Multisig

The following KB article explains how to create and use a Haven Multisig CLI Wallet.
These instructions are based on a 2/3 multisig, meaning that out of a total of three authorized signers, any two are needed to make a transaction valid.

In short, these are the steps needed to create and submit a transaction, provided a multisig wallet has already been created:

  • Sync wallets A and B.
  • Export multisig key image from A.
  • Import multisig key image into B.
  • Generate TX from B.
  • Import TX into A, sign it there, then submit it.
Prerequisites

This article assumes that you have used the CLI before.
If this is not the case, it’s advised to first familiarise yourself with using the CLI. Please search for “cli” and “local node” in our KB pages to get started.

Create new wallet
  1. Download the latest CLI app.
  2. Run havend and make sure the daemon is fully synced.
  3. Each party (3 in this case) must create a new wallet using haven-wallet-cli (make sure background mining is NOT enabled).
  4. Exit the wallet and backup the seed and make a copy of the wallet files (in case you need to repeat the steps).
  5. Log back into the wallet and run the following commands:
    set enable-multisig-experimental 1
    set auto-refresh 0
Prepare wallets
  1. All parties to type the following command:
    prepare_multisig
    .
  2. Send the output to ALL other parties (use a secure platform like Element for sharing). The output should look like this:
    MultisigxV2R1TYQNzErUgssPfURuXVvEq1M4QfUgpBLrz2HXGKkyaonPCH8Kv6jQLqEGEXUtuJNjELcqLUNHKfEopDqtsyzz4sEbCWhtRanxGm8amKYDHmfFjRCVsR3Xmot8RGLp6WN5KQNLUEpsFNpePMkW8yomYrCFLpCkJ72fkjBUy1qx6TH8L3wQ
    .
  3. All parties to type the following command:
    make_multisig 2 <data1> <data2>
    where <data1> and <data2> correspond to the other parties’ data shared in step 7.

    The command should look like this:
    make_multisig 2 MultisigxV2R1TYQNzErUgssPfURuXVvEq1M4QfUgpBLrz2HXGKkyaonPCH8Kv6jQLqEGEXUtuJNjELcqLUNHKfEopDqtsyzz4sEbCWhtRanxGm8amKYDHmfFjRCVsR3Xmot8RGLp6WN5KQNLUEpsFNpePMkW8yomYrCFLpCkJ72fkjBUy1qx6TH8L3wQ MultisigxV2R1MG7sQpykJTv4RMEuyQV6m1FBX9zVMPXva3dragVUh9F9FjTTmJ4DLvUNP57njearPRbHnFv1NvKMeL1yQTdbcy7nQ1r4rDvJQzHhNvUeCFzAm6TLhwwjAiqfUBtS6ajBFZ8XVsGwLhCc1S3jK7ffsAKaRF9cLyEzJgpaXNShnrsY4hEK
    .
  4. Send the data generated in Step 8 to ALL other parties. The data should look like this:
    MultisigxV2Rn1LWRyU32PL2D4MnPtp4w5YFS6KTkanCW18adkxUTdMVJDaqQ9E1gsTRQJTZFADurxZb6w2amhCpHtWHPcykirrk3AE1AS65NxkJG4zRgQJF26m8obGa39AVDYicUsFrL3LRMHF2DUKKckJoYZcRbCUeNP4PBrExea3na2TUm7FEw995ZL5N9n7nVxysH6JdwLfDjXaWDotxZtyPn1ifXvgJHJctsFPP
    .
  5. All parties to run the following command (1st pass):
    exchange_multisig_keys <data1> <data2>
    where <data1> and <data2> corresponds to the other parties data shared in step 9.

    The command should look like this:
    exchange_multisig_keys MultisigxV2Rn1LWRyU32PL2D4MnPtp4w5YFS6KTkanCW18adkxUTdMVJDart7ZPUh6A328nPGtUi3hDQdFr8rNk2aSpMNquYHSbxNhNNpyt2fiGgAxt9woCBXsFtdhKm2dmqqY9qF6ewuBXCDLdJ6rYv1Lm7RyuLN4TQBBccBUesMH6FhGB4FcCncaRh8sEEqcXgR1gbZnEzG6tk81TAthWRqFCZTStSNgD9WJKG7F5 MultisigxV2Rn1LV1jgtbFBZQJTZFADurxZb6w2amhCpHtWHPcykirrk3AE15GGTSNN6328nPGtUi3hDQdFr8rNk2aSpMNquYHSbxNhNZ7Q48j4TRAauoTVenC5ZmsS8EViFdieeHtzgPFwrg9cgAX93F7g4UHyAd82BeTRZb3cxsLGQ3nTZb6ey2HN8dJa6Y8ssCniTd6Kchn4cWhS9Qqz38whxCDNYd7UJCpGCa3k1
    .
  6. Send the data generated in Step 10 to ALL other parties. The data should look like this:
    MultisigxV2Rn1WC6rFTBNJkY4qjHv8UYXGifkHemhyRJmXnNVtQY8dcx4T2fZBnnCy2iMAFVerhacP1UytUMaGyAN5N5XvnXqqY7fyYAaBX639tG4zRgQJF26m8obGa39AVDYicUsFrL3LRMHF3XFVxmv3XjngbXYY47EXY1BgZk6UYxBAN12Ep2ETqR6rpTvUB8QJmQkrdUpiiu146zoiHieUj2He4KwCgkPj9vK7Y
    .
  7. All parties to run the following command (2nd pass):
    exchange_multisig_keys <data1> <data2>
    where <data1> and <data2> corresponds to the other signatories data shared in step 11.
    This step should generate the multisig wallet and prompt you with the wallet address.
    .
  8. Compare the wallet address with all parties to ensure that they are the same.
    If they are not the same, something went wrong and you need to start again using the wallet files backed up in Step 4.
    .
  9. Type seed and back up the seed string, which looks like this (the multisig seed is different from the usual seed):
    020000000300000005cd2e5a01ef0830eb666b838d8402795ae8f24f6e3cf2068ff8e48899aed11f500473d4c3a9b9bb9451f19facfff91def79172ed466b808f9fa2173a25d149e4a1c1161be6c029b2c4d0ca5fc806ddc1d46edc7dc3d0727a68ad2f6d24bf6086d269cfd2255f73375939820a71802e25e12abd220271a16505059cb168ce90367c23b78dda9038037406aafa4e6d8ed363f998209ab2a6432c78e5597411a0fb43da66388574bda7edbe6122ee6e8ce987a5eb553ccf3cac170b8031448aa05436d4f88e749ea315b12c6c3b93e5905d63bd6f29df0ba3f4cc888318a1f49c45813af87c6d890797fd36bb2c61ec3f0cd009ec413d1e10d71b19e4f6b893381d6a58526d2f35a1726e847e4bed22ea71f7deb2dc7aff8c7c12505345af8611a
    .
  10. Close the wallet and back up the wallet files.
  11. One of the parties needs to send funds to the shared address.
  12. Log back in and sync the wallet to make sure funds have been received and confirmed by all parties.
Preparation for Sending
  1. To prepare for sending, Person 1 types the command:
    export_multisig_info <filename>
    <filename>
    is just a name for the file you want to export, it should be something simple.
    The file generated is called a Key Image, and is a snapshot of the wallet’s outputs.
    .
  2. Send the exported file to Person 2. Person 3 can also do this, but not required.
    .
  3. Person 2 and/or Person 3 downloads the file shared and places it in the same directory as the CLI app.
    .
  4. Person 2 or Person 3 types the command:
    import_multisig_info <filename>
    <filename>
    is the same file as that created in Step 18 and shared in Step 19.
    .
  5. Whoever imported the key image in Step 21, is now able to create a Transaction.
Sending
  1. Person 2 or Person 3 creates a transaction in the usual manner by typing:
    transfer <address> <amount>
    This will create a file called multisig_haven_tx which is sent back to Person 1.
    .
  2. Person 1 downloads and places the above file into the same directory as the CLI app and types the command:
    sign_multisig multisig_haven_tx
    .
  3. Once successfully signed, Person 1 types the following command to submit the TX:
    submit_multisig multisig_haven_tx
Notes

If Person 1 and Person 2 conducted one or more TXs and Person 3 wasn’t around, when Person 3 syncs the vault, it will not display the correct amount.

To solve this, Person 3 will have to import the latest Key Image shared in Step 19 from either of the participants using the command in Step 20. Once imported, Person 3 can do a “refresh” and the correct wallet balance will be displayed.

If it takes too long between preparing for sending (sharing key images) and creating the TX, the process may time out and you have to do this stage again.

Sources

https://resilience365.com/monero-multisig-how-to/

https://taiga.getmonero.org/project/rbrunner7-really-simple-multisig-transactions/wiki/23-multisig-in-cli-wallet

Previous Blockchain Bootstrap
en_GBEnglish (UK)