layout: true <img src="cetevan-logo-dark-rev.svg" class="logo-small" alt="Cetevan Logo"> --- class: center, middle # Multisig **The final frontier of Bitcoin security** --- class: full-image-slide <img src="progression.png" alt="Custody progression"> --- # Key concepts - **Wallet** - Group of addresses tied to a single identifier - **Threshold scheme** - Method of splitting information that doesn't require all parts - **Key set** - All of a multisig wallet's keys - **Quorum** - Minimum number of keys needed --- # Components - **Private key** - Secret used to control funds - **Public key** - Identifer made from private key (can view; can't spend) - **Wallet descriptor** - All info required for a unique set of addresses - Public keys - "Other stuff" - script type, derivation path/suffice, fingerprints, threshold, checksum --- class: center, middle # What is multisig? A threshold scheme for securing Bitcoin --- # Benefits - **Incremental signing** - Keys can remain separated - **Reduces dependence** - Multiple hardware wallet manufacturers - **Network native** - Rules enforced by Bitcoin consensus - **High adoption** - Many wallets; interoperable --- # Trade-Offs - **More steps/complexity** - keep as simple as possible - **Obvious on-chain** - quorum type exposed (doesn't apply to musig) - **More expensive** - more data means more fees (but not that much more) --- # Examples - Lightning (2-of-2) - Liquid (11-of-15) - Bisq escrow (2-of-2; presigned) - Collaborative custody (varies) - Miniscript (changing) - MuSig? --- class: full-image-slide <img src="ssvms.png" alt="Single-sig vs Multisig"> --- class: full-image-slide <img src="progression.png" alt="Custody progression"> --- class: full-image-slide <img src="multisig.png" alt="Custody table"> --- class: table-slide ## Custody Comparison | Setup | Where are the keys | How it's set up | Biggest threat | Other threats | |---|---|---|---|---| | **Exchange** | Held by exchange; user has login only. | Create account, verify identity, deposit funds. | Platform hack or insolvency. | Account freeze, seizure, phishing. | | **Self-custody hot wallet** | On internet-connected phone or computer. | Install wallet app, generate seed, backup phrase. | Malware or phishing drain. | No seed backup; device failure. | | **Single-sig cold storage** | On offline hardware wallet or paper. | Buy device, generate seed, store backup offline. | Lost or destroyed seed backup. | Physical theft; supply-chain tampering. | | **Multisig cold storage** | Across multiple offline devices and locations. | Pick quorum, generate seeds separately, distribute geographically. | Lose quorum (too many keys). | Botched recovery; inheritance gap. | --- # Best Practices - **Multiple vendors** - Diversify risk - **Keep setup simple** - 12 word seed phrase (no passphrase or nonstandard derivation) - Keep keyset small (2-of-3 or 3-of-5) - **Allow for theft/loss tolerance** - Quorum is a simple majority --- # Theft/Loss Tolerance |Quorum|Theft Tolerance|Loss Tolerance| |-|-|-| |1-of-5|0|4| |2-of-5|1|3| |3-of-5|2|2| |4-of-5|3|1| |5-of-5|4|0| --- # Best Practices - **Test with small amount** - Before loading entire stack - **Durable backups** - Store descriptor with each device/seed - **(Optional) Distribute signers** - Burglar can't obtain quorum from one place --- # Wallet Design vs Backup Tresholds - Multisig describes signing requirements - Backups are the true threshold - Example: A 2-of-3 scheme, 3 HWW and a separate descriptor - Combination backup scheme (3-of-4 and 3-of-3) - One of the 3 pieces is mandatory or all keys - Adds complexity and fragility in recovery --- class: center, middle # Most Important Takeaway: KEEP DESCRIPTOR WITH EACH DEVICE<br /> (Most don't need encryption, passphrases, or other obfuscations) --- class: center, middle # Demo --- class: center, middle # Need Help Going Deeper? (Self-custody, Multisig, Running a Node) cetevan.com<br > 619-633-CETE<br > @cetevan.01 --- class: center, middle # July Cete: ?