MultiSig vs Determinsitic bitcoin wallets

[c5h3ris1253]

https://bitscan.com/articles/multisig-vs-determinsitic-bitcoin-wallets

 I read this earlier, It's a decent article about the benefits of multisig and the added security.

A brief snippet:

If you have ever read anything about keeping your bitcoins secure, you may have heard that keeping the bulk of your funds in an offline wallet is recommended. This is primarily due to the fact that the private keys to your funds would not be under your control in an online environment. However, with the recent implementations of deterministic wallets and multisignature bitcoin addresses, it’s possible that tighter security can exist in an online environment.

BitScan takes a look at two relatively new and upcoming wallets to the market, that use these diffferent methods, to weigh up the pros and cons.

Deterministic Wallets

For those who are unfamiliar, a deterministic wallet is one which generates all of its keys (public and private) based on a given a random sequence of words, or a “seed”. A seed is highly unlikely to be guessed like a brain wallet password would due to the fact it is hashed multiple times to create entropy (or uncertainty). A wallet of this type has a few advantages regarding security.

[1715396045]

1715396045

[1715396045]

1715396045

[FrozenBit]

Thanks for finding this, can't believe I actually missed this. Very insightful article.

[Netamer]

You can generate a determinsitic wallet at bitaddress.org

[neverminer77]

Copay is deterministic and multisig. There is no need to choose one VS the other. You can have both at the same time.

[12inchdick]

If you give one of the private keys of a multisig address to another person, can he/she regenerate your other private keys because your wallet is deterministic?

[GTA]

If you give one of the private keys of a multisig address to another person, can he/she regenerate your other private keys because your wallet is deterministic?

No.
The private keys are calculated based off a seed by taking a hash of the seed. Since a hash is a one-way function, the resulting private key doesn't give any info about the seed, and thus doesn't provide any way to obtain other private keys that would be generated by it.
Here's a basic example (not actually the way most deterministic wallets work, but a simplified example): To generate a private key take SHA256(string + n), where n is an ASCII-coded number that starts from 1 and increments as additional keys are needed.

[jbreher]

Here's a basic example (not actually the way most deterministic wallets work, but a simplified example): To generate a private key take SHA256(string + n), where n is an ASCII-coded number that starts from 1 and increments as additional keys are needed.

So for the purpose of this perhaps overly-simplified example... When such a deterministic wallet is scanning the blockchain, how does it determine the value of 'n' at which to stop scanning? Is there not a tradeoff between efficiency (stop scanning some time before 'n' reaches infinity), and potential leakage of funds?

[Envrin]

If you give one of the private keys of a multisig address to another person, can he/she regenerate your other private keys because your wallet is deterministic?

You have to clarify your question, as it depends on the wallet structure, and what private key you're giving.

Think of the wallet structure as a family -- you have grandparents, parents, kids, grand-kids, etc.  If you hand someone over a private key belonging to a kid, then they can easily generate all private keys belonging to their kids.  If you give someone a privat3e key belonging to a parent, they can't get the grandparents private keys, but they can get any of the kids or grand-kids private keys.

Hope that makes sense.

[prismicide]

Like it was written above, you do not need to oppose Deterministic wallets and multisig features.

Our own Hardware Wallet solution is a Deterministic Wallet with multisig features.

https://bitcointalk.org/index.php?topic=682917

http://www.prismicide.com/export/intro_us.jpg

[CryptoDomains]

If a site or tool like multisig ever goes away or offline, I can still access the wallet, no adverse affect, correct ?

[Envrin]

If a site or tool like multisig ever goes away or offline, I can still access the wallet, no adverse affect, correct ?

Ummm, depends.  Multisig in and of itself is 100% on the blockchain, so:

1 multisig address = X standard addresses + # of signatures required.

That's it.  When money is sent to that multisig address, in order to send it out, you need the necessary # of signatures, or else the blockchain will reject it.  And the only private keys that can sign the outgoing transaction are the "X standard addresses" the multisig address was created using.

For example, if you're using a multisig service that's a 2 of 2 solution (1 = you, 1 = the site), and the site disappears, then your funds will be stuck.  You need the private key from the site to send any funds.

[FrozenBit]

Like it was written above, you do not need to oppose Deterministic wallets and multisig features.

Our own Hardware Wallet solution is a Deterministic Wallet with multisig features.

https://bitcointalk.org/index.php?topic=682917

 Wow, I haven't seen this wallet before. It looks awesome! Can't wait to see it finished.

 I would like to state we (FrozenBit) are both MULTISIG, AND DETERMINISTIC!