@japananon @monero monero-wallet-rpc can manage multisig wallets, but I've never tried it: https://monerodocs.org/interacting/monero-wallet-rpc-reference/#make_multisig
This functionality doesn't seem to be available in Monero GUI.
this post was submitted on 06 Nov 2023
4 points (66.7% liked)
Monero
1581 readers
23 users here now
This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.
Wallets
Android (Cake Wallet) / (Monero.com)
iOS (Cake Wallet) / (Monero.com)
Instance tags for discoverability:
Monero, XMR, crypto, cryptocurrency
founded 1 year ago
MODERATORS
@silverpill @monero The only user-facing implementations I could find were Haveno (proposed) and RINO (existing), but both are tethered to their respective services, and not useful in a more general sense.
I'm just curious if the lack of GUI implementation has a reason (technical limitations etc), or if it's just never been attempted. Nunchuk's design is great for BTC multisig, and an XMR equivalent would be useful.
@japananon @monero Apparently it was never attempted. What is so great about Nunchuk, integrated chat?
Given that monero-wallet-rpc provides CLI interface, GUI shouldn't be difficult to build. I think it can be even built by integrating multisig into an existing chat or social application.
@silverpill @monero The integrated chat is part of it, but not the whole.
Multisig is usually pitched as a security or shared custody feature, but a niche I think is underserved here is the use of multisig for trustless escrow between individuals. Haveno's implementation is integrated too deeply into their exchange platform to be useful independently, and RINO is an enterprise service focused on shared custody, so neither is exactly fit for that purpose.
I talked about Nunchuk in a video last year:
https://peertube.anon-kenkai.com/w/bSyQSapGr7QUaXwiJHUPLV
I went into it in more detail there, but in a nutshell what I like about it is how it incorporates all the necessary tools for trustless escrow in one package. You can generate wallets collaboratively via the integrated chat, discuss the terms, fund the wallet, and disburse funds without needing to fumble between multiple tools.
Since my main focus is providing tools for artists, I can see how such a thing would be very useful for things like commission work. But it can certainly be used for other things too, of course. It's an otherwise purpose-neutral tool so it's easy for anybody to just pick it up and use it for whatever purpose they want.
Nunchuk is BTC only, and it can still be useful, but an XMR version would suit my needs even better.
@japananon @monero I could build one, sounds like an interesting project.
There was an old system based on BitMessage, but it is unusable and unmaintainted: https://www.getmonero.org/resources/user-guides/multisig-messaging-system.html.
Someone is trying to build I2P-based version with an integrated marketplace: https://github.com/creating2morrow/neveko. It doesn't look very usable either, and developer is trying to do everything at once, which is usually a bad idea.
I would make it as a standalone tool that can work on clearnet and can connect to other software
@silverpill @monero The existence of a tool like this would be extremely welcome. In my opinion, at least, but I'm sure a lot of other people would find it valuable once they discover it.
@japananon @monero I talked with some devs and learned about plans to add GUI for mutlisig to Feather wallet. But it is not clear when this will happen because Monero multisig still has experimental status (its security is not proven).
I could try to build an alternative wallet app, but there's a risk that Feather will add it first and my effort would be wasted.
Also, this just popped up in my feed: https://monero.im/post/3925
The fact that multisig was not widely used yet, was indirectly related to the unfortunate CCS Wallet Incident, which happened a few months ago, as well.
@ErC (ErCiccione), a contributor, commented elsewhere a few days ago:
This is a bit of a dog biting its tail. Multisig was shipped and has been live for a long time. Nobody really used it, so it ended up being unstable and full of problems, but that came out only relatively recently (couple of years ago) when services started to build on it.
People are now saying, “If multsig had been used…” “should have” “could have” (Hindsight is 20/20 😢). Anyway, fluffypony replied, “when it reached a level of maturity (this year? late last year?) it should have been prioritized.”
We can expect that multisig will be now more prioritized and to be carefully tested and tuned, soon to be available more generally, if not right now. So perhaps the answer to your question is, “No, but maybe soon…”?
@Saki Interesting, thank you. Was the CCS wallet not using multisig the reason for the breach, then? I haven't followed the incident in detail, I wasn't sure what allowed the attacker access in the first place.
Nothing is sure. It might be skilled attacker(s), it might be simply bad opsec, or it might be an inside job. Several people think and say that we need to minimize trust via mltisig (in retrospect, this seems so obvious but that’s just hindsight).