So, I have the "user seed," "user public key," "shared seed," "shared public key," and also a "coinbase public key." Can I transfer my Coinbase multisig wallet from 2016 into Electrum by following the steps outlined in this post?
I’ve got pybitcointools up and running with the sample data from another post, so I should be able to get my xprv. But I’m kinda lost on what the "child index" is supposed to mean.
I’ve spent a ton of time digging into this and want to make sure I’ve got most of it down before I start entering my info. Also, I’m a bit confused about the "shared seed" since my notes mention it being "shared seed (encrypted)." I’ve seen stuff about a vault password that encrypts it, but I’m not sure if I have that.
Any help would be appreciated!
To get the best eyes on this, I suggest you move this thread to one of the sub-boards where technical issues are being discussed.
At the bottom of the page, you will see a button that says "Move Topic". Click on that and select the appropriate board. I am not sure what's the best fit, but it could be either Bitcoin Technical Support or Wallet software > Electrum I think.
For you to understand, I have to quote from this thread, as I am not a Coinbase user.
Coinbase vault is 2-of-3 multisig wallet. Coinbase solely have one key, you solely has one key while both you ( Coinbase and you) have the third key. Which means you have two keys.
With your two keys you can move the funds.
Hope this is helpful.
If the "user seed" is his seed phrase or private key and the "shared seed" is the password-encrypted shared private key that o_e_l_e_o mentioned in the post you quoted, I guess you are right and he has the essentials to recover a 2/3 multisig wallet without having to contact Coinbase for further assistance.
You are absolutely correct, end users were not provided a seed phrase.
Upon the creation of a (multisig) vault, Coinbase provided the following:
(these are just random numbers formatted to look real, they are not valid)
# User seed: L3XCYcQ2pwY3YTuwyPXzWsvVtGnCp4zL2ajP3XQt2pVhPuKiVM7r# User public key: xpub661MyMwAqRbcEzdGMFKZXuVwbyHY2zKhiw6YFTrULfNBF53QVfXyoAiKMZKWkQA5444NXtLj9HP mgyN1xLCiJJ9dKAy4nLZJ87trHRnwUDb# Shared seed (encrypted): z3PCl3Goz8yXxYt9mx6I9B2YXNX7ulTU0O2a6T43OfjP23A2ahmwx72iJ# Shared public key: xpub661MyMwAqRbcEzdGMFKZXuVwbyHY2zKhiw6YFTrULfNBF53QVfXyoAiKMZKWkQA5444NXtLj9HP mgyN1xLCiJJ9dKAy4nLZJ87trHRnwUDb# Coinbase public key: xpub661MyMwAqRbcEzdGMFKZXuVwbyHY2zKhiw6YFTrULfNBF53QVfXyoAiKMZKWkQA5444NXtLj9HP mgyN1xLCiJJ9dKAy4nLZJ87trHRnwUDb
The lack of a seed phrase is what makes recovering a coinbase multisig vault as difficult as it is.
I am no python coder (not coder at all) but was able to get the code from this post on stack exchange https://bitcoin.stackexchange.com/questions/57207/how-to-derive-the-private-key-associated-with-a-coinbase-multi-sig-vault-address to produce something similar to the following:
(these are just random numbers formatted to look real, they are not valid)
Master Private Key corresponding to seed: xprvz3PCl3Goz8yXxYt9mx6I9B2YXNX7ulTU0O2a6T43OfjP23A2ahmwx72iJVkmTWy0ZmBZMZcIkVv bZteiiHkucAZFdK1m1kjfMB6542qggKOMaster Public Key corresponding to seed: xpub661MyMwAqRbcEzdGMFKZXuVwbyHY2zKhiw6YFTrULfNBF53QVfXyoAiKMZKWkQA5444NXtLj9HP mgyN1xLCiJJ9dKAy4nLZJ87trHRnwUDbExtended Private key at index 14: xprvz3PCl3Goz8yXxYt9mx6I9B2YXNX7ulTU0O2a6T43OfjP23A2ahmwx72iJVkmTWy0ZmBZMZcIkVv bZteiiHkucAZFdK1m1kjfMB6542qggKOWIF format of that key: 3OfjP23A2ahmwx72iJVkmTWy0ZmBZMZcIkVvbZteiiHkucADVDA
Not sure what exactly to do with the values produced from the user seed as that is only 1 of the signatures for a 2 of 3 vault but I will ask in Electrum.
The lack of a seed phrase isn't the most pressing issue right now. You can worry about how to turn the private keys (rather than seed phrases) in to a wallet later. The first thing you need to obtain is 2 of the 3 private keys.
You have the user seed private key. You will never obtain the Coinbase seed private key, since that was only ever held on Coinbase's servers. You have the shared seed private key, but it is encrypted. If you cannot decrypt it, then you will never be able to recover your wallet?
Do you remember the decryption password? If not, then the first thing you are going to have to do is to try to brute force it.
Agreed, not the most pressing issue. But the possession of a seed phrase as opposed to a "user seed" and a "user public key" and a "shared seed" and a "shared public key" and a "coinbase public key" and a password would simplify things incredibly and that is the frustration.
Not at any of you, obviously... In fact, I really appreciate all the responses I am getting.
I do not have the decryption password recorded so that may be an issue but the good news is I have the user seed and according to Coinbase's email, (refereced in this post) https://bitcointalk.org/index.php?topic=5316286.msg59002082#msg59002082
So I should be good, right?
I am sure there is a catch...
Pulling in from the other thread. If you take a look at constants.js you see:
So you my be able to download and tweak the .js files a bit to find what you need and change it.
I don't know enough about js and the app itself to be sure what would need to be changed. You would also have to find were the /addr is located and change it to /address and a few other things, but I don't see it as an impossible task. Just a long and annoying one.
-Dave
I was under the impression that Coinbase's multisig vaults have long been discontinued and they removed all support for them, and so this will no longer be an option. But regardless of what I think - have you tried this? It seems like it would solve all your problems if it is possible.
If you do not have the decryption key (and the above is not possible), then your options are limited to either brute forcing the decryption key so you can use the user seed and shared seed, or seeing if Coinbase will give you access to the Coinbase seed linked to your account (which seems highly unlikely).
If that ends up working, you will be the first person I know who gained access to a 2/3 multisig wallet by having only one of the private keys with two of them missing.
At this point, it can't even be considered a multisig solution. If it's possible for you to recover it with just your "user seed", I wonder if Coinbase could have done it on their end with just their "Coinbase seed" as well?!
I could potentially make the change you are suggesting to the js file and I am not necessarily opposed to long and annoying (you have no idea how much work I have put into this already). Unfortunately I am a terrible programmer and cannot read or write code well at all and I don't trust myself not to screw it up. On top of that, this is only step 1 and I don't even comprehend steps 2 or step 3-a or step 3-b
I can see my vault on coinbase and when I click "withdraw from vault" nothing happens.
I am not certain that I do not know the decryption key for the shared seed. Unfortunately, there isn't any way to "test" it.
So essentially what I need is to find someone that understands the decryption process discussed in the ReadMe on the coinbase multisig github https://github.com/coinbase/multisig-tool#bip38 since that is how coinbase decided to do it. and once I verify the password or verify I do not know the password, I could determine next steps... does that sound accurate?
That's not what is happening. Coinbase have the Coinbase seed and the encrypted shared seed. Usually the user would enter the decryption key (the "vault password"), allowing their browser to decrypt the shared seed giving them the necessary two out of three seeds in which to sign a transaction. Should the user have forgotten the decryption key, then they can instead just enter the user seed. At this point, they have access to the Coinbase seed and the user seed, again meeting the two out of three requirement.
I believe that the current vaults on Coinbase are completely different to the old multi-sig vaults, which is what you are dealing with here.
Have you tried entering your information in to their multisig vault recovery tool? Best to download this and go offline after it has scanned for balances for safety reasons. You should also be able to test your decryption key using it. https://github.com/coinbase/multisig-tool/blob/master/README.md
I understand that. However, OP doesn't have the shared seed or the decryption key that gets him the shared seed. He only has the user seed. He owns 1 element to make a successful recovery. The 2nd element to get the shared seed is the decryption password. He doesn't have it. Therefore, he doesn't possess 2/3 necessary requirements for recovery. If there is a way around all that by inserting the user seed in place where the decryption key goes, it defeats the whole security model of the vault. I would be glad for the user's sake if that works because it would give him access to his coins. But I am criticizing the set up and find it pointless.
Imagine having a passphrase-protected wallet and losing the passphrase. But instead of the passphrase, you can just insert your seed a 2nd time and get the same result? What's the point of the passphrase then? In both cases you only have 1 element that gives you access to coins that are supposed to be protected by two different layers of security. The seed + passphrase in the second example. The user seed and the decryption key in the first.
The second key he would use in a such a scenario is the Coinbase seed. This is available to him since he can access his Coinbase account. Usually he would provide the decryption key for the shared seed so he would have the Coinbase seed and the shared seed, but in this alternative situation instead of providing the decryption key he provides the user seed, giving him the Coinbase seed and the user seed. In both scenarios, he has 2 out of the 3 necessary seeds.
If seems, however, that since Coinbase have completely discontinued support for their multisig vaults, he can no longer access the Coinbase seed, so this method is not available to him. He has the user seed, and is going to have to brute force the decryption key for the shared seed to give him the necessary 2 out of 3 seeds.
Unfortunately, the coinbase multisig github tool is no longer functional (these two threads detail my attempts with it)
https://bitcointalk.org/index.php?topic=5316286.msg59002082#msg59002082
https://bitcointalk.org/index.php?topic=5316286.msg59002577#msg59002577
Instead of the bolded part, I assume you wanted to say 'shared seed'.
I guess we have to agree to disagree. The way I see it is that the security level here is onefold. With the one element he has (the user seed), he is able to unlock and gain access to all the other elements necessary for the recovery. More precisely, he was when the vault was still functional.
The Coinbase 'user seed' is nothing but a master password allowing you complete access to a vault that is supposed to be protected by two factors. It essentially is protected by different keys and multiple factors, but you can use the one key you have to find the other keys in order to have the 2/3 necessary seeds .
Would you be comfortable with the following "secure solution"?
The two of us set up a multisginature wallet. For simplicity, let's forget about the third key and public keys. We will have a 2/2 system. Let's call our keys user seeds. You have one user seed and I have the other. I don't know your key, and you don't know mine. Without the two keys, none of us can spend the coins in that address. Even though I don't know your key, I can just enter my user seed in the system and the wallet will reveal your user seed as well. Thanks to this incredibly secure setup, I now have 2/2 keys. How would you rate this scheme to store Bitcoin?
I have found a way to test decrypting the shared user seed and none of the passwords that I have work.
As I see it, my only option is to attempt to brute force the password used to (BIP38) encrypt the shared seed since coinbase is no longer signing tx, does that sound correct?
Looking into BIP38 brute forcing... the encrypted seed and public address (and dictionaries) are used for the process.
Another point of confusion for me... which address? Allow me to explain...
I have two transactions going into "My Vault" and each transaction went into a separate bitcoin address.
No, I didn't. I meant what I said.
The Coinbase seed is protected by the password and 2FA to his Coinbase account.
Let me try explaining it another way. There are three seeds:
Coinbase seed - stored by Coinbase. The user accesses this seed by logging in to their Coinbase account.
Shared seed - stored by both parties, but encrypted. The user holds the decryption key.
User seed - stored by the user.
Ordinarily the user would log in to the Coinbase account with their email, password, and 2FA, which gives them access to their vault with 1 of the 3 seeds. They would then provide the decryption key for the shared seed, giving them access to 2 of the 3 seeds (Coinbase and shared) and therefore the ability to make a transaction.
If the user had forgotten their decryption key, then instead they could log in to the Coinbase account to access the Coinbase seed, and then provide the user seed, giving them access to 2 of the 3 seeds (Coinbase and user).
Now, as Coinbase have discontinued support for these vaults and removed the Coinbase seed from OP's account, his only solution is to decrypt the shared seed and combine it with his user seed.
You seem to missing the fact that you couldn't just log in to a vault by providing either the decryption key or the user seed - you had to first log in to the associated Coinbase account. This is really no different than, say, TrustedCoin providing a second signature when you provide the necessary 2FA code.
It would seem so. Is it indeed BIP38 encrypted? It should start with "6P" if it is.
Yes, the encrypted shared seed starts with "6P".
but I am thoroughly confused, there is a single vault password and single encrypted shared seed... how does that correspond to two different public addresses?