bitcoin

How to Setup a Secure MultiSig Wallet on iPhone with Coldcard, Tapsigner and Nunchuk

Mario Dian Dec 13, 2022 12 min read
Photo by Mario Dian

Recently, I got my first Coldcard (I know I know) and bunch of other products from Coinkite because they finally solved my biggest issue.

I've been using Trezor devices from the very beginning and one thing that has always been frustrating was the lack of iPhone support. Running a hardware wallet with an iPhone is nearly impossible because of the Lightning (Apple's proprietary port, not the Bitcoin's payment network).

Coinkite got around this issue with their latest Coldcard MK4 by introducing NFC support.

While there are some valid security concerns regarding the NFC technology, stealing bitcoin from your back pocket via Coldcard's NFC is pretty much impossible.

Coldcard features not just one but two secure elements from separate vendors to store the private keys which never leave the device. On top of that, the device is protected by PIN. And because scanning Coldcard with an iPhone requires stable placement over Coldcard's NFC chip for a period of time, getting your bitcoin stolen from your back pocket while you're on the move is unlikely even if an attacker got hold of the PIN.

In this tutorial we'll have a look at setting up and using a 2-of-3 multisignature wallet in Nunchuk with Coldcard and Tapsigner on iPhone. I'm positive the steps should be similar if not the same for Android too. Let me know in the comments below!

You could likely set up a multisig wallet with Coldcard and Tapsigner on a computer but you'll need any of these NFC readers and Coinkite Tap Protocol. I will explore this option some other time, though.

Prerequisites

To set up a 2-of-3 multisignature wallet you will need the following:

Nunchuk

Install Nunchuk on your phone.

If you need to use their advanced features like collaborative wallets you can sign up anonymously with ProtonMail (ideally over Tor). If you don't know what collaborative wallets are or do, you can safely skip this step.

To enhance your Bitcoin privacy, I'd recommend you to connect Nunchuk to your own Electrum server.

How to Install an Electrum Server using Full Bitcoin Node and ElectrumX
In the event of a contentious hard fork and a possible coin split, user’s wealth may be in danger without a proper “replay protection” being implemented. This holds true even more so when a user runs a lightweight wallet such as Electrum. Electrum’s developer Thomas Voegtlin has published a documen…

To point Nunchuk to an Electrum server go to Account -> Network Settings and fill in the Mainnet server field. If your server runs over SSL you need to prefix the address with ssl:// like so:

ssl://my.electrum.server:50002

After setting up the server you will need to restart Nunchuk for changes to take effect.

Coldcard MK4

Have a look at the quick guide on how to set up Coldcard if you haven't done so yet. You can safely skip the last step "Connecting and transacting with Sparrow Wallet" as we are using Nunchuk as our wallet.

I assume you aren't completely new to Bitcoin but if so, please refer to this guide instead.

Last but not least, don't forget to enable NFC in Settings -> Hardware On/Off -> NFC Sharing -> Enable NFC.

Once you're done setting up Coldcard you can move on to the next step.

Coldcard MK4

Coldcard is the most trusted and secure Bitcoin-only hardware wallet.

Purchase Now

Add keys to Nunchuk

For a 2-of-3 multisignature setup, we have to add 3 keys of which 2 are needed to sign a transaction.

We'll add keys from both Coldcard and Tapsigner while the third key will be created directly in Nunchuk (however you can restore any existing wallet to Nunchuk such as Green, Bluewallet etc.).

#1 Add Coldcard key

Sign in to your Coldcard by connecting it to power and typing the PIN prefix.

Type in the rest of the PIN as long as you recognize the anti-phishing words. If the words don't ring a bell, the PIN prefix you used is likely wrong and you need to try again.

Once logged in, go to Advanced tools -> Export Wallet -> Generic JSON and click "OK" (the check sign at the bottom right corner) twice and press 3 after the JSON has been created.

You will see an NFC symbol on the device.

Go back to Nunchuk and tap Add a key at the top of the screen and then Add NFC Key -> Add COLDCARD. Tap Continue until you get to the Ready to Scan screen.

Rest the phone on Coldcard (I recommend you to put the Coldcard's case underneath the iPhone for stability) until Nuncuk finds the keys.

Then select the first option m/84h/0h/0h.

It's very likely that you won't be able to scan Coldcard's key on the first try due to a weak NFC signal. In that case, you'll have to repeat the previous process again and also fiddle with the phone's position.

The best way on my iPhone 12 mini is taking of its case and having the top left corner right underneath the button 5.

Place iPhone below the number 5. You may need to adjust horizontal position depending on your iPhone model

However, this is only true for adding the key. Signing a tx with Coldcard requires a different position (in my case), but more on that later.

Once you get past the scanning, name your key something like CCMK4, close the info screen and go to the next step.

#2 Add Tapsigner key

Fortunatelly, this step is a bit easier because iPhone has no issues scanning Tapsigner at pretty much any position on the right side of the card.

In the section Keys at the second half of the main Nunchuk screen, tap the + sign but this time tap Add NFC Key -> Add TAPSIGNER. Tap Continue on the Add a TAPSIGNER screen and scan Tapsigner with your iPhone.

If you've previously created a custom PIN for Tapsigner, just enter a custom name for the key e.g. Tapsigner, enter the PIN, and confirm by scanning the card again.

Otherwise, you'll be prompted to Set up CVC first. In that case please refer to the video below.

Set up CVC on Tapsigner

Once done, close the key info screen to go back to the Nunchuk's home screen and proceed to the next step.

TAPSIGNER

Secure NFC Bitcoin wallet that fits in your pocket. Affordable alternative to Coldcard.

Purchase Now

#3 Add a hot wallet key

The last key will come from a hot wallet either created directly by Nunchuk or imported from another wallet such as Green or Bluewallet.

✔️
As pointed out by Valentino Zertuche in the comments below, it might be a better idea to deterministically derive a new seed from Coldcard and importing it to Nunchuk, instead of creating it directly in Nunchuk. The reason is that there's no need to backup this seed as you can derive it at any point from the already backed up Coldcard seed. Feel free to use whichever is more convenient for you.

Let's create a new wallet.

Tap Add a key on Nunchuk's home screen again and then Add software key -> Create new seed.

You'll be presented with 24 words. Save them somewhere safe!

Never store seed digitally on your phone or a computer. Instead, write it on a piece of paper or use one of the many steel backup options available on the market.

How to safely backup your crypto savings

Never lose your coins to a hardware failure or thieves. Protect your bitcoin!

Get a FREE e-book

Once the seed is safely stored tap Continue, confirm random 3 seed words and go to the next step.

Create a name for the key e.g. Nunchuk or Hot wallet, and in the next step tap I don't need a passphrase (unless you want one).

Since we use this key as part of a multisignature setup, setting a passphrase doesn't necessarily add extra security in this case.

Now close the key info screen and proceed to the next step where we will finally be creating the multisignature wallet.

Create a 2-of-3 Multisig Wallet

After setting up the necessary number of keys for our desired setup we can move on to creating the wallet itself.

At the top of the screen tap Add a wallet and then Create a wallet.

All three keys are set

Create a name for the wallet e.g. Multisig. Move on to the next step, unless you want to set customized address and wallet types.

Select all 3 keys (CCMK4, Tapsigner and Nunchuk) and at the bottom of the screen under the Required keys choose 2 so that the Current wallet config says 2/3 Multisig.

Review the wallet setup in the next step and if you're happy with the settings tap Create a wallet.

You will be prompted to save a BSMS file that stores your wallet configuration. You can do it later (but don't forget to do it at some point if you plan on using this multisig wallet in real life).

In the next step, you will have to register the wallet with Coldcard.

In Nunchuk, tap Export wallet to COLDCARD -> Export via NFC and on your Coldcard go to Settings -> Multisig Wallets -> Import via NFC.

Scan the device with your phone. This may fail again so make sure you place the phone on Coldcard correctly.

Once finished, you will see a wallet review on Nunchuk. Click Done and go back to Coldcard and confirm the wallet creation with the "OK" button.

You now have a functional and secure 2-of-3 multisignature wallet on your iPhone!

Test the setup

Before loading a multisig wallet with all your savings, it's a good idea to test the wallet first with a smaller amount.

Receive bitcoin

Tap on the newly created Multisig wallet in Nunchuk and then Receive.

Send a small amount (e.g. $20 worth of bitcoin) to the address generated by your wallet and wait until it gets confirmed on the network.

Spend bitcoin

Once confirmed, lets send the amount out of the wallet.

Inside the Multisig wallet tap Send and select the amount (Send all in my case). Paste in an address of a wallet to which you want to send bitcoin to, add the note and click Create transaction.

The transaction is now created but you need to sign it first in order to broadcast it on the network.

#1 Sign with Coldcard

Lets sign with Coldcard first. In Nunchuk, tap Sign -> Export transaction next to Coldcard.

Now go to Coldcard, click Ready To Sign and check details of the transaction. Make sure the address and the amount is correct then press number 3 and scan Coldcard with your iPhone.

Once successful (don't forget you may need to play with the correct phone placement), Coldcard will display the transaction details one more time.

If everything seems correct, confirm it with the "OK" button and scan the device once again. This will transfer a PSBT (partially signed bitcoin transaction) by Coldcard to Nunchuk.

As mentioned earlier, you may have issues scanning Coldcard with your iPhone. I found that signing a transaction requires a different iPhone placement.

Please refer to the following photo for reference.

Correct iPhone 12 mini placement for signing a transaction with Coldcard

#2 Sign with Tapsigner

Finish the signing process with Tapsigner. In Nunchuk, tap Sign next to Tapsigner and enter the card's PIN. Scan the card with your iPhone to provide the second signature.

Once the transaction is fully signed, tap Broadcast transaction to send it to miners and other Bitcoin nodes.

If you can see the transaction in your receiving wallet it means that the 2-of-3 multisignature wallet has been set up correctly!

Congratulations, you can now use a hardware wallet on an iPhone with Coldcard and Tapsigner!

COLDCARD MK4

Coldcard is the most trusted and secure Bitcoin-only hardware wallet now with NFC support!

Get extra 5% discount by using the code "CKBTC" and purchasing with bitcoin.

Purchase Now (5% OFF)

Bonus

You may have noticed that I purposely shared 21/24 seed words of the Nunchuk wallet in one of the photos above.

As of the time of writing, the wallet contains ~$20 worth of bitcoin sent from the example multisig wallet. Whoever is able to figure out the 3 missing words is free to claim the coins!

P.S. the coins sit on the single signature wallet created with Nunchuk if that wasn't clear.

Update (2022/12/15): The coins have been claimed by a Czech Bitcoiner using a python script that he made!

I accidentally made the challenge easier by making 2 mistakes:

  1. Since the 24th word is a checksum you only really needed to find 2 words instead of 3 (there were only 8 possible words for the checksum instead of the full list of 2048 words). That's a maximum of 2048 x 2048 x 8 combinations.
  2. I disclosed the wallet's master fingerprint in one of the photos. The only thing that was necessary to do was to go through the missing words, generating a master pub key from each valid seed and checking it against the fingerprint. Had I not disclosed the fingerprint (nor the wallet address where the coins were sitting), he would have to check for the balance (with his node or a public block explorer) on the first generated address with each valid seed. This would have taken a lot more time.

Great job regardless and congratulations!

Found this valuable?

Please consider supporting us. Thank you!

Support us
WRITTEN BY

Mario Dian

I'm an Anarchist, Rothbardian, Bitcoiner and Travel Hacker. Also founder of @freedomnodecom.

Show comments