Copay
Copay is a secure bitcoin wallet for friends and companies. Easy-to-use multisignature bitcoin wallet, bringing corporate-level security to ordinary people.
When friends or company executives join a Copay wallet, more than one person must sign every transaction. If your computer is compromised and your private keys are stolen, the bitcoins are still safe. This is in addition to state-of-the-art encrypted storage and communication.
This library is a standalone that you can use in both a browser and a node environment.
Before you start
Please check Copay Known Issues before using Copay with real Bitcoins.
Installation
git clone https://github.com/bitpay/copay-lib.git
cd copay
Install bower and grunt if you haven't already:
npm install -g bower
npm install -g grunt-cli
Build Copay:
npm install
bower install
grunt
For production environments:
grunt prod
Configuration
The default configuration can be found in the config.js file. See config.js for more info. This configuration could be partially overidden with the options set at the "Settings" tab.
Troubleshooting
Building on Ubuntu 14.04, gyp, Python
gyp_main.py: error: no such option: --no-parallel
gyp ERR! configure error
gyp ERR! stack Error: `gyp` failed with exit code: 2
Ubuntu 14.04 has Python 2.7, but gyp requires Python 2.6 (http://stackoverflow.com/questions/21155922/error-installing-node-gyp-on-ubuntu)
One solution is to use Copay with a Python version manager for 2.6.
Development
About Copay
General
Copay implements a multisig wallet using p2sh addresses. It supports multiple wallet configurations, such as 3-of-5 (3 required signatures from 5 participant peers) or 2-of-3. To create a multisig wallet shared between multiple participants, Copay needs the public keys of all the wallet participants. Those public keys are incorporated into the wallet configuration and are combined to generate a payment address with which funds can be sent into the wallet.
To unlock the payment and spend the wallet's funds, a quorum of participant signatures must be collected and assembled in the transaction. The funds cannot be spent without at least the minimum number of signatures required by the wallet configuration (2 of 3, 3 of 5, 6 of 6, etc). Each participant manages their own private key, and that private key is never transmitted anywhere. Once a transaction proposal is created, the proposal is distributed among the wallet participants for each participant to sign the transaction locally. Once the transaction is signed, the last signing participant will broadcast the transaction to the Bitcoin network using a public API (defaults to the Insight API).
Copay also implements BIP32 to generate new addresses for the peers. The public key each participant contributes to the wallet is a BIP32 extended public key. As additional public keys are needed for wallet operations (to produce new addresses to receive payments into the wallet, for example) new public keys can be derived from the participants' original extended public keys. Each participant keeps their own private keys locally. Private keys are not shared. Private keys are used to sign transaction proposals to make a payment from the shared wallet.
Addresses are generated using the procedure described on [https://github.com/maraoz/bips/blob/master/bip-NNNN.mediawiki].
Serverless web
Copay software does not need an application server to run. All the software is implemented in client-side
JavaScript. For persistent storage, the client browser's localStorage is used. Locally stored data is
encrypted using a password provided by the local user. Data kept in browser local storage should be
backed up for safekeeping using one of the methods provided by Copay, such as downloading the data into a file.
Without a proper backup of the user's private key data, all funds stored in the
wallet may be lost or inaccessible if the browser's localStorage is deleted, the browser uninstalled,
the local hard disk fails, etc.
Peer communications
In construction
Security model
On top of the communication layer, Copay peers encrypt and sign each message using ECIES (a.k.a. asynchronous encryptio) as decribed on [http://en.wikipedia.org/wiki/Integrated_Encryption_Scheme].
The identity key is a ECDSA public key derived from the participant's extended public key using a specific BIP32 branch. This special public key is never used for Bitcoin address creation, and should only be known by members of the WR. In Copay this special public key is named copayerId. The copayerId is hashed and the hash is used to register with the insight server (See SINs at https://en.bitcoin.it/wiki/Identity_protocol_v1). This hash is named peerId.
Registering with a hash avoids disclosing the copayerId to parties outside of the WR. Peer discovery is accomplished using only the hashes of the WR members' copayerIds. All members of the WR know the full copayerIds of all the other members of the WR.
Secret String
When a wallet is been created, a secret string is provided to invite new peers to the new wallet. This string is the peerId of the wallet creator, and it is necessary for the other peers to find the wallet. Once the other peers join, all public keys (copayerIds) are stored by each peer, so peers can find each other with out sharing extra information.
Wallet backups
Wallet funds can be restored using an old backups, since new addresses are scanned in the blockchain for transactions. The scan window is set to 20. However, if address bookmarks were created after the backup, or new transaction proposal were created, they will only be restored if one peer participating the wallet have them.