1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
|
Return-Path: <sjors@sprovoost.nl>
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
by lists.linuxfoundation.org (Postfix) with ESMTP id C2357C000A
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 9 Apr 2021 15:33:49 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp1.osuosl.org (Postfix) with ESMTP id A2BD684B13
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 9 Apr 2021 15:33:49 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001,
RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001,
RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Authentication-Results: smtp1.osuosl.org (amavisd-new);
dkim=pass (2048-bit key) header.d=sprovoost.nl header.b="XXJrCWn4";
dkim=pass (2048-bit key) header.d=messagingengine.com
header.b="s3i3ibCl"
Received: from smtp1.osuosl.org ([127.0.0.1])
by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id ihHXVam-n3cw
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 9 Apr 2021 15:33:48 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.8.0
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com
[66.111.4.28])
by smtp1.osuosl.org (Postfix) with ESMTPS id 0F7C484ACF
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 9 Apr 2021 15:33:47 +0000 (UTC)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42])
by mailout.nyi.internal (Postfix) with ESMTP id 160725C008D;
Fri, 9 Apr 2021 11:33:44 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163])
by compute2.internal (MEProxy); Fri, 09 Apr 2021 11:33:44 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sprovoost.nl; h=
from:message-id:content-type:mime-version:subject:date
:in-reply-to:cc:to:references; s=fm2; bh=XgbFzdRxd1K6PKW7PSHBRQl
bhZdOjUD4TOIwkAIYSNI=; b=XXJrCWn4Hx4BKFXI56eyqqxtA/vm8u1vXsKNwWt
eoe0dmAmvNMUgNN/AsCPt4iIN+9SMuysZJnaLsKMo6QLl4km1LO56RcgKBWSiDaZ
Qr1BmN3DXmKE6EyB9OWNtRA9gX7+7V7D3JfHwsqKWY0ybhKkjhLxE3AGX/Ir1Xnz
q56ZqGr+1nqniGbtzL0SNitJNGwYsUvNS+PwzBL9HylJ16p2BdAUK9j/WODySWsA
G9kSKZ4tNVOoS465wBcmn7pzLDRKt3YFjeJpLvj3tIOtY51rVZ/B8UMnHZX5L3Bp
GJ+dQjd783UxeF7gnSJdnkzcm+Gku8JgGkzjgMicHq0npWg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
messagingengine.com; h=cc:content-type:date:from:in-reply-to
:message-id:mime-version:references:subject:to:x-me-proxy
:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=XgbFzd
Rxd1K6PKW7PSHBRQlbhZdOjUD4TOIwkAIYSNI=; b=s3i3ibClAMs4nZVXwAtMno
95bUDh7ezvlpRHZLp2xwP6C0gUv3EbRQxjKbO2DK3GMzMLCcJyG0aIbKZhZueojS
btZC33NAfL4Or3eQyuQOiDFYQInnucTdJphz8GZsQgrS3bJLpJS5RcG3n//H8+Iy
mv2WlVdvW/jV9hzaC644P0xrX0dWUGwRMJsFKGeIFk6hUeV+DliDlU3ebvfrQPmb
qzH2MYXkSjROGuRTWp50rN+KXnfmVwk2zPaKts9w1KiV4QQQGZxnK8jSMlsy2zfX
gaus31i4B1fOVdwTQAYGWl8Bm1BJvC7fc8m5P9sdN9tv2ZVUJNpnw2JKWlMkP2YQ
==
X-ME-Sender: <xms:1nNwYAtjxD7mIq72x9VhNSs4j_y4_KHVDCB2n3Z4cGI1POocml64ag>
<xme:1nNwYKbLSpZnG2Ia5a4TSAKNnZ_pu9uQ1PyWlR4nb2rolwsT-NmX_XVWqJhGptqD9
06MXLZ6TY6lZhFL-A>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudekuddgleduucetufdoteggodetrfdotf
fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
cujfgurhephffktgggufffjgfvfhfosehgtdhmrehhtddvnecuhfhrohhmpefujhhorhhs
ucfrrhhovhhoohhsthcuoehsjhhorhhssehsphhrohhvohhoshhtrdhnlheqnecuggftrf
grthhtvghrnhepffevheetieekleelkeegiefhudelieegheeuieelhffhvdeiteevhfef
heffvddunecukfhppeekiedrkedvrddvudegrddufeegnecuvehluhhsthgvrhfuihiivg
eptdenucfrrghrrghmpehmrghilhhfrhhomhepshhjohhrshesshhprhhovhhoohhsthdr
nhhl
X-ME-Proxy: <xmx:13NwYHb3wFa5SBRhQmFa4SOTXwk4igv97Yxqr3vvb_PbXQl1GCxkyg>
<xmx:13NwYLnvg-v-X3hI0jeJDzP3j3W7QCnUfPdRkoPXc9lhmhUbXplQYw>
<xmx:13NwYK1F0R1zhv_qRXMEGT3YAGzjVdCvIM0dUQo8_jnlhztkjtbY7A>
<xmx:2HNwYGmV5vqFzCqxr9NcsTHrPBIsq3ASPqTxpyERZdaD10orutCxmg>
Received: from [192.168.2.10] (86-82-214-134.fixed.kpn.net [86.82.214.134])
by mail.messagingengine.com (Postfix) with ESMTPA id 462541080057;
Fri, 9 Apr 2021 11:33:42 -0400 (EDT)
From: Sjors Provoost <sjors@sprovoost.nl>
Message-Id: <FF336476-DCD2-4380-83CC-584DAF7A1D72@sprovoost.nl>
Content-Type: multipart/signed;
boundary="Apple-Mail=_E9EE833A-59BE-4767-A5C5-38E7F5165619";
protocol="application/pgp-signature"; micalg=pgp-sha256
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\))
Date: Fri, 9 Apr 2021 17:33:31 +0200
In-Reply-To: <CAPKmR9u8zc3C7QmJYg-vg5jcutS07PK-0wdvpzCqMGLgnhHCBA@mail.gmail.com>
To: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
References: <CAPKmR9uyY70MhmVCh=C9DeyF2Tyxibux1E_bLPo00aW_h+OjLw@mail.gmail.com>
<CAPKmR9v=RK7byF0z0hKiLiA=Zm3ZZKbu3vEiuBuzQSXFwa+izw@mail.gmail.com>
<DDAD27D6-57F5-4B39-AADB-B28E04E36D29@sprovoost.nl>
<CAPKmR9u8zc3C7QmJYg-vg5jcutS07PK-0wdvpzCqMGLgnhHCBA@mail.gmail.com>
X-Mailer: Apple Mail (2.3654.60.0.2.21)
X-Mailman-Approved-At: Fri, 09 Apr 2021 15:47:30 +0000
Cc: marko <marko@shiftcrypto.ch>, aarondongchen@gmail.com,
Peter Gray <peter@coinkite.com>
Subject: Re: [bitcoin-dev] Proposal: Bitcoin Secure Multisig Setup
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Apr 2021 15:33:49 -0000
--Apple-Mail=_E9EE833A-59BE-4767-A5C5-38E7F5165619
Content-Type: multipart/alternative;
boundary="Apple-Mail=_2E5715EA-C69C-4FBC-BB3B-F794F8DDFC7F"
--Apple-Mail=_2E5715EA-C69C-4FBC-BB3B-F794F8DDFC7F
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
Thanks for the detailed response. Just 1 thing I needed to clarify:
> To the list of concerns at the top of the BIP, I would add one: losing =
multisig setup context. E.g. in the event of a fire where you only =
recover your steel engraved mnemonic(s), but no longer have the wallet =
descriptors.
>=20
> Good point.
>=20
>=20
> If you still have all devices and know (or guess) the threshold then =
BIP48 and sorted_multi descriptors will save you. But if you have a =
2-of-3 setup and lost 1 device then without the metadata your coins are =
lost. In a future with musig(?) and miniscript increasingly the setup =
data is just as critical as the seeds.
>=20
> How so? Each signer device should ideally have a copy of the multisig =
configuration. If you lose 1 device in a 2-of-3, you can still spend =
from the wallet? Unless I'm missing something here.
I was thinking about a scenario where all devices are destroyed. All you =
have left are the mnemonics. But indeed if at least one of your devices =
is still intact AND it has the configuration, you're also good.
But there are plenty of devices out there that can't do this. Those =
devices can still be useful, even if they can't fully check everything.
Sjors
--Apple-Mail=_2E5715EA-C69C-4FBC-BB3B-F794F8DDFC7F
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=us-ascii
<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html; =
charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; line-break: after-white-space;" =
class=3D"">Thanks for the detailed response. Just 1 thing I needed to =
clarify:<br class=3D""><div><br class=3D""><blockquote type=3D"cite" =
class=3D""><div dir=3D"ltr" class=3D""><div =
class=3D"gmail_quote"><blockquote class=3D"gmail_quote" =
style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid =
rgb(204,204,204);padding-left:1ex">
To the list of concerns at the top of the BIP, I would add one: losing =
multisig setup context. E.g. in the event of a fire where you only =
recover your steel engraved mnemonic(s), but no longer have the wallet =
descriptors.<br class=3D""></blockquote><div class=3D""><br =
class=3D"">Good point.<br class=3D""> </div><blockquote =
class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px =
solid rgb(204,204,204);padding-left:1ex">
<br class=3D"">
If you still have all devices and know (or guess) the threshold then =
BIP48 and sorted_multi descriptors will save you. But if you have a =
2-of-3 setup and lost 1 device then without the metadata your coins are =
lost. In a future with musig(?) and miniscript increasingly the setup =
data is just as critical as the seeds.<br class=3D""></blockquote><div =
class=3D""><br class=3D"">How so? Each signer device should ideally have =
a copy of the multisig configuration. If you lose 1 device in a 2-of-3, =
you can still spend from the wallet? Unless I'm missing something =
here.<br class=3D""></div></div></div></blockquote><div><br =
class=3D""></div><div>I was thinking about a scenario where all devices =
are destroyed. All you have left are the mnemonics. But indeed if at =
least one of your devices is still intact AND it has the configuration, =
you're also good.</div><div><br class=3D""></div><div>But there are =
plenty of devices out there that can't do this. Those devices can still =
be useful, even if they can't fully check everything.</div><div><br =
class=3D""></div><div>Sjors</div></div></body></html>=
--Apple-Mail=_2E5715EA-C69C-4FBC-BB3B-F794F8DDFC7F--
--Apple-Mail=_E9EE833A-59BE-4767-A5C5-38E7F5165619
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE7ZvfetalXiMuhFJCV/+b28wwEAkFAmBwc8sACgkQV/+b28ww
EAmJzg//Tvklpj6xRIcoEluoqDGxKTab8gb/QaUd7FfmTcmHnNFbXqO+OPMMFn/M
YyV/W3O3C9PtnS6yY+gVX4saUV+OUKqaaWE0JlyrqqkMt9yZKelCw1y7GJdc0Tgb
ElMMa2AvqfUjB1SSj+0Zr0FqWTzz2OlQX18Bw/yEQVJMLUnCMiNaF9Y3KR6GQwOa
fT4e1cW3oQDCCzVp2dUgoFmbq3/Y4SvERWgsbqlvTOvrKdFTu8EhNHc7pNWz3BqN
T46e1Ssb5cMeCWTu/eRJewocuNluW57YYKkeNlX1GxUMy9XRB4OJ0UG74Waqk/1I
Asax7JiV6VOfh36JhkmuS+lAwyEBF6Q1aPGAErMWeuDFTJTxr+RudinkaLebo+Y+
0DjYB/AG/L2JKKZy7oqpAuLJoThEfLtri29XfNIAw7ku210aQ2FPzm37nihW7jKp
oy0rdHXym6eifB2eX2lwfxeCwy1DsulRf/tggTOInL0qcv7eHDNzXXiZtOqiICvw
uovbPk2gYeq4IWBBmJfuShZhAbpfrIkgpd9VCUb8aNLqcIhG5WIcvEzfFODidN90
t7/Ik1UgI+GURiYugMknM8Jk2odrGbHExjJsYimkjG5MS25efowp+QNWMryCsuNW
jc1YaLvhR98QC17PjH4zTX+YjVj9WeqgeW6iLgjLoywdgiO5ZUY=
=qBk+
-----END PGP SIGNATURE-----
--Apple-Mail=_E9EE833A-59BE-4767-A5C5-38E7F5165619--
|
