Bitcoin Forum
November 23, 2017, 05:29:47 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Multisignature wallets and Passphrases are ineffective in other wallets?  (Read 219 times)
BTC Turkiye
Sr. Member
****
Offline Offline

Activity: 279


Bitcoin bir Devrimdir


View Profile WWW
November 04, 2017, 12:32:19 PM
 #1

Let`s say you setup a multi sig wallet or you setup a QT wallet and set a passphrase for everytime you`ll send coins. So these are pretty secure options right?

But what if someone gets your private key? then can still just import that in another wallet and send your balance to another address right?
so all those multisigs, passwords and passphrases are good within that particular wallet brand like QT or electrum.

Am I getting this right?

I`ll take an advertisement here Smiley
1511458187
Hero Member
*
Offline Offline

Posts: 1511458187

View Profile Personal Message (Offline)

Ignore
1511458187
Reply with quote  #2

1511458187
Report to moderator
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511458187
Hero Member
*
Offline Offline

Posts: 1511458187

View Profile Personal Message (Offline)

Ignore
1511458187
Reply with quote  #2

1511458187
Report to moderator
1511458187
Hero Member
*
Offline Offline

Posts: 1511458187

View Profile Personal Message (Offline)

Ignore
1511458187
Reply with quote  #2

1511458187
Report to moderator
jackg
Legendary
*
Offline Offline

Activity: 840

1JRmjyGo3kpdXcQeAeTBmGtgkC1AomHKED


View Profile
November 04, 2017, 04:46:35 PM
 #2

Let`s say you setup a multi sig wallet or you setup a QT wallet and set a passphrase for everytime you`ll send coins. So these are pretty secure options right?

But what if someone gets your private key? then can still just import that in another wallet and send your balance to another address right?
so all those multisigs, passwords and passphrases are good within that particular wallet brand like QT or electrum.

Am I getting this right?

Yes it's just an extra step for secuirty. The private key is normally encrypted in some way that can only be decryptedwith the verification or using another service to hold a section of the private key that sends the encryted from for decryption using a specific key you use.

It is true that is someone gets the unencrypted parts of the key and puts them together then they will be able to deduce the private key and use it and there is a way to revert a multisig wallet private key back to a regular address private key (I'm fairly sure there is at least).

HCP
Sr. Member
****
Offline Offline

Activity: 434

<insert witty quote here>


View Profile
November 05, 2017, 04:07:27 AM
 #3

...and there is a way to revert a multisig wallet private key back to a regular address private key (I'm fairly sure there is at least).
No there isn't... as there isn't a "MultiSig Wallet Private Key"...

MultiSig "addresses" are actually hashed scripts that are crafted from two or more (N) different public keys... and specify some minimum number (M) of signatures (generated by the private keys that match the public keys) that are required to be provided with a transaction before the network will recognise that transaction as valid.

Hence, "M of N"... if you have N = 4, and M = 2, then there would be 4 public keys in total used to generate the MultiSig in the first instance, but you'd only need 2 signatures (generated by the matching private keys) to be able to spend any coins controlled by that particular address.

You can't revert it back to a regular address private key.

DannyHamilton
Legendary
*
Online Online

Activity: 1988



View Profile
November 05, 2017, 06:08:08 AM
 #4

Let`s say you setup a multi sig wallet or you setup a QT wallet and set a passphrase for everytime you`ll send coins. So these are pretty secure options right?

Sure.

In the case of a passphrase, the wallet will use that to encrypt your private keys.  That way, if someone gains access to your computer while you aren't around, or if someone is able to take a copy of your wallet files, they won't be able to decrypt your private keys and use them without first figuring out your passphrase.

But what if someone gets your private key?

While it is still encrypted with your passphrase?  Then they won't be able to use it until they figure out the correct passphrase to decrypt it (I hope you chose a strong passphrase).

If you are somehow so careless that they get your UNENCRYPTED private key, then they don't need the passphrase anymore, since the key is already unencrypted.

then can still just import that in another wallet and send your balance to another address right?

Once they have access to your unencrypted private key, they have access to your bitcoins.

If you don't have exclusive access to your private keys, then you don't have any bitcoins.

so all those multisigs, passwords and passphrases are good within that particular wallet brand like QT or electrum.

The passphrases are good for encrypting your private keys.

MultiSig is reduces your risk even more.

With a MultiSig address, I can require, for example, that 3 out of 7 private keys be necessary to spend the bitcoins.  Then I can encrypt each private key with a different passphrase and store it in a different location.  Now if a thief gains access to one or two of my private keys, they still can't spend the bitcoins.  If 3 or 4 of my private keys are destroyed in a fire, flood, earthquake, tornado, hurricane, etc, then I can still gain access to my own bitcoins with 3 of the remaining keys.  If a thief gains access to 3 (or more) of my private keys, then they still need to figure out three different passphrases.  During the time when they are trying to figure out the passphrases, if I become aware that they have the encrypted keys, I can just send my bitcoins to a new address and they won't be able to touch them.

Am I getting this right?

I don't know.  Are you?

BTC Turkiye
Sr. Member
****
Offline Offline

Activity: 279


Bitcoin bir Devrimdir


View Profile WWW
November 05, 2017, 09:59:50 PM
 #5

Really good and useful information. Thanks everyone. Especially thank you @DannyHamilton

I`ll take an advertisement here Smiley
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!