Today we helped someone with a multisig 2/3 setup who stressed out a bit.
Lost one signer with the backup.
Typed in the wrong PIN code 3 times on a nostr:npub1jg552aulj07skd6e7y2hu0vl5g8nl5jvfw8jhn6jpjk0vjd0waksvl6n8n Jade (wiped). The backup didnβt work out.
First the descriptor was in perfect shape in nostr:npub1cvqlzvmjercdn0ypsmv8f7j9lge6ahsnueh5rparh53wuswftv4q49yjt3 and backed up as a bsms on the cloud.
We decided to use the Nunchuk instance that had the keys ready for signing.
One key and backup were in perfect shape and we could directly sign off on the transaction.
The backup was put into one of our nostr:npub19canpmsgykwumm43uxmp0l5sernavvnrf87mau9a6xnjfx6ajjhsh9qj29 Qs as its the easiest to quickly do a checksum test. And the checksum didnβt match the last word on the backup.
π
Going through the dots of the backup plate one by one we found a mistake. A four punch was marked as a one and therefore the wrong word was taken from the bip39 list.
We filled in the 24 words and still there was a checksum mismatch.
We went through the dots and numbers once again, no mistake there. Then we took the translation table of the numbers and found a wrong word with a number.
We inputted that word and the checksum was correct (the funny part is, the word was rigid, it made us π).
We signed the 2/3.
Even if you think your setup is secure and redundant, every setup has trade offs. There is no optimal setup.
This setup turned out to be just about right, oof size large.
