How users collectively sign a transaction in a multisig scenario?

0

Say there're 3 people (A,B,C) involving into a 2 of 3 multisig scenario. If A & B agree to sign a transaction, what steps they should take? My guess is:

  1. A creates a transaction with the multisig address, signs it with A's private key.
  2. A gets the raw transaction above, somehow (via email or something else) manually sends it to B.
  3. B signs it and broadcasts to the whole Bitcoin network.

anhldbk

Posted 2017-02-13T02:41:38.653

Reputation: 101

Answers

1

Not exactly.

1.
 First, you need to create a receiving address that holds your "2 of 3 spendable" funds. For that, you need three pubkeys (pubA, pubB and pubC).

2.
 Form a multisig script/address with those three pubkeys. You can use Bitcoin Cores call addmultisigaddress nrequired ["key",...]. All three participants should do that with the exact same order of the pubkeys.

addmultisigaddress 2 <pubA> <pubB> <pubC> This will spitt out a multisig address. The 2 stands for how many signatures are required to sign the input later.

If you want the redeem-script (expert users), call validateaddress <newmultisig-addr> (there is a string object called script)

3.
 Receive coins with your new created multisig address.

4.
 Spending the coins/inputs requires now 2 signatures. If you use bitcoin-core, you need to create a (raw)transaction spending that particular input. For that, you need to know the transaction-id and the output index of the received coin you want to spend.

Do something like

 createrawtransaction 
      '[{
         "txid": "8b9123963a3bbeedac1469daf6111929286e57128812dc08e83a94a3c4e76e3e", 
          "vout":0
       }]'
       '{"<newaddress>": <amount>}'

You will get a raw transaction which you then can sign (on your side, first signature or two required).

signrawtransaction <hex from createrawtransaction>

You can pass the partial signed transaction to other participants and let them so the same thing:

signrawtransaction <hex from partial signed transaction>

Details: If you use addmultisigaddress you don't need to pass around the reedem-script and signtransaction's parameters are much simpler.

Jonas Schnelli

Posted 2017-02-13T02:41:38.653

Reputation: 5 465

Thanks for explanation. You said "You can pass the partial signed transaction to other participants ...". So how to pass? Via email? Does Bitcoin network support broadcast partial signed transaction? If it does, then other participants just need to listen to the network events only. Much better than using emails, right?anhldbk 2017-02-13T13:44:57.470

1The Bitcoin network is has no guaranteed delivery (except for what is confirmed), is slow, and expensive because it needs to relay every transaction to everyone. There is no reason why other nodes on the network would bother relaying your (from their point of view) invalid transaction. Worse, it would be a great loss of privacy if people could observe which inputs get signed by whom. So, no, getting the transaction signed by all signers is your own responsibility.Pieter Wuille 2017-02-13T19:21:11.103

@PieterWuille You made my day! Thank you so much.anhldbk 2017-02-14T05:42:44.553

There are centralised solutions that does "pass around" partial signed transaction (Bitpays Copay is an example). Sadly, there is currently no decetranlized solution (I could imagine a p2p network taking care of this).Jonas Schnelli 2017-02-14T07:52:47.783

Asked: 2017-02-13T02:41:38.653

Viewed: 1 398 times

Active: 2017-02-13T09:22:24.540