Part 2: Protect your Bitcoin with an Electrum Multisig wallet, with Coldcard, Ledger, and Trezor!

In Part 1, I provide a very detailed guide to creating a 2 of 3 multisig wallet on Electrum using the 3 best hardware wallets in the market, Coldcard, Ledger, and Trezor using a method that is only compatible for legacy (p2sh) addresses. Part 2 covers a method for native segwit (p2wsh, bech32) addresses and for p2wsh-p2sh addresses. Read on!

WHAT?
As discussed in Part 1, multi-signature wallets are the safest way to store your bitcoin. In the previous post, we leveraged Coldcard’s ability to sign PSBTs in an airgapped fashion, and we created the multsig wallet in an airgap fashion as well. However, due to some compatibility issues with Electrum, that wallet creation method only works for legacy addresses. Many readers reached out and asked how to create a multisig address for native segwit (p2wsh, bech32) addresses and for p2wsh-p2sh addresses, and this guide outlines how.

WHY?
Why is there so much interest in native segwit (p2wsh, bech32) addresses? Bech32 addresses are the latest format of btc addresses, and are optimized to ensure considerably lower transaction fees vs legacy addresses.

How do you create a bitcoin 2 of 3 multi sig wallet on Electrum?

Step 1. Create a new wallet on Electrum

Step 2. Name your wallet

Step 3. Select the Multi-signature wallet option

Step 4. Pick your wallet configuration. I recommend a 2 of 3, meaning you will need 2 of the 3 hardware wallets to sign transactions before spending BTC.

WARNING! To recover funds in the future you will need EITHER all 3 hardware wallets, or 2 wallets + all 3 master public keys (ZPUBS), or 2 wallets + an Electrum wallet backup file.

Step 5. Make sure your Trezor is plugged in and unlocked, then hit Next.

Step 6. Select your Trezor wallet. Hit Next.

Step 7. Choose native segwit multisig (p2wsh). Leave the derivation path as is. Hit Next.

This is the Trezor’s ZPUB. Hit Next.

Step 8. Unplug your Trezor and plug in your Ledger. Make sure you it is unlocked with the Bitcoin app open. Hit Next.

Hit Next.

Step 9. Again we choose native segwit multisig (p2wsh). Leave the derivation path as is. Hit Next.

NOTE: Here’s where the steps will be different than in PART 1.

Step 10. Cosign with hardware wallet. Make sure your Coldcard is plugged into your computer. Hit next.

WAIT WHAT!?!? OK, OK, I know a lot of readers will have just shouted. Many feel that a Coldcard should never be plugged into a computer. Why? Unlike Ledger or Trezor harware wallets, Coldcard has the unique ability to run forever airgapped. That is because it can sign PSBTs via an SD card, and can even upgrade its firmware via the SD card as well. Unfortunately, copying your ZPUB into Electrum (like we did in PART 1 with XPUBs) does not work. I hope Electrum fixes this bug in the future.

Although in a single wallet mode I would never plug in a Coldcard to a computer (it’s a higher risk vector, as malware could, in theory, find a way onto your Coldcard), in a multisig environment your risks of a compromised hardware wallet resulting in lost funds are severely decreased. Since you need 2 of 3 keys to sign any transaction, that same theoretical malware would have to also infect your other wallets.

Alternative: If you still want a forever airgap coldcard, you can run the wallet creation steps outlined on this guide on a forever airgapped laptop, and then copy the wallet file over to your regular computer via an SD card.

Hit next.

Step 10. Again we choose native segwit multisig (p2wsh). Leave the derivation path as is. Hit Next.

Optional (but recommended). Add a password to encrypt your wallet on your computer. While someone with only your wallet file CAN’T steal your funds (they’d also need 2 of the 3 private keys stored in your hardware wallets), they could see your balances, transactions, and addresses. So, it’s safer to use a password here.

Step 11. Success! You now have a 2 of 3 multi sig wallet with the top 3 hardware wallets in the market! You’ll get a few messages asking you to insert your hardware wallets. You can proceed with the prompts or just click No for now.

You can now safely unplug your Coldcard, and know that you’ll never again have to plug it into the computer. From here on out, all transaction signing will be done airgapped via signing PSBTs with an SD card.

However, in order to so so, we have to tell Coldcard about the multisig wallet. Here’s how:

In Electrum, go to Wallet / Information

Step 12. This information tab has all of your wallet ZPUBs as well as the address type (native segwit p2wsh). Click on Export for Coldcard and save the file to an SD card.

Now, take the SD card, insert it into the now (and forevermore) airgapped Coldcard for the next steps.

Step 13. Navigate to the Settings menu on your Coldcard

Step 14. Select Multisig Wallets

Step 15. Select Import from SD

Step 16. Select the appropriate wallet file you exported from Electrum.

Step 17. Scroll down through the warnings and (optional) Press (1). Else press ok (checkmark)

Optional (but recommended, because proper bitcoiners know DON’T TRUST, VERIFY!)

Before importing the multisig wallet, Coldcard gives us the ability to verify that the Xpubs we are importing are the same as the ones we used to create the wallet on Electrum. However, only Xpubs are shown (and in this case we used Zpubs in Electrum).

Good news is you can use a converter tool to convert each Zpub into its corresponding Xpub.

From Step 12, we can convert each Zpub to its corresponding Xpub to make sure the Coldcard is in-fact accepting the correct wallet. I used Casa’s open source online tool to convert.

Optional Step 1 compare each Zpub’s corresponding Xpub with the Xpub displayed on the Coldcard.

Optional Step 2: Confirm the Xpub on the Coldcard matches the Xpub from the converter tool for each of the 3 hardware wallets. Press ok when done.

(Repeat Optional Step 1 and Optional Step 2 for all 3 Zpub/Xpub addresses.)

OK, now that you’ve saved the multisig wallet to your Coldcard, it’s time to test some transactions! (If you are familiar with Part 1 the rest of this guide is identical).

Now, let’s add some tiny amount of funds to make sure we can actually spend from this wallet. DO NOT SEND a large amount of bitcoin until we can verify we can sign from all 3 of our hardware wallets!

Step 18: Hit Receive

Step 19. Edit your transaction description. Hit Request.

Step 20. Copy the receive address (or scan QR code) and send test funds.

Transfer funds from another wallet.

Received!

Now, let’s make sure we can send funds out.

ALWAYS make sure you can actually sign from a wallet before you transfer large amounts of funds into your wallet!

Step 21. Go to the SEND tab

We will go through 2 withdrawal tests. First signing with the Trezor & Ledger (that have been plugged into the computer), and later with either of those plus the Coldcard.

For the first test transaction, let’s label it as a test to confirm we can sign with the first two hardware wallets. Don’t withdraw all the funds, save some funds for the second withdraw test too.

Step 22. Pay

In this case, I got a warning as the fee represents a large % of the funds I’m sending. Maybe I was too cheap with my test transaction! We’ll just ignore the warning and proceed.

Electrum will ask you to insert & sign with each of the 2 hardware wallets:

Let’s start with Trezor.

Step 23. Make sure your Trezor is plugged in and unlocked, then hit Next.

Step 24. This is how you sign the transaction on your Trezor:

ALWAYS confirm the send address and send amount on your hardware wallet matches the intended address.

Hold to confirm!

Once Trezor has signed, we will sign with Ledger. Electrum will ask you to insert Ledger:

Unplug your Trezor and plug in your Ledger. Make sure you it is unlocked with the Bitcoin app open. Hit Next.

Step 25. This is how you sign the transaction on your Ledger:

Ledger will recognize a multisig change path as unusual, ok to ignore this warning.

But good to confirm the path fits in structure with the wallet type.

Always confirm the amount matches the intended amount.

ALWAYS confirm the send address on your hardware wallet matches the intended address.

Accept and send!

Success!!! Payment Sent!

OK, that wasn’t so bad! Now, the next test involves signing with EITHER of the Trezor or Ledger, and with the air gapped Coldcard (we will use PSBT, more on that later).

Again, we need to create a SEND transaction as before. Create a new payment description and follow the steps outlined above for signing with the hardware wallet you picked.

In this example, I’m picking Trezor + Coldcard.

This time, it’s ok to send Max funds, but feel free to send a smaller amount. Press Pay & follow through to signing.

Step 26. Confirm the transaction on your hardware wallet.

This step is the same as we did in the first transaction, so I won’t post a play by play. If you get stuck, re-read step 24.

After signing with the first hardware wallet, Electrum will ask you to sign with the Ledger (if you used Trezor first) or Trezor (if you used Ledger first).

BUT, we don’t want that option! We want to sign with the Coldcard!

So, hit No.

Step 27. Just Hit No.

That will take us back to the Transaction screen, where we can save the PSBT (Partially Signed Bitcoin Transaction) into a MicroSD card and then import it into our Coldcard for signing.

Notice the Transaction Status now has been updated from “Unsigned” to “Partially signed (1/2)”. This is because we already signed this transaction with one of the hardware wallets. We can not Broadcast the transaction until it has 2 signatures (remember, this is a 2 of 3 multisig).

We now have a Partially Signed Bitcoin Transaction, or PSBT!

Step 28. Partially signed transaction

Again, as reminder, the transaction has NOT been sent, because it does NOT yet have 2 of the 3 signatures.

In order to sign with Coldcard, we need to leverage the Coldcard’s ability to sign a PSBT in an air gap manner.

Next we will export PSBT from Electrum to Coldcard for signing air gapped:

Step 29. Export / For hardware device include xpubs / Export to file.

Step 30. Save the PSBT to your MicroSD.

Now we go to the ColdCard to sign the PSBT. Insert the MicroSD into the Coldcard.

Step 30. This is how you sign the transaction on your ColdCard:

Ready to Sign, press OK.

Scroll down and find your PSBT.

Next it will sign the PSBT. Always verify amount and address match the intended values.

PSBT is now signed!

Now that Coldcard has signed the PSBT, we need to combine it with our Electrum PSBT (previously partially signed by the Trezor/Ledger) to be able to broadcast a singed transaction:

Step 31. Click on Combine / Merge signatures from.

Step 32. Next click on the File to Read File.

Step 33. From the Coldcard MicroSD, find the signed PSBT. Click Open.

Step 34. Now click Load Transaction.

MAGIC! The status of the Transaction is now “Signed”!!!

Step 35. Magic! We can now Broadcast the transaction.

Step 36. Payment Sent!

Now that we have successfully been able to spend funds by signing with each of our 3 hardware wallets, it is safe to transfer larger funds into the 2 of 3 multisig wallet. You have now upgraded your bitcoin security.

With Coldcard’s ability to sign a PSBT in an airgap (offline) manner, you never need to have 2 of your hardware wallets in the same location to be able to sign a transaction. You don’t even need internet access or a computer with you!

Remember to store your hardware wallets (and their backups) in secure, separate locations. The beauty of multisig wallets is you can have geographic redundancy and security, so take advantage of that!

fin.

I hope you have enjoyed this guide!

If you’d like to test sending funds from your new 2 of 3 multisig… or would like to buy me a beer or some tacos, I’m happy to accept some SATs:

on-chain BTC donations: https://tallyco.in/s/wlngw4/

lightning sats donations: https://strike.me/sundaywar