Big Barry Bitcoin on Nostr: Curious on people's thoughts on this. I was thinking about multisig vs single sig and ...
Curious on people's thoughts on this.
I was thinking about multisig vs single sig and I think I came to the conclusion that multisig protects best against THEFT and not necessarily LOSS.
Let me explain.
If you are considering single sig vs multi sig, consider if you think you are more prone to losing things or if you are more likely to be robbed or targeted.
If you are more prone to losing things, then you are probably also more likely to lose 2 things before you realise you lost anything.
You also burden yourself with finding multiple safe spaces, ideally geographically disperse. Either you don't disperse them well enough and a house fire destroys 2 of 3 keys, or you do, but it is difficult to monitor them and they are MORE prone to losses without your knowledge.
This has always bugged me about multisig, this idea that we just turn one problem into three (or two in case of collaborative custody)
If you are worried more about theft or being targeted, then multisig has a meaningful benefit.
Why might theft be an issue?
- Maybe you insist on a digital key (hot)
- Maybe you are a public figure
- Maybe you live in a bad neighborhood
This doesn't guarantee protection against a $5 wrench attack, but if you have to travel across town with a gun to your back to spend the funds, maybe they'll move on considering it a waste of their time and maybe that leads to more deadly outcomes, but we'll ignore that.
I'm thinking more along the lines of a digital data leak or a home invasion while you are away.
In this case, if you used a single key, your funds are gone. At best you and the attacker are racing or raising fees, just to prevent the other from getting the money.
In a multi sig setup, assuming you are not loss prone and are likely to learn of a copied or stolen key in a reasonable time, you know how to get to 2 keys to recover the funds quickly while the attacker is still looking for another valid key.
If you use collaborative custody, chances are that there are identity checks or time constraints for the attacker and you still have 2 keys to immediately recover.
At the very worst, a sophisticated attacker might steal one key to trigger you to start recovery and then follow you and $5 wrench attack you once they have all the pieces. But this starts to reach into the what if category. Well, you basically have to be a VIP public figure or a dick who boasts about their wealth most likely and also not have hired security.
I'm curious if I hit the nail on the head here or if you have a different opinion. Let me know.
#asknostr
I was thinking about multisig vs single sig and I think I came to the conclusion that multisig protects best against THEFT and not necessarily LOSS.
Let me explain.
If you are considering single sig vs multi sig, consider if you think you are more prone to losing things or if you are more likely to be robbed or targeted.
If you are more prone to losing things, then you are probably also more likely to lose 2 things before you realise you lost anything.
You also burden yourself with finding multiple safe spaces, ideally geographically disperse. Either you don't disperse them well enough and a house fire destroys 2 of 3 keys, or you do, but it is difficult to monitor them and they are MORE prone to losses without your knowledge.
This has always bugged me about multisig, this idea that we just turn one problem into three (or two in case of collaborative custody)
If you are worried more about theft or being targeted, then multisig has a meaningful benefit.
Why might theft be an issue?
- Maybe you insist on a digital key (hot)
- Maybe you are a public figure
- Maybe you live in a bad neighborhood
This doesn't guarantee protection against a $5 wrench attack, but if you have to travel across town with a gun to your back to spend the funds, maybe they'll move on considering it a waste of their time and maybe that leads to more deadly outcomes, but we'll ignore that.
I'm thinking more along the lines of a digital data leak or a home invasion while you are away.
In this case, if you used a single key, your funds are gone. At best you and the attacker are racing or raising fees, just to prevent the other from getting the money.
In a multi sig setup, assuming you are not loss prone and are likely to learn of a copied or stolen key in a reasonable time, you know how to get to 2 keys to recover the funds quickly while the attacker is still looking for another valid key.
If you use collaborative custody, chances are that there are identity checks or time constraints for the attacker and you still have 2 keys to immediately recover.
At the very worst, a sophisticated attacker might steal one key to trigger you to start recovery and then follow you and $5 wrench attack you once they have all the pieces. But this starts to reach into the what if category. Well, you basically have to be a VIP public figure or a dick who boasts about their wealth most likely and also not have hired security.
I'm curious if I hit the nail on the head here or if you have a different opinion. Let me know.
#asknostr