Originally published on Unchained.com.
Unchained is Bitcoin Magazine’s Official US Co-Managing Partner and an essential sponsor of related content published through Bitcoin Magazine. Please visit our website to learn more about the services we offer, our storage products, and the relationship between Unchained and Bitcoin Magazine.
As the Technical Director of the Unchained Concierge team, I have fielded numerous customer questions regarding Bitcoin multisig. If you’re just starting to understand the benefits of multi-signature and how it works in a shared archiving environment, we hope these 10 tips will answer some of your questions.
Bitcoin does not exist on your device
Phrases hardware wallet It may look like your bitcoins are in your wallet, but that’s not true. Bitcoin is never on your device. In fact, the wallet creates and stores your information. key Only. The wallet also provides user-friendly access to keys by connecting the device to a universal computer or sharing information with the computer via microSD card.
So where does Bitcoin live? The Bitcoin blockchain is a ledger that tracks every transaction that has ever occurred and the balance of every address on the network. Instead of storing bitcoins, hardware wallets secure and store the keys used to unlock or spend bitcoins at that address.
You can restore your seed phrase to another hardware wallet
When setting up a Bitcoin hardware wallet that respects current best practices, you are usually asked to back up your wallet with 12 to 24 words on a piece of paper that the manufacturer suggests you protect in case something happens to your wallet. These 12 or 24 words are the seed phrase set in Bitcoin Improvement Proposal 39 (BIP39).
Your seed phrase might be something like “the key to the castle.” It contains everything you need to recover and use the keys for any address protected by your seed phrase.
The great thing about the BIP39 seed phrase is that it allows for interoperability between hardware wallets that support the standard. This means that you can restore your Bitcoin wallet backup (seed phrase) to another brand of hardware wallet. If you initially set up a Bitcoin wallet on Trezor and want to move to Coldcard, it’s as simple as importing 12 to 24 words.
read more: How to replace or upgrade your Bitcoin hardware wallet
You don’t need a hardware wallet to receive it.
With physical cash, you are unreliable with other parties and need to be physically present to transact safely. Bitcoin solves this problem for the digital world. If you want to receive Bitcoin but don’t have a hardware wallet, you can still send your payment to the appropriate address.
As mentioned above, Bitcoin is not stored in a hardware wallet. It exists on the Bitcoin blockchain. So as long as you or someone else sends Bitcoin to an address that holds the private keys you control, you can always move those funds regardless of whether you have physical access to the device or not. Once your Bitcoin is sent to an address you control, it will arrive seamlessly in the background without any intervention from you.
What this means: If you create a multi-signature wallet and store your hardware wallet or seed phrase in a secure location, you will never need physical access to deposit funds.
Devices used as keys in multi-signature can still be used as single-signature wallets.
Multisig involves configuring a multisig wallet using the public keys of multiple devices, each of which can also act as a standalone singlesig wallet without issue. If you create a multi-sig wallet according to the new standard process, existing single-signature counterparties will have no idea that the multi-sig wallet exists.
You can think of it as a group email address that is forwarded to several individual email addresses.
This means that you can store smaller amounts of Bitcoin in a single-signature wallet if you wish, while simultaneously holding your native wealth in a configured multi-signature wallet. Use that device as one of your keys.
Check your multi-signature deposit address
Bitcoin transactions are completely irreversible. This means that if you send your Bitcoin to the wrong address, you could lose it permanently. Fortunately, you can use a hardware wallet to verify your device’s multi-signature Bitcoin address before sending funds.
When your device verifies your address, it confirms three things:
- Whether the address is built correctly (e.g. if an attacker adds two keys and actually controls the funds, then it’s 2/3 multi-signature, not 2/5 multi-signature)
- Make sure the computer you’re working on hasn’t been compromised by malware that looks for Bitcoin addresses and replaces them with the attacker’s addresses.
- Your device has a key to your address.
Before sending any meaningful amount of funds to any address, whether single or multi-signature, you must verify the device’s address. As of this writing, Trezor and Coldcard support multi-signature deposit address verification on the Unchained platform.
read more: How do I check the receipt/deposit address of my hardware wallet?
The devices do not need to be physically present together to sign.
With multisig, you don’t have to keep all your keys in the same place at the same time to use Bitcoin. This means you can sign a transaction in Austin with one key and sign it a day later in Dallas with a different key. A transaction can only be broadcast after all required signatures have been collected (e.g. two in a 2/3 multi-signature scheme).
This has significant advantages over other Bitcoin storage models, such as Shamir’s secret sharing scheme, which allows splitting the Bitcoin private key into multiple parts (secrets) to decentralize control, but requires all parts to be present simultaneously for recompilation. there is. Create transactions using a single key.
Even if you make a mistake in multi-signature, you can recover your funds
In any Bitcoin multisig setup middle (number of keys required for signing) is less than: N (total number of keys in the quorum), protected against single points of failure, and funds can be recovered even if one or more critical items are lost, stolen, or otherwise compromised.
A 2/3 multisig scenario (where a co-management partner like Unchained holds the third key) is a scenario where up to 3 items can be compromised before funds become impossible to recover.
The fault tolerance of multi-signature provides peace of mind, but all of these scenarios It must still be protected at all costs. Following seed phrase and hardware wallet storage best practices should always ensure that you regain full control as quickly as possible if something important is lost or damaged. And that brings us to 8th place…
read more: The ultimate guide to storing backups of your Bitcoin seed phrase
If necessary, you can rotate keys in your multisig settings.
When using Bitcoin Multisig, it is important to replace this key in Multisig if you lose your wallet or lose your seed phrase. middle-of-N plan. You can do this using any of the popular multi-signature wallets.
Even if a single compromised key alone doesn’t put your funds at risk in the most common multi-signature middle-of-N Replacing damaged keys can help you regain full control of your funds and eliminate the possibility of those keys being used against you in the future.
In a co-management model like the one used by Unchained, key rotation is simple. Simply log into our platform, select your compromised key, and quickly replace it with a new key. You can read the full process for replacing or upgrading your hardware wallet at the link below, or if you’re already an Unchained client, check out our knowledge base article.
read more: How to replace or upgrade your Bitcoin hardware wallet
You can configure multiple multi-signature wallets using the same device
As mentioned in number 4 of this list, you can use a hardware wallet/seed phrase to both Configuring single-sig wallets and multi-sig wallets does not cause any problems. Likewise, if you use a hardware wallet/seed phrase for more than one multi-signature wallet, there will be no conflicts between those wallets unless they use the same extended public key (xpubs). This is usually expressed as: multiple accounts This is a feature found in most Bitcoin wallets.
Hardware wallets allow you to use a variety of xpubs from different derivation paths. This is a technical way of referring to different sets of Bitcoin keys in a hardware wallet generated from the same 12- or 24-word seed phrase. This means that you can create multi-signature wallets that stem from the same set of seed phrases/device, such as using the same device for your personal vault and your IRA vault. Maybe the same goes for your loan deposit box!
Joint custody does not create a single point of failure.
One of the concerns I hear a lot as we launch multisig co-management at Unchained has to do with dependency on our platform. If Unchained no longer exists or experiences significant downtime, how can I retrieve my funds if I have configured my wallet using our tools?
Our multisig platform is designed to eliminate any single point of failure, including ourselves. Our platform is fully interoperable with the established Bitcoin standard, allowing access to storage outside of the Unchained platform using compatible software such as the open source multi-signature coordinator, Caravan or Bitcoin wallets such as Sparrow or Electrum. You can restore it at any time. Safely back up your wallet configuration files!
read more: How can I retrieve the safe funds using the caravan?
Originally published on Unchained.com.
Unchained is Bitcoin Magazine’s Official US Co-Managing Partner and an essential sponsor of related content published through Bitcoin Magazine. Please visit our website to learn more about the services we offer, our storage products, and the relationship between Unchained and Bitcoin Magazine.