Electrum multisig 2of2 on separate machines and both offline(cold storage)

3

I am lost sending coins from these Electrum 2of2 multisig wallets. Call them mutisig1 and multisig2. Both wallets have the 2of2 heading, presumably that means they are correctly setup, they were created with their own seeds and then each used the other's seed for multisig.

I use an online watch wallet(using xpub of multisig1 wallet) to create an unsigned send txn, save it to a usb drive. load unsigned txn into multisig1 , sign it , save and export to usb drive. (what is the difference between save and export ?) load signed txn into multisig2. There is no sign option(greyed out) then what ?

I tried 3 methods to send the coins , all 3 different, all 3 worked(confirmed sent), at least 1 was certainly wrong(only 1 sig). Now I'm worried ! I conclude that this does not achieve 2of2 in electrum or I have screwed something up. You can pretty much do anything as long as you have at least 1 sig, it will confirm.

Test1

  1. Online watch wallet-send txn , export to usb
  2. Offline multisig1 wallet-load unsigned txn, sign, save, export
  3. Offline multisig2 wallet- load unsigned txn, sign, save, export(this overwrites the prev signed txn file from multisig1 wallet )
  4. Load signed txn file from step 3 onto watch wallet and broadcast

Test 2 l Only signed on 1 multisig wallet and then broadcast from watch wallet. (sent and confirmed only 1 signature !)

Test3

  1. and 2. are the same, but 3. I just loaded the signed txn on multisig2 and then saved and exported it back. Sign button was greyed out.

grjack

Posted 2018-09-19T22:32:24.410

Reputation: 31

Answers

2

A watch only version of a multisig wallet must be created using the xpubs of both wallets not just the xpub of one wallet. Now there are two possibilities here:

  • You created a wallet with one xpub and one seed. This wallet is not watch only and transactions generated by it need only be signed by the wallet whose xpub you used. You can tell if this what you did in two ways. One way is that when you open the wallet there should be no warning dialog that it is a watch-only wallet. The other is that when you attempt to spend your coins the resulting transaction preview dialog should show "partially signed 1/2" up top below the tx id.

  • You created a single sig watch only wallet with just one of the multisig wallet's xpubs. Transactions created by this wallet can spend bitcoins sent to single sig p2pkh or p2wpkh addresses. You need only sign it with one of the multisig wallets i.e. the one whose xpub you used. You can tell that this is what you did if you get a warning dialog about watch only wallets when you open the wallet and if it says standard for wallet type under wallet menu > information.

In order to create a proper watch only version start by creating a new wallet file via file menu > new/restore, enter a unique filename and click next. Then select multisignature as the wallet type, 2 of 2 as the number of cosigners and signatures required, choose "Use a master key" or "enter a cosigner key" when asked to add a cosigner and then enter the xpub of one of the cosigning wallets. Repeat this last step until you've entered both cosigner's xpubs.

Abdussamad

Posted 2018-09-19T22:32:24.410

Reputation: 1 850

thanks Abdussamed that makes perfect sense and explains my error. However, the security is terrible and negates the multisig imo. If an attacker just gets hold of 1 multisig private/xpub and creates a watch wallet with that, as I did, then they can spend the from either wallets with one sig, just as I did !grjack 2018-09-21T05:45:13.057

I might add that I am sure that both my wallets are 2of2 (2 sigs required) because 1. it says so in the headers of both wallets 2. that is the default setting for multisig on electrum and 3. I expect that there would be a problem in the setup if the wallets were of different M of N when the mutually respective keys were entered during setup ?grjack 2018-09-21T09:12:01.450

@grjack you seem to have misunderstood. The security is fine. You made a mistake setting up your watch only wallet. How about you read what I wrote and see if you can find the mistake you made?Abdussamad 2018-09-22T01:04:20.450

You don't understand ! The mistake I made ,yes, enables me to drain the wallet ! That's a security flaw. What happens if an attacker makes the same "mistake" intentionally, he steals money from an M of N wallet with only 1 sig ! That makes the M of N wallet useless wrt the intention of M of N security.grjack 2018-09-26T07:43:15.030

Asked: 2018-09-19T22:32:24.410

Viewed: 274 times

Active: 2018-11-30T19:01:50.360