Creating a watch-only bitcoin wallet in Electrum

An Electrum watch-only wallet can help you verify deposit and change addresses being displayed in the Casa app.

Why we like Electrum

Electrum is fully open source, and one of the best-maintained and most fully-featured projects in bitcoin. We also like that you never need to load your private keys into Electrum.

It is important to make sure you always connect with a VPN to make it harder to associate your IP address with your BTC addresses. To avoid this risk entirely, as a best practice it is recommended to run your own Electrum server (instructions here).

While Electrum will display your unused derived "future" addresses, you should only deposit funds to either the current address that the Casa app is showing you, or previous addresses that you have deposited to in your Casa vault. "Skipping" addresses in your keyset and depositing to later derived addresses may cause the deposit not to appear in your Casa app. This is due to what's known as the "gap limit" issue where some wallets, ours included, do not automatically scan past unused addresses to determine a user's balance or transaction history. If this happens, you must make deposits of any amount to the empty addresses within the "gap."

See Mind the bitcoin address gap for more details on the gap limit.

What you need:

1. Laptop or desktop that can run Electrum. We like Ubuntu or PureOS, but Mac and Windows work just fine.
2. Android or iOS device running the Casa app
3. Your hardware devices
4. (Optional) Encrypted messaging app running on both devices. We like Keybase or Signal.

🛎️ A note for non-Casa customers: This process will work with any multisig wallet. Just collect the public keys from your wallet provider and begin at Step 2.

1: Export public keys and derivation paths

To build your watch-only wallet, you will need to get the extended public key for each one of your hardware devices. This step will walk you through the process to export the mobile key and Casa Recovery Key from the Casa app

How to export the public key for your Casa Recovery Key:

1. Open and sign in to the Casa app
2. Tap the vault you want to watch
3. Tap the key icon (top-right corner)
4. Tap "Recovery Key"
5. Tap "View Public Keys"
6. Tap "BTC Account"
7. Tap the Public Key beginning with "Ypub" to copy the key
8. Save it locally, or send it to yourself using an encrypted messenger

How to export the public key for your Mobile Key:

1. Go back to the home screen (Vault tab)
2. Tap the vault you want to watch
3. Tap the key icon (top-right corner)
4. Tap "Mobile Key"
5. Tap "View Public Keys"
6. Tap "BTC Account"
7. Tap the Public Key beginning with "Ypub" to copy the key
8. Save it locally, or send it to yourself using an encrypted messenger

1. Go back to the home screen (Vault tab)
2. Tap the vault you want to watch
3. Tap the key icon (top-right corner)
4. Tap "Hardware Key"
5. Tap "View Public Keys"
6. Tap "BTC Account"
7. Tap the derivation path to copy it, it will look something like "m/49/0/0"
8. Save it locally, or send it to yourself using an encrypted messenger
9. Repeat these steps for the "Home Key," "Office Key," and "Safe Key" if you have a 5 or 6-key vault

Once you've gathered the public keys and derivation path, transfer the data to the computer where you're setting up the watch-only wallet. Encrypted messaging services are a great option, or you can physically transfer the data via a USB drive. We do NOT recommend emailing the keys to yourself, since you risk exposing your account’s addresses to eavesdroppers. We also do NOT recommend trying to copy them out manually.

2. Download and verify Electrum

Bitcoiners have been targeted in attacks that use a fake version of Electrum, so we strongly recommend you verify the file's authenticity using GPG signatures. You can download Electrum from their site, and make sure you get the appropriate signature file and the developer's pubkey, too.

Linux:

• Open terminal:   CTRL-ALT-T
• Update software:   

  sudo apt-get update

• Install GPG:    

  sudo apt-get install gnupg2

• Open downloads:   

  cd ~/Downloads

• This location should have the Electrum download, the signature file, and the developers key
• Import signing key:   

  gpg --import ThomasV.asc

• Verify signature:   

  gpg --verify [electrum-sig-file.asc] [electrum-app-file]

Mac:

• Open terminal:   CMD-SPACE: Terminal
• Install Homebrew: https://brew.sh/  
• Install GPG:   

  brew install gnupg

• Open downloads:   

  cd ~/Downloads

• This location should have the Electrum download, the signature file, and the developer’s key
• Import signing key:   

  gpg --import ThomasV.asc

• Verify signature:   

  gpg --verify [electrum-sig-file.asc] [electrum-app-file]

Windows:

• Install GPG: Download and run installer
• Open cmd: WIN: Command Prompt
• Open downloads:   

  cd ~/Downloads

• This location should have the Electrum download, the signature file, and the developer's key
• Import signing key:   

  gpg --import ThomasV.asc

• Verify signature:   

  gpg --verify [electrum-sig-file.asc] [electrum-app-file]

3. Set up your watch-only wallet

Once you've verified your download, it's time to run Electrum.  The wallet setup process mimics the steps you took to set up your Casa account. This time, you'll be completing the process manually.

1. Open Electrum
2. Create a new wallet and give it a name
   
   
3. Select "Multi-signature wallet"
4. Select the appropriate number of cosigners (3 for the 3-key vault, 5 for the 5-key vault, 6 for the 6-key vault).
5. Select the appropriate number of signatures (2 for the 3-key vault, 3 for the 5-key or 6-key vault) and click "Next"
   
6.  Choose "Use a master key" and click "Next"
   
7. Paste the Casa Recovery Key's Ypub from the file or encrypted chat and click "Next" (Note: ensure there are no spaces at the end of the key or Electrum will not recognize it)
   
8. Mobile key (if applicable) - Choose "Enter cosigner key" and click "Next"
   
9. Paste the Mobile key's Ypub from the file or encrypted chat and click "Next"
   
10. Hardware keys - Connect your device, choose "Cosign with hardware device," and click "Next"
11. Select your device, and click "Next"
12. Repeat steps 10-11 for any remaining hardware keys
13. Enter the derivation path
    
14. (Optional) Set a passphrase, or leave both fields blank and click "Next"
    
15. (Optional) Set a password, or leave both fields blank and click "Next"
    

Electrum will now initialize your account and display your transactions. If you don’t see anything show up after a minute or so, that means something went wrong during the process and Electrum derived the wrong set of addresses, and you should try again.

4. Verify receive addresses

Now that you have your watch-only account active, let's verify your next receive address:

1. Open the Casa app
2. Tap your vault
3. If you have active subaccounts, select the appropriate account
4. Tap "deposit" to generate the next address
   
5. In Electrum, click the "Receive" tab at the top of the screen
6. Click "Create Request"
7. Click "Bitcoin URI" to populate the receive address by itself
   
8. The receiving address displayed on the right side of your screen should match the one in your Casa app
   
9. If you still do not see your Casa receive address, proceed to the next section to view all available addresses in Electrum

5. View multiple addresses

To avoid confusion, Casa only displays a single unused BTC receive address at a time. If you would like to prepare and verify multiple transactions at the same time, you can view all available receive addresses using Electrum:

1. Click "View" in the Electrum menu bar
2. Select "Addresses" to add the tab to your view
3. Click the Addresses tab

For any questions about watch-only wallets, or anything else related to your bitcoin security, please reach out to us here.