It’s “Too early!” is the opinion editor for Will Schoellkopf, host of the show. Bitcoin podcast.
We often hear, “Not keys, not coins, but ‘have you done big scary things?’
A lot of attention has been paid to getting your satoshis out of exchanges, and rightfully so! Mt. Gox exchange hack causes loss of coins, but ‘recent market conditions’ It has led to the suspension of withdrawals from major institutions with large amounts of assets under management, such as Binance and Celsius. These are not lostBut he denied Introduction introduces a new vulnerability for sovereign individuals to consider: If your child resets your hardware wallet or your dog eats your seed phrase, can you recover your funds?
Despite all the attention paid to security, not enough attention is paid to recovery. Get yourself some peace of mind today! Test recovery of your keys so you maintain the ability to spend your sats. Do it now; before panicking over the security compromise.
The “big scare” is losing access to your hardware wallet, so you really need your keyphrase to recover. Only once you have proven to yourself that you have recovered your keys are you truly a sovereign individual. Fortune favors the prepared, not the brave! Follow the steps below to prepare yourself for the worst so you know your safety and recovery is in your best interest. Of course, please complete the following with a smaller amount of sats so you don’t risk losing your entire life savings. we no in a rocky boat while we attempt it!
Single Sig Recovery Check
- With the seed phrase in hand, verify the recovery phrase in your hardware wallet.
- “The Big Scary”: Intentionally enter your PIN incorrectly three or sixteen times to reset your hardware wallet.
- Disconnect, then reconnect to your wallet software, which recognizes it as a “new” device with a zero balance.
- Re-enter your keyphrase in your hardware wallet and verify that the wallet software now confirms the same satoshi balance of your UTXOs.
*Note: After confirming that this process works, it is recommended not to use the recovered wallet as your primary wallet.
Joint Custody (2-to-3) Multiple signatures
- Key A is controlled by hardware wallet A (And you back up the wallet configuration file).
- Key B is under your control via hardware wallet B (And you back up the wallet configuration file).
- Key C is under the control of your joint custodian (Ex: Casa, Unchained Capital).
- The key S is under your control via the hardware wallet S. This is a single signed key expression.
*With Multisig, you not only need the keys to the treasure chest, but also a map of where to find it! With a single sig, you can get xPub again as long as you have a single key phrase. You don’t need all three keys for Multisig, but you do need the wallet configuration file to get all three xPubs again! Note that these platforms may also offer (3 to 5) multisig.
Step 1: Perform all three rated jobs with a joint control platform
- Send multiple sats from hardware wallet S to your multisig address.
- Try and fail to spend these funds with just wallet A, just wallet B, and just wallet C.
- Use A+B hardware wallet to send to single-signature S wallet.
- Use hardware wallet A + security key C to send to single signature wallet S.
- Use B+C to send to S.
- You should feel good. Now send more sats to your multisig address, but not too much!
For storage, you stash your cold storage wallet in your sweaty gym bag that you never use and no thief in their right mind would ever want to rifle through! And you buried a paper copy of your seed statement, so it would be safe from anyone looking for it and easily destroyed if you were in a pinch. Unfortunately, Bitcoin Dog had other plans! He loves the smell of your sweaty socks and he loves digging a freshly dug hole in the yard. Thankfully, you’re not in any physical danger, so you can safely recover your multisig stash.
Step 2: “Big scary” – lose the key, but not your joint guardian
- Reset hardware wallet A and split key statement A (equivalent destruction as above).
- Report a “lost key” with your joint custodian (eg Casa or Unchained Capital).
- Generate a new keyphrase for key A and upload it to A’s hardware wallet.
- Collaborator replaces/creates new 2 to 3 multisig with new A wallet and original B.
- Sign a transaction with your employee to send sats from the old wallet to the new wallet with your B hardware wallet with the original seed phrase.
Note: This scenario is not an emergency. If it was an emergency, you would instead send the Bitcoin directly to your single-entry address managed by the S hardware wallet. For example, if key phrase A has been stolen from a trusted family member’s home and the intruder is now coming to your home. express to steal other seeds, it is urgent. Break the glass. Before an attacker tries to impersonate you with your custodian or steal your second keyphrase, send your cash balance to your single-seed hardware wallet with the help of your co-custodian.
- With new vault A+B, send some sats to S to prove you control the new vault.
- You feel good, send the rest from the old vault to the new vault.
- Use A+C to send to S.
- Use B+C to send to S.
- Send test amounts to S only. No need to send it back to your multisig checkout!
Step 3: The last boss – employee compromised
- Download and install Caravan, Electrum or Sparrow.
- Download the wallet configuration file to restore the Multisig repository in the new location.
- Partially Sign Bitcoin Transaction (PSBT) with a hardware wallet.
- PSBT B with hardware wallet.
- Send test sets to S hardware wallet, then all.
You did it! The apocalypse has happened. Your collaborator compromised, but you were still able to recover the bitcoin yourself and take control of your satoshis yourself. After this nightmare is over, you might wonder why you ever had joint custody in the first place.
- “Convenience” to trust the guardian with a key.
- It is “convenient” to trust a custodian with a wallet configuration file and three xPubs.
- Trusting a guardian to help set up a legacy and multisig key with loved ones when you pass is “comforting”.
- “Simpler” to replace a lost key and send your sats to a new vault.
Now that you’ve implemented multisig yourself, will you be looking for a new collaborator or will you go back to step 1? There is no right answer. Everyone’s security needs are unique!
This is a guest post by Will Schoellkopf. The opinions expressed are entirely their own and those of BTC Inc. or do not reflect the views of Bitcoin Magazine.