Author: Hugo Nguyen 2021-04-05 07:02:45
Published on: 2021-04-05T07:02:45+00:00
The Bitcoin Secure Multisig Setup (BSMS) BIP proposes a standardized process for setting up multisig wallets securely across different vendors. The proposal addresses concerns regarding the risk of tampering during the initial setup phase and defines an interoperable multisig configuration format. The proposed mechanism assumes parties in the multisig support BIP-0032, BIP-0322, the descriptor language, and AES encryption. All descriptor and key records should have a .bsms file extension, and encrypted data should have a .dat extension. The session expires after some time determined by the Coordinator, allowing the encryption key to have lower entropy.The process for creating a multisig wallet involves multiple signers and the first step is for the signer to initiate the session and set the TOKEN. They then generate a key record, which includes XPUBs and key origin information. This record is encrypted using the ENCRYPTION_KEY and MAC, and sent to the coordinator. The coordinator gathers all key records from participating signers, checks them for validity, and generates a descriptor record that includes the accepted derivation paths and descriptor string with checksum. The coordinator encrypts the descriptor record and sends it back to the signers.The proposal suggests a two-round communication between the Signer and the Coordinator for multisig configuration. Encryption can be enabled by defining three modes: NO_ENCRYPTION, STANDARD, and EXTENDED. The encryption scheme is AES-256-CTR, with PBKDF2 as the key derivation function. QR codes can be used to transmit data and convert key and descriptor records following the BCR standard. This proposal introduces two layers of protection: temporary secret TOKEN and descriptor CHECKSUM.In order to maintain stronger privacy, it is recommended to use a higher number of bits for the token and erase knowledge of the token after the multisig wallet has been set up. The test vectors are provided for two modes: No_Encryption and Standard Encryption.The context also provides information about three signers and their encryption details. Signer 1 has a master key fingerprint of 110dc257, private key (m/48'/0'/0'/1') of KzshDDEBhzyiwXHoyE7ZiLegzztEy54AG6Wq8N844LqHSQMHt4Ji, XPUB (m/48'/0'/0'/1') of xpub6EPQbDFezXYvVFHqnc8R7QUSE8hTepbyCXU7jJBT4dVm2rQHe1i6isqoj59qhyBiCdKquo6QsgMZNHvEz3BM4cNSszF25siTqLUCznBm8vk with a legacy signature. The signer_1_key.bsms is BSMS 1.0 and the signer 1 key is IDX6xLdM4XjetYPvVfpVBXAfT7oE3tHAOB4blZpbIst8bjJ+LbDeP4tZl4O8utAuys9igXE0G3kaHz1mg/+OU8w=.
Updated on: 2023-05-21T02:15:20.387932+00:00