How-to: Bitcoin multi-signature wallet using Electrum and several Ledger Nano S

How an organization can securely manage funds having an extra-layer of security before sending any satoshi, due to multiple cosigners

• PC (Linux, Mac, Windows)
• Ledger Nano S (one for each cosigner)
• Electrum (https://electrum.org/#download)
• PGP (optional)

This walk-through is intended to be for a distributed team/organization that needs to setup and use a multi-signature remotely.
Our fictionary company, Hodl Inc, with 100 bitcoin to store in a multisig, the execs Alice the CFO, Bob the CEO and Charlie the CTO are going to be the cosigners.

Procedure

1. Provisioning

The first step to get started is to collect all the public keys of the cosigner. Let’s say Charlie, the CTO, take care of this. He will contact Alice and Bob asking them their public keys in order to specify them in the xpub needed to create the multi-sig.

Secure channel

Since Hodl Inc is a remote company, they will use internet as a communication channel (you don’t say?!). Charlie needs to take precautions to not leave traces about his identity over the net. This is needed to not become target of an attack. This one of the many reasons why he will use PGP to encrypt emails and attachments. (Since he has a company-paid G Suite account he will use the FlowCrypt Chrome extension)

Get the public key from Ledger Nano S

To recover the public key on the Ledger Nano S, Alice (and Bob) needs to do the following:

Connect the Ledger and install in it the Bitcoin Wallet app trough the Ledger Manager Chrome app.

Now Alice (and Bob) needs to run Electrum on the computer. Once it’s launched, she needs to:

• File > New/Restore new wallet
• Insert a name to recognize the wallet
• Then select Standard Wallet
• Use a hardware device

as in the following screens

If a “No hardware device detected” message is displayed, besure to have the ledger unlocked (PIN inserted) and press back and next to trigger again the connection. Alice should see this screen and press Next

Now Alice (and Bob) has to be sure be sure to insert the right derivation path. If he/she used a BIP49 (most likely) select p2sh-segwit BIP49 or manually insert

In the next screen Alice encrypt her metadata wallet file and it’s done!

In order to get the Master Public Key, Alice has to select in the menu Wallet > Information and she can get the Master Public Key. If BIP44 should starts with xpub and if BIP49 ypub.
Now she sends encrypted over PGP to Charlie.

2. Setup

Charlie now has Bob’s and Alice’s public key and he’s going to create a multi-sig wallet where the company’s funds will be stored.

As Alice (and Bob) did , Charlie now creates a new wallet, selecting Multi-signature wallet instead of Standard Wallet.

In the following screen he chooses the number of signatures needed to unlock funds, so From 3 cosigners and Require 3 signatures

Now in the Add cosigner (1 of 3) screen, Charlie assign himself and use the Ledger Nano directly, so Use a hardware wallet

For the other cosigners, he can use the xpubs collected by Alice and Bob, select Enter cosigner key and paste them. Then, Charlie chooses to encrypt the multisig metadata wallet file.

Now we can safely send bitcoin to the multisig wallet. To get the address, go to the Receive tab and copy paste the Receiving Address. It should start with 3 on Bitcoin main-net.

3. Co-sign transactions

Alice 1/3

Alice wants to get out 100 mBTC to pay for company’s expenses. So she initiates a new transaction heading to Send tab, compiling the Pay to address, an optional description and the amount. Hitting send, she should see this screen with the partially signed transaction. She clicks on Export

She sends the exported unsigned.txn file to Bob using an encrypted email.

Bob 2/3

Bob receive and decrypt the pgp message containing the file. Now he goes to Electrum, clicking on Tool > Load transaction > from file

Now he clicks on Sign, then Export again the partially signed transaction and sends to Charlie. (Encrypted if possible)

Charlie 3/3

Charlie, as the last cosigner required, now will do the same as Bob with the difference that he needs to click Broadcast once signed.

Now, the transaction should be sent over the Bitcoin Network using the Electrum severs.

Note: There is no risk of funds being stolen if someone else gets the unsigned or signed files, since the keys remains on the hardware wallet all the time.

Originally published at https://medium.com on April 26, 2018.