Skip to content

Instantly share code, notes, and snippets.

@kdmukai

kdmukai/README.md

Last active March 30, 2024 16:12
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save kdmukai/b28f76dc6b350d569fe512040a330521 to your computer and use it in GitHub Desktop.
Save kdmukai/b28f76dc6b350d569fe512040a330521 to your computer and use it in GitHub Desktop.
Download ZIP
Unchained Vault using SeedSigner
Raw
README.md

Creating an Unchained Vault using SeedSigner

unchained.com

seedsigner.com

Create two new keys via SeedSigner

Standard seed creation via dice, picking bip39 words, or image entropy

Load keys into Unchained

  • Navigate to "Keys", "Upload new key"
  • Name your key:
    • Suggest you include the fingerprint in the name.
    • e.g. "Blah #1: abcd1234" (vault abbreviated name, key num, fingerprint)
  • Choose your hardware wallet:
    • Select Coldcard

Fake the Coldcard xpub export format

We use a stripped-down version of Coldcard's xpub export json format to get Unchained to accept our key's xpub.

Start from the template provided below.

In order to do this we'll have to read the SeedSigner's export xpub QR code using Sparrow and then paste that into the Coldcard json template.

In your SeedSigner:

  • Ensure that custom derivation paths are enabled:
    • "Settings" > "Advanced" > "Script types" > "Custom Derivation" checked
  • Ensure that BlueWallet is enabled in :
    • "Settings" > "Coordinator software" > "BlueWallet" checked
  • Load your key or select it from "Seeds"
  • Select "Export Xpub" > "Multisig" > "Custom Derivation"
    • Enter: m/45' (note the apostrophe!)
  • Select "Sparrow"
  • Begin the process to create a new wallet in Sparrow. Specify:
    • Policy Type: Multi Signature
    • Script Type: Nested Segwit (P2SH-P2WSH)
      • Note: This isn't the final script type the real wallet will use; this setting is just to force Sparrow to read our xpub in this stage.
  • Scan in the SeedSigner's xpub:
    • "Airgapped Hardware Wallet" > "SeedSigner" > "Scan"
    • Note the resulting:
      • Master fingerprint (should match that key's fingerprint listed in the SeedSigner)
      • Derivation path: (should be pre-filled to m/45')
      • xpub / Zpub

Manually edit the Coldcard json

  • Open the Coldcard json template in a simple text editor (don't use Word!)
    • Windows: Notepad
    • Mac: TextEdit
  • Paste Sparrow's "xpub / Zpub" field into the "p2sh" section of the Coldcard json template
  • Enter your seed's fingerprint in the "xfp" field
  • All entries must be surrounded by double quotes to be valid
  • Save the json file

Fix up the key in Sparrow

(this step is optional) Unchained takes the xpub you provide and derives a child xpub at: m/45'/0/0/0

We need to update Sparrow with the child xpub and deeper derivation path.

But first, in Sparrow:

  • Correct the not-yet-created wallet from above to script type "Legacy (P2SH)".

On the SeedSigner, from the Home screen:

  • Click into "Seeds" and select your key's fingerprint.
  • Select "Export Xpub" > "Multisig" > "Custom Derivation"
    • Enter: m/45'/0/0/0 (note the apostrophe!)
  • Select "Sparrow"
  • In Sparrow clear the key entry via "Replace".
  • Scan in the new child xpub:
    • "Airgapped Hardware Wallet" > "SeedSigner" > "Scan"
    • Note the resulting:
      • Master fingerprint (should be the same)
      • Derivation path: (should be pre-filled to m/45'/0/0/0)
      • xpub / Zpub (should be different from the original m/45' xpub)

Upload Coldcard json file to Unchained

  • On "Upload extended public key", select your modified Coldcard json file
  • Note: The displayed xpub will not match the original xpub you derived at m/45'; if you did the optional step above, you should see that displayed xpub matches the child xpub we just updated Sparrow with.
  • Click "next" and then "create"

Note: hold on to this modified json file for each key that you upload this way. This Coldcard json file is also how you do periodic key checks in Unchained.

Repeat the above steps to add your second key.

Create your Unchained vault

  • Click on "Vaults" in the left-hand menu
  • "New vault", enter vault name
  • "Select your keys": choose the two keys your just uploaded
  • "Review your vault": click the accept terms checkbox and "Create vault"

Download your vault's multisig wallet descriptor

  • On your vault's dashboard, in "Vault tools" click "View" for the "Wallet configuration file"
  • You'll see your new vault's details. Click "Download file" which sends the info to you as a json file.

Sparrow watch-only wallet: Option 1:

Finalize your watch-only wallet in Sparrow (this step is optional; assumes you did the optional Sparrow xpub update step above, too)

Note: Whether you use Option 1 here or Option 2 below, the final result should be identical in Sparrow.

Open the Unchained wallet configuration file you just downloaded in a text editor. Note that three keys are listed.

We'll use that to fill out the info for Unchained's key (Keystore 3). In Sparrow, under Keystore 3:

  • Click on "xPub/Watch Only Wallet"
    • Master fingerprint: copy the "Unchained" key's "xfp"
    • Derivation: m/45'/0/0/0
    • xpub: copy the "Unchained" key's "xpub"

You should now have your two child xpubs and Unchained's xpub.

  • Double check that the "Script Type" at the top is set to "Legacy (P2SH)"
  • "Apply" your changes to create the watch-only wallet.
  • Optionally encrypt your watch-only wallet on your local computer when prompted to "Add a password to the wallet"

Sparrow watch-only wallet: Option 2

Create a watch-only wallet in Sparrow from the Unchained wallet configuration file

  • In Sparrow: "File" > "Import wallet" > "Caravan" > select the json file you just downloaded
  • Accept the pre-filled name
  • Optionally encrypt your watch-only wallet on your local computer when prompted to "Add a password to the wallet" x

Confirm that your Sparrow watch-only wallet matches Unchained's wallet

In your watch-only wallet in Sparrow, click "Addresses" and note the first receive address at the top.

On Unchained

  • click on "Vaults" and select the vault you just created.
  • Under "Transact" click "Deposit" > "Show deposit address".
  • Verify that the deposit address matches your first receive address in Sparrow.
  • Note their instructions that you should NOT attempt any test transactions to this address.

Backup your "known good" wallet descriptor as a QR code

In your wallet in Sparrow

  • click on "Settings"
  • In the "Script policy" section, click the QR code icon at the far right
  • Click "Save PDF..."

The PDF has your wallet descriptor as a QR code that SeedSigner can scan in order to confirm your receive or change addresses when signing a transaction. You can also go to "Tools" > "Address Explorer" > "Scan wallet descriptor" to list receive or change addrs.

Raw
coldcard_xpub_template.json
{
"p2sh_deriv": "m/45'",
"p2sh": "YOUR MULTISIG CUSTOM DERIVATION PATH (m/45') XPUB GOES HERE",
"p2sh_desc": "",
"p2sh_p2wsh_deriv": "m",
"p2sh_p2wsh": "Y",
"p2sh_p2wsh_desc": "",
"p2wsh_deriv": "m",
"p2wsh": "Z",
"p2wsh_desc": "",
"account": "0",
"xfp": "YOUR SEED'S 8-CHARACTER FINGERPRINT"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment