Can a scammer intrude and rob bitcoin wallet through a multisig?

[Trojane]

I wanted to involve bitcoin fully into my business presently,but i still had some kinda doubt about it and some curiousity.
These forum has taught me alot about crypto as a whole and rekindled my interest..! Kodus to SATOSHI,THYMOS and his TEAM of moderators,you guys are awesome👏😊
Well my questions are:
A partially signed bitcoin(psbt) has been made to facilitate the probability of unsigned transactions.
These format has been created to help many users to easily sign the same transaction.
The (PSBT) format is created in such a way that if the transaction is between three (3) persons, the two people who are received will have to create an address and add to The PSBT.
Afterwards, when the interface is created ,it is sent back to the later who inputs his\her signature before sending back to be authorised.
1)At this point,the signature of all parties are involved.what is the rate of impossible when its comes to any participant who has evil motives like accessing anyone's signature?
2) Are signatures created with perfect privacy conditions so therefore cannot be accesed by any kind of fraud?
If NO,then PSBT isn't SAFE!!!
3) I have read that sometimes,coordinator sends the PSBT to each of the user to sign them privately and Send it back,in these case,since bitcoin is decentralised and people aren't known specifically as any frauder might just decide to become a coordinator just to fraud everyone of their coin, don't you think and improvised method should be used on these maybe to the MINERS directly?
Thanks alot 🙏
Trojane💎

[BlackHatCoiner]

No offense, but I had a hard time reading your text.

1)At this point,the signature of all parties are involved.what is the rate of impossible when its comes to any participant who has evil motives like accessing anyone's signature?

What do you mean to access someone's signature? They can't provide a valid signature if they don't have the private key and any invalid signature will be rejected by the network.

Take, for instance, the example with Alice, Bob and Charlie. They want to split a UTXO into three parts (from a multi-sig wallet). To do so, Alice creates the three outputs and signs the transaction. Bob receives the signed by Alice only transaction and confirms she did what she stated. Bob agrees with the transaction and signs it too. Now Charlie receives a transaction that has two signatures, Bob's and Alice's, and does what Bob did. If Charlie agrees he can also sign the transaction and broadcast it.

They can all access everyone's signature, but they have no reason to change them, because that would make them invalid.


As for privacy: There's no need to do this procedure publicly, but they wouldn't be in danger of fraud due to the above. They're safe due to the ease of confirming the transaction's validity. I hope this answered all of your questions.

[ranochigo]

You have a fundamental misunderstanding of how Bitcoin actually works. It might be better for you to start reading up on it before asking questions, so it'll be clearer for you as well.

The (PSBT) format is created in such a way that if the transaction is between three (3) persons, the two people who are received will have to create an address and add to The PSBT.

PSBT in the sense of a MultiSig is with an address that has a Multisig script hash, that address will have the specific requirements (ie. the signatures) required for a transaction to be valid. We don't add addresses to the PSBT, the PSBT contains the information needed for someone to generate a valid signature for the transaction that they've created.

1)At this point,the signature of all parties are involved.what is the rate of impossible when its comes to any participant who has evil motives like accessing anyone's signature?

No chance.

2) Are signatures created with perfect privacy conditions so therefore cannot be accesed by any kind of fraud?
If NO,then PSBT isn't SAFE!!!
3) I have read that sometimes,coordinator sends the PSBT to each of the user to sign them privately and Send it back,in these case,since bitcoin is decentralised and people aren't known specifically as any frauder might just decide to become a coordinator just to fraud everyone of their coin, don't you think and improvised method should be used on these maybe to the MINERS directly?

No. Privacy has nothing to do with this. You are supposed to authenticate and be sure of the people that you're doing a MultiSig with. If you don't you might be dealing with the wrong people and could possibly lead you to getting scammed. Whoever is signing their part are supposed to be aware of and know what they are signing for, we don't sign anything blindly.

[Trojane]

No offense, but I had a hard time reading your text.

1)At this point,the signature of all parties are involved.what is the rate of impossible when its comes to any participant who has evil motives like accessing anyone's signature?

What do you mean to access someone's signature? They can't provide a valid signature if they don't have the private key and any invalid signature will be rejected by the network.

Take, for instance, the example with Alice, Bob and Charlie. They want to split a UTXO into three parts (from a multi-sig wallet). To do so, Alice creates the three outputs and signs the transaction. Bob receives the signed by Alice only transaction and confirms she did what she stated. Bob agrees with the transaction and signs it too. Now Charlie receives a transaction that has two signatures, Bob's and Alice's, and does what Bob did. If Charlie agrees he can also sign the transaction and broadcast it.

They can all access everyone's signature, but they have no reason to change them, because that would make them invalid.


As for privacy: There's no need to do this procedure publicly, but they wouldn't be in danger of fraud due to the above. They're safe due to the ease of confirming the transaction's validity. I hope this answered all of your questions.

https://river.com/



This is where you had your instances from and you didn't bother to drop a link for references.
I have my basics and facts that i made because i really went into deep studies to know how this is manipulated

[ranochigo]

You said you don't sign anything blindly,but in bitcoin transactions,apart from the coordinator,the other participant are unknown to you.
My point is that all the users are going to drop thier address and signature.
What if the people involved are internet gurus that could possibly defraud?
Please try to understand and look towards my point of view

No such thing. There is no such thing as a coordinator in regular Bitcoin transactions, nor do you have to care about other participants. The only time it involves multiple parties is if you're doing a MultiSignature, where the conditions for the spending is for the minimum number of parties to sign it and for the signatures to be concatenated. You can't get defraud, because you are able to see what you're signing for. PSBT is a format which allows for people to sign their individual signatures and for individual signatures to be combined and used in a single transaction. It is not a form of transaction.

This is where you had your instances from and you didn't bother to drop a link for references.
I have my basics and facts that i made because i really went into deep studies to know how this is manipulated

I disagree. You need to research on the topic more and clear your misunderstandings. It is difficult to explain concepts to people if they have no idea what is going on, and it isn't what I'm here to do. I would love to discuss and clear any misconceptions, but it doesn't help if the user doesn't have an idea of what is happening.

For starters, you need to understand how Bitcoin works: https://github.com/bitcoinbook/bitcoinbook.

[NotATether]

The (PSBT) format is created in such a way that if the transaction is between three (3) persons, the two people who are received will have to create an address and add to The PSBT.

The addresses must be already placed in the raw transaction before anyone attempts to sign it (and save it in PSBT format).

1)At this point,the signature of all parties are involved.what is the rate of impossible when its comes to any participant who has evil motives like accessing anyone's signature?

The signature inside PSBT does not include private keys, so they cannot be obtained from the signature.

3) I have read that sometimes,coordinator sends the PSBT to each of the user to sign them privately and Send it back,in these case,since bitcoin is decentralised and people aren't known specifically as any frauder might just decide to become a coordinator just to fraud everyone of their coin, don't you think and improvised method should be used on these maybe to the MINERS directly?

People cannot simply add themselves as a coordinator unless their address was already in the raw transaction (because you must create a new raw transaction to add another address, and everybody will have to sign it again).

[_Miracle]

I went to the site in your link...

maybe start here
https://bitcoin.org/en/

and hold off a little bit before jumping into the deep end.