This is an opinion piece by Will Schoellkopf, host of “It’s So Early!” Bitcoin podcast.
We often hear, “Not your keys, not your coins,” but have you done the “big scary?”
Emphasis has been placed on removing your satoshis from exchanges, and rightly so! Mt. Gox exchange hack led to coin loss, but ‘recent market conditions’ also led to a halt in withdrawals from large institutions with lots of assets under management like Binance and Celsius. They are not lostbut refuse to access introduces a new vulnerability for sovereign individuals to consider: if your child resets your hardware wallet or your dog eats your seed phrase, can you recover your funds?
Despite all the emphasis on safety, not enough emphasis is placed on recovery. Buy yourself peace of mind today! Test the recovery of your keys, so you keep the possibility of spending your sats. Do it now; before panicking over a security compromise.
The “big scary” loses access to your hardware wallet, so you really need your seed phrase to recover. It is only once you have proven that you have collected your keys that you are truly a sovereign individual. Fortune does not favor the bold, it favors the prepared! Follow the following to prepare for the worst, so you know your safety and recovery is best for you. Of course, please complete the following with smaller amounts of sats so you don’t risk losing all of your savings. We are not on a rocky boat as we attempt this!
Single Signature Recovery Verification
- Perform a recovery phrase verification on your hardware wallet with your seed phrase in hand.
- “The Big Scary One”: On purpose enter your PIN incorrectly three or sixteen times to reset your hardware wallet.
- Disconnect and then reconnect your hardware wallet to your software wallet to verify that it recognizes it as a “brand new” device with a zero balance.
- Re-enter your seed phrase in your hardware wallet and verify that the wallet software now confirms the same satoshi balance of your UTXOs.
*Note: It is recommended, after confirming that this process works, that you do not use the recovered wallet as your primary wallet.
Collaborative custody (2 of 3) Multisignature
- Key A is under your control via hardware wallet A (and you back up the wallet configuration file).
- Key B is under your control via hardware wallet B (and you back up the wallet configuration file).
- Key C is under the control of your collaborative custodian (Ex: Casa, Unchained Capital).
- The S key is under your control through the S hardware wallet. It is a single sign-on seed phrase.
*With multisig, you not only need the keys to the treasure chest, but also the map where to find it! With a single signature, as long as you have the single seed phrase, you can rederive the xPub. For multisig you don’t need all three keys, but you need the wallet configuration file to rederive all three xPubs! Note that these platforms can also offer multisig (3 out of 5).
Step 1: Exercise the three nominal cases with a collaborative custody platform
- Send sats from S hardware wallet to your multisig address.
- Try not to spend these sats with only wallet A, only wallet B and only wallet C.
- Use hardware wallet A + B to send to single sign-on wallet S.
- Use hardware wallet A + custodian key C to send to single sign-on wallet S.
- Use B+C to send to S.
- You should feel good. Now send more sats back to your multisig address, but not too many!
For added security, you’ve kept your cold storage gear wallet in your sweaty gym bag that you never use, and no sane thief would ever want to poke around! And you buried your hard copy of your seed phrase in the ground, so that it would be safe from anyone looking for it and easily destroyed if you were in need. Unfortunately, The Bitcoin Dog had other plans! She loves the smell of your sweaty socks and loves digging a freshly dug hole in the yard. Fortunately, you are not in physical danger, so you can calmly restore your multisig vault.
Step 2: The “big scary” — losing a key, but not your collaborative custodian
- Reset hardware wallet A and shred seed phrase A (equivalent destruction as above).
- Report a “lost key” to your collaborative custodian (Ex: Casa or Unchained Capital).
- Generate a new seed phrase for key A and load it into hardware wallet A.
- Collaborator replaces/creates a new 2 of 3 multisig with new wallet A and original wallet B.
- With your hardware wallet B with the initial phrase B, sign a transaction with your collaborator to send sats from the old vault to the new vault.
Note: This scenario is not an emergency. If it was an emergency, you would instead send your Bitcoin directly to your unique address controlled by hardware wallet S. For example, if seed phrase A was stolen from the home of a family member of confidence and that the attacker now comes to you. to steal the other seed sentence, it’s an emergency. Break the glass. Send your vault balance to your unique seed hardware wallet with the help of your collaborative custodian before the attacker tries to impersonate you as your custodian or tries to steal the second seed phrase from you.
- With new chest A + B, send sats to S to prove you control the new chest.
- You feel good, now send the rest of the old vault to the new vault.
- Use A+C to send to S.
- Use B+C to send to S.
- Only send test amounts to S. There is no need to send it back to your multisig vault!
Stage 3: Final Boss — Compromised Collaborator
- Download and install Caravan, Electrum or Sparrow.
- Download the wallet configuration file to restore the multisig vault to a new location.
- Partial Sign Bitcoin Transaction (PSBT) with hardware wallet A.
- PSBT with hardware wallet B.
- Send test sats to hardware wallet S and then everything.
You did it! The apocalypse has happened. Your collaborator was compromised, and yet you were still able to recover your bitcoin yourself and take custody of your satoshis. Once this nightmare is over, you might think about why you even did collaborative childcare in the first place?
- “Comforting” to trust a custodian with just one key.
- “Comforting” to trust a custodian with the wallet configuration file and three xPubs.
- “Comforting” to trust a custodian to help with multisig key inheritance and setup with loved ones when you pass.
- “Easier” to replace a lost key and send your sats to a new vault.
Now that you have implemented multisig yourself, are you going to find a new collaborator or go back to step 1? There is no right answer. Everyone’s security needs are unique!
This is a guest post by Will Schoellkopf. The opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc. or Bitcoin Magazine.