multisig – is it for me?

bitcoin Key storage

The Bitcoin network dictates that, to create a valid spend transaction, you must provide proof of ownership of the bitcoin being used in the transaction. This is done via the use of a private key to create a digital signature (or proof) that the person creating the transaction is spending the coins belonging to them. Anyone in the network can look at the provided signature and corresponding address being spent from to verify the authenticity of the transaction, without needing to know the private key of person creating the spend. Anyone with access to your private key can spend from your wallet. Now that we understand the importance of private keys, we should probably understand how to secure them properly!

A typical Bitcoin wallet, such as those found on a mobile phone or desktop applications, protects your sats with a single master secret or ‘key’. To sign off on any spend from such a wallet requires a signature from this single key. These types of wallets are colloquially referred to as ‘single-sig’, short for ‘single signature’, referring to the authentication level required to create a valid spend. Used in a setting such as a mobile phone, single-sig wallet setups provide great convenience for those on the go spends that are typically on the lower end of the value scale.

Single-sig wallets can of course be used in more secure setups, such as with an air-gapped hardware wallet like Passport. Used in this context, the key, which is required to authorize transactions, never leaves the offline device. When paired with wallet software like BlueWallet, the software manages incoming transactions and constructs outgoing spends for the offline device to read and sign using its stored key. This extra step, where the authority to spend has been removed from the ‘online’ wallet software, provides an extra security layer against potentially compromised internet connected devices.

With this simplicity comes a theoretical single point of failure. If your wallet and/or seed backup gets compromised, so does your bitcoin! Sure, you could deploy a Passphrase, but what if we wanted to take things a step further and protect ourselves against even more attack vectors?

What is multisig?

Much like single-sig, multisig (short for ‘multi signature’), derives its name from the level of authentication or ‘proof’ required to create a spend transaction. Generally speaking, a multisig wallet requires sign-off from more than one key for any spend. With multisig, you have the freedom to fine tune your wallet configuration to suit your personal circumstances. Two of the most common approaches taken today look like this:

A 2-of-3 setup where 3 keys are used to create the wallet and protect the bitcoin, but only 2 of those keys are required to authorize a spend

A 3-of-5 setup where 5 keys are used to create the wallet and protect the bitcoin, but only 3 of those keys are required to authorize a spend

The number of different Multisig configurations is almost limitless and can be tailored for almost any scenario. A company holding bitcoin on their balance sheet might opt to create an 7-of-12 setup where all board members hold a key and a majority (7) of them are required to authorize spends, whereas individuals would likely not require this level of complexity and would opt for a simpler setup with fewer keys to manage.

multisig benefits

So why might a sovereign individual want to consider a multisig setup? What extra benefits will be gained to offset the increased complexity?

  1. Removal of a single points of failure – In a single-sig setup, if the device holding your private keys, or the corresponding mnemonic seed backup is compromised, so is your bitcoin. With multisig, an attacker would need access to the multisig wallet (or backup file) AND the minimum number of keys required to make a spend.
  2. Redundancy – With a multisig wallet, you can afford to lose at least one key and its corresponding offline backup and still be able to spend your bitcoin. In a 2-of-3 setup, for example, loss of a single key would not result in a catastrophic loss of funds. Likewise, in a 3-of-5 setup, loss of two keys would not result in a loss of funds.
  3. Protection against a compromised manufacturer – In the unlikely event that the hardware wallet used in a single-sig setup turns out to contain a malicious back door, the wallet manufacturer could wait until funds are deposited and then drain the wallet at any point in the future. In this scenario, the manufacturer may not even be at fault; the device could be intercepted in-transit and swapped with a compromised device before arriving at its final destination. When a multisig wallet is configured with devices from multiple vendors, this attack is mitigated.

multisig considerations

While multisig offers exponentially improved protection from single points of failure and improved redundancy from key loss when compared to single-sig, it does also pose some new problems that must be considered before diving in head-first.

  1. More seeds to backup – Every device or key has its own mnemonic seed backup. Storing any of these at the same location negates the some of the benefits we outlined above. Do you have enough secure locations to store all of these seeds?
  2. More devices to secure – As outlined above, storing these devices in the same location is an attack vector. More devices = more secure locations required.
  3. Wallet configuration backup – In a doomsday scenario where a single key (and its backup) in a 2-of-3 setup is lost and the computer holding the wallet software is also not accessible, the remaining two keys, on their own, are not sufficient to recreate the wallet. To mitigate this, it is advisable to keep a copy of the wallet backup file with every key backup. Fortunately, modern multisig coordinator software like Sparrow or Specter Desktop offer this in a single file that can be printed or stored on a USB or microSD card. This file alone does not have the ability to spend; think of it as the ‘framework’ from which you can recreate the wallet.
  4. Inheritance – You might be an avid Bitcoiner, keen on leveling up your Bitcoin security but is your next of kin? You might have the most secure setup the world has ever witnessed, but if only you know how to access it, your bitcoin disappears when you do! The obvious thought is to leave some detailed instructions in case of emergency, but what if those instructions were to fall into the wrong hands?
  5. Spending inconvenience – If you need two keys to spend from your wallet, with one in your home and another a 90 minute drive away at a relative’s house, it could become a real chore if this is a wallet you’re planning to use on a regular basis.

multisig with passport

So, you’ve weighed up the pros and cons and decided to protect your bitcoin using a multisig wallet. Here’s one of the many ways you can do that easily using Passport and one of our favorite desktop wallets, Sparrow . Be sure to check out our other multisig tutorials covering BlueWallet and Specter Desktop.

Once set up, signing multisig transactions with Passport is very similar to single-sig and can be done via QR or microSD. Passport also allows you to view all of the multisig wallets it is a part of by heading to Settings > Multisig. Within the multisig menu you can also import new configurations via QR code or microSD as well as set the device’s ‘Multisig Policy‘. This setting dictates the way in which the device behaves when importing new configurations.

Multisig is an extremely powerful tool in the right hands, capable of protecting your wallet from almost all perceivable attack vectors – but it’s not without potential pitfalls! We suggest weighing the options discussed here and making up your own mind based on your own personal circumstances.

If you would like to leverage the power of a multisig with Passport as at least one of the signers, you can now preorder a device from our second batch at a new, reduced price.

PREORDER PASSPORT

Preorder Passport Batch 2 today at a special price, limited to 2500 units!

$199.00Add to cart

Passport Founder’s Edition is Sold Out! Preorder Batch 2 Today.

In Summer of 2020, we introduced our design for a next-generation Bitcoin hardware wallet that uses a camera and QR codes to facilitate airgapped transactions. We aimed to build a device that was beautiful, intuitive, and secure – while also being open source and assembled in the USA. We called it Passport.

We began shipping our first batch of 1000 devices, Passport Founder’s Edition, in May. We are thrilled to announce that our first batch is officially sold out! 

Feedback on Passport has been overwhelmingly positive. In our recent customer survey, we received scores of comments lauding Passport’s ease of use, design, build quality, and commitment to the FOSS (free and open source software) movement.

Our users have also been spreading the good word on Twitter.

Once you use a Passport, there is no going back. Take it from the esteemed Bitcoin Q+A, who after getting his hands on a Passport and writing a fantastic getting started guide, decided to join the Foundation team in a full time role! 

Passport Batch 2

We are now preparing for Passport Batch 2, which is estimated to ship in February 2022. Batch 2 will consist of 2500 devices. All long-lead time components, such as the processor and secure element, have already been procured. 

The Foundation team is made up of perfectionists. So rather than continuing to ship the exact same product, we’ve made numerous improvements to the electromechanical design and manufacturing process, while keeping the security architecture and general form factor unchanged. We’ll detail these improvements over the next couple of months.

This has allowed us to substantially reduce Passport’s cost. So we are launching preorders with a special price of $199, a full $100 price drop!

As of today, you can preorder Passport Batch 2 on our website. Preorders are completely refundable, even if paid in Bitcoin. 

EASIER BITCOIN PREORDERS

If you preorder in Bitcoin but change your mind, we’ll refund your entire purchase amount denominated in Bitcoin.

Likewise, if you pay in Bitcoin but the price appreciates between the day you order and the day we ship, we’ll refund your Bitcoin gains before shipping. This way you won’t have to make the difficult choice between paying in Bitcoin to preserve your privacy or losing out on potential Bitcoin gains between now and February! 

Founder’s Edition Customers

To our Founder’s Edition customers – we massively appreciate your support and faith in us. Passport Batch 2 won’t ship for 3 months, but we still understand that a $100 price drop is significant. Therefore we’ll be emailing you in the next few days a 21% discount off a Passport Batch 2 unit, in case you want to buy a new Passport for yourself or for a family member.

Additionally, though Passport Batch 2 will introduce numerous improvements, Passport Founder’s Edition will continue to receive regular firmware updates! We’re excited to keep improving your Passport experience as time goes by.

Questions? Contact us at hello@foundationdevices.com, DM us on Twitter, or join our Telegram group.

PREORDER PASSPORT

Preorder Passport Batch 2 today at a special price, limited to 2500 units!

$199.00Add to cart

Passphrases – What/Why/How?

bitcoin backups

The default backup for a typical Bitcoin wallet today consists of a mnemonic seed which is typically 12, 18 or 24 words in length and chosen from a universally agreed upon list of 2048 words. With this mnemonic seed you can move or recover your bitcoin into any other BIP39 compatible wallet (hint – they pretty much all are!).

Thankfully it is now common practice for Bitcoiners to store their mnemonic seed using a robust metal backup method to ensure their bitcoin is not lost in the case of disaster. But these storage methods pose a new problem to solve, what happens if someone were to find the metal backup? Your mnemonic seed, in clear text, ripe for picking to the first person that lays their eyes on it!

Sure, you could opt to use a multisig solution where a single mnemonic seed phrase does not give access to your bitcoin, but that poses many other considerations (to be covered in a future article), first amongst which is drastically increased complexity. You could also opt to use an encrypted backup which is perfectly resistant to physical attacks but does not offer the same assurances against fire or water.

Enter passphrases…


What are Passphrases

A passphrase is an additional word or combination of words that can be added to your mnemonic seed as an additional layer of security against physical attacks. A passphrase can be as short or as long as you like and can contain any combination of letters (upper and lower case), numbers or special characters. Passphrases are case and order sensitive, for example Passphrase123, 123passphrase, passphrase123 and 123Passphrase will all result in completely different wallets, each with their own unique list of addresses.

A passphrase is never stored on your signing device and will need to be entered every time you want to manage the passphrase protected wallet – fortunately Passport makes long passphrase entry simple thanks to its keypad design. Your passphrase does not replace your mnemonic seed; it is used in addition to it. If you decide to use a passphrase to protect your bitcoin, you need both your seed and your passphrase to recover funds.


should you use a passphrase?

There are two main benefits for users that choose to implement a passphrase, plus an optional third that comes with a little extra complexity.

1. Physical Attack Protection – If using a passphrase protected wallet and an attacker were to find your mnemonic seed backup, the attacker does not gain access to your bitcoin.

2. Plausible deniability – If using a passphrase protected wallet and an attacker were to hold you hostage until you gave up your bitcoin, you could have previously loaded a small amount onto the wallet without the passphrase (i.e. just your seed words). Telling the attacker where the mnemonic backup is, and allowing them to find this small amount may be enough to stop any further attack whilst the majority of your bitcoin is held safely within the passphrase protected wallet the attacker doesn’t know exists.

3. Separate Wallets – Some more advanced users may also use multiple different passphrases as a method of separating out their different pots of bitcoin. This could be for short/long term savings or for ensuring that separating KYC and noKYC funds never get merged together to protect the users privacy. It’s worth noting that the same effect can be achieved using the accounts feature on Passport.


passphrase considerations

Whilst passphrases offer many great benefits, particularly from a security standpoint, users must be aware of the considerations and pitfalls of using a wallet with passphrase protection.

1. Short Passphrases – Short 1 or 2 word passphrases from the BIP39 list or the dictionary are next to useless and can be brute forced by even modest attackers. Ensure you use a minimum of four words with numbers and/or characters being an additional bonus.

Estimated time taken to brute force different length passphrases chosen from the BIP39 word list. By Coldbit.

2. Long Passphrases – Longer passphrases are exponentially more secure, but remember, you need to enter this into your signing device every time you want to manage or spend from that wallet. If your signing device makes text entry a chore, the likelihood is you just won’t use it, or even worse, you might enter it incorrectly and cause yourself hours of confusion trying to work out why the addresses being generated don’t match those expected.

3. Storing a Passphrase – Your passphrase is part of your bitcoin backup. No passphrase, no bitcoin recovery. For obvious reasons the passphrase should not be stored in the same location as the mnemonic seed, so consideration must be made to a separate, secure storage location and medium. Imagine your metal seed backup survives a flood but the passphrase you jotted down on paper doesn’t!  No passphrase, no bitcoin recovery!

4. Inheritance – Extra security is great, but will your loved ones know what to do with your passphrase in the event that you are no longer around? Would they even be able to find it?


using a passphrase with passport

So, you’ve weighed up the pros and cons and decided to protect your wallet with a passphrase, smart move! Here’s how you can do that easily using Passport.

To apply a passphrase simply head to Settings > Advanced > Passphrase. Here you can opt to set a passphrase or enable the device to prompt you to enter one each time it boots (useful for users that always use passphrase protected wallets) or you can press ‘Set Passphrase’.

Next, enter your desired passphrase carefully then press continue and double check you have entered the passphrase correctly.

Any time a passphrase protected wallet is active on Passport, it will be denoted by a small ‘P’ in the top left corner.

DO NOT USE THE PASSPHRASE SHOWN

This applied passphrase will be active until Passport is turned off or the user manually clears the passphrase using the exact same method as above. If after reading this post you decide you want to add passphrase protection to your bitcoin storage setup, you will need to activate the new wallet using the process detailed above then export that new wallet to your chosen software wallet. From there you can clear the passphrase and send from your old (non passphrase) wallet across to the addresses controlled by your new passphrase protected wallet.

Decided you want to leverage the power of a passphrase protected wallet? You can get your hands on one of the few remaining Founders Edition Passport devices below.

PREORDER PASSPORT

Preorder Passport Batch 2 today at a special price, limited to 2500 units!

$199.00Add to cart

Bitcoin and Asimov’s Foundation

In Asimov’s renowned Foundation trilogy, the Galactic Empire is crumbling. Civil war and nuclear holocaust are imminent. An inevitable dark age of 30,000 years awaits humanity.

All of humanity’s knowledge will be lost.

Hari Seldon, leader of a fringe scientific movement called Psychohistory, becomes aware of this impending doom and devises a plan. Mankind will establish a colony on the edge of the galaxy – a Foundation – and catalog all of humanity’s knowledge in an Encyclopedia Galactica. This will reduce the dark age to only 1000 years and allow humanity to rebuild.


Today, we live at the intersection of three major societal shifts.

  1. The global economy abandoned a gold standard in 1971, which has since caused the destruction of our middle class and plunged us all into drowning debt and inescapable inflation. The solution from our elected (and appointed) leaders? Print more money!
  2. We are in the midst of a “Great Reset.” The US dollar (cough, petrodollar) is on the decline and competing powers are vying to replace it. China, specifically, aims to displace the United States as the dominant global superpower by 2049. The CCP is already exporting its tried-and-tested, authoritarian, mass surveillance system to the rest of the world.
  3. With the invention and global adoption of the Internet, our world is entering its Fourth Stage as an Informational society. As noted in The Sovereign Individual, an eerily prescient publication, this societal shift will force the Nation State into decline. 

While our world is not at risk of 30,000 years of darkness (we hope), we are experiencing hard times – and they will only continue to grow harder throughout this decade.

One potential outcome is that China becomes the new global superpower and succeeds at exporting its authoritarianism to us all. The CCP uses its digital yuan as a tool of population control and mass surveillance, creating a permanent ruling class of elites that control how money is printed and distributed. Society experiences a twisted combination of 1984 and Fahrenheit 451.

Bitcoin offers us salvation. Rather than transitioning to yet another centralized currency, fabricated by a central bank, backed by nothing – Bitcoin reaches mass adoption as the decentralized global reserve currency. We experience a separation of money and state. Permanent inflation ends. Individuals can save and invest in their future. Governments’ ability to wage endless wars, via money printing and taxation, is no more. A new peaceful, prosperous era of the sovereign individual emerges. 

Bitcoin is our Foundation. Mass embrace of Bitcoin will enable humanity to minimize the duration of chaos and emerge in utopia.

A transition to a Bitcoin Standard will not be easy. In this decade we will face seemingly insurmountable resistance from a dying fiat system that is gasping for breath as it drowns. Much of this resistance will be political – governments will attempt to ban, curtail, and cripple Bitcoin as its user base grows. But Bitcoin, and its forces of decentralization, will also threaten the incumbent technology gatekeepers that control how the world accesses the Internet.

The vast majority of the world’s population accesses the Internet via devices and services made by Apple and Google. The vast majority of the world’s population uses closed source devices made by small numbers of large manufacturers. So if we want to opt out of the Fiat Standard, and opt into a Bitcoin Standard, how can we do so as the incumbents resist?

The answer is simple. We must rebuild and catalog humanity’s knowledge, just like Hari Seldon did in Asimov’s Foundation. But unlike Seldon, we don’t need to build our Encyclopedia on a remote planet on the edge of the galaxy. Instead, we can build it in the open – through the power of Free and Open Source hardware and software. 

This is why we started Foundation Devices – to accelerate the adoption of Bitcoin by rebuilding and cataloging humanity’s knowledge as open source. To create a permissionless hardware and software foundation on which others can build. To help guide humanity through our transition to the Fourth Stage.

PREORDER PASSPORT

Preorder Passport Batch 2 today at a special price, limited to 2500 units!

$199.00Add to cart

Shopping Cart
Your cart is empty
Calculate Shipping
Apply Coupon