HERE'S HOW TO GET FUNDS OUT OF A MULTI-SIGNATURE WALLET!
A LITTLE BACKGROUND
I was using Guarda for my BTC, specifically their multi-signature wallet with a buddy of mine. It was set up as 2of2, meaning we both had to sign off to send any BTC. For the last three months, there was a glitch with the BTC multi-sig wallets. Whenever I tried to create a transaction, my friend wouldn't see it and couldn’t sign it, which left my BTC locked up with no way to access it. Guarda's support kept saying they were "working on a fix" but after three months of the same old story, I decided to take matters into my own hands and do some digging. I found a way to retrieve my BTC from Guarda without relying on them, even though it was a multi-signature wallet. I couldn’t find any guides for my specific issue online, so I’m hoping this helps anyone else who might find themselves in a similar mess!
I actually made a post asking for help here: https://this forum.org/index.php?topic=5484405.msg63742098#msg63742098
Thought I’d share the guide for anyone who could use it!
THE SOLUTION
The fix was to create a raw transaction using a site like https://coinb.in. I managed to create, verify, sign, and broadcast the transaction all on that site. Doing this was a bit trickier since it was a multi-signature wallet, and I didn’t find any guides explaining this process anywhere.
So you had to go through this process because your Guarda BTC wallet was not showing the transaction for the other person and since he can not see it, he was not able to sign the transaction. It was not like you were able to sign it but other person could not because he lost the private key or does not have access of his private key.
Because of the glitch, we weren't sure if my side even signed it or not; but essentially, yes.
What happens is, I create the TX from my side, and it automatically appears on their Guarda client for them to sign.
In this case, I'd create the transaction, but nothing would appear for my partner.
Recovery was more confusing as inputting private keys alone on Electrum for example would not show our multi-sig wallet.
Also, we were not able to individually sign transactions putting our private keys onto electrum; we could only broadcast but not sign.
So we had to find another solution that worked - which is the above.
hello! I have a similar issue and am so glad to see your post even though it may not fully resolve my sitch.
My coins are also stuck using a 2/3 multi-sig format where only 2 of the 3 signatures are required between the 3 parties: Me, Customer, and the Marketplace.
Unfortunately, the marketplace was closing for business and they were providing redeem scripts for us to redeem our coins before the 90-day auto release. Since I couldn't broadcast the transaction successfully using the redeem script, I waited the 90 days and still do not see the coins in my wallet and it's been about 30 months since.
Sadly, I don't have the redeem script anymore, the marketplace is now SHUTDOWN permanently and therefore I wouldn't have the private keys of the customer or the marketplace inorder to complete the steps you've kindly provided at coinb.in.
With all that information, could you tell me if I'm still able to release the coins to my wallet somehow with only 2of the 3public keys AND my private key, as I do not have the private key for the customer and OP. IF NOT, could you please tell me what I would need in order to get it to release. I could be wrong but what I understood at the time was that after the 90 day waiting period, the transaction would be auto signed so I may only need my key to broad the transaction and release of the coins? That's just wishful thinking but if you have any validation or suggestion, please please let me know.
Thank you so much for your help in advance! =)
Danorion
I don't know what exactly the redeem script contain. But common 2-of-3 multi-sig address require 3 public key and 2 signature (which created with 2 private key) when spending it. In short, it seems to be impossible.
P.S. If you have further question, please create new thread on Bitcoin Technical Support board rather than continue reply on this thread.
Everyone should be very wary of any kind of javascript tool like this. The authors or someone who has "hacked" them can quietly change the code at any time, or it could quietly include online components that remain online even if you downloaded the script, even ones that don't become active until later. A billion dollars in eth was stolen from an exchange this year because they used a JS based "multisignature" wallet. Just downloading it right before you use it probably doesn't improve the security because they could have substituted it just before. Often malicious code sits out there on the internet live and active for months or years before anyone notices.
If it's your last option, then it is what it is, but don't think you're not handing your private keys over to some internet stranger-- because you are.
FWIW, if you can actually just get the private keys you can probably recover wallets like this with bitcoin core with no extreme difficulty and avoid the JS signing code vulnerability. But having not ever used Guarda I don't have a nice tutorial for you like this.