Guide - Sparrow multiparty multisig
What is multisig?
A multisig bitcoin wallet requires multiple signatures to authenticate a spend.
A M of N multisig has a total of N keys of which M are required to spend. A 2 of 3 multsig has a total of 3 keys of which any 2 must sign to spend.
Any set of 2 keys can sign, for a 2 of 3 multisig there are 3 sets of valid signing keys.
The keys to a multisig wallet could be held by one person, or distributed to a group of people. By distributed keys to multiple people a multiparty multisig can be used to manage bitcoin for an organisation or group of friends without a single point of failure.
The threshold number of signers can be less than the total number of custodians, meaning not all the custodians are required to spend. It could also be equal to the number of custodians, meaning all the custodians need to sign to be able to spend.
Sparrow
Sparrow is a desktop bitcoin wallet which can be used to manage a multisig bitcoin wallet. We will walk through the process from the perspective of Alice and Bob who want to set up a 2 of 2 multisig wallet on Testnet.
Hot Key Setup
Alice and Bob begin by downloading and installing sparrow.
They each run sparrow on their computers and restart in Testnet, where the coins are somehow both worthless and hard to get.
They each make a new wallet and select Multi Signature (1) and Native Segwit (2). They drag the Cosigners slider (3) to 2 of 2 .
Alice and Bob agree that Alice will be Key1, and Bob Key 2. They each select the appropriate Keystore (4) and click New or Imported Software Wallet (5).
Independently they each generate a new seed and optionally set a passphrase. They keep the default derivation path recommended by Sparrow (m/48'/1'/0'/2').
Now both Alice and Bob have a hot key in Sparrow, with Alice using Keystore 1 and Bob using Keystore 2. They each change the Keystore label to their own name.
Alice Watch Only Key Import
Alice and Bob must import their counterparts watch only wallet details.
Alice clicks into the the undefined Keystore tab in her wallet (for her this is Keystore 2) and selects xPub / Watch Only Wallet.
She asks Bob to send his key details using signal, a Matrix client like element.io or another encrypted messenger.
Bob sends his wallet Label, Fingerprint, Path and tpub:
1 Label: Bob
2 Master fingerprint: ec07b2fc
3 Derivation: m/48'/1'/0'/2'
4 Tpub: tpubDFid7...
Alice enters these details in the Keystore 2 fields.
Bob Watch Only Key Import
Bob switches to his Keystore 1 tab and selects xPub / Watch Only Wallet.
Bob asks Alice for her information, which she sends using an encrypted messenger.
1 Label: Alice
2 Master fingerprint: 6c733d3b
3 Derivation: m/48'/1'/0'/2'
4 Tpub: tpubDECsQ...
Bob enters these details in the Keystore 1 fields.
Receiving Bitcoin
Both Alice and Bob then compare the first receive addresses shown in their wallets. They check that the first set of characters (tb1qxkd8l9gt) match.
Either Alice or Bob goes to a Testnet faucet, paste their first Receive Address into the box (1) and press the button (2) to request Testnet sats.
Their wallets update with the balance.
Spending Bitcoin
Alice and Bob want to make a transaction spending the 50,000 Testnet sats back to the faucet. Spending from a 2 of 2 multisig is a two stage process. Either party can commence the transaction but the other party is required to sign off on the spend. They agree that Alice will make the transaction file and sign first, and bob will sign second and broadcast the transaction.
Alice opens her wallet and goes to the send tab. She pastes the faucets' address into the Pay to field, adds a label , sets the amount and fee. She clicks the blue create transaction and is shown a summary of the transaction. She clicks the blue Finalize Transaction for Signing button.
Her key is hot she can just click to sign. She sees a blue bar appear showing that her signature is present in the partially signed transaction file. She clicks the Save Transaction button and sends it over the secure messenger to Bob.
Bob clicks on file, Open Transaction, File and clicks on the file Alice sent him.
It opens and he can see the details of the transaction including the label Alice set (to-faucet) and that Alice has signed.
He checks the transaction is as expected by hovering over the transaction graph (1) for more information. It is as he expects so he clicks the Sign button (2).
A green bar appears showing that with the second signature the psbt is valid as the threshold required to spend the bitcoin has been met. Bob clicks Broadcast Transaction.
Backup
With a multisig wallet both the keys and the wallet descriptor must be backed up.
Keys
Alice and Bob each keep a copy of their recovery seed phrase, their passphrase (if used), their wallet fingerprint and their derivation path (m/48'/1'/0'/2' for Sparrow hot wallets).
Wallet Descriptor
They each go to the Setting tab (1) in their wallet and click on the QR icon (2).
This opens a pop up window with the QR code of the descriptor. They click on the Save PDF ... button (3) and save the PDF to their computer. They each print a copy of this and keep it with their key backups.
Recovery
Alice and Bob practice the recovery by deleting their wallets and each making a new wallet. At the first screen they click the scan descriptor icon (1) to load the wallet descriptor from the printed QR code they keep with their key backup.
When they import the descriptor the keystore labels are missing, but they can identify their keystore from the master fingerprint (which they backed up as part of their key backup). Bob switches to Keystore 2 and recognises his master fingerprint ec07b2fc. He clicks the import button (2) to load his hot key into sparrow.
He switches to the Software Wallet tab (1), enters his recovery words (2), and his passphrase (3) before clicking the Create Keystore button (4).
Bob checks that the derivation path matches the one he has recorded in his key backup, it matches so he clicks the Import Keystore button.
Bob has recovered his wallet. Alice does the same process with her key and they have fully recovered their wallets without needing to communicate their wallet details again.
Cold Keys
In this example Alice and Bob both used hot keys on their sparrow wallet. The same multisig process can be done with cold keys on offline signing devices for increased security.
Mainnet
Once confident that they can setup, spend from and recover a Testnet multisig Alice and Bob set up a new wallet on Mainnet.
Thank you for reading. If you enjoyed this post please share it.