How to retrieve Bitcoin Cash from a Copay multi signature wallet with missing signers

[rogerver]

I'm wondering if anyone else is in a similar situation or knows of a way to solve this.

I'm one signer of a Copay 3 of 6 wallet that had several dozen bitcoin in it at the time of the Bitcoin Cash hard fork.
I'm well aware of the Bitpay recovery tool, but in this case, two of the signers have lost their seeds.

Is there still a way to recover the Bitcoin Cash that was in these multi signature addresses when we only have four of the six seeds?

[martinmartin]

Edit 2: Nevermind, i though it was about a standard M of N multisig address created on Copay but reading that link https://github.com/bitpay/copay/blob/ma ... ig-wallets (shared on your reddit post by an user), i just understood that it was a different thing. HD multisig wallet (didn't even know those things were commonly used for multisig). My answer is now probably off topic, sorry.

----

I'm an amateur, but as far as i understand the m of n multisig process, to spend coins locked on a MofN multisig address, you must know the entire redeem script used to create the said address. which mean all the public keys he has to contain and the amount of signature required to spend the coins.
So if by "lost seeds" you mean that you only know 4 of the 6 public keys used to create the redeem script, you won't be able to spend those coins.
Note that if by the past, some of the coins stored on the said address have been spent, the redeem script is already on the blockchain (in the transaction scriptsig). You can retrieve it on a block explorer (like blockchain.info) and use it to craft a new transaction with 3 of the 4 seeds you still have to sign the said new transaction. Otherwise, and if you don't know the 6 required public keys, i'm afraid you won't be able to recover those coins.

SInce it's my first post here, i'll try to explain in details.

ABBC3_SPOILER_SHOW

I just want to say that i may have wrong, i answer with the knowledge i have. I'm an amateur and by no mean one of those "bitcoin experts".

So.
We have 6 (uncompressed) public keys (it's just there for the example, don't use them, they are empty)
alice
0469cfc33bfed0c3e573e1b3b26395f3cd86e4f7d357c2a325f4d0f44d39486fd9c70edb4126e035f617c8bbeae934325e173f4acf9001b73b5b3d79659777a29b
bob
04c894e9fb4aefd48ffcbc165b1926d0cb74ea39e279f20e966a78cca346358dfa053ed8f7e75790415dbf719a5d1e1ec9feaad0fa52497f5b8b5c92e717f0ce9f
charlie
049e3e61846822d308a233655bba8ca20fd92859a5e28914fc4049e1997b37212fe1c00d8c2aaf717c0be1e98ddd1f0b5f74bd180ce8997ea7b453a5e852646128
dave
04587d7b8f210294da8febae1915d8d1ffcb9b514b0ac7e7c67a6370f12dcee3cbec0f53021c9e48e19e7f3db8f524d75f0255645813fd54962a07bb6b6ff5ef2b
eve
0449cd6e102bf602ad4b7830c625ed26aebca8577e685691d4494f895904bfae4c8894d6398d495bc7773da6f81615ae29a810c8d6f09605ec1e961a61361065da
frank
04025ef509facb718363849676fdc6255341abacb4378f2da6a117da4a6ade1cd8feff2405dc5fbd2dcd09a32481449bc84d1b6e5e589810f0e64691ca7e31e674

We require that 3 persons (of the 6) must sign the transaction to be able to spent the coins.
The MofN redeem script will be:
53410469cfc33bfed0c3e573e1b3b26395f3cd86e4f7d357c2a325f4d0f44d39486fd9c70edb4126e035f617c8bbeae934325e173f4acf9001b73b5b3d79659777a29b4104c894e9fb4aefd48ffcbc165b1926d0cb74ea39e279f20e966a78cca346358dfa053ed8f7e75790415dbf719a5d1e1ec9feaad0fa52497f5b8b5c92e717f0ce9f41049e3e61846822d308a233655bba8ca20fd92859a5e28914fc4049e1997b37212fe1c00d8c2aaf717c0be1e98ddd1f0b5f74bd180ce8997ea7b453a5e8526461284104587d7b8f210294da8febae1915d8d1ffcb9b514b0ac7e7c67a6370f12dcee3cbec0f53021c9e48e19e7f3db8f524d75f0255645813fd54962a07bb6b6ff5ef2b410449cd6e102bf602ad4b7830c625ed26aebca8577e685691d4494f895904bfae4c8894d6398d495bc7773da6f81615ae29a810c8d6f09605ec1e961a61361065da4104025ef509facb718363849676fdc6255341abacb4378f2da6a117da4a6ade1cd8feff2405dc5fbd2dcd09a32481449bc84d1b6e5e589810f0e64691ca7e31e67456ae
In details:
53 (OP_3) the minimum signatures required
41 (public key length in byte)
0469cfc33bfed0c3e573e1b3b26395f3cd86e4f7d357c2a325f4d0f44d39486fd9c70edb4126e035f617c8bbeae934325e173f4acf9001b73b5b3d79659777a29b (alice's public key)
41 (public key length in byte)
04c894e9fb4aefd48ffcbc165b1926d0cb74ea39e279f20e966a78cca346358dfa053ed8f7e75790415dbf719a5d1e1ec9feaad0fa52497f5b8b5c92e717f0ce9f (bob's public key)
41 (public key length in byte)
049e3e61846822d308a233655bba8ca20fd92859a5e28914fc4049e1997b37212fe1c00d8c2aaf717c0be1e98ddd1f0b5f74bd180ce8997ea7b453a5e852646128 (charlie's public key)
41 (public key length in byte)
04587d7b8f210294da8febae1915d8d1ffcb9b514b0ac7e7c67a6370f12dcee3cbec0f53021c9e48e19e7f3db8f524d75f0255645813fd54962a07bb6b6ff5ef2b (dave's public key)
41 (public key length in byte)
0449cd6e102bf602ad4b7830c625ed26aebca8577e685691d4494f895904bfae4c8894d6398d495bc7773da6f81615ae29a810c8d6f09605ec1e961a61361065da (eve's public key)
41 (public key length in byte)
04025ef509facb718363849676fdc6255341abacb4378f2da6a117da4a6ade1cd8feff2405dc5fbd2dcd09a32481449bc84d1b6e5e589810f0e64691ca7e31e674 (frank's public key)
56 (OP_6) the total of public keys the script contain
ae (OP_CHECKMULTISIG)

That script is then computed with SHA256 then with RipeMD160. Those computations give us the hash1:
e552b89fce59a48ff73957b438282225fe02aa46

We then take the Bitcoin script hash prefix 05 and we add it at the start of the previous hash1:
05e552b89fce59a48ff73957b438282225fe02aa46

Now, we compute two time those bytes with SHA256 and get the hash2:
316a2f23ea5b77e024b8d66d38e9dbc2d1570dec533165304a3e07794aac9f26

We take the 4 first bytes from hash2 and add them at the end of hash1 to get:
05e552b89fce59a48ff73957b438282225fe02aa46316a2f23

Finally, we compute those bytes with Base64 and we get the address:
3NbZm3P43K3CyktRm9S171iJau5XRCgqTx

You can check here: https://coinb.in/multisig/

All that to say, when you send coins to a multisig address, you lock these coins with the hash we just computed and "stored" on the address.
To create a transaction spending those coins, you need to provide the redeem script in it for the transaction can be validated by the network. Before checking the signatures, every node compute the hash for the given redeemscript and check it with the previous transaction scriptpublickey which contain the locking hash. So, logically, if you have lost 2 of the 6 public keys used to create the redeem script, you wont be able to build the entire redeem script, get the right hash and therefor, wont be able to successfully spend the coins.

I hope i didn't given too much details or anything, i have a hard time to know when i have to stop .

Sorry if my english sound bad (not my native language blablabla ...).

Edit: With all that, i hope that i have correctly answered, i don't know if copay use a "standard" MofN mulstisig system or a different one.

[BayAreaCoins]

I'll ask Dooglus next time I see him.

[KirkU]

BayAreaCoins: I'm another of the signers in the situation rogerver described above. I'd be very interested to know if "Dooglus" had any helpful advice. Thanks for your help.

[rogerver]

Dooglus seems to hate me claiming that I lied about a transaction that was unconfirmed due to full blocks.

Dooglus, if you are reading this, I didn't lie or even misrepresent the facts.
If the blocks hadn't been full, both of my transactions would have sailed through, and whoever malleated the first transaction
wouldn't have had any effect if it wasn't stuck in the mempool for multiple hours until I tried to make my second transaction.

I'm not sure if he will be willing to help if he knows I'm one of the people being helped.
My impression is that he is a small block supporter.

[KirkU]

On a positive note; i think we are now 5 of 6 rather than 4 of 6, but if I understand the problem, that's not really much help. We need 6 of 6 to extract the Bitcoin Cash with the bitpay recovery tool, no?
Re: the rift between "small blockers" and "large blockers": (is that an American football analogy?) It's a shame the creator of BTC didn't foresee the problem of getting thousands of people to all support the same solution to the scaling problem; which problem he apparently was able to foresee.
"It's hard to think of everything" I think that's a famous quote, but I'm not sure how famous or who coined it. Maybe Yogi Berra
If there is a solution to this issue, I'm sure we'll find it. The Bitcoin Cash is still there, and not going anywhere, as I understand it.

[KirkU]

I was able to recover the BCH in the wallets in question. Woo Hoo!!!! Here is the method. I found it on the github site under BitPay/CoPay issues:

https://github.com/bitpay/copay/issues/6797

meinharrd commented on Sep 27
Issue

BCH balance remains 0.00 after wallet duplication from BTC. A manual address scan corrects the balance, but it's hard to figure out even for an advanced user that this step is needed. This feels like a bug.

Reproduce

Go to "Settings" > "Enable Support Bitcoin Cash" > Switch on "Support Bitcoin Cash"
Press "Scan your wallets for Bitcoin Cash"
Press "Duplicate for BCH" on the wallet that should contain BCH
New wallet created by duplication will display 0.00 balance, even if the wallet contains pre-1-August BCH

Work-around / fix

Go to "Settings" > "Wallets & Integrations" and select newly created BCH wallet
Select "More Options" > "Wallet Addresses" > "Scan addresses for funds"
Scanning completes, correct balance will be displayed (phew!)
Suggested solution

Automatically initiate an address scan after "Duplicate for BCH" is pressed
Environment

Tested on v3.8.2 iOS and Windows

[rogerver]

Thanks for posting how to do this!

I'll be trying it myself soon.

[OneChain]

Thank you for writing this, more people need to be aware.