Announcing libnunchuk: A Lean & Cross-Platform Multisig Library Powered by Bitcoin Core
Nunchuk’s mission is the proliferation of multisig. To that end, today we are excited to open source our library, libnunchuk, under the GPL license. This library handles all the heavy-lifting inside the Nunchuk desktop application.
Nunchuk’s architecture differs from other wallets’ for a number of reasons. But a major one is our decision to heavily reuse Bitcoin Core code.
Why is reusing Bitcoin Core code a big deal?
- Bitcoin Core is the unofficial spec of the Bitcoin protocol.
- Bitcoin Core is the most peer-reviewed and battle-tested in all of cryptocurrencies.
- Bitcoin Core has important protocol upgrades coming, such as Schnorr signatures.
By leveraging Core, Nunchuk is able to kill two birds with one stone: gaining access to powerful and reliable Bitcoin tools, while staying lean and cutting down on the number of dependencies.
Any other Bitcoin dependencies would pale in comparison to the strength and stability of Bitcoin Core. We can count on Bitcoin Core to outlast them all: as long as Bitcoin is here, Bitcoin Core will be here.
The Nunchuk library creates a higher abstraction on top of Bitcoin Core’s inner building blocks, while reusing much of its logic such as: transaction and signature verification, PSBT, output descriptor, and Branch-and-Bound coin selection algorithm.
But the Nunchuk library does a lot more than that. Some highlights include:
An easy-to-use interface to manage hardware signers, including the ability to health-check them.
High-level classes to manage UTXOs, various types of transactions, signers, and wallets.
Encryption support out of the box via sqlcipher. Nunchuk data stored on the user’s computer can optionally be protected with a passphrase.
Every dependency is a potential attack surface.
Nunchuk deliberately steers away from the browser as a runtime dependency. The browser-as-a-platform has been a popular choice among developers in recent years, because it short-circuits the development lifecycle, allowing you to ship faster. The downside is that the browser and its derivatives, Electron-powered apps, are notorious for being insecure. Not to mention a resource hog. Thus, the browser is not a good fit for mission-critical applications such as a Bitcoin wallet.
Nunchuk took the longer but ultimately safer route of going native. The Nunchuk library can be easily compiled into native applications, while remaining maximally cross-platform.
As great as Bitcoin Core software has become, it was never designed to be a server (Satoshi actually intended for it to be used as a mining node). Backing your wallet with a vanilla Bitcoin Core node for blockchain data works well only if:
- You use Bitcoin exclusively for yourself, and
- Your node runs on the same local network as your wallet.
The above architecture greatly limits the number of potential use cases. It breaks down the moment you need to access your node remotely and securely, or when you have multiple wallets or individuals wanting to share the same node. Yet, that is the future we envision with the proliferation of multisig.
By connecting the Nunchuk library to a real server that sits on top of Core, instead of a vanilla Core node, we allow our architecture to be loosely-coupled, safer, and more robust.
Nunchuk works out of the box with any server running Electrum protocol v1.4, including GetUmbrel, electrs and ElectrumX. TOR proxy can be enabled for improved privacy. TLS support is currently in the works.
For more information, head over to our Github repo. Feel free to contribute, or fork to create your own wallet!