Download “Bitcoin Multi-Signature Account Operating Manual” as a PDF

By Pamela Morgan, Empowered Law

 

Bitcoin Multi-Signature Account Operating Manual

Empowered Law offers a full-service multi-signature corporate governance program which includes consultation, set-up, process design, testing, operations manuals, and ongoing support as well as secure key storage and third-party signer services. We open source our materials to support the community and can help you implement your corporate governance program too.

The material in this guide is for informational purposes only and is intended to assist clients of Empowered Law, or other multi-signature specialists, in implementing best practices. Your implementation of these practices is at your own risk and Empowered Law provides no representation or warranty that the practices are appropriate for your organization.

Introduction

The following process should be used for secure implementation of a multi-signature protocol with multiple parties and secure off-line storage and signing of transactions.

Requirements

Before you start using multi-signature transactions you need to create a secure Operating System environment for offline key generation, printing and signing. You will also need to create a secure passphrase.

Hardware

You will need the following hardware:

• A USB flash-drive with at least 2GB of usable data space, dedicated for this purpose
• A USB printer, preferably not network-capable
• A USB A->B cable to directly connect your laptop to the printer
• Acid-free (archival quality) heavy-weight paper that can be used with this printer
• A vinyl or similar plastic sleeve that can fit a page and can be sealed with tape to protect against water and moisture.

Software

You will need the following software:

• A copy of a Linux-based bootable CD-ROM file with the extension “.iso”, such as Ubuntu Desktop, or Tails
• A local copy of the HTML page from bitaddress.org
• A local copy of the HTML page from coinb.in/multisig
• A local copy of the HTML page from bitcoinpaperwallet.com
• Software for creating EFI or BIOS bootable USB drives from bootable ISO CDROM images.

Passphrase

You will need:

• One to five physical gaming dice
• Download the diceware word list PDF (http://world.std.com/%7Ereinhold/dicewarewordlist.pdf)
• Use the diceware process to generate an eight word secure random passphrase by throwing 8 x 5 dice throws.
• Write each word of the passphrase down on a piece of paper, do not mark the diceware word list.

Links

Bootable Linux CDROM Image (ISO):

Ubuntu Desktop images (ubuntu-14.04-desktop-amd64+mac.iso) http://mirror.anl.gov/pub/ubuntu-iso/DVDs/ubuntu/14.04/release/

Tails Live OS for Privacy (doesn’t work well on Mac): https://tails.boum.org/

Mac OS

Mac Linux USB Loader by Sevenbits: https://sevenbits.github.io/Mac-Linux-USB-Loader/

Windows

Pendrive Universal USB Installer (UUI) http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3/#button

Instructions: http://www.ubuntu.com/download/desktop/create-a-usb-stick-on-windows

 

Preparation

Insert the USB stick into your laptop and create two FAT partitions, one for the bootable OS image (at least 1GB) and one labeled “DATA” which will be empty.

• On MacOS use the Disk Utility and select the “Partition” function to create the partitions. See some instructions and screenshots here: http://osxdaily.com/2011/04/26/partition-hard-drive-mac-os-x/

• On Windows 8 use the diskmgmt.msc tool, see instructions here: http://www.technorms.com/8438/windows-8-create-hard-drive-partition

Once setup, download a bootable ISO operating system, such as the ubuntu desktop listed above. Use the tools in section 2 to install the ISO image to the first partition of the USB drive, leave the DATA partition empty.

Test the new bootable image by attempting to boot with the USB drive. You should be able to boot into the operating system on the USB drive by selecting a boot media source during the booting process. On MacOS machines, hold down the “option” key during the initial boot chime, to see a list of bootable media and select USB. On Windows 8 machines, hold down F12 during the boot sequence to select the boot media.

Next, copy the three HTML pages from the software requirements section onto the DATA partition of the CD. Load each website and before clicking or moving the mouse in any window, use Cmd-S or CTRL-S to save the HTML page. Select the USB drive/DATA partition and save the pages in there.

In the following sections, you will be asked to reboot your machine into the bootable OS off the USB stick and remain offline by not entering any wifi credentials or connecting any ethernet cables. First, shutdown and power off completely. Then reboot with the USB stick and into the bootable OS on the stick.

In any section where you need to be booted into the offline OS, you will see the following prompt: GO OFFLINE – BOOT USB OS

When you see the prompt GO ONLINE – NORMAL OS, power off by holding down the power button to erase all remnants of the USB bootable OS, then reboot into your normal operating system and go online again.

 

Signing Key Generation

For the next section you will need to go offline and use the HTML pages stored on your USB stick.

GO OFFLINE – BOOT USB OS

Once rebooted into the offline OS:

Connect your computer to the printer directly, using a USB cable. Turn on the printer. Open the OS settings window and select “Printers”. Click “Add Printer” and select the printer which is detected over USB. Set as the default printer.

Open a browser and open a new “private” window, with Cmd-Shift-P on MacOS or CTRL-Shift-P on Windows.

Note: this will ensure that no history or forms are inadvertently stored on any media

From the private window, open an HTML page from a file, Cmd-O or CTRL-O and open the bitaddress.org HTML page you saved earlier.

Generate and print your signing key

1. Select the tab “Paper Wallet”
2. Select “Hide Art”
3. Select “BIP38 Encrypt”
4. Set “Addresses to Generate” to 1
5. Enter the 8 word passphrase generated using the diceware process in section 2.3
6. Click “Generate” to generate an encrypted BIP38 private key
7. Print at least two copies of the resulting key
8. Select and copy (Cmd-C or CTRL-C) the encrypted private key which starts with 6P

Derive and save your uncompressed public key

1. Make sure you copied the encrypted private key on the previous page
2. Select the tab “Wallet Details”
3. Paste the BIP38 encrypted private key into “Enter Private Key”
4. Click View Details
5. Enter the 8 word passphrase into the password prompt that appears
6. Click “Decrypt BIP38”
7. Scroll down and find “Public Key (130 characters [0-9A-F]):”
8. Copy (Cmd-C or CTRL-C) the entire two-lines which start with “04”, this is your uncompressed public key
9. Open a text editor, paste the public key and save to the USB drive partition DATA as “publickey.txt”

GO ONLINE – NORMAL OS

Open the “publickey.txt” from your DATA partition and send it by email to the person constructing the multi-sig address.

 

Signing Key Secure Storage

Once you have generated your paper private key, you must secure it. Current best practices require that you keep at least two copies, in separate secure locations, in the event one is destroyed or stolen. Remember, there are no locksmiths in bitcoin.

Things you need before you begin:

• a fireproof and waterproof locked safe
• access to an off-site secure location (such as a bank safe deposit box)
• sealable opaque envelope
• a permanent pen or marker
• optional: laminator or plastic sleeve
• optional: note with one other signer’s email/phone number

Begin the Process:

1. Put each copy of the key into a plastic envelope or laminate it.
2. Place one key into a waterproof/fireproof safe.
3. Deposit the other key into a separate envelope and seal the envelope.
4. Sign or mark the sealed portion of the envelope with a permanent pen or marker. This is to ensure you will know if the envelope has been tampered with. The mark doesn’t need to be a signature, but it can be. Any mark is sufficient so that it will serve its intended purpose. You may also want to mark the outside of the envelope with a reference to the key inside (particularly if you are protecting multiple keys in the same safe). You could also include the phone number or email address of one other signer inside the envelope.
5. Take the sealed envelope to your off-site storage location and secure the key there.
6. Create some sort of reminder or instruction plan for estate or succession planning

What you should have when you are done with these steps:

• your easily accessible paper private key, secured in a safe
• one copy of your paper private key, secured offsite
• a secure instruction plan indicating the location of offsite storage in the event you become incapacitated
• a BIP38 passphrase, if you’ve chosen to encrypt your private key

WARNING: DO NOT STORE THE BIP38 PASSPHRASE WITH THE ENCRYPTED KEY

The passphrase can be memorized or stored in a secure password manager such as LastPass, 1Password, or KeePass. The password is useless without the paper wallet and vice-versa. Store them separately but make sure both are available and cannot be lost (ie make sure you have backups of your password manager or memorize the passphrase or both.)

 

Creating a Multi-Signature Address

Things you need before you begin:

• The Public Keys (K) of each authorized signer: save these in a text editor for easy copy and paste.
• The Signature Plan: which you should have created with your multi-signature advisor. The plan should include the total number of signers for this address, individual signer details, and number of signers to release funds. Be sure to have a printed copy of your signature plan, updated with addresses, and stored separately from your keys.
• Internet access

GO ONLINE – NORMAL OS

Open a browser. Open a private browsing window. From the USB DATA partition open the coinb.in/multisig HTML page you saved earlier.

1. Select New, Multi Signature Address

 

1. Paste the public keys of each of the signers in the boxes that contain a grey “04” hint.
2. Use the blue minus “-” button to remove any extraneous entry boxes
3. Select the signature threshold in the box “Enter the amount of signatures required to release the coins”, as per your signature plan

1. Click “Submit”
2. Create a text file on the USB stick DATA partition called “multisig-LABEL.txt”.
3. Replace the LABEL with an appropriate label, for example the company name or “TreasuryAccount” or something helpful like that.
4. Copy the resulting multi-signature address, which starts with a “3”, from the browser page and save it in the text file
5. Copy the “redeem script” from the browser page and save it in the text file, with the words “Redeem Script:” in a line before it so that you can easily recognize what it is.
6. Email the redeem script and multi-signature address to the other signers. They should create a text file and save it as you just did above.

 

Creating a Transaction

GO ONLINE – NORMAL OS

1. Open a browser.
2. Open a private browsing window.
3. Open the coinb.in/multisig HTML page saved on your USB DATA partition
4. Select New/Transaction to create a new transaction

1. Open the text file containing your multisig address and redeem script, from the USB DATA partition.
2. Copy and paste the redeem script into the browser window you see above, in the “Redeem Script”
3. Upon entry of the redeem script you should see the field below “Multi Signature Address” update with the correct address
4. After a few seconds you should see the Balance field update with the current balance locked in this multi-signature address

 

Select Inputs

1. Click on the Inputs tab.
2. Look at the list of inputs and find a set of inputs that are enough to cover the transaction you want to make. Either select one big input, bigger than the amount you want to spend, or several smaller inputs that add up to an amount equal or greater to the amount you want to spend.
3. Remove all other inputs from the list by clicking on the “-” minus button next to them.
4. If you have any difficulty, you can enter inputs manually.
   1. Find a transaction with unspent outputs for this address using the blockchain.info browser.
   2. Copy the transaction ID and enter it in TxID.
   3. Enter the sequence number of the unspent output.
   4. The first one listed in a transaction is always 0 (ZERO), the next is 1 etc. Enter that number in the field “N”.
   5. Enter the amount of the unspent output in Amount. You have to include the whole amount, you cannot spend a subset

 

WARNING: All inputs selected must exist on the blockchain, confirmed, as unspent outputs and must match the transaction-id (aka. transaction hash or txid) and index number (starting with zero). Do not include more inputs than necessary, all inputs included must be spent in the outputs as either a spend-forward output or change output.

Create Outputs

1. Enter a destination address and amount for each of the payments you wish to make.
2. If necessary (excess input amounts), add a change output as follows:
   • Enter the multi-signature address in the “Address” field of the outputs. This sends the change back to the originating address
   • Enter an amount for change, equal to the remaining funds minus the transaction fee.
3. Confirm that each of the outputs contains the correct payment amount
4. Confirm that the change is correct
5. Confirm the “Transaction Fee” field includes a transaction fee, calculated as the difference between inputs and outputs. The transaction fee should be at least equal to the minimum transaction fee of 0.0001 bitcoin (at this time). If you have multiple inputs or multiple outputs include more transaction fees, multiplying the minimum fee for each additional pair of inputs and outputs (ie, 2 more input/outputs means 2 x  minimum fee more)
6. Check the transaction fee is not more than you intended. If necessary add a change output or increase the change output until it is correct.
7. Click Submit.
8. Copy the resulting transaction (hex string) and save it in a file on your USB DATA partition. Call it “Transaction-DATE.txt” with the correct date replacing DATE.
9. Send the transaction to the signers to sign, by email, cc all other authorized signers on the request.

Best Practice: The originator should always be the one to broadcast the fully signed transactions. If the originator is also a signer, the originator should sign LAST in order to provide an opportunity for review.

WARNING: Unspent inputs MUST be returned as change. If you forget to include change you could be donating the entire amount of inputs to the miners as an extravagant fee. ALWAYS CHECK THE TRANSACTION FEE FIELD CAREFULLY.

Storing and Forwarding the Transaction

GO ONLINE – NORMAL OS

The transaction is not sensitive and does not contain private keys or anything confidential. You can therefore store it in a text file and can transmit it in unencrypted email.

Transactions should be submitted via email to the next party (in succession) you wish to have sign the transaction. All other signers should be CC’d on the request.

 

Verifying the Transaction

GO ONLINE – NORMAL OS

What is verification? Verification is exactly what it sounds like, it provides an opportunity to verify the transaction script will execute as we expect before submitting it for signing or broadcast it to the network. Always verify every transaction script before using it and after you’ve interacted with it.

• Verifying Redeem Scripts: We can verify the redeem script which is the encumbrance that will be placed upon any transaction using the multi-signature address created through this process.

• Verifying Transactions: We can verify the transaction which includes the redeem script, in order to ensure that the redeem script, inputs, outputs, and fees are accurate.

How to verify: Verify scripts by cutting and pasting the transaction script into the verification box as pictured below.

 

Signing the Transaction

GO ONLINE – NORMAL OS

1. Verify the transaction sent to you, while still online, using the “Verify” tab of the coinb.in/multisig page, as described in the previous section.
2. Copy the transaction sent to you for signing onto the USB DATA Partition and save in a text file named “Transaction-DATE.txt” with the correct date replacing DATE.

GO OFFLINE – BOOT USB OS

1. Retrieve the paper wallet copy of your signing key from your safe.
2. Open a browser
3. Open a private browsing window
4. Open the bitaddress.org HTML page

1. In the bitaddress.org page, select the “Wallet Details” tab
2. Type in your private encrypted key which starts with 6P into the “Enter Private Key” field
3. Click “View Details”
4. Enter the passphrase in the field that appears
5. Click “Decrypt BIP38”
6. Scroll down to Private Key WIF, copy the private key starting with “5”
7. Open the coinb.in/multisig HTML page

1. Switch to the coinb.in/multisig web page and select the “Sign” tab:
2. Paste the decrypted private key you copied before (starts with a 5) into the Private Key field.
3. Open the text file on the USB DATA partition that contains the transaction for signature
4. Copy and paste the transaction into the Transaction field
5. Click Submit
6. Copy the resulting transaction script produced by the signing operation
7. You may want to use the Verify tab to verify the transaction again now. Paste it into the verify window to verify. You should
8. see that it includes one signature more than it did before.
9. Open the text file with the transaction and paste the signed transaction sciprt below the unsigned script you received earlier.
10. Save the text file.
11. Power off by holding down the power key

GO ONLINE – NORMAL OS

1. Open the text file from the USB DATA Partition and copy the recently signed transaction script.
2. Send the transaction, by email, to the next signer or back to the originator if you are the last signer.

Transmitting the Transaction to the Bitcoin Network

GO ONLINE – NORMAL OS

Prior to transmitting any transaction you should first verify that it will execute as expected (see verify above). After you have verified the inputs, outputs, and fees, then select the Broadcast option, paste the fully signed transaction script into the Broadcast box and select Submit.

WARNING: Click submit only ONCE and wait to see if the transaction is sent successfully. If you submit more than once, subsequent attempts show as invalid as the transaction is seen as a double-spend because it already exists on the network.

Confirm the transaction has been broadcast by visiting blockchain.info and searching for the multi-sig address related to this transaction. Look at the list of transactions and see how many confirmations it has received. If you do not see the transaction after a few seconds from broadcasting, it has most likely failed to submit. Troubleshoot, first by using the Verify tab of the multisignature tool to review the transaction construction. If you cannot identify the error, contact your multi-signature professional for assistance.