On Monday, January 25th, 2021, Blockstream Green switched from nLockTime to CheckSequenceVerify (CSV) for the timelocks used in the multisig security for Bitcoin 2-of-2 accounts.
Timelocks Ensure Recoverability of 2-of-2 accounts
As standard, Blockstream Green uses a “Multisig Shield” that enables you to secure your Bitcoin wallets with two-factor authentication (2FA).
There are two multisig configurations when creating a new wallet in Blockstream Green: 2-of-2 by default and optionally 2-of-3. In either configuration, one of the keys is held on Blockstream’s servers. If you lose access to all of your 2FA methods, or in the unlikely event that Blockstream’s servers become permanently unavailable, a 2-of-3 wallet is easily recoverable because you have access to your own third backup key. A 2-of-2 wallet would lock your funds permanently; hence we use timelocks for these wallets to allow users to recover their funds.
nLockTime Challenges
There are a variety of timelock scripts available on the Bitcoin protocol. Originally, we used nLockTime in GreenAddress (the predecessor to Blockstream Green), which enables our servers to create pre-signed transactions that can only be spent after a certain number of blocks. We chose nLockTime because CSV was not available at the time—it was added to the Bitcoin protocol in a soft fork in May 2016.
In our case, we defaulted the timelock period to 12,960 blocks—around 90 days—with the timelock period customizable. The user could then use this pre-signed transaction combined with the wallet’s recovery phrase to recover their wallet without needing any input from Blockstream.
However, to ensure users could recover all of their funds without the server key, we needed to provide each user with a pre-signed transaction file for their entire balance every time they sent or received a transaction. In addition to the inconvenience, this also meant we required an email address from each user. While users can use pseudonymous email addresses, tying email accounts to Bitcoin accounts wasn’t ideal from a privacy perspective.
CheckSequenceVerify for Trust-Minimization and Privacy Improvements
CSV is an alternative timelock script that works a little differently. It secures the transactions at the input level instead of the output level (i.e., without a pre-signed transaction). In Blockstream Green, CSV ensures that any bitcoin you receive requires both keys to spend within 51,840 blocks (by default, around 360 days) and only one key (the key on your device) after this time.
You can customize the CSV expiry window to:
- 25,920 blocks ~ 6 months
- 51,840 blocks ~ 12 months
- 65,535 blocks ~ 15 months
This way, CSV trust-minimizes the recovery process by making it atomic and improves your privacy by no longer requiring an email address associated with the account.
CheckSequenceVerify vs nLockTime
Pros
- Trust-minimization: You will be able to recover your bitcoin without needing any timelock backup files from our servers. In fact, the receiving addresses now embed the timelock condition, assuring the recoverability of your funds from the moment you receive them. Advanced users can even check that a Blockstream Green receiving address is CSV-protected before receiving funds to it.
- Privacy: You no longer need to link any new accounts to an email address.
Cons
- Mixed nLockTime and CSV wallets: If you already use a 2-of-2 wallet (used by most users), you will have a mixture of nLocktime- and CSV-secured funds for a while. Any new funds you receive will be on CSV, and existing funds will be migrated from nLockTime to CSV as you spend them.
- Funds spendable with recovery phrase after timelock expiry: If you have 2FA set up and someone steals your recovery phrase, that person could now spend your funds after the expiry of the timelocks without the timelock backups (with nLockTime, they required both). To keep your funds secure from this threat, make sure you have 2FA set up and promptly follow any redeposit notifications from your wallet.
- Slightly more fees: The CheckSequenceVerify timelocks take up a little more space on the blockchain than nLockTime timelocks. As a result, transactions from Blockstream Green wallets will be 2% more expensive on average (Taproot should enable us to make some big reductions on this in the future).
Log In With the Latest Version to Activate
Only users logging in with the following versions or greater of Blockstream Green will be able to take advantage of CSV:
- iOS and Android: 3.4.3 and higher (latest is 3.4.7)
- Desktop: 0.0.6 and higher (latest is 0.0.9)