Yeah, that last point is a good one; there are other bitcoin inheritance services out there, but (I assume) they require KYC. KYC.... in and of itself..... might not be so bad.... IF they are willing and able to keep that information out of the hands of government; but I think that the level of tyranny around bitcoin has nowhere to go but up.... WAY up. Especially if there are big changes to the estate tax laws.
Great video just finished my setup. Probably wouldn’t have done this without your video. You mentioned adding a reference to using testnet but can’t find it in the show notes.
1. If I understand this correctly, NUNCHUK hold two keys by default: the TAPSIGNER key ("encrypted") and the fourth key. If the server got compromised, there would be enough keys on the server to move everyone Bitcoin. 2. Suppose I had intended for my child to receive the bitcoin when he turned 18 in 2035, but I died in 2030 and the company ceased to exist in 2032 without me being around to intervene. What would happen at that point?
1. The tapsigner key is basically useless blobs of data without the decryption key, which is in itself very robust and cannot be arbitrarily brute forced. Effectively, unless you voluntarily provided Nunchuk with the key, no one is accessing the funds. 2. I chat about timing in the video - I would advise not setting your inheritance date too far in the future (maybe 1 or 2 years) then updating it as that date approaches to bump it further out. That said, if Nunchuk ceased to exist, you could have a backup scenario where a note with the locations of your two other keys were passed on to your next of kin, along with the bsms file. Not the simplest thing for a newcomer, but they would be able to access the money through alternative software in that scenario.
Hello, this is an awesome video! I have an important question: * During the claiming process, assuming that all pre-requisites are met, what keep NunChuck from accessing the Inheritance after the Beneficiary enters the Magic Phrase and the Backup Key (the one printed on the back of the tap signer). In combination with the Platform Key, would NunChuck not have everything they need to get access to the Inheritance? (Platform Key + Magic Phrase + BackUp Key) Thanks so much!
Hello @MonedaBalanceada, The decryption process happens entirely locally on the claimant's device. At no point in time Nunchuk has access to enough keys to move funds unilaterally. Here's how a successful inheritance claim works in detail: 1. The encrypted backup file for the inheritance key is downloaded onto Beneficiary's device. 2. Decryption occurs locally on the device, using the Backup Password that the Beneficiary enters. 3. The recovered inheritance key is now in Beneficiary's device. 4. The Beneficiary selects a withdrawal address. 5. A sweep transaction is created. 6. The Beneficiary signs the sweep transaction with the recovered inheritance key. 7. The Platform Key co-signs the sweep transaction. 8. The sweep transaction is broadcast, which completes the claim. Hope this helps!
If I want to setup 3 different inheritance wallets through the honey badger plan, can I use the same cold card Mk4 for all 3 multisig wallets as one of the keys? Also, can I use the same mk4 for both of the required keys on a wallet?
Around 29:43 you briefly touch on the security questions for recovering the tapsigner's private key. Wouldn't this make someone vulnerable to a $5 wrench attack ? Meaning they could force you to answer these security questions and get access to a second key thereby accessing all your funds without the limits normally set up for a single key ?
Hi Chris, The Security Questions only act as second-factor authentication. To trigger a Tapsigner key recovery, you need to: 1. Re-enter your account password 2. Answer a Security Question 3. Enter the Backup Password printed on the back of the card. So having the answers to the Security Questions is not enough to steal keys.
@@chrisdickinsonch Since it's a 2-of-4 multisig, every spend requires 2 keys. If someone uses violence to force you to give up one key, they still need to access one of the other keys, which you should store in separate locations.
@@chrisdickinsonch To trigger a Tapsigner recovery, you don't need the physical card, but you do need a copy of the Backup Password printed on the back of the card. You would not want to store the copy of this Backup Password at your home, together with your main key. Basically, the rule is to never store 2 keys in the same location, ever. Whether it's the actual key or a backup to a key: they both count as a key. Hope that makes sense.
@@chrisdickinsonch I don't know what else to say. In a M-of-N multisig wallet, you are not supposed to store M keys in the same place. Otherwise it defeats the point of a multisig wallet. And the setup clearly explains you shouldn't be doing this. The best recommendation is to give the Tapsigner to their relatives for the inheritance key, and let the relatives back up the Backup Password. It's their key, their responsibility.
The time lock feature wherein your coins cannot be transferred for a period of time and the daily/weekly limit on transfers - is this a feature on the nunchuck app exclusively? I.e. if I were to import the wallet and use it in sparrow wallet would these restrictions still apply? Also, can a wallet be setup on the desktop instead of a mobile?
We support the most popular hardware signing devices on the market. Currently, the only requirement is that one of the keys (the inheritance key) must be a Tapsigner.
When your beneficiary claim the inheritance, the beneficiary provide the TAPSIGNER backup code on the Nunchuk wallet. What prevents Nunchuk to control the BTC and send them to any location, since they control 2 keys at this point: The platform key + the TAPSIGNER. Don't we have to "trust" Nunchuk to sweep the inherited BTCs to the location of our choice here?
The decryption process happens entirely on the Beneficiary's device. At no point in time Nunchuk the company has possession of the Tapsigner's private key.
@@HugoNunchuk This answers the only question that I had, and its a crucial one. I think this point should be made WAY more explicit both on the NunChuck page and in the @BTCSessions videos.
Cold Card will not load my micro SD. Keeps reverting back to Json selection. Brand new SD and works on my laptop fine. I went over the steps many times and the SD remains blank! Help.
You missed one critical point about security questions. Never answer them truthfully, rather create a random answer like you would generate a password and save the answer in a password manager (or a piece of paper).
The best inheritance plan is to give your heirs bitcoin now. They'll have someone to guide them through the process and teach them how to custody it. Just tell them "this is your share, please take care of it". If they unwisely choose to spend it, there's no more where that came from.
You would ideally set it to a rolling yearly date as I advise in the video. However, if something happened to you AND nunchuk in the same 12 month period, your contingency plan would be to have your BSMS file and two keys available to your family, perhaps by leaving a note/instructions with a trusted family member or an attorney. It's a few more steps, but they would be able to gain access. Up to you and your risk tolerance I suppose.
So am I correct in that if Nunchuk company or app disappears. It’s possible to recover my funds with the private keys for that wallets? If yes can someone please explain how you would go about doing this? I don’t want to be moving from a hardware wallet into a multisig only to find out my funds get locked into a contract because I company stops operating
@1980thebear: Nunchuk was developed using open standards, and you always control the majority of keys. That means if something happens to Nunchuk as a company, you can always recover the wallet using other wallet software such as Sparrow, and withdraw your funds using your own keys.
Is nunchuk really trustworthy? I started going through the wizard and adding my first key (the tapsigner). Once it was onde, Nunchuk asked me for my backup password to verify it, bla bla, which I provided. Now I'm really concerned as if they have this password on file, plus the Platform key, they'd have the power to move my coins. Unless there's a very good explanation for this, I'm not going through with it. A bit strange!
Did it ask you for the backup password or the pin code? My understanding is the app only needs the pin to verify the tapsigner. To recreate the key someone would need the backup file of the key (which nunchuk have) and the backup password on the back of the tapsigner which only you/beneficiary would have? Could someone confirm?
@@Samala19 You are correct. Only the owner/beneficiary has knowledge of the Backup Password. The backup verification process happens locally on the device and is optional (you can perform verification yourself without using the app).
There's a $10/mo 2 of 3 option as well called "Iron Hand". The version showed here (Honey Badger) would be equivalent to something like what Casa offers for $1800/yr.
@@BTCSessions hi, i dont think thats true, its a 2-of-4 "assisted" multisig wallets, 2 hardwarekeys + cloudkey + inheritance key. the higher casa tiers are 3-5, 3 hw + mobile key + cloud key.
@@qweqwe-wv9ed yeah you're right, both quite different but it's the closest equivalent on the market. Hardware costs in this video would total $250. If you did it with all tapsigners you'd be $120 all in on hardware.
The platform only holds 1 out of 4 keys in your assisted wallet, and never has custody of your bitcoin. You as the owner hold the remaining 3 keys and always remain in full control, even in the worst case scenarios.
Time Stamp:
0:00 - 4:53 - Intro / Sponsors
4:53 - 7:50 - Prerequisites
7:50 - 14:57 - Assisted Multisig Overview
14:57 - 45:20 - Multisig Setup (with Initialized Devices)
45:20 - 49:04 - Interface Overview
49:04 - 50:45 - Funding Your Multisig
50:45 - 54:26 - Sending with Nunchuk as a Cosigner
54:26 - 56:15 - A Quick Demo of re-importing your info to an air gapped Jade Wallet
56:15 - 1:00:17 - Back to our Transaction
1:00:17 - 1:02:08 - Changing Transaction Thresholds
1:02:08 - 1:06:41 - Sending with Two Keys
1:06:41 - 1:14:45 - Claiming Your Inheritance (A Workflow for your Relatives)
1:14:45 - 1:16:33 - Changing Your Inheritance Plan
1:16:33 - 1:20:24 - Nunchuk's Other Features
1:20:24 - 1:30:16 - Inheritance Setup Tips
1:30:16 - 1:34:44 - Final Thoughts
1:34:44 - 1:36:11 - Outro
Legend
@@BTCSessions no, thank you!
متشکرم
Nunchuk is the best mobile wallet, and one of the top wallets period. Thanks for the great tutorial.
a great guide on how to Inheritance plan with bitcoin using multi-sig
Fantastic tutorial, perfect amount of depth and detail. Very thorough. Thanks a LOT
Yeah, that last point is a good one; there are other bitcoin inheritance services out there, but (I assume) they require KYC. KYC.... in and of itself..... might not be so bad.... IF they are willing and able to keep that information out of the hands of government; but I think that the level of tyranny around bitcoin has nowhere to go but up.... WAY up. Especially if there are big changes to the estate tax laws.
What a great product from Nunchuk and a fantastic walkthrough! Thank you, Ben!
Awesome tutorial... Thx sir
Great video just finished my setup. Probably wouldn’t have done this without your video. You mentioned adding a reference to using testnet but can’t find it in the show notes.
thanks! great content
Great job Ben!
Great video, thanks
Fantastic video. So helpful.
Merci Ben
1. If I understand this correctly, NUNCHUK hold two keys by default: the TAPSIGNER key ("encrypted") and the fourth key. If the server got compromised, there would be enough keys on the server to move everyone Bitcoin.
2. Suppose I had intended for my child to receive the bitcoin when he turned 18 in 2035, but I died in 2030 and the company ceased to exist in 2032 without me being around to intervene. What would happen at that point?
1. The tapsigner key is basically useless blobs of data without the decryption key, which is in itself very robust and cannot be arbitrarily brute forced. Effectively, unless you voluntarily provided Nunchuk with the key, no one is accessing the funds.
2. I chat about timing in the video - I would advise not setting your inheritance date too far in the future (maybe 1 or 2 years) then updating it as that date approaches to bump it further out. That said, if Nunchuk ceased to exist, you could have a backup scenario where a note with the locations of your two other keys were passed on to your next of kin, along with the bsms file. Not the simplest thing for a newcomer, but they would be able to access the money through alternative software in that scenario.
Hello, this is an awesome video! I have an important question:
* During the claiming process, assuming that all pre-requisites are met, what keep NunChuck from accessing the Inheritance after the Beneficiary enters the Magic Phrase and the Backup Key (the one printed on the back of the tap signer). In combination with the Platform Key, would NunChuck not have everything they need to get access to the Inheritance? (Platform Key + Magic Phrase + BackUp Key)
Thanks so much!
Hello @MonedaBalanceada,
The decryption process happens entirely locally on the claimant's device. At no point in time Nunchuk has access to enough keys to move funds unilaterally.
Here's how a successful inheritance claim works in detail:
1. The encrypted backup file for the inheritance key is downloaded onto Beneficiary's device.
2. Decryption occurs locally on the device, using the Backup Password that the Beneficiary enters.
3. The recovered inheritance key is now in Beneficiary's device.
4. The Beneficiary selects a withdrawal address.
5. A sweep transaction is created.
6. The Beneficiary signs the sweep transaction with the recovered inheritance key.
7. The Platform Key co-signs the sweep transaction.
8. The sweep transaction is broadcast, which completes the claim.
Hope this helps!
thx Ben, 💯
If I want to setup 3 different inheritance wallets through the honey badger plan, can I use the same cold card Mk4 for all 3 multisig wallets as one of the keys? Also, can I use the same mk4 for both of the required keys on a wallet?
Hi Kevin,
Yes you can use the same Mk4 as one of the keys for all multisig wallets.
Around 29:43 you briefly touch on the security questions for recovering the tapsigner's private key. Wouldn't this make someone vulnerable to a $5 wrench attack ? Meaning they could force you to answer these security questions and get access to a second key thereby accessing all your funds without the limits normally set up for a single key ?
Hi Chris,
The Security Questions only act as second-factor authentication. To trigger a Tapsigner key recovery, you need to:
1. Re-enter your account password
2. Answer a Security Question
3. Enter the Backup Password printed on the back of the card.
So having the answers to the Security Questions is not enough to steal keys.
@@chrisdickinsonch Since it's a 2-of-4 multisig, every spend requires 2 keys.
If someone uses violence to force you to give up one key, they still need to access one of the other keys, which you should store in separate locations.
@@chrisdickinsonch To trigger a Tapsigner recovery, you don't need the physical card, but you do need a copy of the Backup Password printed on the back of the card. You would not want to store the copy of this Backup Password at your home, together with your main key.
Basically, the rule is to never store 2 keys in the same location, ever. Whether it's the actual key or a backup to a key: they both count as a key.
Hope that makes sense.
@@chrisdickinsonch I don't know what else to say. In a M-of-N multisig wallet, you are not supposed to store M keys in the same place. Otherwise it defeats the point of a multisig wallet. And the setup clearly explains you shouldn't be doing this.
The best recommendation is to give the Tapsigner to their relatives for the inheritance key, and let the relatives back up the Backup Password. It's their key, their responsibility.
The time lock feature wherein your coins cannot be transferred for a period of time and the daily/weekly limit on transfers - is this a feature on the nunchuck app exclusively? I.e. if I were to import the wallet and use it in sparrow wallet would these restrictions still apply?
Also, can a wallet be setup on the desktop instead of a mobile?
Great video! Does the honeybadger setup only allow air gapped or NFC wallets in the multisig? the website says they support most devices....
We support the most popular hardware signing devices on the market. Currently, the only requirement is that one of the keys (the inheritance key) must be a Tapsigner.
Including Ledger, Trezor and Bitbox02 (if you're looking for a wired key that can be connected to a computer via USB).
When your beneficiary claim the inheritance, the beneficiary provide the TAPSIGNER backup code on the Nunchuk wallet. What prevents Nunchuk to control the BTC and send them to any location, since they control 2 keys at this point: The platform key + the TAPSIGNER. Don't we have to "trust" Nunchuk to sweep the inherited BTCs to the location of our choice here?
The decryption process happens entirely on the Beneficiary's device. At no point in time Nunchuk the company has possession of the Tapsigner's private key.
@@HugoNunchuk This answers the only question that I had, and its a crucial one. I think this point should be made WAY more explicit both on the NunChuck page and in the @BTCSessions videos.
Cold Card will not load my micro SD. Keeps reverting back to Json selection. Brand new SD and works on my laptop fine.
I went over the steps many times and the SD remains blank! Help.
You missed one critical point about security questions. Never answer them truthfully, rather create a random answer like you would generate a password and save the answer in a password manager (or a piece of paper).
The best inheritance plan is to give your heirs bitcoin now. They'll have someone to guide them through the process and teach them how to custody it. Just tell them "this is your share, please take care of it". If they unwisely choose to spend it, there's no more where that came from.
The problem is privacy, centralized entity has your transaction history. It's certain state will get access to it
This is why it's a good thing there is no KYC required to use it, unlike other assisted multisig options on the market.
what if nunchuk is no longer around how would the inheritance work then
You would ideally set it to a rolling yearly date as I advise in the video.
However, if something happened to you AND nunchuk in the same 12 month period, your contingency plan would be to have your BSMS file and two keys available to your family, perhaps by leaving a note/instructions with a trusted family member or an attorney. It's a few more steps, but they would be able to gain access. Up to you and your risk tolerance I suppose.
So am I correct in that if Nunchuk company or app disappears. It’s possible to recover my funds with the private keys for that wallets?
If yes can someone please explain how you would go about doing this?
I don’t want to be moving from a hardware wallet into a multisig only to find out my funds get locked into a contract because I company stops operating
@1980thebear:
Nunchuk was developed using open standards, and you always control the majority of keys. That means if something happens to Nunchuk as a company, you can always recover the wallet using other wallet software such as Sparrow, and withdraw your funds using your own keys.
Is nunchuk really trustworthy? I started going through the wizard and adding my first key (the tapsigner). Once it was onde, Nunchuk asked me for my backup password to verify it, bla bla, which I provided. Now I'm really concerned as if they have this password on file, plus the Platform key, they'd have the power to move my coins. Unless there's a very good explanation for this, I'm not going through with it. A bit strange!
Did it ask you for the backup password or the pin code? My understanding is the app only needs the pin to verify the tapsigner. To recreate the key someone would need the backup file of the key (which nunchuk have) and the backup password on the back of the tapsigner which only you/beneficiary would have? Could someone confirm?
@@Samala19 You are correct. Only the owner/beneficiary has knowledge of the Backup Password.
The backup verification process happens locally on the device and is optional (you can perform verification yourself without using the app).
Holy guacamole! $450 per year for this. Not suitable for many I assume.
I agree a little excessive. Maybe they are going after higher net worth individuals
There's a $10/mo 2 of 3 option as well called "Iron Hand". The version showed here (Honey Badger) would be equivalent to something like what Casa offers for $1800/yr.
@@BTCSessions And bitcoin-only. No ETH BS.
@@BTCSessions hi, i dont think thats true, its a 2-of-4 "assisted" multisig wallets, 2 hardwarekeys + cloudkey + inheritance key. the higher casa tiers are 3-5, 3 hw + mobile key + cloud key.
@@qweqwe-wv9ed yeah you're right, both quite different but it's the closest equivalent on the market. Hardware costs in this video would total $250. If you did it with all tapsigners you'd be $120 all in on hardware.
Does this not just re implement counter party risk? And for the luxury of paying exorbitant fee's pcm?
Maybe I'm missing something...
The platform only holds 1 out of 4 keys in your assisted wallet, and never has custody of your bitcoin. You as the owner hold the remaining 3 keys and always remain in full control, even in the worst case scenarios.