[Technology]

I had the idea of making a easy to use Bitcoin multisig wallet with timelocked recovery key for a long time, and thanks to the recent development of miniscript in Bitcoin community, I'm able to produce a solution and product that allows the general public to use these advanced features in a very convenient way.

Technology

The underline miniscript of the solution is discussed in another topic https://bitcointalk.org/index.php?topic=5441806.0

Code:

wsh(thresh(2,pk(OWNER),s:pk(MEMBERS),sj:and_v(v:pk(RECOVERY),n:older(12960))))

The miniscript above produces a 2-of-3 multisig, with a 90 days timelock for the RECOVERY key.

For any UTXO created within 90 days, both the OWNER and MEMBERS key must sign the transaction to spend the coins. But after 90 days, the RECOVERY key can step in to work together with either the OWNER or MEMBERS key to spend the coins.


Product

Based on the miniscript technology above, we created a product, Mixin Safe, to make all those steps convenient for Bitcoin holders.

Whenever a new Mixin Safe is created, the Bitcoin holder needs to provide the OWNER public key. To do this, a miniscript compatible wallet is required, we have tested Bitcoin Core and Ledger, and noticed upcoming miniscript support announcements from other hardware vendors, e.g.

• Coldcard https://github.com/Coldcard/firmware/pull/227
• BitBox02 https://twitter.com/_benma_/status/1670022585461907456
• SeedSigner https://twitter.com/pythcoiner/status/1670458117983805442

Then the Bitcoin holder needs to use our another product Mixin Messenger to produce a MPC public key as the MEMBERS key. Although it's possible to generate this MEMBERS key only by yourself, we recommend to choose at least two Mixin Messenger devices, better with your partner, so the MPC key is generated as a 1-of-2 threshold ECDSA key.

Mixin Messenger is an open source MPC wallet for 6 years https://github.com/MixinNetwork/android-app, and the MPC code we used is from https://github.com/taurusgroup/multi-party-sig

Finally, we the Mixin Safe service maintainer holds the RECOVERY key for emergency recovery usage once the OWNER key is lost.


Security

The solution is based on Bitcoin multisig script with timelock, and the recovery key timelock can be adjusted when the wallet is created.

The OWNER key is managed by third party and popular bitcoin wallets,  can have a normal backup solution, and no need to worry about it's stolen or lost. Because nobody will be able to spend the coins with this only OWNER key, and the coins can be recovered even if the OWNER key is completely lost.

The MEMBERS key is managed by open source MPC solution. If MEMBERS key is managed by a few people in 1-of-2 or 3-of-5 or even 5-of-10, it's almost impossible to lose the MEMBERS key.


Try It!

Now the product is generally available, it's a website which is designed to have intuitive interface to use.

https://safe.mixin.one/

Thank you, and welcome suggestions.

I'm working on a wallet solution to use 2/3 multisig with timelock.

A and B can spend the UTXO together before the timelock, but C can only spend the UTXO with A or B after the timelock expires.

So I wrote the script as below, is it correctly implemented as the requirement?

Code:

OP_IF
2
OP_ELSE
4194311 OP_CHECKSEQUENCEVERIFY OP_DROP 
key_C OP_CHECKSIGVERIFY
1
OP_ENDIF
key_A key_B 2 OP_CHECKMULTISIG

Thank you

[7000101487]

I have started an event to send free BTC daily in the app Mixin Messenger.

After install the app, then search 7000101487 and add the bot as contact. The rules are very simple:

first day you get 100 satoshis
the second day 200 satoshis
third day 300 satoshis,
...
the 30th day 3000 satoshis,
...
the 365th day 36500 satoshis
...
this runs forever
But it must be consecutive claims, failed to claim someday will let you start over from 100 satoshis again.
So after 1 month, you get 46500 satoshis = 0.000465 BTC, and after 3 months you get 409500 sathoshis = 0.004095 BTC

LUCKY BTC ONLINE

A valid invitation give the group owner 0.0001 BTC reward

The app for Google Play https://play.google.com/store/apps/details?id=one.mixin.messenger
The Android APK and source code https://github.com/MixinNetwork/android-app

The app for iOS https://itunes.apple.com/app/mixin/id1322324266
The source code https://github.com/MixinNetwork/ios-app

Note for withdrawal, there are no withdrawal limits or KYC, you can withdraw at any time, for any amount. But because Bitcoin network fee is high, if you want to withdrawal the BTC urgently, you can exchange it to EOS or DOGE anonymously by searching 7000101276 or 7000101996. I recommend to store the BTC in Mixin wallet, because it's really easy to use for small amount of cryptocurrencies.

[7000101487]

I have started an event to send free BTC daily in the app Mixin Messenger.

After install the app, then search 7000101487 and add the bot as contact. The rules are very simple:

first day you get 100 satoshis
the second day 200 satoshis
third day 300 satoshis,
...
the 30th day 3000 satoshis.
But it must be consecutive claims, failed to claim someday will let you start over from 100 satoshis again.
So after 1 month, you get 46500 satoshis = 0.000465 BTC, and after 3 months you get 409500 sathoshis = 0.004095 BTC

LUCKY BTC ONLINE

A valid invitation give the group owner 0.0001 BTC reward

The app for Google Play https://play.google.com/store/apps/details?id=one.mixin.messenger
The Android APK and source code https://github.com/MixinNetwork/android-app

The app for iOS https://itunes.apple.com/app/mixin/id1322324266
The source code https://github.com/MixinNetwork/ios-app

Note for withdrawal, there are no withdrawal limits or KYC, you can withdraw at any time, for any amount. But because Bitcoin network fee is high, if you want to withdrawal the BTC urgently, you can exchange it to EOS or DOGE anonymously by searching 7000101276 or 7000101996. I recommend to store the BTC in Mixin wallet, because it's really easy to use for small amount of cryptocurrencies.

[1. PoS secured BTC]

I have been working on a project for two years, and would like to request technical comments for the security of this implementation. I'm not saying this proposal is as secure as Bitcoin network, there is some trade off between the user convenience and security.

There are two layers of security to discuss.

1. PoS secured BTC

We have N nodes, secured by stake. N is a relatively small number, typically 35. We suppose the PoS network is secure enough and won't discuss the PoS implementation. We also suppose the PoS nodes will never change, there are always N nodes running.

The PoS network transactions are similar to those in Bitcoin, public keys, UTXOs. The only difference is that the transactions are faster and free, because the PoS and only a few nodes.

These N nodes manage a multi-sign Bitcoin address, whenever a transaction sent to this address, there should be some extra data in the OP_RETURN script to announce that the destination A of this output. Pretty much similar to deposit to a central crypto exchange and use the memo as the hint for the user.

After public key A received some BTC, they can transfer it fast in the PoS network to another public key B. Say we deposit 10 BTC to A, and A can transfer 3 to B and change 7 to themself. This transaction doesn't appear in the Bitcoin blockchain, only in the PoS network, so it's very fast and free. Very similar to the famous Lightning Network transaction.

Whenever A or B want to transfer BTC to another Bitcoin address outside of the PoS network, they initialize a transaction to tell the PoS nodes that they want to transfer. Because we have the assumption that the PoS network is secure enough, they will approve that A can only transfer out no more than 7 BTC, and B no more than 3 BTC. This process is very similar to the famous Lightning Network solution when close a channel, but much faster and easier for users.


2. PIN secured public key

Every public key in the PoS network is an EC point, so it's very easy to build m-of-n multi-sig address. Then we have a central service, which acts as an API endpoint to communicate with all the PoS nodes. For simplicity, this discussion only discuss the n-of-n multi signature.

1. The central service named Server will allow User to claim an account with phone number and SMS verification code. Server will generate N permanent secret seeds for the User and send them back to the User, the User may choose to save them. Each secret has a prefix to connect them with each node respectively.
2. User chooses a 6 digit PIN on their device, then hash the PIN with each seed to get N EC private keys. Due to the secret prefix, those private keys are connected to each node.
3. For each private key, the User sign current unix timestamp as a message and send the signature with corresponding public key to the connected node.
4. The node will check the signature matches with the public key, then produce a new EC private key by hashing the public key and its own node private key. Then respond the public key to the User.
5. User aggregates all N public key responses to a multi-sig address M, then this address is their address to receive transfers of other Users.
6. Whenever the User wants to transfer, they just repeat the step 3, but with the transaction as message payload. The node will check request signature and sign the transaction, send back the transaction signature.
7. User aggregates all N signature responses to get the final transaction signature.

Why is this secure?

1. Each node have built in rate limit to prevent brute force attacks.
2. The each node can't guess the signature to request other nodes.

The only flaw I have thought about is that the Server may lock the rate limiter for users by computing 10 million public keys to attach each nodes.

I'm sincerely welcome some comments on the security of this procedure.

[TL;DR]

This is the first public announcement from the lead developer of Mixin Network.

TL;DR

Mixin Network is a distributed cross-chain solution, enforced by Trusted Execution Environment.

Mixin Messenger is the mobile wallet built on Mixin Network, will support all popular cryptocurrencies. Signal protocol is used in the Mixin end-to-end encryption messaging.

Links

Website https://mixin.one
CoinMarketCap https://coinmarketcap.com/currencies/mixin
Explorer https://mixin.one/snapshots
Logs https://mixin.one/logs

Some people have heard about our Mixin Messenger at Christmas last year, because XIN airdrops based on referral invitations. I have read some community threads about XIN airdrop, and people were blaming it for its phone number registration, mysterious team members and simple website design. Since then, most people have forgotten about Mixin.

In recent days, XIN is listed on coinmarketcap top 100, so more people are talking about Mixin again. Many of them are still curious about what's Mixin and the team behind it.

Our strategy is to do stuffs quickly without too much talks, and our mission is to make a convenient end-to-end encryption messaging and private cryptocurrency transferring solution for people's daily usage.

Since the first announcement in November, 2017, we have updated about 50 versions for both Android and iOS Mixin Messenger and will publish the source code of them on GitHub soon this month.

All referral airdrops have been sent out and we have achieved a peak 16 transaction per second, and made a total over 3,000,000 transactions in Mixin Network.

There are over 3,000 people who have more than 1 XIN in their Mixin Messenger wallets. People use Mixin Messenger to store assets valued over $100,000,000 USD. And we have got a peak 40,000 daily active users.



More information will be announced in the future, since our team are mainly developers focusing on the development to launch a testnet in mid 2018 to allow people run their own Mixin node software.


About the Mixin Core Team

I'm Cedric Fung (https://github.com/cedricfung), based in Tokyo, the lead developer of the Mixin core team. A university dropout in 2009, and started Android development since then. I earned more than $1M USD by selling apps on Google Play, pure paid apps, without any ads, I hate ads.

Then I created a video processing SDK for Android in 2010 (https://github.com/yixia/VitamioBundle), it has been installed on billions of devices. Of course it's discontinued later and I joined a company in Beijing.

In 2011 I started to buy and mine bitcoins, but only a little and lost most of them in Mt.Gox. Since then, I have never bought or mined any cryptocurrencies, but I have always been learning about the distributed ledger technology innovations.

I started a new company to develop a mobile game streaming service in 2013 (https://shou.tv), with about $7M USD venture investments and it will be discontinued in June, 2018 soon. Though with more than 10 million users, all without any marketing promotions or ads, the service is thought to be not successful at all.

It has always been my dream to create a distributed messaging service, and of course with cryptocurrencies. So I started the Mixin project and will keep my passion in it, and I'm told by my heart that I won't discontinue this project.

I'm now working on the ripple support in Mixin Messenger, so I'm going to code now. Ask me any questions here and I will answer it when I'm not coding.