Today we helped someone with a multisig 2/3 setup who stressed out a bit.
Lost one signer with the backup.
Typed in the wrong PIN code 3 times on a @Blockstream Jade (wiped). The backup didn’t work out.
First the descriptor was in perfect shape in @nunchuk_io and backed up as a bsms on the cloud.
We decided to use the Nunchuk instance that had the keys ready for signing.
One key and backup were in perfect shape and we could directly sign off on the transaction.
The backup was put into one of our @COLDCARD Qs as its the easiest to quickly do a checksum test. And the checksum didn’t match the last word on the backup.
😓
Going through the dots of the backup plate one by one we found a mistake. A four punch was marked as a one and therefore the wrong word was taken from the bip39 list.
We filled in the 24 words and still there was a checksum mismatch.
We went through the dots and numbers once again, no mistake there. Then we took the translation table of the numbers and found a wrong word with a number.
We inputted that word and the checksum was correct (the funny part is, the word was rigid, it made us 😂).
We signed the 2/3.
Even if you think your setup is secure and redundant, every setup has trade offs. There is no optimal setup.
This setup turned out to be just about right, oof size large.
