Open in app

Sign in

Write

Sign in

Introducing Nunchuk: Multisig Made Easy

Hugo Nguyen
4 min readOct 31, 2020

Bitcoin, year 12.

Alice: This year sucks. You know what’s almost as bad as 2020?

Bob: Yeah?

Alice: Multisig is still scary.

Nunchuk: Hold my beer.

It’s somewhat ironic that for a technology that reveres decentralization as its central operating principle, Bitcoin still heavily relies on single point of failure as the dominant method of ownership. This despite the fact that the unique risk profile of digital assets desperately calls against such a practice.

The highest barriers are technical challenges. Multisig is not for the faint of heart. Many pitfalls await around the corner.

Did you back up all your seeds? Do you need seeds? Are you sure the signing devices use the same derivation path? What about that change address? What do you mean you lost your device in a boating accident? Oops, some vendor has just made an update that bricks my setup.

And the list goes on.

What if we tell you you don’t have to worry about any of this anymore. What if there’s something. THAT. JUST. WORKS.

Say hello to Nunchuk. The app that makes multisig feel like a walk in the park.

Nunchuk
Nunchuk

But before we talk about features, let’s talk about design philosophy.

If we were to design a multisig wallet today, what should our goals be?

Our answer:

  • It must be secure.
  • It must be seamless.
  • It must be future-proof.
  • It must go above and beyond to empower the user.

Let’s see how Nunchuk meets these goals.

  1. It must be secure.

Security starts by knowing our limits. We defer to specialists in the most security-sensitive areas.

That means delegating the task of managing private keys to single-purpose hardware.

That means sticking close to Bitcoin Core for consensus code, for standardness rules, for future upgrades. That means avoiding reinventing the wheel in Bitcoin-specific areas.

That also means ruthlessly cutting down on the number of software dependencies, because each dependency is a potential attack surface. That means going with the desktop first and not the browser. That means outside of Core, only using battle-tested software. We can’t completely eliminate all attack surfaces. But we can minimize them.

2. It must be seamless.

Going from a single signer to multiple signers necessarily requires some level of friction. The goal is to avoid further friction in every other part of the multisig process.

In the early days of Bitcoin, wallet vendors were often incompatible with one another, which complicated multisig setups. On this front, there have been great developments in the last few years, notably PSBT and the descriptor language. Both have greatly improved the ecosytem’s interoperability.

Nunchuk treats descriptors and PSBTs as first-class citizens. The consequence of this is that you can use Nunchuk with many different hardware vendors, or easily recover a multisig wallet created by Nunchuk on other wallet software such as Core.

Being seamless also means the ability to switch between singlesig and multisig use cases.

Nunchuk introduces a third type of wallet: an Escrow. It is a one-time-use multisig wallet specially created for the purpose of holding funds temporarily. With Nunchuk, you can easily move funds among these three types of wallets.

3. It must be future-proof.

It would be a shame if we design a brand new multisig solution, only for it to get outdated quickly by tomorrow’s protocol changes. Many multisig solutions in the past no longer serve us well, because they were designed at a time when tools were lacking, and ended up being needlessly complex. Multisig is bound to evolve further in the coming years.

Because Nunchuk stays close to Core code, it can immediately reap all the benefits of future protocol upgrades.

When Taproot is ready, Nunchuk is ready.

4. It must go above and beyond to empower the user.

Last but not least, we want to offer the user granular control over their wallet, and most importantly, their privacy. That’s why we invested time and effort to add support for things like coin control, replace-by-fee, personal server, TOR support, among others. The reason is simple: we ourselves are users of multisig. If someone else designs this app, these features would be high on our wish list.

That, in a nutshell, is Nunchuk.

Nunchuk’s mission is to make multisig the gold standard — no pun intended — for owning Bitcoin.

Nunchuk beta is now available for download at nunchuk.io. We look forward to hearing your feedback.

Keep stacking.

Bitcoin
Multisig

--

--

Hugo Nguyen

Written by Hugo Nguyen

1.8K Followers

https://twitter.com/hugohanoi

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams