Can we get some clarity on different multisig markets?

There was alot of talk about how multisig is vulnerable to site runners on the "TE is a scam" thread, admin runs with the funds, even big proponents of it were talking as if there was some risk with multisig. Theres been alot of confusion surrounding it because so many sites are coming out with their own version of it, this is what i get from it but i could be wrong we need a better explaination of each version so people can know risks of using them:

Real 3 way mulitisig - having a ton of escrow does not benefit admin, they cant run with it because they only have 1 key to approve transaction, they cant redirect funds to themselves. Requires everyone have their own key

Two party multisig - to make it seamless for buyers admin takes control of buyer key, buyer uses site like normal escrow site and admin handles transaction. Since admin has two keys he can reconstruct the escrow and pay it to himself, so he can steal it, i think the new market 1776 is doing it this way, which other ones are like this?

Also we need alot of clarification on different multisig implementatons, like:

TMP - Has electrum plugin, makes it a three click process to manage keys and do orders.

Darkbay - Uses 3rd party payment system to do transactions

Blackbank - Requires using qt console and inputting alot of code, difficult for users to understand and manage

Torbazaar/bitwasp/cloud9/cannnabisroad/hydra - im guessing a mix of brainwallet.org key generator and qt console commands

Could someone write a multisig market guide?


Comments


[1 Points] multi_mania:

So far I've used two markets that offer 2/3 multisig transactions. I still buy from Agora though, but deep in me am convinced its a disaster waiting to happen. They're opsec has been very poor but its their traffic that takes me back there. Though am forcing myself to use multisig markets more and more as have been scammed at three different markets now. TorBazaar and Hydra almost work in the same way, with the only exception being TB at each step of the order, gives some multisig data to copy/paste on your bitcoin client to make the transaction smoother. I was a little intimidated by all the info at first but with two orders under my belt now, am convinced I've now got the hang off it. It's a shame the folks at TorBazaar refuse to advertise on reddit but they do a very good job with what they offer.

I cannot comment on the other markets that offer it, as I have not yet signed up with them, but will as I plan to check whats on offer. As for the security of the funds, all parties only sign with their "private keys" so in the event as such as with TorEscrow buyer and sellers can still transact off the market and settle their orders.

The only caveat I find with TMP is the fact that I had to download a plugin to use, and being as paranoid as I am, i will never get myself to trust downloading anything on tor esp from a DNM. Thats a big no no for me. I suggest to try out the various multisig markets and understand for themselves how it works. Aslo avoid posts from shill accounts from the markets that only work on standard escrow claiming how insecure multisig is, they have no clue whatsoever about how multisig works in reality.


[1 Points] multi_mania:

Just wanted to add DeepDot has a collection of multisig guides from the markets offering multisig and that would be a great resource to start with.


[1 Points] None:

According to DeepDot, BlackBank only requires QT console if finalizing outside of BlackBank. Based on the article, BlackBank uses "Real 3 way multisig".

Instructions (shortened) from the guide on DeepDotWeb:
Buyers
1. Enter your public key and your wallet address in case there is a refund
2. To release funds/retrieve funds after a dispute, enter your private key

Vendors
1. Enter your public key to accept an order and your wallet address where the funds get paid to when released
2. To dispute/retrieve funds after a dispute, enter your private key

According to the guide, the copy-and-paste QT console code is provided and only required in case BlackBank is shut down be LE or hacked.

Source: http://www.deepdotweb.com/2014/02/16/blackbank-market-now-offering-multisig-escrow/

Edit - original guide here: http://kth2mwuwlkezwziy.onion/wiki/index.php/Multi-Sig_Escrow#Buyer.27s_Guide

Edit 2 - DeepDotWeb's full list of markets and multisig guides: http://www.deepdotweb.com/marketplace-directory/categories/multisig-and-trusted


[0 Points] multimax:

Cloud9 is actually quite amazing in technical features. I have my bets on cloud9