Technology
The underline miniscript of the solution is discussed in another topic https://bitcointalk.org/index.php?topic=5441806.0
Code:
wsh(thresh(2,pk(OWNER),s:pk(MEMBERS),sj:and_v(v:pk(RECOVERY),n:older(12960))))
The miniscript above produces a 2-of-3 multisig, with a 90 days timelock for the RECOVERY key.
For any UTXO created within 90 days, both the OWNER and MEMBERS key must sign the transaction to spend the coins. But after 90 days, the RECOVERY key can step in to work together with either the OWNER or MEMBERS key to spend the coins.
Product
Based on the miniscript technology above, we created a product, Mixin Safe, to make all those steps convenient for Bitcoin holders.
Whenever a new Mixin Safe is created, the Bitcoin holder needs to provide the OWNER public key. To do this, a miniscript compatible wallet is required, we have tested Bitcoin Core and Ledger, and noticed upcoming miniscript support announcements from other hardware vendors, e.g.
- Coldcard https://github.com/Coldcard/firmware/pull/227
- BitBox02 https://twitter.com/_benma_/status/1670022585461907456
- SeedSigner https://twitter.com/pythcoiner/status/1670458117983805442
Then the Bitcoin holder needs to use our another product Mixin Messenger to produce a MPC public key as the MEMBERS key. Although it's possible to generate this MEMBERS key only by yourself, we recommend to choose at least two Mixin Messenger devices, better with your partner, so the MPC key is generated as a 1-of-2 threshold ECDSA key.
Mixin Messenger is an open source MPC wallet for 6 years https://github.com/MixinNetwork/android-app, and the MPC code we used is from https://github.com/taurusgroup/multi-party-sig
Finally, we the Mixin Safe service maintainer holds the RECOVERY key for emergency recovery usage once the OWNER key is lost.
Security
The solution is based on Bitcoin multisig script with timelock, and the recovery key timelock can be adjusted when the wallet is created.
The OWNER key is managed by third party and popular bitcoin wallets, can have a normal backup solution, and no need to worry about it's stolen or lost. Because nobody will be able to spend the coins with this only OWNER key, and the coins can be recovered even if the OWNER key is completely lost.
The MEMBERS key is managed by open source MPC solution. If MEMBERS key is managed by a few people in 1-of-2 or 3-of-5 or even 5-of-10, it's almost impossible to lose the MEMBERS key.
Try It!
Now the product is generally available, it's a website which is designed to have intuitive interface to use.
https://safe.mixin.one/
Thank you, and welcome suggestions.