[Bounty] How-to Multi signature transactions

[Andrew Vorobyov]

Ok, I need to create multi signature transaction.. 2-of-3... What do I do?

[1713990013]

1713990013

[1713990013]

1713990013

[Stephen Gornick]

You are being a pioneer here:

 - https://gist.github.com/2305966
 - https://bitcointalk.org/index.php?topic=75481.0;all

[Andrew Vorobyov]

No no no... I need step by step tutorial...

For example 2 people have Bitcoin Qt installed on their PC what they need to do to make it...

5 BTC bounty

[etotheipi]

I've seen some of the online wallets accommodate multi-sig transactions, though that may have been before BIP 16, and I don't know if they're still doing it.

Alternatively, there are ways to do it if you want to go digging around on the command-line and doing crazy "hacker stuff", but you might just have to wait for client developers to get around to this.  I had grand plans for it in Armory, but I've had some other pressing priorities recently.  It will be on my list of priorities after Armory goes Beta (hopefully within a month).

But even after that, there's a big hurdle for client developers, because signature collection is going to be a pain in the ass.  That's why I created BIP 10 (and already use it for offline transactions), but it might need to be expanded or supplemented with more user-friendliness.  Ugh...

[Andrew Vorobyov]

Command line guides will be OK

[cbeast]

I do not think BIP 11 has been implemented yet. We need the scriptPubKey function.

[Blazr]

So wait, we can't do multi-sig transactions yet?

Then why is everyone screaming at Bitcoinica for not using them?

I thought BIP16 got the go ahead.

[cbeast]

So wait, we can't do multi-sig transactions yet?

Then why is everyone screaming at Bitcoinica for not using them?

I thought BIP16 got the go ahead.

Bitcoinica did not encrypt their wallet. That's the issue with theft. Right now the only multisig transactions that can be done are sending to multiple addresses.

[caveden]

So wait, we can't do multi-sig transactions yet?

You can. You always could, actually. The possibility was always there, with script. It's just that there's no client that easily allows you to create your transaction with the appropriate script. You'll need to build it yourself, what's complicated.

[caveden]

Bitcoinica did not encrypt their wallet. That's the issue with theft.

A hot wallet cannot be encrypted while the system is running, by definition.
Their problem was in part having too much money in the hot wallet, but mainly, using an unsafe method to share the root password of their server containing the hot wallet.

[Gavin Andresen]

Ok, I need to create multi signature transaction.. 2-of-3... What do I do?

Gather (or generate) 3 bitcoin addresses, on whichever machines will be participating, using getnewaddress or getaccountaddress  RPC commands (or copy and paste from the GUI).

Get their public keys using the validateaddress RPC command 3 times.

Then create a 2-of-3 multisig address using addmultisigaddress; e.g.

bitcoind addmultisigaddress 2 '["044322868cb17d64dcc22185ae2d4493111d73244c3668f8ac79ecc79c0ba8d30a6756d0fa20157 709af3281cc721c7f53321a8cabda29b77900b7e4fe0174b114","..second pubkey..","..third pubkey.."]'

addmultisigaddress returns the multisignature address. Be a little careful, the public keys are raw hexadecimal and don't contain checksums like bitcoin addresses do.

You can then send funds into that 2-of-3 transaction using the normal sendtoaddress/sendmany RPC commands, or the GUI (or anything that's been updated to recognize multisig addresses).

That will create a multi signature transaction.

If you want to then SPEND the funds sent in that 2-of-3 transaction... that isn't implemented yet (well, if bitcoin has all 3 private keys in it's wallet then the funds will show up in the wallet's total balance and it may be selected to be spent like any other funds received by the wallet). "We" need to implement RPC calls to implement BIP 10 or something like it.

[jgarzik]

A hot wallet cannot be encrypted while the system is running, by definition.

Well, it can (and should) be encrypted on-disk.

At least that makes it more difficult to steal private keys (must steal from memory).

[Andrew Vorobyov]

Code:

c:\Program Files (x86)\Bitcoin\daemon>bitcoind.exe addmultisigaddress 2 '["0446fc07bc99bef8e7a875249657c65e1f1793fd0bf45e2c39d539b6f8fcd44676acc552ab886c11eb08f4a275e7bb7dc4fdaf9c4
b2228856f168a69df7d216fbc","04df70eb0107ed08e1ddcd4b4d85d26bf8cca301f5c98fd15f5efef12ba4de72bfef7287f964e304207164c003029449740aaae2d6af1ff7ae3f6bb27f3012296c","046003581a3ff5bc3de
daa6da4834ce7bcd49d3f114ce15791f6b5de8b0cec81a46db2eb8cf84d2db845854c57788c7283ab4040aeb3595bc5c68303a17fdde7c8"]'


error: type mismatch '[0446fc07bc99bef8e7a875249657c65e1f1793fd0bf45e2c39d539b6f8fcd44676acc552ab886c11eb08f4a275e7bb7dc4fdaf9c4b2228856f168a69df7d216fbc,04df70eb0107ed08e1ddcd4b4d
85d26bf8cca301f5c98fd15f5efef12ba4de72bfef7287f964e304207164c003029449740aaae2d6af1ff7ae3f6bb27f3012296c,046003581a3ff5bc3dedaa6da4834ce7bcd49d3f114ce15791f6b5de8b0cec81a46db2eb8cf
84d2db845854c57788c7283ab4040aeb3595bc5c68303a17fdde7c8]'

Why?

[Eli]

No no no... I need step by step tutorial...

For example 2 people have Bitcoin Qt installed on their PC what they need to do to make it...

5 BTC bounty

I'm adding 25BTC bounty if this is done inside Safebit.

[Gavin Andresen]

$ ./bitcoind addmultisigaddress 2 '["0446fc07bc99bef8e7a875249657c65e1f1793fd0bf45e2c39d539b6f8fcd44676acc552ab886c1 1eb08f4a275e7bb7dc4fdaf9c4b2228856f168a69df7d216fbc","04df70eb0107ed08e1ddcd4b4d85d26bf8cca301f5c98fd15f5efef12ba4de72bfef7287f964e30 4207164c003029449740aaae2d6af1ff7ae3f6bb27f3012296c","046003581a3ff5bc3dedaa6da4834ce7bcd49d3f114ce15791f6b5de8b0cec81a46db2eb8cf84d2 db845854c57788c7283ab4040aeb3595bc5c68303a17fdde7c8"]'

Works in a Terminal on my Mac, returns:

3EffXJKyYB9zWh2dhx2hcccqBK8DGC7x2x

... which validates as:

Code:

$ ./bitcoind validateaddress 3EffXJKyYB9zWh2dhx2hcccqBK8DGC7x2x
{
    "isvalid" : true,
    "address" : "3EffXJKyYB9zWh2dhx2hcccqBK8DGC7x2x",
    "isscript" : true,
    "ismine" : false,
    "script" : "multisig",
    "addresses" : [
        "1HEmNY7Lpsqc81nP6JAymjGuuvdFLaqt1e",
        "1Gpuy32bmhtn3KL6dBDHdTHfMosXRH6xV4",
        "1AbU2FDgJRKejuY4e4XGYEfzo6uAGQ1Kyy"
    ],
    "sigsrequired" : 2,
    "account" : ""
}

I don't know enough about Windows CLI quoting rules to get ["...","...","..."] passed un-modified to bitcoind.exe.  

[CIYAM]

I don't know enough about Windows CLI quoting rules to get ["...","...","..."] passed un-modified to bitcoind.exe.  

It can be a bit frustrating dealing with cmd.exe and escaping - for "" characters you basically need to use a backslash (gets more complicated if going through a batch file) and for other characters (such as >, <, | or ^) you need to escape with a ^ character.

Example:

Code:

grep.exe ^>\", *.cpp

Will match a line such as follows:

... </p>", ...


Cheers,

Ian.

[Andrew Vorobyov]

I did install fresh bitcoin and run command

Code:

santa@ubu:~$ bitcoind validateaddress 3EffXJKyYB9zWh2dhx2hcccqBK8DGC7x2x
{
    "isvalid" : true,
    "address" : "3EffXJKyYB9zWh2dhx2hcccqBK8DGC7x2x",
    "ismine" : false
}

If I run the same command after

Code:

 bitcoind addmultisigaddress 2 '["0446fc07bc99bef8e7a875249657c65e1f1793fd0bf45e2c39d539b6f8fcd44676acc552ab886c11eb08f4a275e7bb7dc4fdaf9c4b2228856f168a69df7d216fbc","04df70eb0107ed08e1ddcd4b4d85d26bf8cca301f5c98fd15f5efef12ba4de72bfef7287f964e304207164c003029449740aaae2d6af1ff7ae3f6bb27f3012296c","046003581a3ff5bc3dedaa6da4834ce7bcd49d3f114ce15791f6b5de8b0cec81a46db2eb8cf84d2db845854c57788c7283ab4040aeb3595bc5c68303a17fdde7c8"]'

it gives me

Code:

santa@ubu:~$ bitcoind validateaddress 3EffXJKyYB9zWh2dhx2hcccqBK8DGC7x2x
{
    "isvalid" : true,
    "address" : "3EffXJKyYB9zWh2dhx2hcccqBK8DGC7x2x",
    "isscript" : true,
    "ismine" : false,
    "script" : "multisig",
    "addresses" : [
        "1HEmNY7Lpsqc81nP6JAymjGuuvdFLaqt1e",
        "1Gpuy32bmhtn3KL6dBDHdTHfMosXRH6xV4",
        "1AbU2FDgJRKejuY4e4XGYEfzo6uAGQ1Kyy"
    ],
    "sigsrequired" : 2,
    "account" : ""
}

Is there a way to disassemble any multisignature address on new bitcoin installation? I want to get this "addresses" section

[Pieter Wuille]

You cannot disassemble the script address without knowing the script. That's both an advantage and a disadvantage.

It means people do need to be told what keys are involved in a transaction, they can send a payment with just the script address. On the other hand, spending from a script address implies knowing the script.

[Andrew Vorobyov]

Code:

bitcoind addmultisigaddress 2 '["0446fc07bc99bef8e7a875249657c65e1f1793fd0bf45e2c39d539b6f8fcd44676acc552ab886c11eb08f4a275e7bb7dc4fdaf9c4b2228856f168a69df7d216fbc","04df70eb0107ed08e1ddcd4b4d85d26bf8cca301f5c98fd15f5efef12ba4de72bfef7287f964e304207164c003029449740aaae2d6af1ff7ae3f6bb27f3012296c","046003581a3ff5bc3dedaa6da4834ce7bcd49d3f114ce15791f6b5de8b0cec81a46db2eb8cf84d2db845854c57788c7283ab4040aeb3595bc5c68303a17fdde7c8"]'

No matter how much time I run it it gives only one output address - 3EffXJKyYB9zWh2dhx2hcccqBK8DGC7x2x

How can I create several multisignature transactions using same addresses?

[Gavin Andresen]

How can I create several multisignature transactions using same addresses?

Use one of the send commands to send to the multisig address several times and you will create several multisig transactions.

addmultisigaddress does not create a transaction, it just creates a place for future transactions to go.