Electrum 2.7.13: Bitcoin sent from from multisig wallet without co-signing

[villabacho]

Hi,

I set up a 2-of-2 multisig wallet with Electrum on 2 devices. I then sent some BTC to this wallet's address, and it showed up on both devices, so everything looked fine.
Then I sent BTC from the first of my multisig wallet pair. After pressing the "Send" button on the "Send" tab, I would have expected that electrum asks me to co-sign it,
but instead the BTC was sent already (I confirmed that it arrived at the target address). The outgoing transaction is also seen by the second wallet of the multisig wallet pair.

I'm new to Electrum, so my question might be stupid, but at least a quick google / forum / stack exchange search didn't give me an answer.
I was pretty sure also that I did the multi-sig setup correctly (following the documentation in http://docs.electrum.org/en/latest/multisig.html),
and the electrum title bar also says "default_wallet [2of2]".

It looks like the multi-signature requirement is just not effective. Do I have to turn it on explicitly after having set up my multisig wallet pair?

Thanks,
villabacho

[1715372767]

1715372767

[1715372767]

1715372767

[1715372767]

1715372767

[Abdussamad]

open up your wallet file in a text editor like notepad. Do you see two xprvs like this:

http://paste.ubuntu.com/23745557/

[villabacho]

yes, there are two xprvs for x1/ and x2/, and they are different.
I have also "seed" entries, which you don't. Not sure if that matters.

[ThomasV]

note: OP posted here https://github.com/spesmilo/electrum/issues/2098

[villabacho]

note: OP posted here https://github.com/spesmilo/electrum/issues/2098

Yes, sorry for cross-posting, but I thought if it was a bug then github might be the better place to report this; if not, might be better to ask here. Anyway, the issue I opened at github was closed because of "no evidence of a bug".

So, if it's not a bug, then I'm probably doing something wrong. I just have no idea what...

Thanks for your help!

[villabacho]

Ah! That's what happened:

In the "Add cosigner" dialog of wallet creation, I was presented three options:

• Enter cosigner key
• Enter cosigner seed
• Cosign with hardware device

Because the cosigner wallet was on my Android smartphone, I preferred the seed rather than the public key because the seed would be more convenient to type by hand. I didn't want to transfer anything electronically (which of course, thinking about it, is not dangerous at all with the public key).

Naively, I thought that from the seed the cosigner's public key and ONLY the public key would be derived. I wasn't aware that also the cosigners private key would be stored and thus cosigning would then be done in the same wallet that initiates the transaction. In other words, more or less unconsciously I assumed it wouldn't be implemented that way because that would make multisig pointless (that was my idea at least).

Wow... it's really not for newbies  ... and I still didn't leave the newbie state entirely behind me... at least I'm already smart enough to search for a better bitcoin storage than an exchange 

As a follow-up question, what's the use case then for the "Enter cosigner seed" option?

[villabacho]

BTW, thanks everyone for helping!

[Abdussamad]

As a follow-up question, what's the use case then for the "Enter cosigner seed" option?

Say you have a 2 of 3 wallet with 1 key on your PC, one backup key you store offline and one on another device. If you lose your other device and you wish to recover your wallet you can enter the seed on your PC + the backup seed you've stored offline.