Are multisig addresses generated by same private key set secure?

Bitcoin Forum

May 08, 2024, 07:22:02 AM

Welcome, Guest. Please login or register.

News: Latest Bitcoin Core release: 27.0 [Torrent]

Home

Help

Search

Login

Register

More

Bitcoin Forum > Bitcoin > Development & Technical Discussion > Are multisig addresses generated by same private key set secure?

Pages: [1]

« previous topic next topic »

Author

Topic: Are multisig addresses generated by same private key set secure? (Read 1298 times)

CounterEntropy (OP)

Full Member

Offline

Offline

Activity: 214
Merit: 278

Are multisig addresses generated by same private key set secure?

August 18, 2016, 11:58:48 PM

#1

Code:

PrivKey1: KyTB944YGjX9dTsETSzfNSm5hXF9fpddTNxuArnxhc7wJaEJoCwj
PubKey1: 028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3
Address1: 1LcF9UYteAm2aGfWsK2Ftyn6vEq3RY88Q6

PrivKey2: L3udgqmmdFfQHHvL7jC7vb1EsnfQeUviLZjGiQG6NjUvgwTd637m
PubKey2: 0264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd02
Address2: 1QANWCKj2Dq6T6Ms3Qht5Ucavn92R9jKcy

PrivKey3: KwT2TnP32i17URL1Eecc5FRnmGeMYm6mnxA5Km8j53cra4BRCdqB
PubKey3: 0212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e3
Address3: 133Wpv2UNFyyTVm8cg8SAHcRAu5F6tQvu6


MultiSig1: 3PeE76P4YCCPagjte6kMCskDkJ3MGPgLb6
RedeemScript1: 5221028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd02210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e353ae

MultiSig2: 34SAGP2kSyu2KorDTUZvbAUWUqB9BFinBU
RedeemScript2: 5221028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e3210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd0253ae

MultiSig3: 3NmU7B5FxgQ9pfqcswKhEhbemn2hqqLN4H
RedeemScript3: 52210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd02210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e321028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e353ae

MultiSig4: 338288XmJRPmxHuFTQmgrCVG1K1dCp4MXu
RedeemScript4: 52210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd0221028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e353ae

MultiSig5: 3HZPN2U2a2gui591gfJs574yvXaw22rQ5N
RedeemScript5: 52210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e321028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd0253ae

MultiSig6: 3PQXtt1PnShQr8oZo7uU7v3cXTPMHWLAtA
RedeemScript6: 52210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e3210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd0221028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e353ae

Say, I am using MultiSig2 & MultiSig3 for cold storage, while using MultiSig1 for regular usage. Will the cold storage be secured in that case?

1715152922

Hero Member

Offline

Offline

Posts: 1715152922

Personal Message (Offline)

Ignore

1715152922

1715152922

Reply with quote

#2

1715152922


	Report to moderator

1715152922

Hero Member

Offline

Offline

Posts: 1715152922

Personal Message (Offline)

Ignore

1715152922

1715152922

Reply with quote

#2

1715152922


	Report to moderator

How can the Bitcoin system be changed?

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

1715152922

Hero Member

Offline

Offline

Posts: 1715152922

Personal Message (Offline)

Ignore

1715152922

1715152922

Reply with quote

#2

1715152922


	Report to moderator

1715152922

Hero Member

Offline

Offline

Posts: 1715152922

Personal Message (Offline)

Ignore

1715152922

1715152922

Reply with quote

#2

1715152922


	Report to moderator

achow101

Moderator
Legendary

expert

Offline

Offline

Activity: 3388
Merit: 6631

Just writing some code

WWW

Re: Are multisig addresses generated by same private key set secure?

August 19, 2016, 12:26:44 AM

#2

Quote from: CounterEntropy on August 18, 2016, 11:58:48 PM

Say, I am using MultiSig2 & MultiSig3 for cold storage, while using MultiSig1 for regular usage. Will the cold storage be secured in that case?

It would not be a good idea to do that. By doing so, when you spend your Bitcoin, you are revealing the public keys to your cold storage. If someone were to figure out the private keys to that cold storage, they could spend the Bitcoin.

Furthermore, it wouldn't even be cold storage since the private keys to spend from your cold storage address are online and thus vulnerable to malware attacks to steal the keys.

Bitcoin Core contributor | Tip Me! | GitHub | GPG Key Fingerprint 0x17565732E08E5E41

StratisKing

Hero Member

Offline

Offline

Activity: 938
Merit: 511

Re: Are multisig addresses generated by same private key set secure?

August 20, 2016, 08:51:31 AM

#3

Quote from: CounterEntropy on August 18, 2016, 11:58:48 PM

Code:

PrivKey1: KyTB944YGjX9dTsETSzfNSm5hXF9fpddTNxuArnxhc7wJaEJoCwj
PubKey1: 028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3
Address1: 1LcF9UYteAm2aGfWsK2Ftyn6vEq3RY88Q6

PrivKey2: L3udgqmmdFfQHHvL7jC7vb1EsnfQeUviLZjGiQG6NjUvgwTd637m
PubKey2: 0264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd02
Address2: 1QANWCKj2Dq6T6Ms3Qht5Ucavn92R9jKcy

PrivKey3: KwT2TnP32i17URL1Eecc5FRnmGeMYm6mnxA5Km8j53cra4BRCdqB
PubKey3: 0212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e3
Address3: 133Wpv2UNFyyTVm8cg8SAHcRAu5F6tQvu6


MultiSig1: 3PeE76P4YCCPagjte6kMCskDkJ3MGPgLb6
RedeemScript1: 5221028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd02210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e353ae

MultiSig2: 34SAGP2kSyu2KorDTUZvbAUWUqB9BFinBU
RedeemScript2: 5221028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e3210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd0253ae

MultiSig3: 3NmU7B5FxgQ9pfqcswKhEhbemn2hqqLN4H
RedeemScript3: 52210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd02210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e321028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e353ae

MultiSig4: 338288XmJRPmxHuFTQmgrCVG1K1dCp4MXu
RedeemScript4: 52210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd0221028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e353ae

MultiSig5: 3HZPN2U2a2gui591gfJs574yvXaw22rQ5N
RedeemScript5: 52210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e321028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e3210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd0253ae

MultiSig6: 3PQXtt1PnShQr8oZo7uU7v3cXTPMHWLAtA
RedeemScript6: 52210212dd49ec463be6210f0f25073574f0178b738701fe6f8d948e4edd1398ea12e3210264a830fac01c73a3962392b2528c4d6e80eb8854801a32f4263f3b9d2300cd0221028eaf9ba0ea3b6833dd6e0ca517fc98a8752571f1507d33cc9f65568441dcc6e353ae

Say, I am using MultiSig2 & MultiSig3 for cold storage, while using MultiSig1 for regular usage. Will the cold storage be secured in that case?

Ideally it is very secure, but you have already showed the important info here. I think you use the alternative sigs&priv keys here, right? Grin

Grin

LoveUJack

Member

Offline

Offline

Activity: 83
Merit: 17

Re: Are multisig addresses generated by same private key set secure?

August 20, 2016, 11:04:32 AM

#4

Quote from: StratisKing on August 20, 2016, 08:51:31 AM

Ideally it is very secure, but you have already showed the important info here. I think you use the alternative sigs&priv keys here, right? Grin

Grin

I am sure OP provided those details as sample.

coinableS

Legendary

Offline

Offline

Activity: 1442
Merit: 1179

WWW

Re: Are multisig addresses generated by same private key set secure?

August 20, 2016, 05:00:40 PM

#5

It's an interesting idea since the order the public keys are entered when creating the multisig will result in a different address and redeem script. For those who aren't sure what OP is talking about, creating a multisig with pubkey 1, 2, 3 will be a different address than pubkey 1, 3, 2 even though they are all the same keys. I guess the big question is why do it this way? The private keys you use to sign from your spending wallet are the same from your cold storage, so you might as well keep you cold storage in the same address as your spending wallet. If someone somehow gets access to your spending wallet they will technically have access to your cold storage if they think to check the different order combinations. I think it would just be easier to keep the cold storage with completely separate private keys, because the amount of effort required to do so is slim but the extra feeling of security is great.

Building Bitcoin Websites
CHECK OUT MY BOOK | A BEGINNER'S BITCOIN WEB-DEV GUIDE | AVAILABLE ON AMAZON

johoe

Full Member

Offline

Offline

Activity: 217
Merit: 241

Re: Are multisig addresses generated by same private key set secure?

August 30, 2016, 02:10:43 PM

#6

Quote from: CounterEntropy on August 18, 2016, 11:58:48 PM

Say, I am using MultiSig2 & MultiSig3 for cold storage, while using MultiSig1 for regular usage. Will the cold storage be secured in that case?

Do I see it correctly that your 6 multisig scripts only differ in the order of the key? Then no, your cold storage isn't secure.

First everyone, who sees one of the spending transaction can try putting the keys in different order and immediately find your other addresses.

Second you need at least two of your keys to sign MultiSig1 for regular use. Everyone who gets these private keys from your computer can then spend your "cold wallet". Your scheme may confuse some attackers but it doesn't give any security.

To call something a cold wallet, the private keys should never be on an online computer and not be loaded on a computer for "regular use".

Donations to 1CF62UFWXiKqFUmgQMUby9DpEW5LXjypU3

Pages: [1]

Bitcoin Forum > Bitcoin > Development & Technical Discussion > Are multisig addresses generated by same private key set secure?

« previous topic next topic »

Jump to:

Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines