Skip to content

BSMS (BIP-129)

🧙 Preview in Edge Version only!

COLDCARD® can act both as signer and coordinator in Bitcoin Secure Multisig Setup (BSMS). Read more about BSMS in BIP-129.

BSMS Tutorial#

Coordinator Round 1:#

  1. Navigate to Settings -> Multisig Wallets -> BSMS (BIP-129).

    bsms

  2. Select Coordinator.

    bsms

  3. Select Round 1.

    bsms

  4. Choose number of signers (N). Max is 15.

    bsms

  5. Choose threshold (M). Max is 15 but has to be smaller or equal to N chosen in previous step.

    bsms

  6. Select desired address format. Press OK to continue with native segwit (p2wsh) or press (1) to use nested segwit (p2sh-p2wsh).

  7. Select desired encryption type. Press:

    • (1) to use STANDARD encryption (one 8 bytes token for all participants)
    • (2) to use EXTENDED encryption (each participant gets a different 16 bytes token)
    • (3) to use NO_ENCRYPTION (no tokens, no encryption)

  8. Summary of coordinator round 1 and tokens, if any, are displayed. Press OK if correct or X, to abort.

  9. If coordinator wants to participate in current BSMS setup also as a co-signer, number (1) can be pressed here to use logical shortcut and immediately perform Signer round 1 with current active key (check signer round 1 from step 5. to the end). Press OK to continue normally.

    bsms

  10. If STANDARD or EXTENDED encryption was chosen, token file/s will be exported (SD/VDisk). Token file has pattern of bsms_{first four token hex characters}.token. There is a possibility to export via NFC as well.

  11. At this point BSMS coordinator round 1 is registered and visible in the menu. Menu item consists of {index} {M}of{N}_{addr_fmt}_{encryption_type}.You can click on it to see summary again if you choose Detail, or delete it if something went wrong during the configuration with Delete. Round 2 is also accessed from specific registered coordinator round 1.

    bsms

    bsms

Signer Round 1:#

  1. Navigate to Settings -> Multisig Wallets -> BSMS (BIP-129).

  2. Select Signer.

    bsms

  3. Select Round 1.

    bsms

  4. If STANDARD or EXTENDED encryption was used, import token. If no encryption was used press (2) to import token manually and then press (3) to choose unencrypted BSMS. When using encryption you can import token manually as hex or decimal number or choose classic way via SD/NFC/Vdisk.

  5. Select desired address format for correct SLIP. This step is completely optional as we use descriptors and SLIP does not need to be followed. If you do not have information from coordinator which descriptor type (address format) was chosen press OK for SLIP agnostic derivation path. If you want to follow SLIP and have info from coordinator, press (1) for native segwit (p2wsh) or press (2) for nested segwit (p2sh-p2wsh).
  6. Choose account number (derivation path index 3).
  7. Input desired key description as described in BIP-129 or press OK to use autogenerated ColdCard signer account {account number chosen in previous step}.
  8. Save generated signer round one file to SD card or Vdisk or share via NFC. EXTENDED encryption BSMS signer round 1 files have following pattern bsms_sr1_{first four token hex characters}.dat. Files from STANDARD BSMS do not contain token hex prefix bsms_sr1.dat and for NO_ENCRYPTION BSMS the pattern is: bsms_sr1.txt.

  9. At this point, new menu item is created in Signer menu that consists of {index} {first four token hex characters}. After clicking on particular signer menu item you can choose to view token with Detail, remove registered signer round 1 with Delete, or start signer round 2 with Round 2.

    bsms

    bsms

Coordinator Round 2:#

  1. Collect all signer round 1 files for current BSMS. It is absolutely necessary to have files from all signers that are participating in BSMS.
  2. Navigate to Settings -> Multisig Wallets -> BSMS (BIP-129) -> Coordinator.

  3. Select specific coordinator menu item created in coordinator round 1 and select Round 2.

    bsms

    bsms

  4. You will be prompted from where you want to import signer round 1 files (SD/VDisk/NFC).

  5. Next prompt is asking whether you want to try collect signer round 1 files automatically or proceed manually - picking each file on its own. Keep in mind that auto-collection is only possible if files are imported from SD card or Virtual Disk. If you have chosen NFC you need to provide files manually one by one. This could be really annoying if trying to create big multisigs. It is probably best to use SD/Vdisk in this case. Auto-collection also requires you to provide files in specific format and with other restrictions:

    • EXTENDED encryption BSMS - auto-collection requires you to have files in form of bsms_sr1_{first four token hex characters}.dat.
    • STANDARD encryption BSMS - auto-collection requires you to have files in form of bsms_sr1.dat. Keep in mind that if you have more signer round 1 files from different BSMS, there will be attempt to decrypt all of them. Best option is to have on the medium only those that are needed - but it is not necessary - will just take longer.
    • NO_ENCRYPTION BSMS - auto-collection requires you to have files in form of bsms_sr1.txt and you need to have only files from current BSMS on the medium. If you also have other files from different unencrypted BSMS on the medium, auto-collection will fail, as we have no idea which one to choose.

  6. If auto-collection fails - you will be prompted to add all the files manually, asked for specific signer round 1 file with first four characters of respective token (or you can exit here, adjust file names and try again).

    bsms

  7. After all signer round 1 files are imported and validated, coordinator round 2 file/s (descriptor) is/are ready for export via SD/VDisk/NFC. If STANDARD encryption is used, only one file is exported with pattern bsms_cr2.dat, if EXTENDED encryption is used, number of exported files will equal the number of signers (N) as each has its own token. It is needed to export files encrypted with each participant's own token. File pattern for EXTENDED encryption is bsms_cr2_{first four token hex characters}.dat. For NO_ENCRYPTION BSMS only one file is exported with pattern of bsms_cr2.txt.

Signer Round 2:#

  1. Navigate to Settings -> Multisig Wallets -> BSMS (BIP-129) -> Signer.

  2. Select specific signer menu item created in signer round 1 and select Round 2.

    bsms

    bsms

  3. Choose from where should be the coordinator round 2 file imported SD/VDisk/NFC and import it.

  4. If everything validates, you will be prompted to accept creation of new multisig wallet with name composed of bsms_{last four characters of descriptor checksum}. After inspection, press OK to approve multisig import or press X to cancel.

    bsms

  5. After confirmed import, signer menu item created in signer round 1 is removed and new multisig wallet is succesfully imported.

    bsms