How safe is a multi signature wallet

[Z-tight]

If there is one thing I know, even though I don't really know too much, it is that the importance of security cannot be overemphasized, so I want to get some clarification on the following.

I have a mobile phone and a computer, currently for some reasons I do not have a hardware wallet, but I'm making plans towards that, so I want to ensure than I use my phone and computer securely when carrying out Bitcoin transactions.

Would the best thing to do be for me to use a 2 of 2 multi signature wallet, is it very safe, I'm seeking top security here, would I be able to sufficiently evade malwares and other forms of attacks if I do so.

[1714936531]

1714936531

[1714936531]

1714936531

[jackg]

You'll probably be able to defend against a lot of attacks by doing a 2 of 2 multisig (just make sure it's not 1 of 2 as you're just adding vulnerability in that case).

You should be careful not to venture onto odd sites or download files/software you don't fully trust and doing other things like that to make sure you're not accidentally inviting malware.

You'll have to use the same client type on both too (like using electrum) just to make sure the structure of the partly signed transactions remain compatible when sending them between devices.

[Charles-Tim]

Would the best thing to do be for me to use a 2 of 2 multi signature wallet, is it very safe, I'm seeking top security here, would I be able to sufficiently evade malwares and other forms of attacks if I do so.

2-of-2 multisig wallet can still offer more security than online standard wallets with single master keys or seed phrase. A hacker will need to compromise the two devices before he can be able to get through the 2-of-2 multisig wallet setup.

But it will be good to be be careful of malware, stay away from malware, it is a good setup.

[hosseinimr93]

Would the best thing to do be for me to use a 2 of 2 multi signature wallet, is it very safe, I'm seeking top security here, would I be able to sufficiently evade malwares and other forms of attacks if I do so.

It depends on how you implement it and how you make transactions.
If the two master private keys (or the corresponding seed phrases) always stay at separate devices, it can increase your security.

Let's say you have a 2 of 2 multi-signature wallet. The master private key A is kept on device A and the master private key B is kept on device B.
If you enter the master private key A on device B when making a transaction, it would defeat the purpose of the wallet. The two co-singers should sign the transaction in separate devices.

Also note that if you lose one of the master private keys, you will lose the access to the fund. So, I recommend you to consider a 2 of 3 multi-signature wallet too. In this way, you can keep three master private keys in three different places and you will still have access to the fund if you lose one of them for any reason.

[Raanaa]

I think 2 of 2 multi signature will be more secure and good to use. As I'm new here, I might be wrong. But as far as I knew about multi signature wallet, it is safe to use. There are some multi signature wallet which are providing up to 15-of-15 authorizers to sign a Bitcoin transaction.

I've found some article on google and you can read more about multi signature wallet here for removing your confusion. You can read more about multi signature wallet here:
1.https://coinsutra.com/best-multi-signature-bitcoin-wallets/
2.https://blog.coincodecap.com/multi-signature-wallet
3.https://www.coindesk.com/tech/2020/11/10/multisignature-wallets-can-keep-your-coins-safer-if-you-use-them-right/

[Z-tight]

You'll probably be able to defend against a lot of attacks by doing a 2 of 2 multisig (just make sure it's not 1 of 2 as you're just adding vulnerability in that case).

No I am not planning on implementing a 1 of 2, as I don't think it will be more different from a single signature wallet, but if you don't mind how exactly does it add more vulnerability if implemented?

Also note that if you lose one of the master private keys, you will lose the access to the fund. So, I recommend you to consider a 2 of 3 multi-signature wallet too. In this way, you can keep three master private keys in three different places and you will still have access to the fund if you lose one of them for any reason.

Are you saying that if I lose a master key in a 2 of 2 multi signature wallet, I'll lose my funds, but if I do in a 2 of 3 multi signature wallet I won't, what if I lose 2 keys in a 2 of 3 multi signature wallet?

[Charles-Tim]

There are some multi signature wallet which are providing up to 15-of-15 authorizers to sign a Bitcoin transaction.

Multisig can be up to 15-of-15

Also Electrum support multisig, this guide is helpful:

https://electrum.readthedocs.io/en/latest/multisig.html

No I am not planning on implementing a 1 of 2, as I don't think it will be more different from a single signature wallet, but if you don't mind how exactly does it add more vulnerability if implemented?

Because if an hacker got access to a single seed phrase or master private key out of the two, it can be used to spend the coins.

Are you saying that if I lose a master key in a 2 of 2 multi signature wallet, I'll lose my funds, but if I do in a 2 of 3 multi signature wallet I won't, what if I lose 2 keys in a 2 of 3 multi signature wallet?

Take it as M-of-N

The M represents the keys required for signing while making transaction
The N represents the number of keys involved to setup the wallet

If the M keys are lost, the funds are lost.

So in 2-of-3 multisig, if 2 keys are lost, you will lose the coin, 2 keys will be required for signing (making) transactions.

[Raanaa]

Multisig can be up to 15-of-15

Also Electrum support multisig, this guide is helpful:

https://electrum.readthedocs.io/en/latest/multisig.html

Yeah I've learned about multi signature and your reference link is also helpful.

Take it as M-of-N

The M represent the keys required for signing while making transaction
The N represent the number if keys involved to setup the wallet

If the M keys are lost, the funds are lost.

Would you mind sharing more information about M-of-N keys? What if I lose N keys as you didn't mention about it? I'm interested to know in details about it.

[Charles-Tim]

Would you mind sharing more information about M-of-N keys? What if I lose N keys as you didn't mention about it? I'm interested to know in details about it.

Let us take this as an example. M-of-N multisig. If M are 5 keys and N keys are 10.

That will be 5-of-10 multisig wallet.

Which means 10 devices or wallets are involved to set up the wallet with each providing one seed phrase or master key. That means the N keys (the keys in total) are 10. But at least, 5 seed phrase that can generate 5 corresponding master keys or 5 master keys are required for making transaction on the 5-of-10 multisig setup.

If 5 master private keys or less are lost, then their are other 5 master private keys that can still be used to sign transaction and spend. But if 6 or more keys are lost, the coins will be lost because 5 master private keys are require for making transaction on the 5-of-10 multisig wallet.

If N master keys are lost, that means the whole keys are lost, definitely the coin is lost. But to be more realistic, even if the M keys are lost forever, the coin is lost forever.

[hosseinimr93]

To add to Charles-Tim's post:

In a M of N multi-signature wallet, M-N master public keys are also needed.
Let's say a wallet is 2 of 3. For making a transaction from this wallet, in addition to two master private keys, the public key of the third co-signer is also needed. Without that, it's not possible to setup the wallet.

[Husires]

A multi-signature wallet will not add extra security to you if you fail the basics, which are to avoid the device being connected to the internet, not to install anonymous apps or to have physical access to the device, so in your case if both devices are affected, creating a multi-signature wallet won't change anything.

Buy a new phone or format the previous phone, make sure that it will not connect to the Internet, and then creating a wallet 2 of 2 will increase your privacy.

After that, by calculating your devices and risks, you can choose M and N factors.

Remember that the multi-signature wallet has higher fees for creating transactions, so it is not recommended for those who do a lot of transactions.

[pooya87]

The point of using 2 of 3 multi signature scheme is so that if you lost one of the keys that you regularly use (like if your PC blew up or you lost your phone) you can still use the other regularly used key with your third key that you never use to recover your funds. The chances of losing both keys is small and remember we are only reducing the chance of losses not eliminating them.

I also like to suggest using QR codes to transfer transactions. For example you can create the transaction and sign it once with your first key on PC then create a QR code of the half-signed transaction and scan it with your phone instead of transferring it by connecting your phone to your PC or other digital ways. Then sign it with your phone.

[o_e_l_e_o]

Using a 2-of-3 over a 2-of-2 simply from the point of view of redundancy is not only unnecessary, but could be actively harmful.

OP has said he has a mobile phone and a computer. Assuming he sets up a 2-of-2, then he can generate one seed phrase on his phone, one seed phrase on his computer, transfer the xpubs across, and create a 2-of-2 multisig without more than one seed phrase ever being on a single device. If he wants to set up a 2-of-3, then given that he still only has two devices, then one of those devices is going to have to create two seed phrases, which means if that device is compromised at the time of him setting up his multisig then an attacker can potentially extract both seed phrases and now has access to the 2-of-3 multisig wallet.

It would be safer from him to simply create a 2-of-2 multisig and back up both seed phrases on separate pieces of paper. If one of his devices is lost/stolen/damaged/etc., then he can recover that share from his paper back ups. Further, given he only has two devices, then for a 2-of-3 his third share will either be stored electronically (which increases his risk) or stored on paper (which is no different to using a 2-of-2 with paper back ups).

[dkbit98]

Would the best thing to do be for me to use a 2 of 2 multi signature wallet, is it very safe, I'm seeking top security here, would I be able to sufficiently evade malwares and other forms of attacks if I do so.

You can't get ''top security'' with multisig using mobile phone and regular daily computer, and you should ask yourself why you really need multisig setup.
This is a great idea for people who own a lot of bitcoins, for companies and partners who want to split keys and control over bitcoin ownership.
It can only create more complication for you if you are not careful while setting it up, or if you only have small amounts of BTC.

Maybe you should listen to this short video by Andreas Antonopoulos - Is Multi-sig for the Average User?
https://www.youtube.com/watch?v=nRts1VWkOXQ