Hi Sjors,
Thanks for your comments.
>Chicken-egg problem
I agree with Hugo's detailed response here.
>Losing multisig setup context (in the event of a fire where you only recover
>your steel engraved mnemonic(s), but no longer have the wallet descriptors.)
Devices need to persist the descriptor, if they currently can't, they don't
comply with this standard and they can't be used securely for multisig. There's
no reasons the master seed and descriptor both can't be backed up outside of
each device. I can't see a scenario where it would be possible to recover only
the seed. (I don't know yet how Core will decide how to best backup this info,
seeing as BIP39 was rejected).
>BIP48
I agree with Hugo that BIP48 is redundant with descriptors, please see
https://github.com/bitcoin/bips/pull/1089 for a proposed updated hierarchy for
multisignature wallets.
>An encryption convention for the descriptor data
I understand this concern. Like you mentioned previously, I too often set up
multisignature wallets for clients where they are actually owned by the single
party. A concern is that while the backup location owners cannot spend (due to
the M-of-N restriction), they can view the wallet balance/history. As Hugo
mentioned, you can apply any encryption you want after the setup, so a solution
may be to use Shamir Secret Sharing (Blockchain Commons has done a lot of work
on that here:
https://github.com/BlockchainCommons/Airgapped-Wallet-Community/discussions/37#discussioncomment-287993)
>Plain text vs binary
I too favor plain text
Robert Spigler
Personal Fingerprint: BF0D 3C08 A439 5AC6 11C1 5395 B70B 4A77 F850 548F
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, April 9, 2021 11:33 AM, Sjors Provoost via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:
> Thanks for the detailed response. Just 1 thing I needed to clarify:
>
>>> To the list of concerns at the top of the BIP, I would add one: losing
>>> multisig setup context. E.g. in the event of a fire where you only recover
>>> your steel engraved mnemonic(s), but no longer have the wallet descriptors.
>>
>> Good point.
>>
>>> If you still have all devices and know (or guess) the threshold then BIP48
>>> and sorted_multi descriptors will save you. But if you have a 2-of-3 setup
>>> and lost 1 device then without the metadata your coins are lost. In a
>>> future with musig(?) and miniscript increasingly the setup data is just as
>>> critical as the seeds.
>>
>> How so? Each signer device should ideally have a copy of the multisig
>> configuration. If you lose 1 device in a 2-of-3, you can still spend from
>> the wallet? Unless I'm missing something here.
>
> I was thinking about a scenario where all devices are destroyed. All you have
> left are the mnemonics. But indeed if at least one of your devices is still
> intact AND it has the configuration, you're also good.
>
> But there are plenty of devices out there that can't do this. Those devices
> can still be useful, even if they can't fully check everything.
>
> Sjors
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
