Feature: key rotation

[bitcoinhodler]

I have a multisig wallet with four software BIP39 keys. In the Keystore panel is a "Replace" button.

What exactly does this button do? Obviously it replaces the key, but what happens to the previous key? Can I still find and sign UTXOs from the old keystore? If not, this button seems very dangerous, and there's no warnings in the UI about this.

I was expecting some kind of key rotation system, where replacing a key creates a transaction moving all UTXOs to the new set of keys.

When I replaced one key, all the old UTXOs were still shown in this wallet, which I find very confusing because they no longer belong to this new key set.

Perhaps replacing a key should first clone the wallet, so that the old wallet can still find the UTXOs from the previous key set?

[craigraw]

By default, Sparrow saves a cloned and dated backup of your old wallet every time you make a wallet change into the .sparrow/wallets/backup folder (you can disable this by unchecking the checkbox when entering the password to save the wallet). This makes changing a keystore much less risky, although it's true Sparrow does give the user more power than other wallets which don't allow changes to an existing wallet at all.

You should not be seeing old UTXOs that do not belong to the wallet when a keystore is replaced - did you click Apply after replacing the keystore? I've just tested and can't reproduce this.

Key rotation is certainly an option on changing a keystore - I will consider this further.

[bitcoinhodler]

This particular wallet (in testnet) does not have a password, and it seems that no backup was made when I replaced the key. At least, I cannot find anything but my one wallet's json file under ~/.sparrow-testnet/testnet/wallets (I ran with --dir ~/.sparrow-testnet).

I think I misspoke when I said old UTXOs are still there. This wallet had 0 balance, iirc, when I did the key replacement. But old transactions are still listed (under their original addresses, I assume, but did not verify).

It feels scary that UTXOs would disappear on key replacement. It is understandable to me, because I understand how wallets work under the hood, but to the average user this could be surprising and disturbing. They might assume it's only future receive addresses that would use the new key, while their current balance would stay the same. Seeing their balance go to 0 after key replacement could be panic-inducing.

[craigraw]

A warning is now displayed if the user saves a wallet which has existing transactions and where the wallet change will cause different addresses to be derived. Added in 9995947.

[bitcoinhodler]

I guess that's an improvement. What about the lack of a backup in my (passwordless) case?

It's still unclear to me what the use case is for key replacement without a key rotation transaction, at least if there are any UTXOs in the wallet.

[craigraw]

I guess that's an improvement. What about the lack of a backup in my (passwordless) case?

I've tried to reproduce this, but I can't. I get a backup every time the checkbox is ticked, password or not.

It's still unclear to me what the use case is for key replacement without a key rotation transaction, at least if there are any UTXOs in the wallet.

There's one (somewhat non-ideal) use case - some wallets use multiple script types on a single seed. Sparrow makes it easy to switch between these with one wallet (although really they should be different wallets IMO).

That said, I've kept the issue open to look at the key rotation feature in future.

[6102bitcoin]

@bitcoinhodler can you replicate the no-backup bug?

Outstanding Action: None
Proposed Priority: NA

[6102bitcoin]

Tested on Mainnet and I can't replicate a lack of backup.

[MDIMSMM]

I'm glad to see this chat here...
I have a ledger wallet that I really want to replace on my multisig. I've got the new hardware wallet all set up. I did the backup and so I replaced the ledger with my new seed phrase and wallet. The counter went to zero and everything disappeared, so I brought back in my backup, with everything still present...
Am I meant to transfer my btc from the old wallet multisig to the new one? I don't understand the point of "replacing" the single wallet if it just made a new multisig one.
I'm confused about what I should do at this point, because it looks like all the btc is still with the multisig and ledger signer.
Thanks for any help!

[craigraw]

Am I meant to transfer my btc from the old wallet multisig to the new one?

Yes, this is a limitation with script based multisig. Key replacement is not possible without creating a new wallet. A new proposal, FROST, aims to allow key replacement without creating a new wallet. It is still in draft however.

I'm confused about what I should do at this point, because it looks like all the btc is still with the multisig and ledger signer.

Unless you believe your Ledger's seed has been compromised, the simplest approach is to load the same seed onto your new hardware wallet. The multisig wallet will then work as before. If you don't wish to do this, you will need to transfer the funds in the wallet to the new multisig created by the new device/seed.

[MDIMSMM]

Ok, thanks, that's helpful.
As a general rule with Ledger's new software update, have you heard any rumours of the seeds being compromised?

That being said... I already got a new seed phrase set up for my new wallet. Can I change the seed phrase the wallet references?

[craigraw]

No, I've not heard of any Ledger seeds being compromised - I think it is safe enough to move the seed across.

Re the new wallet, it depends on the make and model, but in general it should be possible to re-setup with a new seed. For the Coldcard it certainly is.

[MDIMSMM]

Ok, thanks so much for your help!