testshop icon indicating copy to clipboard operation
testshop copied to clipboard
verified publisher icon layters

Multisignature escrow implementation

Open layters opened this issue 3 years ago • 7 comments 

Details

Neroshop will provide three payment options:

  • Escrow (2-of-3 Multisignature wallet)
  • Multisig (2-of-2 Multisignature wallet)
  • Finalize (direct payment to wallet address)

2-of-3 multisig will be more centralized than 2-of-2 as it will require an intermediary or arbitrator which is likely to be a member of the neroshop team and a 0.5% fee will be charged for using this option.

With 2-of-2 multisig, both the buyer and seller must agree on the transaction in order for funds to be released to the seller. If either party disagrees and chooses not to sign a transaction then neither the buyer nor seller will receive the funds and the funds will be lost forever.

The finalize option allows buyers to send funds directly to the seller's wallet address without the need to use an escrow, but this option should only be used if the seller has a really good reputation and can be trusted.

References

https://monerodocs.org/multisignature/

https://web.getmonero.org/resources/user-guides/multisig-messaging-system.html

https://monero.stackexchange.com/questions/5646/how-to-use-monero-multisignature-wallets-2-2-2-3 (Very detailed explanation here)

https://moneroecosystem.org/monero-cpp/annotated.html (API Documentation)

https://github.com/woodser/monero-cpp/commit/24a39aa0d7031eb67f7c0c54a4a8e68af6c0ae5d#diff-ab7fcd670a816598297a08343122e2f938c6e0db94a258c4ed275eeec840aa37R20

https://taiga.getmonero.org/project/rbrunner7-really-simple-multisig-transactions/wiki/22-multisig-in-cli-wallet

https://taiga.getmonero.org/project/rbrunner7-really-simple-multisig-transactions/wiki/23-multisig-in-cli-wallet

Files

https://github.com/larteyoh/testshop/blob/main/test/escrow.cpp https://github.com/larteyoh/testshop/blob/main/test/escrow.hpp

Bounty reward

$1200 USD (paid in xmr)

This task must only be worked on after i2pd integration is completed

layters avatar Sep 13 '22 10:09 layters

Multisignature via Monero needs to be carefully considered as multiple vulnerabilities have been discovered within the implementation and is not fully supported by Monero yet?

  • https://www.getmonero.org/2021/12/06/vulnerability-multisig.html

Using the Monero v0.18.1.2 (latest) binaries using any mms command gives the following warning!

[wallet 44y8y5 (no daemon)]: mms info
Error: Multisig is disabled.
Error: Multisig is an experimental feature and may have bugs. Things that could go wrong include: funds sent to a multisig wallet can't be spent at all, can only be spent with the participation of a malicious group member, or can be stolen by a malicious group member.
Error: You can enable it with:
Error:   set enable-multisig-experimental 1

DonW16 avatar Oct 21 '22 08:10 DonW16

I wasn't even aware of this. If it is experimental then it may need further testing until we can use it for production.

Edit 1: The issue has been fixed as mentioned by a Monero dev here

Edit 2: The known issues were fixed but the experimental opt-in thing was added so people are aware that no guarantees are made about unknown flaws existing.

layters avatar Oct 21 '22 20:10 layters

By the way, thanks for noticing and pointing this out. I must say, you have a good eye 😉.

layters avatar Oct 21 '22 20:10 layters

No problem! Kinda strange how multisig is an experimental opt-in thing even though they're no current vulns for it? 🤔

DonW16 avatar Oct 22 '22 15:10 DonW16

It sure is. I guess the Monero team is just trying to be careful.

layters avatar Oct 22 '22 21:10 layters