WIP: writing multisig wallet guide #96
Conversation
|
Waiting for bcoin-org/bcoin#444 to get solved ... |
There was a problem hiding this comment.
Thanks for the contribution Joe!
I think you are off to a great start and I look forward to you filling out the TODO's.
My notes in general are:
-
A lot of the plain text writing needs help (spelling, punctuation, etc.) I have added comments throughout, but I can continue to work with you if English isn't your primary language.
-
See my comment about rendering the markdown with the built-in npm script
convert-markdownand let me know if you need help with that. The script will produce an html file in theguidesdirectory you can open in a browser and check the layout and style. Take a look at the other guides in theguides-markdowndirectory for tips on how these webpages get rendered. -
The section about setting up a wallet server with an SSL certificate is cool but it may be overkill for the new users we want to attract with this guide. Perhaps you can start that section with instructions on how to use the wallet on a local machine, or a server via ssh. Save the SSL stuff for an "advanced" or "what next" type section?
-
Spending funds: obviously this section is very important! The API docs should help:
http://bcoin.io/api-docs/?shell--curl#create-a-transaction
and
guides-markdown/multisig-wallet.md
Outdated
|
|
||
| Our `bcoin.conf` is | ||
|
|
||
| ```sh:bcoin.conf |
There was a problem hiding this comment.
This isn't rendering for me with prismjs:
$ npm run convert-markdown -- --file=multisig-wallet.md
There was a problem: TypeError: Cannot read property 'rest' of undefined
...
It renders correctly if these are all changed to just bash but you can include the filename at the top of each blob in a commented line.
There was a problem hiding this comment.
Thanks, I decided to change it into bash and worked fine in my local.
guides-markdown/multisig-wallet.md
Outdated
| we must create multisig transaction which has been signed by private key corresponds to those public key, | ||
| see [our multisig transaction guide](http://bcoin.io/guides/multisig-tx.html) for more detail about multisig transaction itself. | ||
|
|
||
| In this guide, we take a step little further and see a whole lifecycle of the multisig account in a more practical way. |
There was a problem hiding this comment.
A few grammar notes:
A Bitcoin multisig account is an account which holds more than 1 public key, and generates P2SH or P2WSH addresses for those public keys. When you want to use those funds, you must create a multisig transaction which has been signed by the private keys corresponding to those public keys. See our multisig transaction guide for more detail about the multisig transaction itself.
In this guide, we will take it a step little further and see a whole lifecycle of the multisig account in a more practical way.
guides-markdown/multisig-wallet.md
Outdated
|
|
||
| you can backup your funds unless more than two keys were compromised at the same time. | ||
| In this case, you may use 1. and 2. for usual spending. | ||
| You only need 3 when you lost your secret key for 1 and 2 |
There was a problem hiding this comment.
Grammar:
Use Cases
- Personal wallet which is secure against key compromise
Usually in a cryptocurrency world, when you lose your master key and its seed for the wallet there is no way to recover your funds. But by storing multiple secret keys on...
- your own server
- local hardware you own
- a paper wallet in your personal vault
...your funds will be safe unless more than one key is compromised at the same time. In this case, you may use 1 and 2 for usual spending, and only need 3 if you lose your secret keys 1 and 2.
guides-markdown/multisig-wallet.md
Outdated
| 2. Or disappeared suddenly. | ||
| 3. Or lost his secret-key. | ||
| 4. Or be stolen the secret-key | ||
| 5. Or tried to thief all funds for his personal use. |
There was a problem hiding this comment.
Grammar:
- Wallet held by more than one person
Sometimes it is desirable to distribute the control of funds among several people. For example, funds for a corporation or a crowdfunding project. We can mitigate the risk of fund loss by utilizing a multisig in cases where a a single person with control:
- Is no longer in charge
- Disappears suddenly
- Loses their secret-key
- Tries to steal all funds for their own personal use
| 4. receive incoming information from the wallet server. | ||
| 5. spend funds from the wallet. | ||
| 6. recovering the wallet | ||
|
|
There was a problem hiding this comment.
Grammar:
Walk-through
This tutorial includes the following steps:
- setting up a bcoin wallet server with https
- setting up a hot multisig wallet for personal use
- setting up a watch-only multisig wallet
- receive incoming information from the wallet server
- spend funds from the wallet
- recovering the wallet
| --network=testnet \ | ||
| --api-key=mySecretApiKey \ | ||
| --token=${myadmintoken} \ # Must use your admin token to create a new wallet | ||
| --watch-only=true \ # make it watch only |
There was a problem hiding this comment.
It seems master branch (and latest release) has changed after your PR has merged.
guides-markdown/multisig-wallet.md
Outdated
| --type=multisig \ | ||
| --m=2 \ | ||
| --n=3 \ | ||
| --name=multisig1 \ |
guides-markdown/multisig-wallet.md
Outdated
| --network=testnet \ | ||
| --api-key=mySecretApiKey \ | ||
| --token=${myadmintoken} \ | ||
| --acount=multisig1 \ |
guides-markdown/multisig-wallet.md
Outdated
| --network=testnet \ | ||
| --api-key=mySecretApiKey \ | ||
| --token=${myadmintoken} \ # rescanning requires admin token | ||
| --acount=multisig1 \ |
| --api-key=mySecretApiKey \ | ||
| --token=${myadmintoken} \ # rescanning requires admin token | ||
| --acount=multisig1 \ | ||
| rescan 10000 # start rescanning from height 10000 |
There was a problem hiding this comment.
rescan is slightly problematic at this time.
It really only works on a full archival node. SPV users should probably use reset and pruned full-node users might be out of luck if there are transactions on-chain before their prune height. Might be good to add a warning here.
There was a problem hiding this comment.
I have added comments throughout, but I can continue to work with you if English isn't your primary language.
I really appreciate this, thanks.
I've written reasoning behind using (ssl/tls) in the review comment, If you think using the same watch tower among co-signers are too dangerous or somehow problematic, I'd better delete the whole section about (ssl/tls) and rewrite it with assuming co-signers are using their own wallet server.
| --network=testnet \ | ||
| --api-key=mySecretApiKey \ | ||
| --token=${myadmintoken} \ # Must use your admin token to create a new wallet | ||
| --watch-only=true \ # make it watch only |
There was a problem hiding this comment.
It seems master branch (and latest release) has changed after your PR has merged.
| --network=testnet \ | ||
| --api-key=mySecretApiKey \ | ||
| --token=${myadmintoken} \ # Must use your admin token to create a new wallet | ||
| --watch-only=true \ # make it watch only |
There was a problem hiding this comment.
It seems master branch (and latest release) has changed after your PR has merged.
guides-markdown/multisig-wallet.md
Outdated
|
|
||
| Our `bcoin.conf` is | ||
|
|
||
| ```sh:bcoin.conf |
There was a problem hiding this comment.
Thanks, I decided to change it into bash and worked fine in my local.
| 5. spend funds from the wallet. | ||
| 6. recovering the wallet | ||
|
|
||
| ### 1. Setting up bcoin wallet server with https. |
There was a problem hiding this comment.
Well, this is because I was thinking that this watch-only wallet works as kind of a "semi-trusted watch-tower service" for every co-signer.
I mean, the scenario I was assuming is that co-signer don't have to run a wallet server in the local, instead they register their xpub onto this server and listen to it directly.
I made it this way because this will likely make things more simple when e.g. some co-signer made a intent to pay from the wallet. wallet server can directly push notification to every co-signer. (Possibly through plugin.)
I will certainly clarify this logic in the document. And mention that https is not mandatory as you pointed out.
guides-markdown/multisig-wallet.md
Outdated
| and throw it to the bcoin server | ||
|
|
||
| ```sh | ||
| curl -X PUT ${url}/wallet/sharedWallet1/account/multisig1\?token\=${sharedWalletToken} \ |
There was a problem hiding this comment.
Ah, correct endpoint was /wallet/:id/shared-key . I will fix.
I'd better write both case using curl and bwallet-cli. To me, sometimes it was more intuitive to use curl , since I only had to read source code for wallet/http.js (instead of bclient , bcurl , and wallet/http.js)
| > So some options we have passed here (i.e. `type`, `m`, `n`, and `name`) are for the default account created with the wallet. | ||
|
|
||
| If the wallet is created successfully, than you will see the access token for that wallet in the return value. | ||
| So let's set that token into variable named `sharedWalletToken` and pass to co-signers. |
There was a problem hiding this comment.
I've made it this way with the same reason I assumed https.
| --api-key=mySecretApiKey \ | ||
| --token=${myadmintoken} \ # rescanning requires admin token | ||
| --acount=multisig1 \ | ||
| rescan 10000 # start rescanning from height 10000 |
|
Thanks for the revisions, @joemphilips. I look forward to your |
| For example, funds for a corporation or for a crowdfunding project. | ||
| We can mitigate the risk of fund loss by utilizing a multisig in cases where single person with control: | ||
|
|
||
| 1. Is no longer in charge |
There was a problem hiding this comment.
Not super important, but more of a nit, in markdown you can put all of your numbers as 1 and then they will render 1,2,3,4,etc - it helps if you want to quickly reorder things at some point in the future
| lets assume that Alice uses [bitcoinjs-lib](https://github.com/bitcoinjs/bitcoinjs-lib) in her software. | ||
| So the code will be something like ... | ||
|
|
||
| ```js |
There was a problem hiding this comment.
While you can definitely use bitcoinjs, there are also utilities in bcoin to do everything that you would need to do here. The other guides are really good for getting up to speed on this
| 2. To collaborate with others easily ... in later secrion, we are showing how to use watch-only wallet with more than one people. In those situation, some might not be familiar with accessing the server with IP address, or want to access from browser, or don't want to bother himself remember(and track) IP address for the server. | ||
|
|
||
| We assume you already have gotten your domain name somehow, | ||
| and that is `bcoin.multisigtest.com`. |
There was a problem hiding this comment.
Do you think it would be easier to create a self signed cert for localhost so that users can more easily follow along?
|
|
||
| Ok, so let's check the wallet's status by | ||
|
|
||
| ```bash |
There was a problem hiding this comment.
Are you familiar with jq? It lets you parse json from stdin and could be very useful for giving precise commands and their results
$ curl ${url}/wallet/sharedWallet1/account/default?token=${sharedWalletToken} \
| jq .balance
{
"tx": 0,
"coin": 0,
"unconfirmed": 0,
"confirmed": 0
}
joemphilips
force-pushed
the
multisig-guide
branch
from
c66acab
to
afc0692
Compare
This is for #63
I haven't finished writing yet, after I complete
TODO:section, I will mention again.Tell me if I've got something wrong (e.g. "walk through has missing section" . etc.)