Put your xpubs
in the freezer.

Are you a 2-of-3 multisig enjoyer in need of an immutable backup of your extended public keys? You've come to the right place! Check out our FAQ page to get aquainted with the Icebox protocol.

   

back up your public keysxpubs

Back up your extended public keys in a place
that'll
xpubs in a place that will
never get lost -, the bitcoin blockchain!






← Back to Home

retrieve from backup

Can't find one of your extended public keys? Tell us the 
two that you remember, and we'll look for the lost one.
Can't find one of your xpubs? Tell us the two that you remember, and we'll look for the lost one.





← Back to Home

Your Questions, Answered.

Let's look at a commonly used multisig wallet: a 2-of-3 quorum. We need two keys to sign a transaction, meaning it's okay if one of the three gets lost. What not everyone knows, however, is that keys actually come in public/private key pairs, and while it's fine to lose a single private key, we absolutely cannot afford to lose its corresponding extended public key, or xpub for short. If we did, we'd be locked out of our bitcoin forever, Laura!

Currently there is no user-friendly way to back up public keys that will stand the test of time. While private keys can easily be translated into English words using BIP39 and stamped onto metal, few bitcoiners are protecting their precious xpubs with this same amount of effort and security. Most will store them on an SD card or solid state drive, but with a limited lifespan of only about 10 years or so, that's not enough time to protect your bitcoin for your grandchildren.

If you don't lose any of your private keys, you have no problem. But the whole point of having a 2-of-3 multisig wallet is that you're mentally prepared to incur up to one key loss. If your backup plan is to simply re-derive all of your public keys, you're ngmi.

All electronic media - hard drives, solid state drives, SD cards, CDs, even "the cloud" - won't last forever and cannot withstand fire, flood, water, or shock. For significant amounts of bitcoin, your best option is to use a metal engraver to etch your xpubs onto steel or alternately, use Icebox with the coldest storage there is - the immutable bitcoin blockchain.

For a 2-of-3 multisig wallet, Icebox creates three on-chain transactions to store each one of your xpubs in an OP_RETURN. Once these transactions are confirmed, they're not going anywhere, and your grandkids will thank you later.

Forget tail emissions or demurrage, Icebox is projected to singlehandedly support bitcoin's emerging fee market + security budget. Just kidding, Icebox only needs a one-time investment of 729 vBytes to protect your bitcoin for literal decades (centuries?) to come. Furthermore, nodes may choose to prune out OP_RETURN data should they need to save space.

Your data is safely encrypted. If you lose xpub1, you'll need both xpub2 and xpub3 to restore it. This also means that a single leaked xpub will not reveal to the world that you're a user of multisig and cannot be used to find the other two.

Icebox is open source, and we don't store your xpubs on our servers. Transaction fees are paid using BOLT11 Lightning invoices, so your privacy is protected from on-chain analysis, too.
But don't trust, verify! Icebox is not only an app - it's also a protocol. You can write your own implementation, or you can run our code locally.

Currently, Icebox supports 2-of-3 multisig wallets. However, if you ask D++ nicely, she may consider expanding compatibility to additional thresholds or even creating a custom backup just for you.

Your multisig configuration file contains your wallet's xpubs, derivation paths, and master fingerprints. Icebox has your xpubs covered, but what about the other parts? Fingerprints are less important, so it's okay if we omit them. Derivation paths, however, are an absolutely necessary part of your backup, therefore we strongly suggest sticking to an industry standard such as m/48'/0'/0'/2'.

Have a bitcoin company or application and want to integrate Icebox? Go for it! We'd love to see Icebox become an industry standard.

Icebox uses the following steps to back up xpubs in a 2-of-3 multisig wallet:
  1. Remove all prefixes (e.g. "xpub"), and decode your extended public keys from base58 into binary.
  2. Prepend each binary buffer with its corresponding new, shortened prefix:
    xpub: 0000h
    ypub: 0001h
    Ypub: 0002h
    zpub: 0003h
    Zpub: 0004h
    Three sets of 80 bytes of binary data are now ready to be encrypted and pushed into three separate bitcoin transactions.
  3. Using xpub1 and xpub2, create a 2-of-2 P2WSH multisig wallet.
    Send a transaction to the first receive address (0/0) of this wallet with an OP_RETURN containing xpub3 encrypted with SHA-256(xpub1 + xpub2).*
  4. Using xpub2 and xpub3, create a 2-of-2 P2WSH multisig wallet.
    Send a transaction to the first receive address (0/0) of this wallet with an OP_RETURN containing xpub1 encrypted with SHA-256(xpub2 + xpub3).*
  5. Using xpub1 and xpub3, create a 2-of-2 P2WSH multisig wallet.
    Send a transaction to the first receive address (0/0) of this wallet with an OP_RETURN containing xpub2 encrypted with SHA-256(xpub1 + xpub3).*
* Icebox uses AES-256 in CBC mode. Encryption keys are the SHA-256 hash of the two sorted, concatenated xpubs. The initialization vector (IV) is set to the first input of the transaction's 4 byte vout prepended to the first 12 bytes of its txid.
Acknowledgements: Portland HODL for his inspiration + love of P2MS.

← Back to Home