Author: Craig Raw 2021-02-09 09:33:38
Published on: 2021-02-09T09:33:38+00:00
This is a discussion between Hugo and Craig regarding a proposal for a new BIP called Bitcoin Secure Multisig Setup (BSMS). The proposal aims to create a standardized process for setting up multisig wallets securely across different vendors. The document outlines the roles of the Coordinator and Signer, as well as the setup process which involves two rounds of communication between the Coordinator and Signers. The document proposes two layers of protection: a temporary, secret token used to encrypt the two rounds of communication and a descriptor checksum and visual inspection of the descriptor itself. The use of an output descriptor is suggested as a more standardized approach. For signers that use QR codes to transmit data, key and descriptor records can be converted to QR codes, following the BCR standard. There are concerns when it comes to setting up a multisig wallet, such as whether the multisig configuration is correct and not tampered with, whether Signer persists the multisig configuration in their respective storage, and whether Signer's storage is tamper-proof. The proposal seeks to address concerns #1 and #2: to mitigate the risk of tampering during the initial setup phase, and to define an interoperable multisig configuration format. Concerns #3 and #4 should be handled by Signers and are out of scope of this proposal. The proposal assumes the parties in the multisig support BIP32, the descriptor language, and encryption. The Coordinator initiates the multisig setup and determines what type of multisig is used and how many members and signatures are needed. If encryption is enabled, the Coordinator generates a secret token, to be shared among the parties for secure communication. The Coordinator gathers information from the Signers to generate a descriptor record. The Coordinator distributes the descriptor record back to the Signers. The Signer is a participating member in the multisig. Its responsibilities include providing its XPUB to the Coordinator, verifying that its XPUB is included in the descriptor record and persisting the descriptor record in its storage.
Updated on: 2023-06-14T17:33:12.220915+00:00