**Is An XMR Version of Nunchuk Wallet Technically Possible?** - eviltoast

Is An XMR Version of Nunchuk Wallet Technically Possible?

I’ve read about secret sharing as a means of doing multisig in Monero, and I know services like Haveno & RINO implement 2-of-3 wallets as a service (for exchange escrow and shared custody respectively). I’m interested in a different sort of implementation, one that doesn’t rely on a third party host.

Nunchuk.io, for example, develops a BTC wallet that allows multiple users to collaboratively create multisig wallets & share custody of bitcoin. They can sign/approve transactions via an integrated messenger (which is third party hosted, but doesn’t technically need to be afaik). This has multiple use cases, but it interests me primarily as a trustless escrow service between individuals.

As a non-programmer, I’m curious if anything about XMR secret sharing prevents the development of an equivalent application for Monero. Haveno and RINO have their own use cases, but I’d be more interested in something that can work between individual users without any third party company/service/platform.

@monero

  • Saki@monero.town
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    The fact that multisig was not widely used yet, was indirectly related to the unfortunate CCS Wallet Incident, which happened a few months ago, as well.

    @ErC (ErCiccione), a contributor, commented elsewhere a few days ago:

    This is a bit of a dog biting its tail. Multisig was shipped and has been live for a long time. Nobody really used it, so it ended up being unstable and full of problems, but that came out only relatively recently (couple of years ago) when services started to build on it.

    People are now saying, “If multsig had been used…” “should have” “could have” (Hindsight is 20/20 😢). Anyway, fluffypony replied, “when it reached a level of maturity (this year? late last year?) it should have been prioritized.”

    We can expect that multisig will be now more prioritized and to be carefully tested and tuned, soon to be available more generally, if not right now. So perhaps the answer to your question is, “No, but maybe soon…”?

    • チャノさん@mitra.anon-kenkai.comOP
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      1 year ago

      @Saki Interesting, thank you. Was the CCS wallet not using multisig the reason for the breach, then? I haven’t followed the incident in detail, I wasn’t sure what allowed the attacker access in the first place.

      • Saki@monero.town
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Nothing is sure. It might be skilled attacker(s), it might be simply bad opsec, or it might be an inside job. Several people think and say that we need to minimize trust via mltisig (in retrospect, this seems so obvious but that’s just hindsight).