just think about you use a marketplace with multisig. you have to enter your public key that the marketplace’s script can create the escrow address.
afterwards you look at the first number of the escrow address to check if it is a multisig address indeed, which was created. (normal addresses begin with 1, multisig with 3)
But what is about when the marketplace turns bad? they could change their script that you enter your public key like just before but now in background other public keys are used to create the multisig address. they could implant all their public keys to the creation of the escrow addresses and ripp everything off.
how can i check for this? how can i find out what public keys were used to create the multisig address?
- Finn asked 4 years ago
- last edited 4 years ago
- You must login to post comments