Bitcoin Forum
November 13, 2024, 05:37:55 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: How to check I have the seeds of my multisig 2/3  (Read 226 times)
unknowncustomer (OP)
Jr. Member
*
Offline Offline

Activity: 48
Merit: 27


View Profile
July 11, 2023, 09:37:27 AM
Last edit: July 11, 2023, 09:48:37 AM by unknowncustomer
 #1

Hello,

I created an electrum 2/3 multisig Wallet on an air-gapped device.
The three seeds are geographically distributed.

I want to verify that I have well written the three seeds.
I have to create a "fake" transaction on electrum then sign it with the first key then export the PSBT then sign it with the second seed ? What about the third seed to check it's correct ?

Is there any other solution to check I own the correct seeds ?
Zaguru12
Hero Member
*****
Offline Offline

Activity: 868
Merit: 952



View Profile WWW
July 11, 2023, 09:51:01 AM
 #2

In 2/3 multi sig wallet two of the keys are actually ok to approve a transaction, so to test the other third key, I would just say you should try it out manually. Initiate another transaction and sign in with the third key and any one of the other ones just to check

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits.
..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE
DUELBITS
FANTASY
SPORTS
████▄▄█████▄▄
░▄████
███████████▄
▐███
███████████████▄
███
████████████████
███
████████████████▌
███
██████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
.
▬▬
VS
▬▬
████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
/// PLAY FOR  FREE  ///
WIN FOR REAL
..PLAY NOW..
hosseinimr93
Legendary
*
Offline Offline

Activity: 2576
Merit: 5677



View Profile
July 11, 2023, 10:07:50 AM
Merited by o_e_l_e_o (4), Charles-Tim (1)
 #3

You may want to make a transaction to see a how a multi-signature wallet works, but if you only want to check if you have written down the seed phrases correctly, there is no need to make a transaction.
Just create a new 2 of 3 multi-signature wallet using the three seed phrases you have. If electrum generates the correct addresses, it means that you have written down the seed phrases correctly.

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
ranochigo
Legendary
*
Offline Offline

Activity: 3038
Merit: 4420


Crypto Swap Exchange


View Profile
July 11, 2023, 01:41:19 PM
Last edit: July 12, 2023, 02:56:45 PM by ranochigo
 #4

Not necessarily.

Your seeds have a certain threshold of redundancy, where you can afford to get a word or two wrong while still being able to recover them with relative ease. Last (First*) few bytes are checksum and there is a fixed number of words in Electrum wordlist. For the maximum security, I wouldn't generate the multisig using the three seeds at the same time on the same computer. Rather, I would get the master public key and combine them to get the MultiSig wallet and compare their addresses.

You have to import each seed into separate computers and derive the master public key individually. I'm assuming that you're able to do this, given that this would be the ideal setup for a secure airgapped multisig.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
hosseinimr93
Legendary
*
Offline Offline

Activity: 2576
Merit: 5677



View Profile
July 11, 2023, 02:18:38 PM
Merited by ranochigo (1)
 #5

Last few bytes are checksum and there is a fixed number of words in Electrum wordlist.
Since OP has generated the seed phrases using electrum and they are not BIP39, the checksum isn't the last few bytes.
Instead of having a checksum in the way a BIP39 seed phrase is generated, electrum hashes the words and then checks if the result matches any of the correct versions numbers.

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
nc50lc
Legendary
*
Offline Offline

Activity: 2590
Merit: 6389


Self-proclaimed Genius


View Profile
July 11, 2023, 02:39:32 PM
 #6

I want to verify that I have well written the three seeds.
I have to create a "fake" transaction on electrum then sign it with the first key then export the PSBT then sign it with the second seed ? What about the third seed to check it's correct ?
By following that method, just make two copies of the PSBT with 1 signature and send each to the other two cosigners.
Either one should be able to sign it.

Is there any other solution to check I own the correct seeds ?
Check each cosigner wallets' addresses if they are all the same, then go to each cosigner's menu: "Wallet->Seed" if the seed if correct.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
dkbit98
Legendary
*
Offline Offline

Activity: 2408
Merit: 7567



View Profile WWW
July 11, 2023, 08:37:21 PM
 #7

Is there any other solution to check I own the correct seeds ?
Word of advice, whenever you are creating bitcoin wallet, either regular or multisig, you should ALWAYS check if your seed phrase backup work, only after this you can consider your setup safe.
First write seed words on paper, than erase wallet or reset device/s, and than import seed words from scratch.
Only if everything works good you should accept coins on addresses generated by this wallet.


█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
MusaMohamed
Sr. Member
****
Offline Offline

Activity: 1050
Merit: 346



View Profile
July 12, 2023, 03:12:35 AM
 #8

Multisig wallet or Singlesig wallet, you always have to do three steps.
Create your wallet with seed
Backup your wallet seed
Recover your wallet to test your wallet seed backup

With Multisig wallet, the recovery process will include checking seeds of all cosigner wallets and their Master Public Keys.
If the multisig wallet created has the same address as an initial wallet has, all from wallet creation, wallet backup, wallet recovery are good.

Creating a multisig wallet.

.
Duelbits
▄▄█▄▄░░▄▄█▄▄░░▄▄█▄▄
███░░░░███░░░░███
░░░░░░░░░░░░░
░░░░░░░░░░░░
▀██████████
░░░░░███░░░░
░░░░░███▄█░░░
░░██▌░░███░▀░░██▌
█░██░░███░░░██
█▀▀▀█▌░███░░█▀▀▀█▌
▄█▄░░░██▄███▄█▄░░▄██▄
▄███▄
░░░░▀██▄▀
.
REGIONAL
SPONSOR
███▀██▀███▀█▀▀▀▀██▀▀▀██
██░▀░██░█░███░▀██░███▄█
█▄███▄██▄████▄████▄▄▄██
██▀ ▀███▀▀░▀██▀▀▀██████
███▄███░▄▀██████▀█▀█▀▀█
████▀▀██▄▀█████▄█▀███▄█
███▄▄▄████████▄█▄▀█████
███▀▀▀████████████▄▀███
███▄░▄█▀▀▀██████▀▀▀▄███
███████▄██▄▌████▀▀█████
▀██▄█████▄█▄▄▄██▄████▀
▀▀██████████▄▄███▀▀
▀▀▀▀█▀▀▀▀
.
EUROPEAN
BETTING
PARTNER
Charles-Tim
Legendary
*
Offline Offline

Activity: 1722
Merit: 5211


Leading Crypto Sports Betting & Casino Platform


View Profile
July 12, 2023, 07:00:00 AM
 #9

First write seed words on paper, than erase wallet or reset device/s, and than import seed words from scratch.
Only if everything works good you should accept coins on addresses generated by this wallet.
If a multisig wallet has been created already, you can check the seed phrase, master public key and make sure the addresses are the same on all the m wallets. Even if the addresses are correct, the multisig wallet is properly setup. If there is a mistake in the setup, likely the wallet will not be created at all. I do not think reimporting the seed phrase is necessary.

Multisig wallet or Singlesig wallet, you always have to do three steps.
Create your wallet with seed
Backup your wallet seed
Recover your wallet to test your wallet seed backup
You do not have to recover multisig or single sig wallet just like I mean above. You can still always double check that your seed phrase (and master public keys) are correct and properly backup the seed phrases and master public keys.

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18747


View Profile
July 12, 2023, 09:01:48 AM
Last edit: July 17, 2023, 05:54:25 PM by o_e_l_e_o
 #10

Where are your xpubs backed up? They should be backed up alongside your seed phrases.

I have to create a "fake" transaction on electrum then sign it with the first key then export the PSBT then sign it with the second seed ? What about the third seed to check it's correct ?
What is contained by the wallet you plan to create this fake transaction on? All of the seed phrases? Or just the xpubs? Or some combination?

How are you planning to sign it with second seed phrase? Are you importing that seed phrase in to a clean device alongside the two other xpubs? Again, where are your xpubs backed up?

I would not create a transaction at all. What I would do instead would be to access each seed phrase back up individually, use each back up to derive the necessary xpub, then take all three xpubs together and recover a watch only copy of your multi-sig. If the addresses match up, then your seed phrases are correct.

I would also point out that creating a multi-sig on a single device negates the whole point of a multi-sig, which is to remove a single point of failure.
apogio
Hero Member
*****
Offline Offline

Activity: 602
Merit: 1221



View Profile WWW
July 12, 2023, 11:50:28 AM
 #11

Hello,

I created an electrum 2/3 multisig Wallet on an air-gapped device.
The three seeds are geographically distributed.

I want to verify that I have well written the three seeds.
I have to create a "fake" transaction on electrum then sign it with the first key then export the PSBT then sign it with the second seed ? What about the third seed to check it's correct ?

Is there any other solution to check I own the correct seeds ?

Make sure to back up your 3 xpubs as well. In case you lose one of your seeds, if you don't have all the 3 xpubs, you will not  be able to recover your keys, even if 2 out of 3 seeds are needed to sign transactions.

hosseinimr93
Legendary
*
Offline Offline

Activity: 2576
Merit: 5677



View Profile
July 12, 2023, 12:02:26 PM
 #12

Make sure to back up your 3 xpubs as well. In case you lose one of your seeds, if you don't have all the 3 xpubs, you will not  be able to recover your keys, even if 2 out of 3 seeds are needed to sign transactions.
To be more accurate, if you lose one of the seed phrases, you will need the master public key associated with the lost seed phrase to recover your wallet. You won't need all three master public keys. Two of them can be derived from the two existing seed phrases.

To recover you wallet and spend fund from that, you will need:

Seed A, Seed B, MPK C
or
Seed B, Seed C, MPK A
or
Seed A, Seed C, MPK B

(MPK = Master public key)

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
apogio
Hero Member
*****
Offline Offline

Activity: 602
Merit: 1221



View Profile WWW
July 12, 2023, 12:06:41 PM
Merited by hosseinimr93 (2)
 #13

Make sure to back up your 3 xpubs as well. In case you lose one of your seeds, if you don't have all the 3 xpubs, you will not  be able to recover your keys, even if 2 out of 3 seeds are needed to sign transactions.
To be more accurate, if you lose one of the seed phrases, you will need the master public key associated with the lost seed phrase to recover your wallet. You won't need all three master public keys. Two of them can be derived from the two existing seed phrases.

To recover you wallet and spend fund from that, you will need:

Seed A, Seed B, MPK C
or
Seed B, Seed C, MPK A
or
Seed A, Seed C, MPK B

(MPK = Master public key)

Correct. If OP doesn't want to backup all the xpubs with each cosigner's seed, they could back it up as follows:

1. Seed A, MPK B
2. Seed B, MPK C
3. Seed C, MPK A

Therefore, losing 1 of those packets OP will still be able to recover their wallet. At the same time, if an attacker steals one of the packets, they will not be able to monitor your wallet.

Abdussamad
Legendary
*
Offline Offline

Activity: 3682
Merit: 1580



View Profile
July 12, 2023, 02:50:13 PM
 #14

Not necessarily.

Your seeds have a certain threshold of redundancy, where you can afford to get a word or two wrong while still being able to recover them with relative ease.

No they don't. You need all the words and in the right order.
ranochigo
Legendary
*
Offline Offline

Activity: 3038
Merit: 4420


Crypto Swap Exchange


View Profile
July 12, 2023, 02:56:12 PM
 #15

No they don't. You need all the words and in the right order.
Yep, with relative ease but not directly of course. Though you could mistype one or two of the words and still be able to recover it since they are still using the same fixed wordlist. If you miss out a word or two, that's still fine. You can't get the correct versioning without a few specific phrases which would automatically eliminate most of the seeds without the need for further key derivation.

Jumbling them up sounds quite intentional, so that shouldn't be too much of an issue.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
tcash
Newbie
*
Offline Offline

Activity: 4
Merit: 0


View Profile
July 13, 2023, 10:08:14 AM
 #16

Yes. if 3rd device is a Coldcard MK4 (I highly recommend) go to "Advanced" menu > "Danger Zone" > "Seed Functions" > "View Seed Words"

You should have written down the Electrum seeds to verify.

if 2nd hardware device is a Coldcard MK4 ....repeat *Above*
unknowncustomer (OP)
Jr. Member
*
Offline Offline

Activity: 48
Merit: 27


View Profile
July 17, 2023, 05:26:32 PM
 #17

For example, I first sign a transaction with seed 1. Then I sign this transaction with seed 2. The transaction is valid because it is a 2 out of 3 multisig.
Then I copy the first transaction and signed it with seed 3 this time (instead of seed 2). 
So now I have two signed transaction (actually this is the same transaction). Every signature is done offline on my airgapped computer. 
What « happened » if I then don’t broadcast this or these two transactions over the internet ? Is it ok ?
o_e_l_e_o
In memoriam
Legendary
*
Offline Offline

Activity: 2268
Merit: 18747


View Profile
July 17, 2023, 05:55:55 PM
 #18

What « happened » if I then don’t broadcast this or these two transactions over the internet ? Is it ok ?
If you don't broadcast the transactions, then nothing happens. The network never learns about them, your coins never move, and you pay no fees. As far as the wider network is concerned, those transaction do not exist until you broadcast them. If you never broadcast them and delete them instead, then it is as if they never existed.
apogio
Hero Member
*****
Offline Offline

Activity: 602
Merit: 1221



View Profile WWW
July 17, 2023, 06:59:10 PM
 #19

For example, I first sign a transaction with seed 1. Then I sign this transaction with seed 2. The transaction is valid because it is a 2 out of 3 multisig.
Then I copy the first transaction and signed it with seed 3 this time (instead of seed 2). 
So now I have two signed transaction (actually this is the same transaction). Every signature is done offline on my airgapped computer. 
What « happened » if I then don’t broadcast this or these two transactions over the internet ? Is it ok ?

If you are afraid that you may have privacy issues broadcasting transactions, since you need internet for this purpose, I suggest running your own node + electrum server. Then connect a wallet, like Sparrow for example, to your personal electrum server using TOR. I think you can't really do much more to avoid connecting to the internet at all. Bitcoin needs the internet.

ranochigo
Legendary
*
Offline Offline

Activity: 3038
Merit: 4420


Crypto Swap Exchange


View Profile
July 18, 2023, 02:33:13 AM
 #20

For example, I first sign a transaction with seed 1. Then I sign this transaction with seed 2. The transaction is valid because it is a 2 out of 3 multisig.
Then I copy the first transaction and signed it with seed 3 this time (instead of seed 2). 
So now I have two signed transaction (actually this is the same transaction). Every signature is done offline on my airgapped computer. 
What « happened » if I then don’t broadcast this or these two transactions over the internet ? Is it ok ?
Yeah, its fine unless someone broadcasts it. The two signed transactions are both valid and either of them can be broadcasted at any point in time. If for some reason, you didn't manage these two transactions properly and someone else gets access to it, they can still broadcast it because they are valid.

These two transaction are valid until any of the inputs in that signed transaction gets spent.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!