Mixin Safe: A Convenient and Decentralized Multisig + MPC + Timelock solution

[cedricfung]

Hello, I've checked your website, pretty sleek and elegantly simple which I like since it's refreshing to the eyes but I have to ask, do the reviewers have to pay when they create their wallet? Also, is Mornin Key the only available one for testers?

The package plan in test starts from $2 per year, so the reviewers do need to pay at least $2 to the standard plan to create a safe and send out a transaction.

Mornin Key is the free and easiest wallet to test, but we also have guides for Bitcoin Core and Ledger at the moment https://support.mixin.one/en/category/mixin-safe-n3u479/

[1714594812]

1714594812

[1714594812]

1714594812

[1714594812]

1714594812

[1714594812]

1714594812

[1714594812]

1714594812

[gunhell16]

I'm still reviewing this mixin safe, and currently, I'm still a little confused, but I tried to download the mixin safe messenger. If I look at it, it seems like a typical wallet like a trust wallet.

Then I'm also a bit confused if I'm obligated to buy a cold card because I saw that to have one it's around 147$ each and the morning key is around 1.1$ each here in our currency. If I use a mixin safe, is it required for me to buy a cold card and mornin key?

[logfiles]

If I understand the purpose of this service well, then I must ask, Why is it limited to mostly hardware wallets and Bitcoin core?
In the guides I am not seeing any talk about wallets like Electrum, Sparrow Wallet etc

Yes, hardware wallets are superior in security vs SPV wallets, but a majority of people use the latter. So why are they not recommended? Am I missing something?

[cedricfung]

I'm still reviewing this mixin safe, and currently, I'm still a little confused, but I tried to download the mixin safe messenger. If I look at it, it seems like a typical wallet like a trust wallet.

Then I'm also a bit confused if I'm obligated to buy a cold card because I saw that to have one it's around 147$ each and the morning key is around 1.1$ each here in our currency. If I use a mixin safe, is it required for me to buy a cold card and mornin key?

Mixin Safe is not a single software, it's a service that makes multisig easy to use, the minimum requirements for this service is Mixin Messenger and a Bitcoin private key wallet.

The Bitcoin private key wallet can be any Bitcoin wallets that support miniscript well. So Bitcoin Core is the most trusted and free choice, you don't need to buy anything. And Mornin Key is the other software choice, and as I know no other Bitcoin software wallets support Miniscript wallet yet.

Anyway, you can choose to use anonymous number when get an account.

1. Can people use any free anonymous number (such as Google Voice and Firefox Relay)?
2. Any plan to replace phone number with email address (since it's easier to obtain anonymous email address)?

1. Yes, any phone number which can receive SMS is acceptable.
2. We are considering other choices, including email.

If I understand the purpose of this service well, then I must ask, Why is it limited to mostly hardware wallets and Bitcoin core?
In the guides I am not seeing any talk about wallets like Electrum, Sparrow Wallet etc

Yes, hardware wallets are superior in security vs SPV wallets, but a majority of people use the latter. So why are they not recommended? Am I missing something?

That's because of lack of miniscript support. Although if you bother search all wallet mentioned on their homepage, they also support Mornin Key and Mixin Messanger which supposed to be lightweight/SPV wallet.

Yes, the answer is correct. Once other software wallets fully support the miniscript feature, they can be used with Mixin Safe.

[examplens]

Anyway, you can choose to use anonymous number when get an account.

1. Can people use any free anonymous number (such as Google Voice and Firefox Relay)?

I think that storing any value with the help of a temporary service or one controlled by a third party cannot be a good solution. Sounds like "not your key, not your coins" to me.

[gunhell16]

I'm still reviewing this mixin safe, and currently, I'm still a little confused, but I tried to download the mixin safe messenger. If I look at it, it seems like a typical wallet like a trust wallet.

Then I'm also a bit confused if I'm obligated to buy a cold card because I saw that to have one it's around 147$ each and the morning key is around 1.1$ each here in our currency. If I use a mixin safe, is it required for me to buy a cold card and mornin key?

Mixin Safe is not a single software, it's a service that makes multisig easy to use, the minimum requirements for this service is Mixin Messenger and a Bitcoin private key wallet.

The Bitcoin private key wallet can be any Bitcoin wallets that support miniscript well. So Bitcoin Core is the most trusted and free choice, you don't need to buy anything. And Mornin Key is the other software choice, and as I know no other Bitcoin software wallets support Miniscript wallet yet.

How about Bluewallet, since this one also supports miniscript I can used this on the mixin safe?  I thought, your requiring each users to have morni key, but I was wrong about this thinking.

But anyway, thanks for the clarification for this thing now I know what am I gonna do with this mixin safe. One more thing why in your terms in the review campaign you've mentioned that anyone can use throwaway number, right? Why? It seems that there is risk when we use mixin safe?

[Agbe]

Op I tried to download the Signal Messenging App and this is warning I got from it.

This is what most people are trying to avoid because they are afraid that virus might infect their mobile device to destroy their already installed wallet.

And also the inclusion of bitcoin core in desktop or laptop and Mornin Key App and Ledger Wallet App for Android Version is making the process cumbersome. Why can you programme it for one device use? Now what will happen to those who are not using phone or those who are not using phone?

As you said, the service is not for everyone but you still need everyone for the service. So make things easy for us to use.

[cedricfung]

How about Bluewallet, since this one also supports miniscript I can used this on the mixin safe?  I thought, your requiring each users to have morni key, but I was wrong about this thinking.

But anyway, thanks for the clarification for this thing now I know what am I gonna do with this mixin safe. One more thing why in your terms in the review campaign you've mentioned that anyone can use throwaway number, right? Why? It seems that there is risk when we use mixin safe?

A few wallets are now supporting part of miniscript, but they don't have full support, they usually only allow some simple predefined templates. I will look into Bluewallet to have a test.

Throwaway number is ok for a test. But if you like the product and decide to use it for your coins, it's recommended to use a real number though. By mentioning throwaway number, it's not a recommendation, just to emphasize that we don't want people's phone number, we make the product to use phone numbers because it's the most adopted authentication method for general public.

Op I tried to download the Signal Messenging App and this is warning I got from it.

[img http://width=200]https://www.talkimg.com/images/2023/07/19/ZDe7v.png[/img]

This is what most people are trying to avoid because they are afraid that virus might infected their mobile device to destroy their already installed wallet.

And also the inclusion of bitcoin core in desktop or laptop and Mornin Key App and Ledger Wallet App for Android Version is making the process cumbersome. Why can you programme it for one device use? Now what will happen to those who are not using phone or those who are not using phone?

As you said, the service is not for everyone but you still need everyone for the service. So make things easy for us to use.

It's better for most people to download apks from their app stores, usually Google Play, FDroid, or something, then those apk warning won't appear. This is not an app thing, it's the Android.

Mixin Messenger itself is the easiest wallet to use already, with good real mixing capability as the name suggested

One device use means single point of failure, Mixin Safe is just designed to avoid this issue, so It's possible to use it with a single device, but not in a recommended way.

[DaNNy001]

One question about the member key aspects of this project, can the member be folks I know or I can meet any random guy and add them thorough the messenger app, the reason is because I have a very limited contact.

Haven't tried it out yet but I thought I should know about this aspect of the project although I think the project is cool because beleive me ,I know most bitcoin users always prefer storing their coins in CEX even if they are fully aware of the vulnerability but mixin safe seem simple enough and the multi sig aspect of it makes it somehow cool and safe even if one losses their private key.

[cedricfung]

One question about the member key aspects of this project, can the member be folks I know or I can meet any random guy and add them thorough the messenger app, the reason is because I have a very limited contact.

Haven't tried it out yet but I thought I should know about this aspect of the project although I think the project is cool because beleive me ,I know most bitcoin users always prefer storing their coins in CEX even if they are fully aware of the vulnerability but mixin safe seem simple enough and the multi sig aspect of it makes it somehow cool and safe even if one losses their private key.

Thank you for the praise 

For the members key, if you just wanna try the service, you may choose anybody, even yourself is enough. We recommend the members to be managed by trusted members, or by two different phones, so that you won't lose access of the members key.

[NotATether]

Where is the multisig and private key functionality? I don't see it anywhere in the app.

I'd like to see how the 2-of-3 multisig is stored.

[Zoomic]

I have seen this project in the service board running a review campaign. I have also seen that many people have applied to the review the project. But it appears that this project is not a familiar one, but it has a good security feature. I remember when I first set up a 2-2 multi sig wallet, it wasn't a straight forward thing but I achieved it.
I have interest in this project and I will like to use it. I don't know if someone like o_e_l_e_o has studied this project. He has a way of explaining difficult things in a simple manner. I will be glad if he can respond to this.

Meanwhile, Op you did well by offering a review campaign. That is the only way to make the community acquinted with the project.

[cedricfung]

Where is the multisig and private key functionality? I don't see it anywhere in the app.

I'd like to see how the 2-of-3 multisig is stored.

You can check our website for technology details and send a transaction from your Mixin Safe to see the multisig in action.

https://blockstream.info/tx/038a366e35ce50a7315b42f9139f19f868f481212ba9fc814e08a09bdd39a57e?expand

The link above is a transaction sent from one Mixin Safe address, as you can see the witness script shows two signatures used to unlock a timelockec 2-of-3 multisig script.

I have seen this project in the service board running a review campaign. I have also seen that many people have applied to the review the project. But it appears that this project is not a familiar one, but it has a good security feature. I remember when I first set up a 2-2 multi sig wallet, it wasn't a straight forward thing but I achieved it.
I have interest in this project and I will like to use it. I don't know if someone like o_e_l_e_o has studied this project. He has a way of explaining difficult things in a simple manner. I will be glad if he can respond to this.

Meanwhile, Op you did well by offering a review campaign. That is the only way to make the community acquinted with the project.

Thank you. Mixin Safe is a new project started this year, when I asked about Bitcoin script questions https://bitcointalk.org/index.php?topic=5441806.0

However Mixin Messenger is a project with lots of users and has been running for 6 years.

[o_e_l_e_o]

I don't know if someone like o_e_l_e_o has studied this project. He has a way of explaining difficult things in a simple manner. I will be glad if he can respond to this.

I haven't studied this in depth, but as far as I can tell it works as follows.

Mixin Safe is a 2-of-3 multi-sig.
There is one key held by you, the owner key.
The second key is held by your family/friends/colleagues/other trusted contacts, called the members key.
The third key is held by Mixin Safe themselves, but is timelocked for a year, called the recovery key.

You can spend coins using your key and the key held by your trusted contacts with their approval. If you lose your key, or your trusted contacts lose their key, you can recover your coins after one year with the key you do still have and the recovery key.


I would also say that I will never use such a product, for a couple of reasons. Personally, I do not want a third party involved in my storage, and I certainly don't want to be paying a third party to be involved in my storage. I also highly value my privacy, and don't want a third party being able to see all my holdings and transactions. I know there is a market for such products given the recent Ledger Recovery nonsense, but that market is not me.

However, on poking about the website a bit more I have one main concern, and it revolves around the members key. How does it work exactly? It is a multi-sig embedded in a multi-sig? Is it SSS? How do the threshold number of members come together in order to recreate their key? Can I pick the threshold? Your pricing model says you charge $20 per transaction(!). How can you enforce this when I am supposed to be able to access my key and the members key without you? If the members truly did hold this key, then I can recover my multi-sig to any wallet and make transactions without paying your fee, no? Something doesn't add up.

[cedricfung]

I haven't studied this in depth, but as far as I can tell it works as follows.

Mixin Safe is a 2-of-3 multi-sig.
There is one key held by you, the owner key.
The second key is held by your family/friends/colleagues/other trusted contacts, called the members key.
The third key is held by Mixin Safe themselves, but is timelocked for a year, called the recovery key.

You can spend coins using your key and the key held by your trusted contacts with their approval. If you lose your key, or your trusted contacts lose their key, you can recover your coins after one year with the key you do still have and the recovery key.


I would also say that I will never use such a product, for a couple of reasons. Personally, I do not want a third party involved in my storage, and I certainly don't want to be paying a third party to be involved in my storage. I also highly value my privacy, and don't want a third party being able to see all my holdings and transactions. I know there is a market for such products given the recent Ledger Recovery nonsense, but that market is not me.

However, on poking about the website a bit more I have one main concern, and it revolves around the members key. How does it work exactly? It is a multi-sig embedded in a multi-sig? Is it SSS? How do the threshold number of members come together in order to recreate their key? Can I pick the threshold? Your pricing model says you charge $20 per transaction(!). How can you enforce this when I am supposed to be able to access my key and the members key without you? If the members truly did hold this key, then I can recover my multi-sig to any wallet and make transactions without paying your fee, no? Something doesn't add up.

It's the CMP-MPC protocol from Fireblocks, so there is no private key for the members key, and it has never existed. But n members hold some shares, they can sign the message with their share and combine the signature to form the final signature.

Technically and actually you can do all of this for free. What we charge is that we make a tool for you to easily do all these multisig and MPC stuffs easily. We sell wallet software, just like people sell wallet hardware, you can manage your private key without the hardware.


Mixin Safe is completely different from Ledger Recovery, they are trying to backup your private key, Mixin Safe never gets access to your private key. What we promote is multisig+timelock, the ultimate technology in Bitcoin, to help people preserve their coins without single point of failure.

[o_e_l_e_o]

It's the CMP-MPC protocol from Fireblocks, so there is no private key for the members key, and it has never existed. But n members hold some shares, they can sign the message with their share and combine the signature to form the final signature.

I see. And they do all this through Mixin Messenger, right? Can they do it through any other piece of software, or it has to be your software?

My understanding is that the whole network is dependent on your XIN altcoin and its nodes, of which there are only 20-30? What happens when your network goes down? Does Mixin Messenger go offline? How does the average user (i.e. one who cannot clone github repos or compile software themselves) manage to recreate the members key and access their coins?

[cedricfung]

It's the CMP-MPC protocol from Fireblocks, so there is no private key for the members key, and it has never existed. But n members hold some shares, they can sign the message with their share and combine the signature to form the final signature.

I see. And they do all this through Mixin Messenger, right? Can they do it through any other piece of software, or it has to be your software?

My understanding is that the whole network is dependent on your XIN altcoin and its nodes, of which there are only 20-30? What happens when your network goes down? Does Mixin Messenger go offline? How does the average user (i.e. one who cannot clone github repos or compile software themselves) manage to recreate the members key and access their coins?

Technically they can use any software to do the CMP-MPC, and even if all the nodes go down, it's technically possible to do the process to access the members key. And all these process doesn't rely on any altcoins, and members should have no knowledge about any altcoins.

Mixin Messenger may go offline and that has never been the case since 2017, and it serves hundreds of millions of E2EE messages everyday.

Our service is to make all this technically possible process easier for average user, when you are trying to think about the backup plan when our service is gone, the plan is not to let the users develop software, it's to provide another software to help them. A decentralized system allows a new software to do the job, unlike a centralized system rug.

An average user can't even use Bitcoin Core to manage multisig and timelock, that's why we provide the service and sell it at a price.

In summary, everything could go offline, and in past 6 years, Mixin Messenger never did that. The software doesn't rely on altcoins. The coins can always be recovered even if our system is completely offline.

[examplens]

Mixin Messenger may go offline and that has never been the case since 2017, and it serves hundreds of millions of E2EE messages everyday.

OK for messages, but during that period, did Mixin messenger have any relationship with private keys and crypto addresses that hold some value?
I want to say that messaging is not as attractive for abuse as wallets. Once a significant amount of coins are connected to your service, more unethical persons will appear and try to open your system. For example, hackers always prefer to attack a system where there is some value than where the reward is just a bunch of text.

[cedricfung]

Mixin Messenger may go offline and that has never been the case since 2017, and it serves hundreds of millions of E2EE messages everyday.

OK for messages, but during that period, did Mixin messenger have any relationship with private keys and crypto addresses that hold some value?
I want to say that messaging is not as attractive for abuse as wallets. Once a significant amount of coins are connected to your service, more unethical persons will appear and try to open your system. For example, hackers always prefer to attack a system where there is some value than where the reward is just a bunch of text.

All our systems don't hold private keys, and we have a long history of 6 years, and lots of users, with around 20000BTC are managed through our services. I understand any systems could have bugs, but a long history without security incidents and open source could at least prove something.

[o_e_l_e_o]

Technically they can use any software to do the CMP-MPC
it's technically possible to do the process to access the members key

Emphasis mine, and that's my concern. It's technically possible to set up this inheritance and recovery type of multi-sig arrangement yourself, but as you correctly point out, it is beyond the skill set of the vast majority of average users. It will also be beyond their skill set to recover their coins if your service disappears, and that's a very dangerous situation to be in. And you are not incentivized to release a tool to allow them to do so, since then they can easily bypass your pricing model.

the plan is not to let the users develop software, it's to provide another software to help them. A decentralized system allows a new software to do the job, unlike a centralized system rug.

You are essentially hoping that some unknown developer will be kind enough to develop a tool to allow users to recover their coins, for free, in their own time. That's a big assumption.