Wallet Security

[mk4]

Note: Multisig wallets are for advanced users only

Above is an excerpt from the first reply/link on this topic.

that and most of the replies here are impactive as well as frightening and as such having some aspects of red flag for me right now via my proposal.

I think I need to first get very advanced first in order to make this move. I would appreciate more leads through.

It surely can be quite frightening but if you're decently technically literate (don't necessarily need to be an expert), it's very doable! Try making one for fun for just a small amount of BTC, then look back at the steps you did and check if there are potential security loopholes.

[apogio]

Hello, technically you can use your single signature wallet as one of the cosigners of your multi-sig wallet. I don't suggest it though cause if anyone ever gets your seed phrase they could empty your single sig wallet and at the same time, they will have access to one of the cosigners of your vault.

I suggest you create a 2-of-3 multisig vault.

You will need the 3 seed phrases and their 3 corresponding xpubs.

You will be able to monitor your wallet (view UTXOs, generate addresses etc.) using only your 3 xpubs.

You will be able to sign transactions using 2 of your 3 seed phrases.

I suggest you back up your wallet as follows (S1 = seed phrase of wallet 1, X1 = xpub of wallet 1 etc):

Packet 1: S1, X2
Packet 2: S2, X3
Packet 3: S3, X1

You will need 3 distinct places to store each of your packets.

If you lose any of the packets, you will still be able to recover your wallet with the other 2. If an attacker stills one of your packets, they will be unable to do anything with it.

Also pay attention that XPUBs are vital. If you lose one of them, and don't have access to the seed phrase that produces it, you will lose your funds.

Finally, make sure to generate both the cosigners and the multi-sig wallet on an airgapped device. If you can use your own node to connect to, it is much better.

Personally, I use Sparrow for storing the XPUBs and monitor my wallet and I also use Blockstream Jade to enter my seed phrases offline and sign transactions if I need to.

[satscraper]

If someone thinks that there's a 100% solution for securing their stash, they are deeply mistaken. Such a solution doesn't exist and is unlikely to emerge in the future.

Security must be built step by step, adding layers to cover the weaknesses of the previous ones, providing overall protection against emerging threats.

In the context of hardware wallets, this might mean that if a user chooses them to store their stash, each new layer would imply a new wallet from a different manufacturer and a new signature for their new multi-signature wallet. Of course, this multi-signature scheme becomes more complex, and it should correspond to the size of the stash itself.

[Synchronice]

I've a single signature wallet but I heard recently that the  multi-signature wallet has more security and that interests me as my stored assets increases.

However, I want to know if I'd be needing to create a fresh wallet, getting new seed phases then move assets to the new wallet Or there's a way I could upgrade to multi-signature using the former wallet.

You have to keep in mind that higher the wallet security, the higher the responsibility is.
If you create a standard wallet, you'll make yourself totally dependent on that particular seed phrase, so, your concern will be to maximally secure your seeds, to hide it in a perfect place. You should store your seed phrase on indestructible plate or write it down on paper (not good idea) or on something else more secure and save it in solid metal capsule. I give you this advice because you need your seed phrases to survive in extreme conditions, including earthquakes, heavy fire, heavy rain and so on.
You can also copy your seed phrases and have a two same copies, two storage. But you should always keep in mind that no one should have an access to them, otherwise your coins will get lost.

Now I want to say something about Multisig, since it seems a better option for you. Yeah, it's true that in case of 2-3 multisig, if you lose one part of seeds or if someone steals one part of seeds, you'll still be able to fully recover your wallet but you have to keep in mind that you should save their seed phrases in three different locations and as always, it's a good idea to have a backup of them, you should have a back up of at least two of them. Now you have to find five secure place to store seeds + you have to buy five indestructible plate or solid metal capsule.
Multisig offers better security but the responsibility is so high that I think standard wallet will be a better option.

It's easier to take care of one wife/kid instead of three

[hosseinimr93]

Yeah, it's true that in case of 2-3 multisig, if you lose one part of seeds or if someone steals one part of seeds, you'll still be able to fully recover your wallet

As already said this thread, you can't recover your 2 of 3 multi-signature wallet, if you have lost one of seed phrases and you don't have the master public key derived from that.
Take note that for recovering a 2 of 3 multi-signature, all three master public keys are required. If you have two of seed phrases, two of master public keys are derived from them and you need to have the master public key derived from the lost seed phrase as well.

[Z-tight]

In the context of hardware wallets, this might mean that if a user chooses them to store their stash, each new layer would imply a new wallet from a different manufacturer and a new signature for their new multi-signature wallet. Of course, this multi-signature scheme becomes more complex, and it should correspond to the size of the stash itself.

Regularly buying a new hardware wallet from a different manufacturer will only give you a false sense of security, more backups and the possbility of making a mistake due to complexities, you should only change your hardware wallet if the manufacterer becomes shady or untrustworthy, just like the situation with Ledger and their recovery service.

If you have a properly set up 2-of-3 multi-sig wallet, using either 2 hardware wallets and an air-gapped device, or a hardware wallet, one air-gapped device and a hot wallet, that is already a safe set up if you did everything correctly and have backups of the seed phrases and master public keys, so there may be no need to add any other extra layer of protection.

[satscraper]

In the context of hardware wallets, this might mean that if a user chooses them to store their stash, each new layer would imply a new wallet from a different manufacturer and a new signature for their new multi-signature wallet. Of course, this multi-signature scheme becomes more complex, and it should correspond to the size of the stash itself.

Regularly buying a new hardware wallet from a different manufacturer will only give you a false sense of security, more backups and the possbility of making a mistake due to complexities, you should only change your hardware wallet if the manufacterer becomes shady or untrustworthy, just like the situation with Ledger and their recovery service.

If you have a properly set up 2-of-3 multi-sig wallet, using either 2 hardware wallets and an air-gapped device, or a hardware wallet, one air-gapped device and a hot wallet, that is already a safe set up if you did everything correctly and have backups of the seed phrases and master public keys, so there may be no need to add any other extra layer of protection.

Well, I didn't say regularly, I have said - add extra layer.

In my view three hardware wallets (preferably airgapped) from different makers would be enough to make multisig to hold the stash of reasonable value.

Right now my 2-2 multisig is assembled with the use of two wallets - Passport 2 and Sparrow. In the nearest future the last will be replaced by Coinkite  product, most  likely by   ColdCard Q1 when it will appear.

[Pmalek]

@OP
If you are considering a multi-sig setup, you should have several devices where you can generate the needed keys safely. If you are working with a single device, particularly if it's a mobile phone, there is no point setting up a multi-sig setup all in one place. So, what kind of combination of devices and how many units did you have in mind for your future multi-sig setup?

For example, you could say I have two hardware wallets, a desktop software wallet, and a mobile wallet, etc.
What were you thinking of using?