Secure Offline 2 of 4 Paper Wallet

[DBordello]

Is there a secure way to generate offline a paper wallet that requires 2 of 4 to redeem? 

Additionally, is there any software that redeem n-of-m wallets?

I have seen some good paper wallet generation scripts, but not any n-of-m.

Any insight is appreciated.
Dan

[1714172631]

1714172631

[1714172631]

1714172631

[1714172631]

1714172631

[1714172631]

1714172631

[Michael_S]

I can only know of Shamir's Secret Sharing Scheme (install ssss on Linux, then uses the commands "ssss-split" and "ssss-combine"), but you probably know this already.

It is adequate for encrypting arbitrary strings (of limited length) in an "n out of m" fashion..., e.g. n=2, m=4.

Such a string could either be a private key, e.g. in WIF 51 base58 format,
or a password of a zip or truecrypt file that contains a complete wallet.

The 4 outputs strings of "ssss-split" can then be printed as a sort of paper wallets.

One could certainly write a bash script that makes use of "ssss" but has a more user-friendly and bitcoin-specific interface, e.g. that queries the user for entering the private key, the values for n and m, and where to write the outputs to - e.g. to m different txt files of a certain naming scheme.

Such a script could also call "vanitygen" - then you would have a suite that does it all: Generate a private key (with vanitygen), then splits this key into m (e.g. m=4) strings of which n (e.g. n=2) are needed to reconstruct the key, and write them to m different txt files.

PS: If it does not exist yet, I can certainly write such a user-friendly Linux bash script for a bounty.

[kjj]

P2SH multisig will do it.

[etotheipi]

I created a command-line tool for splitting your Armory wallet into M-of-N pieces, for backup purposes, only.  You can find the description and instructions here:

https://bitcointalk.org/index.php?topic=149820.0

I am in the process of integrating it into the GUI so that M-of-N (using Shamir's Secret Sharing) will be a default backup option. 

However, this is only intended for backup.  If you want to split the signature-scheme across multiple computers (i.e. to use it for every new transaction), you want multi-sig.  Unfortunately, no clients support multi-sig yet   Armory will, hopefully in the near future.  Until then, I am hoping to get this "fragmented backup" thing integrated so people can at least backup their single-sig wallet securely (i.e. 2-of-4, put one piece in safe-deposit box, put one in your home, give one to each of two trusted friends without telling them anyone else has any pieces).  If your offline computer dies, go fetch.