2-of-3 vault: Can I spare myself passphrases, words seeds and PIN?

[bitcoin_user]

Hi

My 2-of-3 vault I'm trying to set consists of:
- a Desktop electrum at one house
- a Trezor at another house
- a Mobile phone electrum (most of the time on me)

So, that's already quite an organization when you want to send some BTC from this 2-of-3 multisig.
But each of them has by default: a passphrase (or a PIN for the Trezor), a words seed. So, you multiply by 3 the cumbersomeness of this configuration.
Can I spare myself all of those? What do you think?

Thanks!

[1715290994]

1715290994

[1715290994]

1715290994

[1715290994]

1715290994

[1715290994]

1715290994

[1715290994]

1715290994

[joniboini]

If security is your goal, I think this hassle you mentioned is an acceptable trade-off. I've seen users lose money because they only use a single hardware wallet/air-gapped device, and when a keylogger/malware attacks them, their money got drained easily. This should help you avoid that at least.

What's the purpose of this multi-sig wallet? Did you use it to store your trading money, so you need to make transfers regularly, or did you use it for something else? Knowing the purpose might also help others to give you suggestions for a better setup in terms of flexibility and security.

[bitcoin_user]

Thanks for your comment.

What's the purpose of this multi-sig wallet? Did you use it to store your trading money, so you need to make transfers regularly, or did you use it for something else? Knowing the purpose might also help others to give you suggestions for a better setup in terms of flexibility and security.

It will be used as a cold wallet, hence to store my share of BTC which won't move frequently.

If security is your goal, I think this hassle you mentioned is an acceptable trade-off. I've seen users lose money because they only use a single hardware wallet/air-gapped device, and when a keylogger/malware attacks them, their money got drained easily. This should help you avoid that at least.

That's precisely my goal with a 2-of-3 multisig: to avoid a single point of failure (like the desktop being compromised by a keylogger).
Isn't it enough to have 2-of-3 multisig or do I need to add passphrase, seed, PIN for one (or all) of them?

[Z-tight]

Isn't it enough to have 2-of-3 multisig or do I need to add passphrase, seed, PIN for one (or all) of them?

It is enough if you know exactly how to use them in a safe enviroment, you surely have to use wallet PIN for the wallets, but you don't add seeds by yourself, your wallets surely must have come with their seed phrase which you generate for recovery, and you should back it up in different places for better security.

A passphrase is a good extra layer of security in addition to your seed phrase, but do not use it unless you know what you are doing, if you add a passphrase and someone steals your seed phrase they will not be able to steal your funds, but if you lose your passphrase, your funds are gone.

[hd49728]

My 2-of-3 vault I'm trying to set consists of:
- a Desktop electrum at one house
- a Trezor at another house
- a Mobile phone electrum (most of the time on me)

I guess idea behind your set up and wallet locations is you will always have access to 2 or 3 co-signers at one of your two houses. It can be a combination of Desktop and Mobile Electrum or of Mobile Electrum and Trezor.

But each of them has by default: a passphrase (or a PIN for the Trezor), a words seed. So, you multiply by 3 the cumbersomeness of this configuration.
Can I spare myself all of those? What do you think?

I don't understand your questions! Spare, what do you mean in this context?

A passphrase is a good extra layer of security in addition to your seed phrase, but do not use it unless you know what you are doing, if you add a passphrase and someone steals your seed phrase they will not be able to steal your funds, but if you lose your passphrase, your funds are gone.

Use a strong passwords is very important to secure your device access, wallet access then your cryptocurrency.

[GUIDE] How to Create a Strong/Secure Password
Are your passwords in the green?

[hugeblack]

If you make it 2-of-4, I think it will be the best, as you can keep the fourth copy in a safe place, for example, a bank safe that no one can access or meta seed in trusted place, and therefore if any problem occurs, you can use it with your phone.

Note if the computer is connected to the Internet, this may cause a problem for you, try to be airgapped.

[bitcoin_user]

If I have a seed in addition to a 2-of-3 vault, it would be like a 2-of-4 in a sense, wouldn't it? That is: with a seed, it's as if you had the original wallet.
But it's also another complication since I need to find where to hide this seed. And I think it's already quite difficult to manage the 3 different locations with the 2-of-3 multisig.

The desktop of the 2-of-3 is not airgapped, it's a "normal" computer, used for all other things. Each element of the 2-of-3 vault has its own weak point (the hardware wallet is the stronger element, though), sure:
The desktop can get a virus and be stolen, as well as the mobile phone. But what probability is that both of them get stolen or get a virus/keylogger at the same time (and combine to get the 2-of-3)?

[Z-tight]

If I have a seed in addition to a 2-of-3 vault, it would be like a 2-of-4 in a sense, wouldn't it? That is: with a seed, it's as if you had the original wallet.

No, Setting up a multisignature wallet isn't a substitute for your seed phrase, even if you use a multisig set up you must back up your seed phrase(s) appropriately. A 2 of 3 multisig wallet simply means two keys out of 3 are required to spend the funds from your wallet, it does not mean you won't back up the keys and the seed phrases to all of them.

But it's also another complication since I need to find where to hide this seed. And I think it's already quite difficult to manage the 3 different locations with the 2-of-3 multisig.

That is one of the disadvantages of multisignature wallets to single signature wallets, you have more backups to manage and keep very safe, in different locations.

The desktop can get a virus and be stolen, as well as the mobile phone. But what probability is that both of them get stolen or get a virus/keylogger at the same time (and combine to get the 2-of-3)?

The probability is very low, and that is the advantage of a multisig set up, more security from possible theft of your BTC, but multisig comes with more responsibility when it comes to backing up more things, and someone who does not have enough knowledge should start with a single signature wallet, and advance to a multisig wallet when they understand everything about storing their BTC in a safe enviroment.

[MusaMohamed]

The probability is very low, and that is the advantage of a multisig set up, more security from possible theft of your BTC, but multisig comes with more responsibility when it comes to backing up more things, and someone who does not have enough knowledge should start with a single signature wallet, and advance to a multisig wallet when they understand everything about storing their BTC in a safe enviroment.

Simplicity is best for people who don't have enough experience.
Complexity is best for people who already experienced enough.

Each of them have advantage and disadvantage and each person who has bitcoin must choose a best way to store their bitcoin. If you can be good with security and have good Internet surfing behavior, a single signature wallet can be enough for you.

However, of course a multi signature wallet is better (if you don't buy hardware wallet) but if it is your first try with it, you should use a Bitcoin testnet to practice or if you use bitcoin mainnet to test, only set up a wallet with very small bitcoin amount that is enough to test transaction in and out with multi-sign.

If you practice incorrectly, loss is minimal.
If your practice is good, you can deposit more bitcoin to that multi-sign wallet.

[hugeblack]

If I have a seed in addition to a 2-of-3 vault, it would be like a 2-of-4 in a sense, wouldn't it? That is: with a seed, it's as if you had the original wallet.
But it's also another complication since I need to find where to hide this seed. And I think it's already quite difficult to manage the 3 different locations with the 2-of-3 multisig.

If you do not understand the concept of a multi-signature wallet, it is better to read about it before you make any decision to create it. In short, in the case of Khaled, you need any two signatures to perform the transaction. Imagine it as a door, and that door opens with any two of the four keys, meaning that you only need two keys. To open the door, but you cannot do that with one, and if two keys are lost, you can still open that door.

For more please read:

 - Set Up Multi Signature Wallet
 - Help me to create a multisignature wallet with Electrum
 - https://en.bitcoin.it/wiki/Multi-signature

[joniboini]

But it's also another complication since I need to find where to hide this seed. And I think it's already quite difficult to manage the 3 different locations with the 2-of-3 multisig.

Since your goal is to make a cold wallet (you don't make transfers regularly, maybe just once a year or so), I think you have to bear with this backup activity. At the end of the day, security is your goal. I'd encourage you to think hard to find where and how you should store those backups. There are many good threads around this topic, for example, this one[1]. If you want to read more, just search "seed backup" on this forum.

The desktop of the 2-of-3 is not airgapped, it's a "normal" computer, used for all other things. Each element of the 2-of-3 vault has its own weak point (the hardware wallet is the stronger element, though), sure:
The desktop can get a virus and be stolen, as well as the mobile phone.

Consider using an air-gapped device as part of your setup. While the chance that both your phone and PC got compromised at the same time is low, I'd consider them as one of the risks that need to be solved. You can buy a cheap phone and use a live OS to set up your multi-sig, for example. There are obviously some risks regardless of what method you choose, but I think using a daily PC is not that great if you want to set up a cold wallet. CMIIW.

[1] https://bitcointalk.org/index.php?topic=5263482.0

[Agbe]

1 vault for the mobile and another vault for the desktop is okay instead of using  2-of-3 vault to secure your seed. All what you have to do is to have strong password. Security the coins is what everyone need but from what saying, you might even lost your coins from the multiple ways of securing the coins. I will advise you to use single way of security and not multiple.

[o_e_l_e_o]

Taking a step back from worrying about your seed phrases and back ups and looking at the bigger picture here, your multi-sig idea is not a great one.

There is not much point including a hardware wallet as part of a 2-of-3 multi-sig when the other two cosigners are highly insecure hot wallets (one on a phone, and one on a computer). It is exponentially more likely that someone is able to compromise your two hot wallets than your single hardware wallet, so the hardware wallet adds zero additional security. In fact, I would argue that a standard single signature wallet set up properly on a good hardware wallet is probably safer than a multi-sig involving two insecure hot wallets. In your situation I would probably set up the Trezor and then add an additional passphrase and use that passphrased wallet as my cold storage, backing up the seed phrase and the passphrase separately.

If you are desperate to use a multi-sig, then you should do so with either multiple hardware wallets or airgapped devices. Adding hot wallets as you have done weakens the security rather than improves it.

[apogio]

Hi

My 2-of-3 vault I'm trying to set consists of:
- a Desktop electrum at one house
- a Trezor at another house
- a Mobile phone electrum (most of the time on me)

So, that's already quite an organization when you want to send some BTC from this 2-of-3 multisig.
But each of them has by default: a passphrase (or a PIN for the Trezor), a words seed. So, you multiply by 3 the cumbersomeness of this configuration.
Can I spare myself all of those? What do you think?

Thanks!

Hello! Are the desktop and the mobile phone connected to the internet?

EDIT:

I just read the previous post by o_e_l_e_o.
That's exactly my point.
Your multisig configuration is not great.
Instead what I have done may give you an idea.
I have a signing device, which I have used to create 3 wallets. I backed-up the seed phrases and I used my signing device in order to create 3 corresponding QR codes that would help me retrieve the private keys.
Essentially, the QR code and the seed phrase do the exact same thing, as they help me "recover" my wallet.
Finally I have a backup of my 3 extended public keys. This is a crucial step!
During this process I have not been exposed to the internet at any time.
Then I have loaded my public keys in my BlueWallet app in order to be able to monitor my multisig vault and to produce addresses and send them to anyone who want to pay me.

So, for each wallet I have:
1 QR code
1 seed phrase
3 extended public keys -> here you can do some tricks and not save all the public keys together for privacy reasons. In case someone gets one of my packets, they wouldn't be able to steal my money, but they would be able to monitor my transactions. I know that's not the best approach, but I can live with it! I know the alternatives but for some reason I didn't feel comfortable to follow them and since we talk about money, I preferred to live with this drawback.

Therefore, I have created 3 packets (one for each wallet). I have distributed them to 3 different places.

Of course, I have tested that I was able to sign transactions with any 2 of my 3 wallets! An important thing here is that you should delete the vault from BlueWallet every time you repeat the experiment, in order for you to get familiar with importing the extended public keys as well.

[o_e_l_e_o]

In case someone gets one of my packets, they wouldn't be able to steal my money, but they would be able to monitor my transactions. I know that's not the best approach, but I can live with it!

There is a simple way around this. For any m-of-n multi-sig, then you only need to back up n minus m number of xpubs alongside each seed phrase (provided you pick the correct ones) and still have full redundancy and yet also protect your privacy.

For example, using your 2-of-3 system, then you back up 3-2 = 1 xpub alongside each seed phrase, and your 3 back ups would look like this:

Back up 1: Seed A, xpub B
Back up 2: Seed B, xpub C
Back up 3: Seed C, xpub A

As you can see, the compromise of any one back up is insufficient for an attacker to spy on your wallet, while you still only need to recover any 2 back ups to have all the information needed to restore your wallet.

[apogio]

In case someone gets one of my packets, they wouldn't be able to steal my money, but they would be able to monitor my transactions. I know that's not the best approach, but I can live with it!

There is a simple way around this. For any m-of-n multi-sig, then you only need to back up n minus m number of xpubs alongside each seed phrase (provided you pick the correct ones) and still have full redundancy and yet also protect your privacy.

For example, using your 2-of-3 system, then you back up 3-2 = 1 xpub alongside each seed phrase, and your 3 back ups would look like this:

Back up 1: Seed A, xpub B
Back up 2: Seed B, xpub C
Back up 3: Seed C, xpub A

As you can see, the compromise of any one back up is insufficient for an attacker to spy on your wallet, while you still only need to recover any 2 back ups to have all the information needed to restore your wallet.

Actually you were the one who taught me this system. So I owe you many thanks!

In general, let's conclude that there is no point having a n-of-m system, where many of your keys are stored online. Ideally, you want none of them to be online.

Finally, let me give you an alternative, which I think is still better than your current system.

I keep suggesting people to create a fully offline wallet and add a passphrase. This is more than enough, unless of course you want to learn better practices, which is of course advisable, but not necessary.

You could back-up a simple singlesig wallet with a passphrase and maintain 3 vaults and split the backup as follows:

vault1: words 1-6 + passphrase
vault2: words 7-12 + passphrase
vault3: words 1-12

In this case, losing one of the vaults wouldn't lead to losing your money. Only 2 of the backups are required to sign a transaction. What you gain with this system is that you wouldn't have to trust your memory at all. You have everything backed-up, even the passphrase.

[o_e_l_e_o]

You could back-up a simple singlesig wallet with a passphrase and maintain 3 vaults and split the backup as follows:

It's possible, but there are two big weaknesses to your proposal over a multi-sig one.

Firstly, you are accepting far reduced security. If someone steals one share of your multi-sig, then they would still have a hurdle of 2¹²⁸ to overcome to brute force another share. In your system, if someone finds Vault 1 your security is reduced to 2⁶² bits, and if they find Vault 2 your security is reduced to 2⁶⁶ bits (the difference being that 4 bits from word 12 are checksum). If someone steals Vault 3, then your security could be anything at all, depending on your passphrase. Unfortunately, few people choose strong and random passphrases, and instead pick passphrases like they pick passwords - short, predictable, and easily brute forced. You could potentially be down to a very low amount of security.

Secondly, you introduce a single point of failure. To spend from such a wallet, you need to bring the seed phrase and a passphrase together on a single device. If that device is compromised, then you lose everything. With multi-sig, your seed phrases can stay on separate devices, therefore protecting you against this vulnerability.

Obviously most people use single sig wallets perfectly safely, but if you are looking for the best security for long term cold storage or similar, then multi-sig remains the better choice here.

[apogio]

You could back-up a simple singlesig wallet with a passphrase and maintain 3 vaults and split the backup as follows:

It's possible, but there are two big weaknesses to your proposal over a multi-sig one.

Firstly, you are accepting far reduced security. If someone steals one share of your multi-sig, then they would still have a hurdle of 2¹²⁸ to overcome to brute force another share. In your system, if someone finds Vault 1 your security is reduced to 2⁶² bits, and if they find Vault 2 your security is reduced to 2⁶⁶ bits (the difference being that 4 bits from word 12 are checksum). If someone steals Vault 3, then your security could be anything at all, depending on your passphrase. Unfortunately, few people choose strong and random passphrases, and instead pick passphrases like they pick passwords - short, predictable, and easily brute forced. You could potentially be down to a very low amount of security.

Secondly, you introduce a single point of failure. To spend from such a wallet, you need to bring the seed phrase and a passphrase together on a single device. If that device is compromised, then you lose everything. With multi-sig, your seed phrases can stay on separate devices, therefore protecting you against this vulnerability.

Obviously most people use single sig wallets perfectly safely, but if you are looking for the best security for long term cold storage or similar, then multi-sig remains the better choice here.

I absolutely agree with you in everything. My system is much worse than multisig, as I have mentioned above.

However, don't you agree that instead of doing something wrong, trying to create a multisig vault, it would be better to go for singlesig+passphrase?

I strongly believe that people must be very well educated before creating multisig vaults.

[Weezenhofnar]

Unfortunately, no. Passphrases, word seeds, and PINs are crucial security features that protect your 2-of-3 vault from unauthorized access.

If you want to ensure that your cryptocurrency holdings are secure, it is essential to use these security measures. While they may seem like a hassle, they provide an extra layer of protection against theft and hacking attempts.

Without them, your funds could be vulnerable to malicious actors who could easily gain access to your wallet and steal your assets. So, while it may be tempting to take shortcuts, it's always better to err on the side of caution and use all the available security features to keep your cryptocurrency safe.

[o_e_l_e_o]

However, don't you agree that instead of doing something wrong, trying to create a multisig vault, it would be better to go for singlesig+passphrase?

I strongly believe that people must be very well educated before creating multisig vaults.

Sorry, I seem to have missed this reply. I do agree. There is no doubt that setting up and using a multi-sig wallet is harder than setting up a standard wallet, with or without an additional passphrase.

I like passphrases. I think more people should use them. They provide additional security should your seed phrase back up be discovered, and they also provide plausible deniability in the event of a $5 wrench attack. However, in most cases, people will still use them on a hot wallet. At some point you need to progress to a safer set up. This could take three basic forms - multi-sig, airgapped, or hardware. Even better if you use some combination of the three, and still use passphrases on top of that too.

So yes, multi-sigs are more complicated to set up and use, but at some point it becomes worth it to just sit down and learn how to use something more complicated than a standard hot wallet for your own safety.