Bitcoin Challenge: Give solution for an Organization to hold safely

[centralbanksequalsbombs]

How does an Organization safely hold/share Bitcoin wallet but also prevent theft or loss of private key(s)?

Example: Organization has two managers and three employees and Bitcoin is held for organization - and there always exist one employee who wishes to steal and/or one employee who's always replaced by a new one (quits,fired,death). What is solution for Bitcoin be safely held for this entire organization and spend Bitcoins safely from time to time?

This organization could be anything, it could be a FAMILY (parents & three children), a NONPROFIT, a BUSINESS, a CHURCH.

What are the solutions?

[trinitrate]

Coinbase's vault uses a double authorization to move funds.   You have your two 'managers' email addresses registered on the account so that it requires both of them to OK any movement from the vault to other transactional accounts.

Im sure there are other ways, but that one is alive right now...

[hatshepsut93]

https://en.bitcoin.it/wiki/Multisignature

This pretty much answers your question. You can come up with different configurations for multisig to create levels of authorization for accessing your wallet. Multisig can also be used for escrow transactions.

[centralbanksequalsbombs]

Couldn't someone give a step-by-step without an external link that has alot of other information not asked about?

Any help?

[careCentre]

The use of multisignature will solve the problem faced by the organization in relation to holding bitcoin safely from theft. With multisignature (multisig), bitcoin transaction does not require  one key of authorization. It requires more than one key to authorize the transaction. In this case, for someone to steal the bitcoin, the person needs all the keys to assess and make any transactions.
An example of the multisignature is the Two-factor authentication wallet.

[centralbanksequalsbombs]

The use of multisignature will solve the problem faced by the organization in relation to holding bitcoin safely from theft. With multisignature (multisig), bitcoin transaction does not require  one key of authorization. It requires more than one key to authorize the transaction. In this case, for someone to steal the bitcoin, the person needs all the keys to assess and make any transactions.
An example of the multisignature is the Two-factor authentication wallet.

How does this address when there's an individual who's always replaced by a new one (one quits, gets fired, or has death)? That old signature needs to be de-activated and a new one in its place.

Would the best solution be for the two remaining to send ALL holdings to a NEW 2of3 with all fresh private keys? Is this the elegant solution?

[pooya87]

Couldn't someone give a step-by-step without an external link that has alot of other information not asked about?

Any help?

lets say your "organization" is a family with 2 parents and a child and you need a 2 of 3 multisignature wallet.

each parent and the child creates a new bitcoin address with their own wallets. then they share the public key that they each created. then each of them creates the new multisignature wallet with these 3 pubkeys.
in bitcoin core you can use "bitcoind addmultisigaddress 2 '[pubkeys_here]'" or you can use Electrum which has a nice user interface and give it the keys.

if the child wants to spend he needs a parent's signature to do so, any parent would do.

now when i say public key it can be just a simple pubkey and create 1 multi-sig address or it can be a master public key to create an HD wallet of multi-sig addresses.

[fuer44]

should only one person know about wallet and private key, that is his manager. and the three employees, only in facilitation to see the market and also every incoming or outgoing transactions. that's more possible.

[centralbanksequalsbombs]

Couldn't someone give a step-by-step without an external link that has alot of other information not asked about?

Any help?

lets say your "organization" is a family with 2 parents and a child and you need a 2 of 3 multisignature wallet.

each parent and the child creates a new bitcoin address with their own wallets. then they share the public key that they each created. then each of them creates the new multisignature wallet with these 3 pubkeys.
in bitcoin core you can use "bitcoind addmultisigaddress 2 '[pubkeys_here]'" or you can use Electrum which has a nice user interface and give it the keys.

if the child wants to spend he needs a parent's signature to do so, any parent would do.

now when i say public key it can be just a simple pubkey and create 1 multi-sig address or it can be a master public key to create an HD wallet of multi-sig addresses.

Great thank you for taking the time, but how does this address when there's an potentially malicious individual who's always replaced by a new one (one quits, gets fired, or has death)? That old signature needs to be de-activated and a new one in its place.

Would the best solution be for the two remaining to send ALL holdings to a NEW 2of3 with all fresh private keys? Is this the elegant solution?

[pooya87]

~
Great thank you for taking the time, but how does this address when there's an potentially malicious individual who's always replaced by a new one (one quits, gets fired, or has death)? That old signature needs to be de-activated and a new one in its place.

Would the best solution be for the two remaining to send ALL holdings to a NEW 2of3 with all fresh private keys? Is this the elegant solution?

well for a company this can be very different. for example there may be a "board of directors" and a transaction may need all of their signatures. like a 9 of 9 wallet. or a 8 of 9 wallet with one belonging to the CEO so that you don't run to the CEO each time you want to spend money.



there can also be different wallets. one for the main company funds in the hands of the directors (8 of 9) and one for paying the employees in the hands of financial department (2of2) which is charged every month before the payments.
in this case you only have to send all holdings to anew wallet if one of the directors got fired. and being a 8 of 9 you can go to the CEO for this matter to create a transaction and send the funds to a new wallet while making the key of the fired person useless.

[gobingo]

indeed sometimes it is very dangerous with employees who are willing to steal the bitcoin we have, and maybe better should menejer should be alert and always check employees who work to be more secure.