Open justinmoon opened 5 years ago
justinmoon
commented
5 years ago After investigating more, it seems that multisig addresses can't be displayed. Every library display_address function has a Only supports single-key based addresses comment. This would be very nice -- hardware wallet multisig is kinda pointless if you can't verify receiving addresses on device display.
instagibbs
commented
5 years ago All devices handle this differently, either by imo trusting too much, all the way to requiring the user to register multisig wallets on the device first. Going to be difficult to do without a standard.
justinmoon
commented
5 years ago What about just displaying a multisig address on device display using the displayaddress HWI command? I know that at least trezor and coldcard can do this in Electrum.
Is this something we could implement here? (I can take a stab at it ...)
instagibbs
commented
4 years ago That could be a partially-supporting feature yes.
I really want to somehow convince all manufacturers to support registering descriptors so we can have a unified "display address" feature :/
Let's say I have 2/2 multisig. I generate a receiving address on desktop and check it against
hwi displayaddress --desc <desc>on both devices. Then I know that each device controls a key in the multisig address.But how do I actually verify that the address corresponds to a 2/2 multisig address and not k/k where k > 2 without trusting any UI except the hardware wallet display.
Possible attack: the redeemscript is actually 3/3 with 2 of our keys and a 3rd pubkey that belongs to a ransomer.