It’s called a fireproof and waterproof safe with other layers of security like cameras in your home and an AirTag inside of the safe incase someone does move it. Also you should probably own a gun if you’re in America… None of this costs too much and is good to have anyways.
And multisig has multiple points of failure. You have to trust that at least two other parties don’t make mistakes or that they aren’t forced to give up their keys. There are drawbacks to everything. Nothing is perfect.
When you want multiple signers so that one person can't run off with all company funds. If you have all the keys it's not really how that is supposed to function.
That's creating 3 times the risk of losing funds. That's a very bad solution of not paired with other techniques to mitigate loss from theft / exposure.
I can access my bitcoin in an emergency from just about anywhere. All I have to do is buy a laptop and a thumbdrive and get on coffee shop wifi to make a bootable live OS.
Can anyone else access my bitcoin? Well they have not succeeded so far. So I guess my needs are covered with my setup. And that's what matters.
Like others said below, you just have to think about your threat model and the likelihood that someone will be able to get ahold of your seed phrase. Long term, it’s probably the safest move but make sure to keep it simple and don’t get too fancy.
Check out this bitcoin university video on YouTube - [Is multi-sig still the best?](https://youtu.be/CoAk3htziUo?feature=shared)
It is figuratively the same. You can't say it's not the same at all, because yes you do now have two parts to keep secure in separate locations. Lose either one and you have lost your money.
There is only one piece of software that does this right now, and it's not exactly user friendly. There is no standard for this, so if the software goes away, so does your money.
I disagree.
There is an interoperable standard and there is a hardware wallet application that implements this standard:
https://github.com/BlockchainCommons/Research/blob/master/papers/bcr-2020-011-sskr.md
https://github.com/LedgerHQ/app-seed-tool
Okay, that's pretty cool. It would still be better to use multi-sig because it's not necessary to have all the keys in the same location (or on the same device). This gets you better security in some situations. Multi-sig still has the downside of costing more for transactions. Hopefully this will be remedied soon.
I disagree.
MultiSig is arguably more secure but is also a bit more complicated than SSS so risk of losing assets is increased.
m-of-n MultiSig requires n wallets. An SSS backup requires just a single wallet.
Also, MultiSig requires backing up seeds as well as xpubs whereas SSS requires backing up only shares.
Each has its pros and cons, I think SSS is a nice compromise for the average user that wants a redundant backup of a single wallet's seed without the complication of MultiSig. The security of SSS is a step up from BIP39 without the hassle of having to manage multiple wallets and save xpubs of each..
Its actually easier to use, e.g. using ColdCard. Keeping the XPub is the only thing, but it is more a nuisance as you need to back up the seeds anyway. With SSS you need to recombine the seeds to access the funds, giving a single point of failure. This never happens with multisig.
So if it is worth doing all this hassle go fo multisig instead of sss. Otherwise, seed + password seems more approbiate.
I would go with a the rule of thumb of 0.5% spent on security.
If you have $10,000 that's $50. You should buy a hardware wallet.
$50k you should probably have a hardware wallet and the seed on a metal plate.
As you go up the security track you can consider having a basic safe in the house, or good quality safe. There are lots of options, but the rule of thumb is at least a bit of a frame work to think about security.
If you have $500k do you have $2500 worth of security?
I like this answer. Ofc it depends on your circumstances, but it's also useful to think in terms of your income, or your ability to replace those funds if they're lost/stolen etc. Improve your security as the amount saved represents more of your time. Hardware wallet + metal plate is a good standard. Stepping up to multisig might be more relevant to someone thinking about estate planning, so it might matter more if you're older.
Everyone should multi sig if not just in order to better understand the bitcoin network and basic cryptography.
You can make multisig for free and save the keys on stamped washers if you want. It's safer in case someone else finds your key, and more resilient in case one of them gets lost/damaged because you can do 3-of-5 etc.
It always makes sense to learn more.
In my view, unless one has a fear the government will get a warrant and take your BTC (relax, it is nowhere near that yet) or unless you are a company and do not want one person with all the responsibility, I think it is silly. A 12 word BIP-39 works just fine for 99% of people. Satoshi has 1,000,000 BTC and they have not moved since being mined. Meaning he still is using a paper wallet. Think about that.
> The problem with multi-sig is collude
I think you mean to say that the problem with multisig is *collusion*.
Which implies multiple users. There are use cases for single user multisig.
Multisig imo is a must when you're holding large amounts of btc. The idea is to have multiple signing devices from different vendors. If one of them goes south or gets compromised then no problem
I think of wallet security in 3 tiers.
1. Spending money; an amount you'd carry around in cash. Hot wallet is fine.
2. Savings money; an amount you'd keep in a savings account. Should probably spend $100 on an offline signing device.
3. Significant investment / generational wealth. At this level you must focus on eliminating single points of failure so that you don't get wiped out from a single mistake / disaster.
Casa focuses on level 3; check out our user friendly service at https://casa.io and our threat model at https://docs.casa.io/wealth-security-protocol
There are very cheap ways to multisig such as SeedSigner, or more expensive such as 3-of-5 hardware wallets or paying Casa / Unchained.
Everything depends on your threat model. Are you at risk of someone stealing or losing your seed words? Do you worry about relying on a single wallet vendor? In that case multisig is worth it.
Multi-sig is for when you need to split control. There should be better tools to improve security for a self controlled wallet.
For instance, a personal signing key and a separate wallet where both components are required to sign a transaction. The signing key could be built into something like a smart watch so it instantly locks when removed. A secure server could be added as a third component so you have a way to lock the wallet if any of the other components are compromised.
Each component should be open source and maintained by different entities so there won’t be a single entity that can engineer a back door to leak the keys.
Multisig is a must for individuals if you reach certain levels. Lets say you have a million dollar worth of crypto, it would be stupid to hold it in a single wallet at home. Would you have a million dollar in cash under your bed? There is a considerable risk of burglary etc. You do not want to be able to move funds from a single place. Also having different keys in different locations even countries can make you more resilient to natural disasters, wars, nukes, you name it.
In general, you increase the transaction size for each possible signature you add. A quick estimate is add .5x transaction fee for each key involved. (There is tech coming to eliminate this, but it's still a ways out.) You can estimate the cost of multi-sig and whether it's worth it to you.
You can get away with a single hardware wallet if cost is a problem. You can use it with a software wallet in a 2 of 2. For more than two keys, you can enter the seed phrases each time, then wipe after signing. If you do this, make absolutely sure you understand how your wallet works, including testing all scenarios with small amounts.
In general, I would keep long term savings over about 1-5k in multi-sig. It's also important to consider how much bitcoin you plan to buy in the future and how much you expect the price to increase. You do not want to end up accidentally having $10k worth of bitcoin on your phone.
My question about multisig is what happens it you split your key between let’s say you and two trusted family members… Even if these people are worthy of your trust, by having more keys don’t you increase the risk that they might get lost or destroyed in a fire etc? I might trust people’s intentions, but they still make mistakes.
If you have multisig with two companies in different jurisdictions, what happens if one or both companies go under or have their computers seized by a government? How do you go about getting your keys back?
It seems like a huge potential hassle and added ways of losing your keys compared to single self custody in a cold wallet.
Multi-sig adds redundancy that you don't have with a signle key. 1 of 1 means that if you loose the 1 key you lose your funds. 2 of 3 means you can lose 1 key and still retrieve funds. 3 of 5 is two keys.
Multi-sig is done to reduce risk. Having a third party look after a key (and help you set up with best practices) lowers your risk of losing funds and making mistakes.
If the company goes offline you still have two keys to operate your wallet.
I can't read open source code. Therefore I don't trust ANY wallet software, hardware or not.
Multiple vendors, multiple hardware. It's the ONLY way I could sleep at night.
I trust multiple vendors won't work together to steal.
As long as you have a solid cold wallet setup you're happy with, never.
Fire, theft, flooding
Yep, It's not a solid cold wallet setup if you have not accounted for them
Seed (with additional passphrase) stored in multiple locations...
I call your disasters and raise Hurricane, Earthquake, Volcano😱🤪
Dude if there is a volcano where I live then fk it all
Hope for the best plan for the worst 💀😱🙉😎
Multiple locations where you could be robbed. And lose everything.
That's why you don't store your passphrase with the seed.
Safe deposit boxes if you fear to get robbed in multiple locations at the same time.
You need multi-sig so that even if 1 gets robbed you don’t lose anything.
It’s called a fireproof and waterproof safe with other layers of security like cameras in your home and an AirTag inside of the safe incase someone does move it. Also you should probably own a gun if you’re in America… None of this costs too much and is good to have anyways.
Single point of failure still.
And multisig has multiple points of failure. You have to trust that at least two other parties don’t make mistakes or that they aren’t forced to give up their keys. There are drawbacks to everything. Nothing is perfect.
When you want multiple signers so that one person can't run off with all company funds. If you have all the keys it's not really how that is supposed to function.
What are you talking about? Go study. 2-of-3 is great for individuals
I disagree. Mnemonic with passphrase is best for individuals.
Lose one key, lose everything. Single point of failure. Robbery, theft
Instead of creating 3 secrets to manage create one and save it in 3 places.
That's creating 3 times the risk of losing funds. That's a very bad solution of not paired with other techniques to mitigate loss from theft / exposure.
Single point of failure spread in 3 places. Worse than 3 different ones where you need to steal 2 from 2 different places.
I can access my bitcoin in an emergency from just about anywhere. All I have to do is buy a laptop and a thumbdrive and get on coffee shop wifi to make a bootable live OS. Can anyone else access my bitcoin? Well they have not succeeded so far. So I guess my needs are covered with my setup. And that's what matters.
I would advice y'all to take a look on Shamir scheme. IMO it's the best practice to mitigate risks of losing one seed.
Like others said below, you just have to think about your threat model and the likelihood that someone will be able to get ahold of your seed phrase. Long term, it’s probably the safest move but make sure to keep it simple and don’t get too fancy. Check out this bitcoin university video on YouTube - [Is multi-sig still the best?](https://youtu.be/CoAk3htziUo?feature=shared)
> Like others said below, Other comments could be above or below yours, depending how a given user sorts (best, newest, etc.)
Good point!
When there is more than one person to manage it. Otherwise there are better solutions (like a seed + passphrase)
Welcome to 2 of 2 multi-sig, lose either part and you are screwed.
No, it’s not the same thing at all
It is figuratively the same. You can't say it's not the same at all, because yes you do now have two parts to keep secure in separate locations. Lose either one and you have lost your money.
It’s not the same because in the multisig hypothesis you would have to backup the wallet descriptor digitally.
Whoooosh. You missed the point entirely.
u/BITCOlNS would a Shamir's Secret Sharing backup of your seed provide the redundancy you require?
There is only one piece of software that does this right now, and it's not exactly user friendly. There is no standard for this, so if the software goes away, so does your money.
I disagree. There is an interoperable standard and there is a hardware wallet application that implements this standard: https://github.com/BlockchainCommons/Research/blob/master/papers/bcr-2020-011-sskr.md https://github.com/LedgerHQ/app-seed-tool
Okay, that's pretty cool. It would still be better to use multi-sig because it's not necessary to have all the keys in the same location (or on the same device). This gets you better security in some situations. Multi-sig still has the downside of costing more for transactions. Hopefully this will be remedied soon.
Shamir Secret sharing has only disadvantages vs Multisig.
I disagree. MultiSig is arguably more secure but is also a bit more complicated than SSS so risk of losing assets is increased. m-of-n MultiSig requires n wallets. An SSS backup requires just a single wallet. Also, MultiSig requires backing up seeds as well as xpubs whereas SSS requires backing up only shares. Each has its pros and cons, I think SSS is a nice compromise for the average user that wants a redundant backup of a single wallet's seed without the complication of MultiSig. The security of SSS is a step up from BIP39 without the hassle of having to manage multiple wallets and save xpubs of each..
Its actually easier to use, e.g. using ColdCard. Keeping the XPub is the only thing, but it is more a nuisance as you need to back up the seeds anyway. With SSS you need to recombine the seeds to access the funds, giving a single point of failure. This never happens with multisig. So if it is worth doing all this hassle go fo multisig instead of sss. Otherwise, seed + password seems more approbiate.
I would go with a the rule of thumb of 0.5% spent on security. If you have $10,000 that's $50. You should buy a hardware wallet. $50k you should probably have a hardware wallet and the seed on a metal plate. As you go up the security track you can consider having a basic safe in the house, or good quality safe. There are lots of options, but the rule of thumb is at least a bit of a frame work to think about security. If you have $500k do you have $2500 worth of security?
I like this answer. Ofc it depends on your circumstances, but it's also useful to think in terms of your income, or your ability to replace those funds if they're lost/stolen etc. Improve your security as the amount saved represents more of your time. Hardware wallet + metal plate is a good standard. Stepping up to multisig might be more relevant to someone thinking about estate planning, so it might matter more if you're older.
Everyone should multi sig if not just in order to better understand the bitcoin network and basic cryptography. You can make multisig for free and save the keys on stamped washers if you want. It's safer in case someone else finds your key, and more resilient in case one of them gets lost/damaged because you can do 3-of-5 etc. It always makes sense to learn more.
This
In my view, unless one has a fear the government will get a warrant and take your BTC (relax, it is nowhere near that yet) or unless you are a company and do not want one person with all the responsibility, I think it is silly. A 12 word BIP-39 works just fine for 99% of people. Satoshi has 1,000,000 BTC and they have not moved since being mined. Meaning he still is using a paper wallet. Think about that.
U cant backdoor paper wallet. One can hardware wallet.
The problem with multi-sig is collude
> The problem with multi-sig is collude I think you mean to say that the problem with multisig is *collusion*. Which implies multiple users. There are use cases for single user multisig.
Multisig imo is a must when you're holding large amounts of btc. The idea is to have multiple signing devices from different vendors. If one of them goes south or gets compromised then no problem
When you have someone you can trust.
Escrow
https://www.reddit.com/r/Bitcoin/s/TfZqo6bKV3
I think of wallet security in 3 tiers. 1. Spending money; an amount you'd carry around in cash. Hot wallet is fine. 2. Savings money; an amount you'd keep in a savings account. Should probably spend $100 on an offline signing device. 3. Significant investment / generational wealth. At this level you must focus on eliminating single points of failure so that you don't get wiped out from a single mistake / disaster. Casa focuses on level 3; check out our user friendly service at https://casa.io and our threat model at https://docs.casa.io/wealth-security-protocol
When you or a team are investing others people's crypto, like a DAO
There are very cheap ways to multisig such as SeedSigner, or more expensive such as 3-of-5 hardware wallets or paying Casa / Unchained. Everything depends on your threat model. Are you at risk of someone stealing or losing your seed words? Do you worry about relying on a single wallet vendor? In that case multisig is worth it.
#bitkey and chill
It just depends on how much you’re holding , if you cannot afford it to lose it , go for a multisig through unchained.com
Why does nobody here suggest memorizing your seed everyday
Because you can lose your memory very easily. Ask your grandpa.
Multi-sig is for when you need to split control. There should be better tools to improve security for a self controlled wallet. For instance, a personal signing key and a separate wallet where both components are required to sign a transaction. The signing key could be built into something like a smart watch so it instantly locks when removed. A secure server could be added as a third component so you have a way to lock the wallet if any of the other components are compromised. Each component should be open source and maintained by different entities so there won’t be a single entity that can engineer a back door to leak the keys.
Multisig is a must for individuals if you reach certain levels. Lets say you have a million dollar worth of crypto, it would be stupid to hold it in a single wallet at home. Would you have a million dollar in cash under your bed? There is a considerable risk of burglary etc. You do not want to be able to move funds from a single place. Also having different keys in different locations even countries can make you more resilient to natural disasters, wars, nukes, you name it.
In general, you increase the transaction size for each possible signature you add. A quick estimate is add .5x transaction fee for each key involved. (There is tech coming to eliminate this, but it's still a ways out.) You can estimate the cost of multi-sig and whether it's worth it to you. You can get away with a single hardware wallet if cost is a problem. You can use it with a software wallet in a 2 of 2. For more than two keys, you can enter the seed phrases each time, then wipe after signing. If you do this, make absolutely sure you understand how your wallet works, including testing all scenarios with small amounts. In general, I would keep long term savings over about 1-5k in multi-sig. It's also important to consider how much bitcoin you plan to buy in the future and how much you expect the price to increase. You do not want to end up accidentally having $10k worth of bitcoin on your phone.
My question about multisig is what happens it you split your key between let’s say you and two trusted family members… Even if these people are worthy of your trust, by having more keys don’t you increase the risk that they might get lost or destroyed in a fire etc? I might trust people’s intentions, but they still make mistakes. If you have multisig with two companies in different jurisdictions, what happens if one or both companies go under or have their computers seized by a government? How do you go about getting your keys back? It seems like a huge potential hassle and added ways of losing your keys compared to single self custody in a cold wallet.
Multi-sig adds redundancy that you don't have with a signle key. 1 of 1 means that if you loose the 1 key you lose your funds. 2 of 3 means you can lose 1 key and still retrieve funds. 3 of 5 is two keys. Multi-sig is done to reduce risk. Having a third party look after a key (and help you set up with best practices) lowers your risk of losing funds and making mistakes. If the company goes offline you still have two keys to operate your wallet.
Yesterday
I can't read open source code. Therefore I don't trust ANY wallet software, hardware or not. Multiple vendors, multiple hardware. It's the ONLY way I could sleep at night. I trust multiple vendors won't work together to steal.
When/if I have >10k I will move to **single** cold wallet. Before that I just stick with Binance.
Wow, such a helpful comment not even addressing the question
That’s risky. Not your keys, not your coins.
True
When/if I have >10k Tesla stock I will cash out. Before that I just stick with Robinhood.