|
Title: multisig bug? Post by: skakuza on July 19, 2019, 07:58:00 AM Don't know if this is the correct forum, but I think I found a flaw in multisig. I may be wrong. I used electrum to test.
Setup two 2 of 2 offline multisig wallets. Put some funds in. Setup a watch only wallet as a SINGLE wallet using only ONE of the multisig wallet's master public keys. Initiate the spend txn from the watch wallet, sign txn on the one corresponding offline multisig wallet, broadcast the txn from watch wallet ie a cold storage, offline wallet txn. And it works! You've spent from a 2 of 2 multisig with one signature. I hope I'm wrong! Title: Re: multisig bug? Post by: nc50lc on July 19, 2019, 08:25:10 AM Setup two 2 of 2 offline multisig wallets. Put some funds in. Setup a watch only wallet as a SINGLE wallet using only ONE of the multisig wallet's master public keys. This will create a totally different watch-only wallet which isn't multisig, the addresses wont be the same thus the "real" wallet's balance won't show up.Don't know if this is the correct forum, but I think I found a flaw in multisig. I may be wrong. I used electrum to test. Have you tested it with wallet(s) with balance?Have you properly set you 2 of 2 wallet? Maybe you've selected 1 of 2 from the slider. Refer to these image: For 2/2 multisig wallet- https://i.imgur.com/soJh2Mf.jpg For 1/2 multisig wallet- https://i.imgur.com/C9plcWs.jpg But even with 1/2 multisig, creating a watch-only wallet using only one public key will create a standard watch-only wallet. But with 1/2, you will be able to spend using one signature. Title: Re: multisig bug? Post by: BitcoinGirl.Club on July 19, 2019, 08:38:35 AM I hope I'm wrong! You are wrong of course.I tried two possibilities: 1. Restore wallet using both master public key and I have this watch only wallet. And you will see in the watch only wallet - there are no active button to sign a transaction. https://i.ibb.co/qJbX4MB/51875286.png 2. In the 2nd possibility I did this: - Used master key for the first cosigner key - Used 2nd cosigner's seed for the 2nd cosigner I was able to sign a transaction but if you closely monitor the restore process then you will see, I just opposed the order of imputing the cosigners information when I restored the wallet. Instead of entering cosigners seed first, I entered the cosigners master public key. In both case (for the 2nd possibility), the algorithm is same which is actually restoring the same cosigner wallet which seeds are known to you only. Unless you know the seeds from the other cosigner, you can not broadcast the transaction. Title: Re: multisig bug? Post by: skakuza on July 19, 2019, 09:07:38 AM Thanks for this. I am going to try and reproduce what I did, must have screwed something up.
I am now more confident about the prospect of using multisig. Title: Re: multisig bug? Post by: BitcoinGirl.Club on July 19, 2019, 09:22:53 AM Thanks for this. I am going to try and reproduce what I did, must have screwed something up. MultiSig wallet really gives me the peace of mind. Print both cosigners information in two different paper and put them in two different places which you only know. I am now more confident about the prospect of using multisig. If by any chance one is exposed you are still safe that no one can not steal the fund without having the other cosigner information. In a regular wallet you are fu*k if the seed/private key is exposed to anyone who has bad intention. |
