The Missing Multisig Standard

Nunchuk
Nunchuk
Feb 9 · 4 min read

Today Shift Crypto and Nunchuk jointly disclosed a vulnerability affecting multisig wallet setups that use Coldcard. However, this vulnerability has implications for all current wallet vendors and multisig solution providers. For details, please check out Shift Crypto’s blog.

The quick summary is that prior to Coldcard firmware version 3.2.1 (released on Jan 8th, 2021), you can fool a Coldcard into accepting a multisig wallet that it is not a part of, including generating receive addresses that it does not control.

Context

For details, you can read Shift Crypto’s blog. In this blog, we want to add a bit of our own perspective.

Despite the shortcomings of current multisig solutions, such as the one described in the report, the Bitcoin wallet industry has grown leaps and bounds in recent years.

Partially-Signed Bitcoin Transaction (PSBT) and output descriptors have made wallets increasingly more interoperable, which means more options and flexibility for the users. Multisig solution providers such as Casa, Specter and recently Nunchuk have relied heavily on some or all of these new developments to create state-of-the-art multisig applications. The multisig solutions of today look nothing like their cumbersome predecessors of yesteryear.

Hardware wallets also saw an incredible pace of innovation. Trezor introduced a built-in touch screen with the model T, which helps prevent the PIN/passphrase from being keylogged on the host computer. The larger screen also improved on the UX by making it easier to verify addresses and transactions. Cobo brought air-gapped QR signing capability to Bitcoin. Shift Crypto has been researching multisig security in hardware wallets, responsibly disclosed vulnerabilities to other vendors and significantly improved the security of the ecosystem.

Coinkite/Coldcard has also been a great innovator in this space. Specifically, Coldcard pioneered the following:

  • Bitcoin-only firmware
  • Bring your own entropy
  • Two-step PIN entry
  • Brick-me mode
  • Native PSBT wallet
  • Multisig wallet registration: script type, derivation paths, and cosigner information

Among other things.

Taken as a whole, hardware vendors have been pushing the envelope really hard. And this has greatly benefited the end users.

It is important to read vulnerability reports in this context. That these are understandable growing pains that will be addressed in the long run.

The Missing Standard: Secure Multisig Setup

Coming back to the vulnerability at hand, the underlying issue here is that a standard on secure multisig setup is sorely missing. It is not just Coldcard that suffers from this — in fact, Coldcard is ahead of others in this regard — but all wallet vendors do.

In the absence of good standards, vendors tend to roll their own ad-hoc solutions.

The fundamental challenge here is that in a multisig, each cosigner needs to be aware of all other cosigners. This is the only way to guarantee that the funds are sent to legitimate addresses controlled by the correct parties.

Coldcard, Cobo and BitBox02 are currently the only hardware vendors that try to solve this the right way.

Trezor recently implemented a workaround that, instead of registering cosigners at setup, embeds cosigner information in each PSBT. However, we believe that this is an inferior solution. Firstly, it increases the PSBT payload. Secondly, it adds cognitive overhead: the user will need to verify the cosigners for each and every Bitcoin transaction, instead of doing it once. Lastly and perhaps most importantly, embedding cosigner information in the PSBT (usually in the form of XPUBs) presents a privacy risk — as PSBTs are passed back and forth through a variety of media.

We strongly believe that cosigner registration on the device at the wallet setup phase is the right approach. To this end, we have been working closely with hardware vendors to come up with a new standard on secure multisig setup. You can read about our proposal on the Bitcoin mailing list.

Conclusion

In summary, we wish to see more cooperation and better multisig standards among wallet vendors and multisig solution providers in the future. The strength of the Bitcoin ecosystem comes from decentralization and diversity. Just like how having satellites, ham radios and mesh networks as fallbacks for Bitcoin connectivity is a good thing, we can’t afford having only one or two types of hardware devices or multisig solution providers, and risk losing it all if and when there is a catastrophic failure.

Thus, it is absolutely crucial that we keep improving multisig and the strength of individual software and hardware signers. Doing this is not a nice-to-have, but a necessity to ensure Bitcoin’s survival.

*About Nunchuk: Launched on October 31, 2020, Nunchuk is a product of Enigmo, a privately-held company headquartered in Singapore. Our mission is to bring multisig technology to as many people as possible, and Nunchuk is the first step. Visit our website at https://nunchuk.io or follow us on Twitter @nunchuk_io.

Blog Nunchuk

Bitcoin Multisig Made Easy @Nunchuk.io

Sign up for Nunchuk Newsletter

By Blog Nunchuk

As we set out to build Nunchuk - the most secure and simple Multisig wallet - we'd like to invite you to connect and share your feedback with us. Thank you! Take a look.

By signing up, you will create a Medium account if you don’t already have one. Review our Privacy Policy for more information about our privacy practices.

Check your inbox
Medium sent you an email at to complete your subscription.

Nunchuk

Written by

Nunchuk

Bitcoin multisig made easy @ nunchuk.io

Blog Nunchuk

Blog for Nunchuk.io — The most secure Multisig wallet

Nunchuk

Written by

Nunchuk

Bitcoin multisig made easy @ nunchuk.io

Blog Nunchuk

Blog for Nunchuk.io — The most secure Multisig wallet

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store