Table of Contents
- ABOUT THE PROJECT
- GENERAL QUESTIONS
- How safe is the app to use? Is it still considered alpha/beta or safe enough to use it with real sats in a HWW or Specter-DIY multisig setup?
- What does WIP mean?
- What's the difference between Specter-desktop and Specter-DIY?
- Is a full node necessary for using Specter-desktop?
- Can I use pruned mode?
- I'm not sure I want the Bitcoin-Core wallet functionality to be used, is that mandatory? If so, is it considered secure?
- How many addresses does an HD wallet have, and are they all the same?
- I make unsigned transactions from my cold storage using a watching-only Electrum wallet. I use public servers instead of my own node because doing it "right" is too complicated for me. Specter may be an ideal alternative if it will connect to my headless bitcoind node. Will this be possible?
- What is the practical difference of using PSBT (partially signed bitcoin transaction) with multisig vs. just signing the raw multisig transaction normally?
- If the Bitcoin Core instance we are connecting to already has a wallet, is it possible to load it via the UI if we know the name, and could we import a .dat file?
- How are Bitcoin Core mnemonic seeds created? With Core there's only the option to backup the wallet.dat file, so how does specter-desktop transform the wallet.dat file into a mnemonic seed?
- Why when I export a multisig wallet from specter-desktop (settings > export > copy wallet data) created from devices with only segwit ZPUBs, do I get a data structure with expected segwit derivation paths but XPUBs instead?
- Does Specter have coin control?
- USAGE
- How do I run the app?
- How do i verify the signatures of the binaries?
- Where do i find the logs?
- What types of ways can I run specter-desktop?
- Devices? Wallets? What is the difference?
- What do I need to do in order to create a multisig wallet?
- Is my understanding correct that specter-desktop does not hold any keys and you need to create a multisig wallet in order to sign transactions and send funds?
- How would one sign with Electrum? Do I need to create multisig wallet in Electrum first or can I create it with specter-desktop?
- Can I use Ledger and ColdCard multisig while CC remains air-gapped?
- Can I use Bluewallet with Specter DIY?
- Which hardware wallets are supported?
- Can this also work with external nodes like Casa, MyNode, and Raspilitz?
- Can I use Tor?
- How to set the URL for the block explorer?
- I forgot my password, how can I reset it?
- BACKING UP FUNDS
- If something happens to the
~/.specter
folder, is it still possible to restore access to multisigs created there (assuming there is no backup of the~/.specter
folder)? - To recover a multisig that was built on specter (eg: 2 of 3 with ColdCard), is having the seeds of all 3 signing wallets sufficient or do we need to backup more info?
- If something happens to the
- SPECTER-DIY
- What does the Specter-DIY consist of?
- Is specter-DIY safe to use?
- I'm wondering what if someone takes the device? How does Specter-DIY approach this scenario?
- Currently there is a
specter_hwi.py
file, which implements the HWIClient for Specter-DIY. Is there any reason you didn't add that directly to HWI? - Do you have a physical security design?
- Is there a simulator I can try the Specter-DIY with?
- Is there a goal to get Specter-DIY loading firmware updates from the SD card?
- Can Specter-DIY register cosigner xpubs like ColdCard? I know you wipe private keys on shutdown, but do you save stuff like that?
- Once you add the javacard (secure element) you'll save the private keys, too?
- TROUBLESHOOT
- The AppImage is not starting on Debian 10
- I have issues connecting my Hardware-Wallet via USB?!
- How to upgrade Specter-desktop?
- How can I access the web interface if it's hosted on a headless computer?
- Keep getting: No matching distribution found for cryptoadvance.specter
- Even after upgrading to python3 it's still looking at 2.7 version. I uninstalled 2.7, so not sure where to go next?
- I created an existing wallets but even after rescanning, specter couldn't find any (or not enough) funds?
- How to delete a wallet using a remote full node?
- Trying to connect specter-desktop to my remote node on my LAN few times but no success.
bitcoin.conf
has theserver=1
option, should there be something else since I get this errorProcess finished with code -1Error message: Failed to connect
message? - Backup files not showing when trying to load backups
- DIY TROUBLESHOOT
- HWW TROUBLESHOOT
- TECHNICAL QUESTIONS (not dev related)
- FUTURE FEATURES
- VIDEOS
- 1 Getting started with Specter-DIY and Specter-Desktop
- 2 Assembling Specter-DIY
- 3 Specter-DIY air-gapped open source bitcoin hardware wallet overview
- 4 Build your own bitcoin hardware-wallet YT series
- What is the difference between that project (DIYbitcoinhardware) & Specter? Is DIYbitcoinhardware sort of a prerequisite for Specter?
The goal of this project is to make a convenient and user-friendly GUI around Bitcoin Core with a focus on multisignature setup with air-gapped (offline) hardware wallets.
We first wanted to make a new hardware wallet (HWW), but after we understood that everything can be hacked, we decided to build a user-friendly multisig Desktop App and nice DIY Hardware Wallet.
Why is that good for Bitcoin?
- User: Better Security with multisig setup
- User: Better Privacy with own node
- HWW Makers: More HW wallets sold
- Node Makers: More Nodes sold
- Network: More nodes running
We can actually incentivize the Bitcoin community to run their own node with this user-friendly multisig & node setup!
"A specter is haunting the modern world, the specter of crypto anarchy."
The Crypto Anarchist Manifesto - Timothy C. May - Sun, 22 Nov 92 12:11:24 PST
Specter is that little ghost helping the sovereign cypherpunk to protect his property rights. We are aware of the vulnerability (Spectre) and know there is an infinite game against vulnerabilities. https://en.wikipedia.org/wiki/Spectre_(security_vulnerability) In Bitcoin Cold storage we can use multisig setups and different hardware wallets to mitigate these risks, while protecting our privacy by verifying transactions on our own node.
How safe is the app to use? Is it still considered alpha/beta or safe enough to use it with real sats in a HWW or Specter-DIY multisig setup?
It is watch-only (private keys are protected by HWW) and compatible with multisig in Electrum, so even if something breaks you always have a fallback option while we fix the bug. So go for it :)
We try to use default descriptors and derivation paths exactly for this reason - to be compatible with other wallets. Would be nice to keep it this way, but at a certain point we will need to diverge - for example when we add miniscript support.
WIP means that we don't try to be very backward-compatible at the moment. At some point we may change wallet storage format for example, and you would need to migrate using some script or create wallets from scratch. In this case, we would provide migration scripts.
Specter-desktop is a watch-only GUI software wallet running on Bitcoin Core using its wallet and full node functionality. Bitcoin Core tracks addresses, UTXO (unspent transaction outputs) and composes PSBT (partially-signed bitcoin transactions).
Whereas, Specter-DIY is a do-it-yourself hardware wallet from off the shelf components, that signs and broadcasts transactions using QR codes that forgets your private keys when powered off.
Yes, a Bitcoin full node is needed to provide all relevant data without relying on 3rd parties, and also for its watch-only wallet capabilities. However, Specter allows you to easily setup a (pruned-) node easily within Specter.
Yes, but if you have many older addresses you will need to re-download the blockchain in order to see your balance and transaction history, which will take some time. Since v0.8.0 there is a workaround as you can download history from an external blockexplorer which has privacy implications. Make sure to read the tooltip-hints when using that feature and also consider this question in the troubleshooting-section..
I'm not sure I want the Bitcoin-Core wallet functionality to be used, is that mandatory? If so, is it considered secure?
You don't need private keys in Bitcoin Core, but you need wallets to be enabled disablewallet=0
in your bitcoin.conf
file. And if you don't want that, make also sure you're not using the Hotwallet-Feature.
By default the gap limit is 20, but you can go to the wallet settings and import as many addresses as you want. If you know the wallet is old you may want to try importing many addresses (~1000), and then rescanning.
The order is the same, and the addresses are also the same as the address derivation process is deterministic for a wallet. Address index is a derivation index of the wallet, so the index and the address itself are connected.
I make unsigned transactions from my cold storage using a watching-only Electrum wallet. I use public servers instead of my own node because doing it "right" is too complicated for me. Specter may be an ideal alternative if it will connect to my headless bitcoind node. Will this be possible?
Yes, this is the plan - to use a HWW like ColdCard/Trezor with Specter DIY, with a user-friendly multisig Specter desktop app, which is connected to your own node for better privacy.
What is the practical difference of using PSBT (partially signed bitcoin transaction) with multisig vs. just signing the raw multisig transaction normally?
It gives you the ability to store the transaction temporarily before it is signed.
If the Bitcoin Core instance we are connecting to already has a wallet, is it possible to load it via the UI if we know the name, and could we import a .dat file?
Currently, you can create a hot wallet from within the specter-desktop UI, but at the moment it's not possible to extract XPUBs from the existing Core wallet, and without XPUBs change verification will break in all hardware wallets. Change address verification in multisig on a hardware wallet requires ability to check that change and inputs were derived from the same XPUBs. Without XPUBs all hardware wallets will show two outputs so you never know if the change output is actually change or not.
With that being said, wallets created by Bitcoin Core always use hardened derivations, so they don't have useful XPUBs - this breaks multisig address verification on hardware wallets and thus can't verify change addresses. Therefore specter-desktop is creating a Bitcoin Core hot wallet differently - it generates a BIP39 recovery phrase, loads XPRVs to Core and XPUBs to specter-desktop. Then it can be used as a part of multisig setup as usual.
The seed is generated by specter-desktop and then it's imported in a Bitcoin Core wallet, but instead of watch-only it's an XPRV imported using descriptors. More info on descriptors can be found here.
How are Bitcoin Core mnemonic seeds created? With Core there's only the option to backup the wallet.dat file, so how does specter-desktop transform the wallet.dat file into a mnemonic seed?
Specter-desktop generates a random mnemonic using Trezor's mnemonic package, then converts it to XPRVs and imports these keys to Bitcoin Core. This feature is very experimental at the moment and shouldn't be used for large amounts.
Why when I export a multisig wallet from specter-desktop (settings > export > copy wallet data) created from devices with only segwit ZPUBs, do I get a data structure with expected segwit derivation paths but XPUBs instead?
XPUB is a canonical representation that is supported by Bitcoin Core, whereas ZPUB is an invention of SatoshiLabs that got adopted by the industry, but not by Bitcoin Core. In wallet export file we export Bitcoin Core's descriptor, so it contains master keys in the format that Bitcoin Core understands. More info on descriptors can be found here.
Yes, Specter supports coin control. Go to "Send". Open the "Advanced" features - and down at the right you have "Select coins manually" bottom.
After following these steps You should be able to view it in a browser at: 127.0.0.1:25441/ If not, see Troubleshoot
There is a great tutorial here explaining it for specter-desktop. A more generic video from kryptokids is here.
There is a log-file called specter.log in the SPECTER_DATA_FOLDER in your user-directory. If you're having trouble finding that file in your harddrive, have a look at the tooltip in the settings/general/Loglevel item.
There are many ways how to run Specter:
- Specter on local computer, node on remote
- Specter on a remote node, web interface in local network or over Tor (but hardware wallets need to be connected to the node where Specter is running)
- Specter on a remote node, another Specter on your computer in "hwibridge" mode that gives access to your hardware wallets from the remote node (configurable whitelist)
It depends on your setup, and can be customized accordingly.
Specter-desktop makes many requests to Bitcoin Core RPC, so it works better from the same machine where Core is running, but remote is also possible. With that being said, by default Bitcoin Core RPC is connecting over HTTP, so everything including your RPC login and password are flying around as plaintext. You can use HTTPS and a self-signed certificate to fix that.
If you use hardware wallets and they are usb-connected to specter-desktop then you should take these precautions, but if they are air-gapped (ColdCard, specter-diy, cobo) - then you can use remote web interface.
The logic is that devices store keys, and you can combine these keys in different wallets like multisig or singlesig. So the same device can be used for a nested segwit wallet, native segwit, and many multisig wallets. The only requirement is that all cosigners in multisig wallets should be different devices. For some devices it makes sense to import keys, for example for another passphrase. However it's also possible (and recommended) to create a new device if you want to use a different passphrase for the same device.
XPUBs are needed (from HWW's, laptop with Electrum desktop wallet, Specter-DIY, etc.) in order to create a multisig setup, but don't worry it's in watch-only mode and it's your own full node! First you need to “add devices” that store keys for the wallet. After creating the devices, you have to create the type of wallet you want (2-of-2, 3-of-5, etc.) and select the corresponding devices/keys - you need at least two devices setup in order to create a multisig wallet.
Is my understanding correct that specter-desktop does not hold any keys and you need to create a multisig wallet in order to sign transactions and send funds?
As of late, you can also use a hot wallet as a signer with specter-desktop, but since it is so new it is not recommended. You can however use devices like Electrum wallet or FullyNoded for example (Electrum or Bitcoin Core can be air-gapped). This video is quite useful for using Electrum, and this guide is useful for connecting with FullyNoded.
How would one sign with Electrum? Do I need to create multisig wallet in Electrum first or can I create it with specter-desktop?
You need to create it in both wallets. When you start creating multisig wallet in Electrum it will give you the bech32 extended public key (ZPUB) where you can then add it to specter-desktop as well as other ZPUBS from other devices, and then add them to Electrum. After that you can start using Electrum as a signer. Full Electrum support is not out yet, but it should already work with files and copy paste of the transaction. See also this video for more details.
Yes you can use the ColdCard with its SD card without connecting it to the computer via USB. You just need to import the ColdCard public keys with SD card. Just after creating the multisig wallet, you should go to the wallet page, click on the Settings tab, then scroll down to the Export and click on the export to ColdCard option. It will download a file you can import with the SD card to ColdCard and show you a notification with the instructions on how to do this. This will allow the ColdCard to be “aware” of the multisig and sign transactions for it.
Yes you can use BlueWallet in watch-only mode and sign with Specter DIY. See it in action here
Any HWW with HWI, including USB HWW's (ColdCard, Trezor, Ledger, KeepKey, BitBox(2), CoboVault etc.)
Absolutely, as well as any other DIY bitcoin full, or pruned, node!
Currently Raspiblitz (https://github.com/rootzoll/raspiblitz), has explicit support and you can automatically install it as bonus-software. Also umbrel has it in the app-store. Mynode has it on Mynode premium. There are differences mainly on update-policy and update-freuency.
Yes there is a way to access specter-desktop over Tor from outside, here is the doc.
In the new version v1.3.0, there will also be the possibility to activate a tor-installation from within Specter-Desktop.
With that being said, beware that it's not practical yet to sign transactions via Tor:
- Specter-DIY needs the camera which is not available in the Tor-browser (yet)
- You could use HWI-wallets, but you would need to plug the wallet into the machine where specter-desktop is running on, but this is usually not the use-case you're looking for when using Tor.
This feature is optional and not needed for the wallet to function. It's only used for convenience in order to generate URLs for addresses. Technically, you can use any block explorer but that's not what you want to do, unless you want to try out the feature. Simply fill in https://blockstream.info/ to use that block explorer, but you will leak privacy doing that.
Check the .specter-folder in your home folder (or on your mynode/raspiblitz/...). There is a file called config.json
in there which has a line like this:
"auth": {
"method": "somethingInHere",
...
},
Depending on "what's written in somethingInHere
:
- If it's
rpcpasswordaspin
, you can lookup the password in yourbitcoin.conf
-file in a line likerpcpassword=YourPasswordHere
- If it's
usernamepassword
, you won't be able to recover the password but you can deactivate it by setting it tonone
- If it's
none
(or you just set it tonone
) you can login without any password. So hurry up with setting it again within specter.
If something happens to the ~/.specter
folder, is it still possible to restore access to multisigs created there (assuming there is no backup of the ~/.specter
folder)?
Yes, it's a standard multisig. So you can recreate it as soon as you have master public keys of ALL the devices - either with Specter, or Electrum.
If your ~/.specter
folder is gone and only one of your devices is lost
without a backup, then all your funds are LOST, even if you have a 1/4-multisig-wallet.
When using Specter and importing an old wallet you would need to re-scan the blockchain in the wallet settings page.
To recover a multisig that was built on specter (eg: 2 of 3 with ColdCard), is having the seeds of all 3 signing wallets sufficient or do we need to backup more info?
Having seeds is enough, but in case you lose one of the seeds it is also highly recommended that you also backup your XPUBs. You can go to the wallet settings and export it as json file, this file has all the information needed to find your funds. "Export to wallet" software should give you one json file with all information needed for the recovery of your watch only wallet later on.
It consists of:
- STM32F469 discovery board
- QR Code scanner from Waveshare
- Power Bank (small)
- miniUSB and microUSB cable
- Prototype Shield
- A few pin connectors
Shopping list link + assembly link Waveshare QR scanner is recommended as it has a good quality/price ratio.
Do not use it on mainnet yet unless it's only being used as one of the signers in multisig setup! But feel free to experiment with it on testnet, regtest or signet.
It supports passphrases as an additional security layer, but currently it has two modes of operation - agnostic when your secrets are not stored on the device and you need to enter recovery phrase every time you use the device, and reckless when it is stored on flash and can be extracted.
We are working on smart card support so you could store your keys on removable secure element in a credit card form factor, as well as an option to encrypt secrets with a key stored on the SD card. See this recently opened issue thanks to @Thomas1378 in the Telegram chat!
Currently there is a specter_hwi.py
file, which implements the HWIClient for Specter-DIY. Is there any reason you didn't add that directly to HWI?
Putting it into HWI means: "this is a hardware wallet people should consider using for real". Currently, we would strongly advice NOT to use USB with Specter-DIY, but to use QR codes instead.
We will make a pull request to HWI when we think it's safe enough. In particular when we will have a secure bootloader that verifies signatures of the firmware, and USB communication is more reliable.
No security at the moment, but it also doesn't store the private key. Working on integration of secure element similar to the ColdCard's (mikroe secure chip). At the moment it's more like a toy.
Yes. Specter-DIY in simulator-mode simulates QR code scanner over TCP, see here
At the moment we don't have a proper bootloader and secure element integration yet, but we're moving in that direction! I think SD card is a good choice, also QR codes might be possible, but we need to experiment with them a bit.
Can Specter-DIY register cosigner xpubs like ColdCard? I know you wipe private keys on shutdown, but do you save stuff like that?
Yes, we keep wallet descriptors and other public info.
With the secure element you will have three options:
- agnostic mode, forgets key after shutdown
- store key on the smartcard but do all crypto on application MCU
- store key and do crypto on the secure element
Last seems to be the most secure, but then you trust proprietary crypto implementation. Second option saves private key on the secure element under pin protection, but also encrypted, so secure element never knows the private key.
This is a known issue. See here. A questionable workaround might be to start with --no-sandbox
. The security-implications are beyond this FAQ. Please check the issues for more information.
- Make sure to not use the Safari-Browser. Chrome is the best option, Firefox should work as well.
- Make sure that your USB-cable is working. Often enough they are not working anymore.
- Also, make sure to upgrade to the latest firmware, ledger but also others are known to not work with specific older versions.
- On Linux, there is also something called udev-rules which have to be installed.
- Then, there might be confusion about the computer to plug it in. Do you run specter locally or on some remote-computer? Without the hwi-bridge, you need to plug your hardware wallet in the USB-port of the computer you're running specter on. If you want to use your computer and not the remote one, checkout the HWIBridge
This depends very much on how you've installed it in the first place. You might have it running on a node-implementation like nodl, RaspiBlitz or MyNode or you have it running on your desktop or laptop. MyNode doesn't support manual upgrade, but let's start with the laptop:
If you have downloaded a binary, simply do it again with the new version. If you have a pip-installation (and installed it as described), use this command:
pip3 install cryptoadvance.specter --upgrade
To check (before and/or afterwards) your installed version, you can use: pip3 show cryptoadvance.specter
You might want to wait until raspiblitz is providing an update. It takes longer but if you're not technically literate, that might be a better option. However, up from Version 1.6.1, Raspiblitz offers an update-possibility in the menu. Prior to that or as a part of troubleshooting-procedure, you can also do something like this:
sudo su - bitcoin
cd .specter/
. ./.env/bin/activate
pip3 list | grep specter
pip3 install cryptoadvance.specter --upgrade
pip3 list | grep specter
service cryptoadvance-specter restart
You can either set --host 0.0.0.0 python -m cryptoadvance.specter server --host 0.0.0.0
or configure nginx to forward connections from specific port to specter.
Alternatively, you can also define --port 80 if you want to have it on default http port of the computer.
One drawback though is that with http and external access you will not get camera scanning functionality. It is an issue if you are using specter-DIY as it's necessary to scan QR codes with signed transactions. To fix that you will need a self-signed certificate, we have a document on that here
Try pip3 install cryptoadvance.specter
Specter only works with python3, so use pip3 to install it
brew install python3
Even after upgrading to python3 it's still looking at 2.7 version. I uninstalled 2.7, so not sure where to go next?
Run it with the
command python3 -m cryptoadvance.specter server
- then it will use python3
I created an existing wallets but even after rescanning, specter couldn't find any (or not enough) funds?
Make sure you're using the right type of wallet. Specter is only supporting "Nested Segwit" and "Native SegWit". If you have an older wallet, where addresses are starting with "1" or "3", those funds won't be able to show up in specter. So, make sure you know which type of wallet you want to choose. Also, it's relevant whether you're watching enough addresses. By default only 20 addresses are watched. Maybe your wallet needs more so increase them in the settings-menu of the wallet. If you're running a pruned node, it's not possible to scan for the entire transaction history without doing a full re-download of the blockchain (IBD). Alternatively, we also support scanning for only the existing wallet balance (UTXO) which is very quick and supports both full and pruned nodes. However, for pruned nodes to support this feature, we must query some external data from an outside source (such as a block explorer, configurable by the user). This does not constitute a security risk, as the validity of the data can be verified against the hash existing on the pruned node itself, but can be a potential privacy risk, although it's possible to get the data over Tor to reduce the potential privacy leak. Yet, we still strongly recommend using a non-pruned-node (if possible) when dealing with older wallets.
You can't delete the wallet if you are using remote Bitcoin Core node - there is no RPC call to do it remotely. So, deleting wallet works only on the same computer.
You can also just delete the wallet manually. It's a folder in ~/.bitcoin
directory and in ~/.specter
as well.
Trying to connect specter-desktop to my remote node on my LAN few times but no success. bitcoin.conf
has the server=1
option, should there be something else since I get this error Process finished with code -1Error message: Failed to connect
message?
rpcallowip
and rpcbind
parameters need to be set in bitcoin.conf
When trying to load backups you are required to select the backup folders for either devices or wallets, you are NOT trying to select the JSON files. You can also select the specter-backup folder itself which will allow both devices and wallets to be loaded together. If you have issues doing this on the Specter app then try in browser instead.
Does anyone have any tips on mounting the power bank and QR code scanner to the STM32 board in a somewhat ergonomic manner?
Use the smallest powerbank possible.
Got stuck for a second because I wasn't safely removing my SD card reader, so the files were 0 bytes.
With achow's HWI tool, input and output PSBT are the same. And with Electrum 4, I get a rawtransaction, not a base64 PSBT.
I solved my issue, it turns out my PSBT needed bip32 hints (whatever that means) included. I can now open lightning channels straight from hardware wallet!
No, but you need to enable wallets! disablewallet=0
It specifes -rpcwallet
with every call to bitcoin-cli
We haven't tested it yet. We will work on the bootloader soon and try different update mechanisms. QR codes is one of them. Also considering SD card - might be easier as firmware is 1Mb, so it would require 1000 QR codes.
Yes it will be, and especially effective in "forget after turn off" mode. Then one could use it to split a secret for wallets that don't support it.
When CoinJoin servers and hardware wallets support proof of ownership: https://github.com/satoshilabs/slips/blob/slips-19-20-coinjoin-proofs/slip-0019.md
How to flash and set up an air-gapped hardware wallet that uses QR codes to communicate with the host.
In the video:
- Flashing the firmware
- Generating a new key
- Importing keys to Specter-Desktop software
- Using single-key wallets
- Creating a multisignature wallet and importing it to the device
- Signing multisig transactions
Specter-DIY hardware wallet:
- off-the-shelf components
- costs 100$ - assemble in 5 minutes
- no soldering
- forgets your private key when powered off
What is the difference between that project (DIYbitcoinhardware) & Specter? Is DIYbitcoinhardware sort of a prerequisite for Specter?
Specter is built on top of that micropython build. DIYbitcoinhardware is focusing more on the toolbox without actual application logic, Specter implements logic and GUI on top of it.
Yes, that's why the video was recorded - to give some introduction about the tools we use, and hardware wallets logic in general.