Post by: brenzi on January 05, 2014, 09:04:28 PM Ok, so here's the script that I use to generate 2-of-3 paper wallets (can easily be modified for N-of-M). Hopefully some people can use this until the time when bitcoin clients support multisig transactions.
It generates a html file with three parts of one paper wallet. I've tested it for bitcoin and peercoin. Whatever vanitygen can generate is supported. Linux Dependencies: vanitygen ssss qrencode (zbar-tools) Code: #!/bin/bash use the following lines to test recovery Code: zbarimg --raw -q paperwallet.priv.part1.png | tr -s '\n' > testjoin.part1 be aware that the files generated contain your private key and are not cleaned up by this script. Only generate paper wallets on an offline computer running LiveCD. |