Casa Blog - Bitcoin Security Made Easy
Electrum coins from the Lydian empire, 6th Century BC (Source)

Editor's note: This post was updated on 4/30/2020 with instructions that do not require exporting public keys from the Casa app.

We built Casa to protect our clients from every risk imaginable.

That includes us.

As we all know, trusted third parties are security holes. That’s why Casa has never - and will never - claim to be one.

What’s a watch-only wallet?

Watch-only wallets provide bitcoiners with the means to safely monitor their balances and transactions, but only spend funds if hardware wallets are available.

They’re typically used for keeping an eye on cold storage funds or paper wallets, and can be created using public keys without ever needing to touch your private keys.  

Why do they matter?

As a Casa member, you can use a watch-only wallet to verify that the deposit addresses your Casa app is presenting to you are in fact controlled by your keys. This provides added assurance that you’re safe from a man-in-the-middle attack (e.g. a malicious code update misdirecting you to send BTC to an address controlled by another party).  These attacks are rare, and we do everything in our power to protect our clients from them.  By following this guide, you can also verify this personally.

Why we like Electrum

Electrum is fully open source, and one of the best-maintained and most fully-featured projects in bitcoin. We also like that you never need to load your private keys into Electrum.

🚨 Important Note: Unless you're running your own Electrum server, it is possible that by following the steps below, your total BTC balance could be gleaned by the third-party node that your Electrum client app is connecting to. In the past, we've  seen reports that blockchain analysis firms have run Electrum full nodes.  It's important to make sure you always connect with a VPN to make it harder to associate your IP address with your BTC addresses. And to avoid this risk entirely, as a best practice we also recommend running your own Electrum server (instructions here).

What you need

  1. Laptop or desktop that can run Electrum - we like Ubuntu or PureOS, but Mac and Windows work just fine
  2. Android or iOS device running Casa
  3. Your hardware wallets
  4. (Optional) Encrypted messaging app running on both devices - we like Keybase or Signal

🛎️ A note for non-Casa customers: This process will work with any multisig account.  Just collect the public keys from your wallet provider, and begin at Step 2.

To begin the setup, watch the video below or continue reading.

1: Export public keys and derivation paths

To build your watch-only wallet, you will need to get the extended public key for each one of your signing devices.  This step will walk you through the process to export the Mobile Key and Casa Recovery Key from Casa.

  1. Open your Casa app
  2. Select the multisig account from the top nav ("Key Shield" or "Basic Multisig")
  3. Tap the icon for the Casa Recovery Key
  4. Tap “View Public Keys”
  5. Choose “BTC Account”
  6. Tap the Ypub to copy the key
  7. Save it locally, or send it to yourself using an encrypted messenger
  8. If applicable, repeat steps 3-7 for the Mobile Key
  9. Tap on the icon for a hardware key
  10. Tap "View Public Keys"
  11. Choose "BTC Account"
  12. Tap the derivation path to copy it, will look something like m/49/0/0
  13. Repeat steps 9-12 for any remaining hardware keys

Once you've gathered the public key(s) and derivation path, transfer the data to the computer where you’re setting up the watch-only account.  Encrypted messaging services are a great option, or you can physically transfer the data  via a USB stick.  We do NOT recommend emailing the keys to yourself, since you risk exposing your account’s addresses to eavesdroppers.

2. Download and Verify Electrum

Bitcoiners have been targeted in attacks that use a fake version of Electrum, so we strongly recommend you verify the file's authenticity using GPG signatures.  You can download Electrum from their site, and make sure you get the appropriate signature file and the developer’s pubkey, too.

Linux:

  • Open terminal:   CTRL-ALT-T
  • Update software:   sudo apt-get update
  • Install GPG:    sudo apt-get install gnupg2
  • Open downloads:   cd ~/Downloads
  • This location should have the Electrum download, the signature file, and the developers key
  • Import signing key:   gpg --import ThomasV.asc
  • Verify signature:   gpg --verify [electrum-sig-file.asc] [electrum-app-file]

Mac:

  • Open terminal:   CMD-SPACE: Terminal
  • Install Homebrew:   /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
  • Install GPG:   brew install gnupg
  • Open downloads:   cd ~/Downloads
  • This location should have the Electrum download, the signature file, and the developer’s key
  • Import signing key:   gpg --import ThomasV.asc
  • Verify signature:   gpg --verify [electrum-sig-file.asc] [electrum-app-file]

Windows:

  • Install GPG:   Download and run installer
  • Open cmd:   WIN: Command Prompt
  • Open downloads:   cd ~/Downloads
  • This location should have the Electrum download, the signature file, and the developer’s key
  • Import signing key:   gpg --import ThomasV.asc
  • Verify signature:   gpg --verify [electrum-sig-file.asc] [electrum-app-file]

You should get an output that looks like this:

3. Setup your watch-only account

Once you’ve verified your download, it’s time to run Electrum.  The wallet setup process mimics the steps you took to set up your Casa account.  This time, you’ll be completing the process manually.

  1. Open Electrum
  2. Create a new wallet and give it a name
  3. Select “Multi-signature wallet”
  4. Select the appropriate number of cosigners (3 for Gold, 5 for Platinum and Diamond)
  5. Select the appropriate number of signatures (2 for Gold, 3 for Platinum and Diamond)
  6. Click “Next”
  7. Casa Recovery Key - choose “Use a master key” and click “Next”
  8. Paste the Casa Recovery Key's Ypub from the file or encrypted chat and click “Next” (Note: ensure there are no spaces at the end of the key, or Electrum will not recognize it)
  9. Mobile Key (if applicable) - Choose “Enter cosigner key” and click “Next”
  10. Paste the Mobile Key's Ypub from the file or encrypted chat and click "Next"
  11. Hardware Keys - Connect your device, choose “Cosign with hardware device”, and click “Next”
  12. Select your device, and click "Next"
  13. Select "p2sh-segwit multisig" and enter the derivation path from the file or encrypted chat and click "Next"
  14. Repeat steps 11-13 for any remaining hardware keys
  15. (Optional) Set a password, or leave both fields blank and click “Next”

Electrum will now initialize your account and display your transactions. If you don’t see anything show up after a minute or so, that means something went wrong during the process and Electrum derived the wrong set of addresses, and you should try again.

4. Verify receive addresses

Now that you have your watch-only account active, let’s verify your next receive address:

  1. Open Casa
  2. Tap the "Assets" tab at the bottom of the screen
  3. Select the appropriate account
  4. Tap request to generate the next address
  5. In Electrum, click the “Receive” tab at the top right of the screen
  6. You should see the “Receiving address” displayed that matches the one in Casa
  7. If it doesn’t match, and/or the address in Electrum is red, tap “New” in Electrum and check that address instead
  8. If you still do not see your Casa receive address, proceed to the next section to view all available addresses in Electrum

5. View multiple addresses

To avoid confusion, Casa only displays a single unused BTC receive address at a time.  If you would like to prepare and verify multiple transactions at the same time, you can view all available receive addresses using Electrum:

  1. Click “View” in the Electrum menu bar
  2. Select “Show Addresses”
  3. Click the Addresses tab
  4. Filter for “Receiving” and “Unused”

Funds sent to any of these addresses will show up in Casa, and you can copy multiple for batching transactions from an offline computer or an exchange that employs address whitelisting security.

Wrapping Up

Open source security is a team sport.

If you’re worried about what could happen should Casa ever be compromised, unavailable, or under attack, that means you're thinking about your security the same way we do every day. Using open source software like Electrum to verify your balances and receive addresses entirely outside of our systems helps maximize your personal sovereignty, and provides an important check on Casa. It's part of our "Can't Be Evil" design.

Still worried about your bitcoin?

If you still haven’t gotten set up with a Casa membership, you can get started here today.

Stay safe out there

Want more tips on staying safe and sovereign? Join the Casa Intelligence Briefing for news + developments impacting your personal security and privacy.