Hello,

We are using a contract with multsig signature on our ledger.
Since 1 month, we can add a new user and he cannot sign any transactions.

Can you help us ?

Thanks,
Antonino

Please, convert if() throw to require()/assert()/revert()

The date/time of every transaction is missing, so there is no way to know when a transaction got executed.
Please add display of date/time to every transaction.

Looks like the hosted version certificate expired today. I assume the auto renewal did not kick in.

I'm trying out a very simple script through truffle to create a multisig wallet on a local testrpc net. However it always fails.

module.exports = async function (callback) {
let wallet = await MultiSigWalletWithDailyLimit.new([
    "0x8a20a13b75d0aefb995c0626f22df0d98031a4b6", "0x0f78e5aa80909501a0e393ec4e7e253d18f2c035"
    ], 2, 3000)

  console.log('MultisigWallet: ', wallet)
  console.log(`MultisigWallet address: ${wallet.address}`)
}

This is the error I always get:

(node:44792) UnhandledPromiseRejectionWarning: Error: VM Exception while processing transaction: revert
    at Object.InvalidResponse (/usr/local/lib/node_modules/truffle/build/cli.bundled.js:41484:16)
    at /usr/local/lib/node_modules/truffle/build/cli.bundled.js:329530:36
    at /usr/local/lib/node_modules/truffle/build/cli.bundled.js:325200:9
    at XMLHttpRequest.request.onreadystatechange (/usr/local/lib/node_modules/truffle/build/cli.bundled.js:328229:7)
    at XMLHttpRequestEventTarget.dispatchEvent (/usr/local/lib/node_modules/truffle/build/cli.bundled.js:176415:18)
    at XMLHttpRequest._setReadyState (/usr/local/lib/node_modules/truffle/build/cli.bundled.js:176705:12)
    at XMLHttpRequest._onHttpResponseEnd (/usr/local/lib/node_modules/truffle/build/cli.bundled.js:176860:12)
    at IncomingMessage.<anonymous> (/usr/local/lib/node_modules/truffle/build/cli.bundled.js:176820:24)
    at IncomingMessage.emit (events.js:164:20)
    at endReadableNT (_stream_readable.js:1062:12)
(node:44792) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:44792) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

However, the Multisig tests run without problem...
I'm not sure what I'm doing wrong...

I found that the latest Mac version of the wallet on gnosis website cannot detect ledger wallet, which is weird. The ledger wallet firmware is 1.3.1. In the earlier version, I can plug in my ledger and the gnosis wallet will automatically detect, but in the latest version, it doesn't work. The ledger wallet also didn't show "confirm address" either.

The method net_version does not exist/is not available
keep getting this error if I try to send a tx from ledger + local node

A relatively minor issue, but wanted to inform you. See the original report here:
ConsenSysMesh/MultiSigWallet#2 (comment)

Same item in this repository:

I'm trying to verify my contract created from the main net factory located at
https://etherscan.io/address/0x12ff9a987c648c5608b2c2a76f58de74a3bf1987

I tried with the version and the compiler of v0.4.15, v0.4.13, v0.4.11 and no optimization with no success.

Best,

It seems that your remove owner would allow removal of the sole owner which would leave any fund not accessible ?

Hi,

I created and deployed a multi-sig contract to the Rinkeby testnet using the web version of gnosis multisig wallet. The contract that was generated was: ( https://rinkeby.etherscan.io/address/0x5a357e26d5e49efe7a0865ce5ce571a274343b2e )

It has 2 users added to it -
0x17014E6C188315Da868Fbc380e144b6C77036B45 ( who published the contract )
0x7b43Ce9A150dAAD0f2639e7E585Da2f3712B0367 ( who is the 2nd user )

Now, I go to the interface and I am able to deposit ether into the contract.

However, when I login with rinkeby_1, and try to withdraw a transaction is sent.

But, nothing happens post that.

I login as rinkeby_2 but I don't see how / where I can approve the transaction ?

There were no daily limits set.

Please let me know how to withdraw funds.

Thanks.

Hi Team,

I am facing an issue, hopefully someone can help out.

I have built an API in node js that allows to create multisig wallet (3 owners, with 2 confirmations) using the MultiSig Wallet Factory Contract. I have been able to create two such MultiSig Wallet contracts.

Source: https://github.com/jjalan/multisig-api-demo/blob/develop/index.js
Endpoint: https://multisig-api.herokuapp.com/

Using this, I have been able to create two wallets as follows:

Wallet 1 ( Balance 5.5 ETH at the time of writing):
https://ropsten.etherscan.io/address/0xffbc9db586f5bbe3b132710f25fb067b63d403c7

Wallet 2:
https://ropsten.etherscan.io/address/0x3bae9e019f3866ca76c8f606a9be957d48d6af15

Both of the wallet has a common owner: 0x4054Db09C41e787cF5014A453f91c71418faB9AF. Now, I am trying to initiate a transfer from Wallet 1 to Wallet 2.

This API exposes a POST end point 'send' which can be invoked as follows:

curl -is -data {destination: '0x3bae9e019f3866ca76c8f606a9be957d48d6af15', amount: 1} -X POST https://multisig-api.herokuapp.com/wallet/0xffbc9db586f5bbe3b132710f25fb067b63d403c7/send

It returns a valid transaction hash as follows:
ex:
{"txHash":"0xd929693b63a9c6b97f958c4a3fc03a9f24628cf6eba429290cdbd104bfaf5b58","createdAt":1507209860875,"_id":"59d6328426ea3600129002fd"}
Transaction details:
https://ropsten.etherscan.io/tx/0xd929693b63a9c6b97f958c4a3fc03a9f24628cf6eba429290cdbd104bfaf5b58

However, in order to store the transaction id which MultiSigWallet Contract creates to transfer the money from Wallet 1 to Wallet 2, I am listening to Confirmation event on Wallet 1 contract instance (even tried listening on Wallet 2 contract instance) as mentioned here:
https://github.com/gnosis/MultiSigWallet/blob/master/contracts/MultiSigWallet.sol

But it is never fired even though the transaction is being mined successfully. The code where I am listening to event is Line 190.
https://github.com/jjalan/multisig-api-demo/blob/develop/index.js

Can someone please help on identifying the transaction that MultSig Wallet Contract fires whenever submitTransaction is called?

I'm testing mac os standalone version of the wallet if I can use it for business purpose.
I created the multisig 2-of-3 contract, tx:
https://etherscan.io/tx/0x062304b0c7b54466aa71ebd530b4567af6c54fa106849a52c213f9be7a56d0a3

The limit is 0. I can't update the limit. I sent two txs to change the limit:
https://etherscan.io/tx/0xfdf2bf470b5f0e853ef196b17c459c95946971938bf1cdef0edbe21ab66d36fb
https://etherscan.io/tx/0xd4bb9e439c1fa8e9740b0edf34c851eb7c6e435abdabfa7896adbac2b6054194
both of them succeeded but the limit is still 0.
Furthermore I have 0.12 ETH on the main acc. Seems like 0.1 is the minimum needed to manipulate the contracts because if I have less the message insufficient funds + gas appears.

Another question. Why the withdraw is not active? Is there any documentation for the wallet?

Leads to https://wallet.gnosis.pm/%7B%7BalertManagementPage%7D%7D , which doesn't work.

Hello,
I was trying to understand how MultiSigWallet.sol is working and have noticed that addOwner(address owner) function calls the submitTransaction(address destination, uint value, bytes data) function on this contract when you post transaction for signing, and into the data field passes a data (probably generated bytecode of addOwner(address owner) function), which will be deployed into the blockchain when transaction will be confirmed and executed. Then I deployed the same contract, but for addOwner(address owner) function I had removed onlyWallet() modifier and calling the addOwner(address owner) function at this time (when I was posting a transaction for signing) showed me that I'm going to execute addOwner(address owner) function on this new smart contract in contradistinction to submitTransaction(address destination, uint value, bytes data) for previous one.
So, the question is : how does this modifier affects on function calling process and "calls" the submitTransaction(address destination, uint value, bytes data)?

Looks like Deposit event do no track ERC20 token deposits, normally such transactions use 0 ether

Also, i want able to create a transaction which send a ERC20 transfer() as data
It is possible to transfer tokens with this contract?

Any owner can change the name of another owner, and the change will be immediately reflected in the UI, even without sufficient confirmations. See:

2 confirmations are required

Even revocation of the name update, leaves the name in the UI. Only thing that resets it is attempting to replace the owner (Resets back to Owner N, or of course updating the name again.

I deployed the version of the wallet without a daily limit, and the interface will not let me withdraw. It assumes the limit is 0, and that there is 0 limit left.

If I use the console and just remove the disabled from the withdraw button, it works perfectly. I'm not into Angular, so I have no idea where to tweak this behaviour. There also does not seem to be a setting.

Any idea's because while I have a functional workaround, it is not that smooth :)

Is it possible to add or remove owners? When I am trying to submit a transaction with pre-crafted data to add a user, It runs out of gas (during the execution part). It sents 0 gas for some reason(As I checked in the parity trace on etherscan.io) I am testing this on Ropsten, and I could not find any way to add/remove owners in the gnosis web app as well. It looks like it has been built into the contract but is not possible to use. Am I missing something? Thanks.

I have a Gnosis wallet on Ropsten, that has 3 parties required to confirm, however, when withdrawing, it appears 1 party can withdraw (up to daily limit), without the consent/confirmation of the 2 parties.

Is this as designed, or is there a bug?

Exported a key from MEW (because creating internal keys doesn't allow export - See issue #20) Key imports correctly but any transactions fail at the password entry box stage. The correct password fails. Test password was: password123 (very original I know!)

Tested importing the same key to MEW and transactions were successful using the same password.

(Tests were using Ropsten)

I am trying to use this for company funds. Everything seems to be working fine until I submitted a withdraw with default recommended gas settings.

The transaction has been pending for more than 16 hours.

My question is, should I use the default recommended gas setting? If not, how to set the gas.

https://etherscan.io/tx/0xdda2d9ff1b1dd1c7cab2e5c4a3386a9fc945f5c13fde5e39324a4483adeae408

Thank you.

I avoid having truffle binary installed globally and I'm dissappointed to see that it's not included in package.json
https://github.com/gnosis/MultiSigWallet/blob/truffle/package.json

because with latest truffle is not compilable.

            Transaction tx = transactions[transactionId];
            ^------------^
,/Users/rstorm/repos/MultiSigWallet/contracts/MultiSigWalletWithDailyLimit.sol:53:9: Warning: This declaration shadows a builtin symbol.
        Transaction tx = transactions[transactionId];
        ^------------^
,/Users/rstorm/repos/MultiSigWallet/contracts/MultiSigWallet.sol:241:13: Warning: Variable is declared as a storage pointer. Use an explicit "storage" keyword to silence this warning.
            Transaction tx = transactions[transactionId];
            ^------------^
,/Users/rstorm/repos/MultiSigWallet/contracts/MultiSigWalletWithDailyLimit.sol:53:9: Warning: Variable is declared as a storage pointer. Use an explicit "storage" keyword to silence this warning.
        Transaction tx = transactions[transactionId];
        ^------------^
Compiliation failed. See above.

./node_modules/.bin/truffle version
Truffle v3.4.9 (core: 3.4.8)
Solidity v0.4.15 (solc-js)

I deleted an account but when I tried to re-add it the wallet told me I couldn't as the account was already there. I noticed the account WAS in a wallet, but it wasn't in the list of accounts.

Any way to fix this ?

It seems that the wallet UI enables withdrawing some ether amount, only if my chosen contract is the extended multisig wallet with daily limit (as MultiSigWalletWithDailyLimit.sol).
We perfer not to use that - because this contract allows any owner to withdraw, and we want to keep this possibility with the same "m out of n" signatures constraint just as any other outgoing transaction.

Currently, my only option to withdraw ether when using the minimal MultiSigWallet contract (without the daily limits) - is to send multi-sig transaction to "submitTransaction" and to send some ETH amount with it.
So, it would be best to have another withdraw button which abstracts away this requirement.

Affected version:

• standalone multisigweb on linux
• testing done offline with "LightWallet" settings

Steps to reproduce:

• create two wallets (not sure if one is sufficient)
• change gasPrice in Settings tab
• click UpdateSettings

Expected behavior:

• a Confirm Offline transaction for a wallet should have the gasPrice from settings applied

Experienced behavior:

• a Confirm Offline transaction for a wallet uses the gasPrice from before the change
• after restarting multisigweb, the new gasPrice is in effect

Very simple and straight-forward feature: copy the account address.
It seems that currently, there's no easy way to do it.

Deploying a new multi-signature wallet with 4 accounts as owners, the deploying account has ethereum balance, 6 confirmations required, and 10000 daily withdrawal limit using Windows Gnosis multi-sig wallet.

After clicking "Deploy with factory", a pop-up for password to confirm transaction comes up. After entering the password for the first owner (main account) deploying the contract, it says invalid password. Uploading the keystore to MEW and entering the password decrypts successfully, as does importing the account again to Gnosis Windows desktop (accepts the keystore and password and then errors [properly] that the account is already imported).

Is the desktop app malfunctioning? Or is a different password expected to confirm the transaction? If so, what password is the app expecting?

I wasn't exactly sure where to post this. Thank you.

because testrpc moved, tests fail on travis.

however - the problem is avoided if you don't install global dependencies. in general, global npm installs are a pretty bad idea for tests, test dependencies should be in devDependencies in package.json - and indeed, they are there too! i have made a fix to .travis.yml and verified it works, PR coming.

With the linux desktop version if you start it up in offline mode, you are not able to select an account.
Connecting it to the internet allows for account selection(the blue tinted dropdown of accounts), which remains once you disconnect, however on a machine that is air gapped, you are unable to ever select an account to sign with since you never are connected.

I can't get it to load any more... :-( in chrome this is all I get:

In Brave, i can see the first screen... but i cant see the wallet's information:

Similar to
openethereum/parity-ethereum#3541

Hi guys.

I really like your UI. Great job!

I just have one small comment on something that could be improved a bit: I have several times now forgotten to press "add" on the last address that I provide when creating a new wallet. It's probably a mixture of me not focusing and no warning about this. I do however think that this can be fixed easily if you check if there are addresses provided that aren't added before deploying the contract and providing feedback to the user about this.

Feel free to take of leave this advise, but I know that I would appreciate this a lot instead of having to create a proposal for adding a new owner to the wallet afterwards :D

Once again, thank you for your nice work!

my contract has one function setTransferable(bool _transferable), when send a multisig transaction to call the function with false argument(the variable of transferable is true before calling the function), the result is not expected. The variable of transferable is still true. when I see the transaction in etherscan, I found the argument passed is not false but true. So, I think the function that getting data from input box works wrong, it doesn't parse the false .

I am currently using this contract in a UI project and I am making use of the contract build build/contracts/MultiSigWalet.json for the bytecode and ABI (which I am using to deploy in the UI).

Unfortunately, right now this repo ignores the build folder, so it's not available via github (or through NPM?).

Would it be reasonable to consider committing the truffle build folder and publishing it to NPM, so other projects can directly import the build file (so they can access the bytecode and ABI)? Otherwise, I'll need maintain a mirror and rebuild these files it each time you update.

Hi! I love the wallet so far, and forked it after seeing it highly praised by the community. I've run into a problem, though: Running the test script with npm test on Windows 10 (git bash) gives the following error:

events.js:160
      throw er; // Unhandled 'error' event
      ^

Error: spawn testrpc ENOENT
    at exports._errnoException (util.js:1018:11)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:193:32)
    at onErrorNT (internal/child_process.js:367:16)
    at _combinedTickCallback (internal/process/next_tick.js:80:11)
    at process._tickCallback (internal/process/next_tick.js:104:9)
    at Module.runMain (module.js:606:11)
    at run (bootstrap_node.js:393:7)
    at startup (bootstrap_node.js:150:9)
    at bootstrap_node.js:508:3
events.js:160
      throw er; // Unhandled 'error' event
      ^

Error: spawn testrpc ENOENT
    at exports._errnoException (util.js:1018:11)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:193:32)
    at onErrorNT (internal/child_process.js:367:16)
    at _combinedTickCallback (internal/process/next_tick.js:80:11)
    at process._tickCallback (internal/process/next_tick.js:104:9)
    at Module.runMain (module.js:606:11)
    at run (bootstrap_node.js:393:7)
    at startup (bootstrap_node.js:150:9)
    at bootstrap_node.js:508:3
events.js:160
      throw er; // Unhandled 'error' event
      ^

Error: spawn testrpc ENOENT
    at exports._errnoException (util.js:1018:11)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:193:32)
    at onErrorNT (internal/child_process.js:367:16)
    at _combinedTickCallback (internal/process/next_tick.js:80:11)
    at process._tickCallback (internal/process/next_tick.js:104:9)
    at Module.runMain (module.js:606:11)
    at run (bootstrap_node.js:393:7)
    at startup (bootstrap_node.js:150:9)
    at bootstrap_node.js:508:3
npm ERR! Test failed.  See above for more details.

I have set up a test wallet on Kovan that requires 2 confirmations. As soon as i send the transaction, it never asks any other account for confirmation and just sends the eth. Am i missing something here?

The confirmation per transaction index makes the wallet vulnerable to chain reorg (i.e., when block becomes orphan).
The following scenario illustrates the problem:

1. Bob and Alice makes 2-out-of-2 multisig.
2. Bob submit a transaction to pay 1 eth as a donation to children hospital.
3. Alice see the transaction on etherscan/gnosis UI and confirms it (without waiting for 6 blocks confirmation).
4. Bob mines a longer chain where item 2 never happened, and instead in item he submit a payment for 100 eth to himself.
5. Bob resubmit Alice confirmation and run away with the 100 eth.

IMO, you should warn users to wait for 6 (or whatever) blocks before confirming a transaction.
As these days it is almost amount to 3 minutes, I doubt anyone is doing it.

multisigweb on ubuntu (but also on Mac I suspect) seems to completely ignore gas settings. This results in expensive transactions, especially when the transaction fails (I paid $41 for a failed transaction)

Settings:

Results on actual transaction:

gasPrice does seem to vary sometimes but the limit is always around 6M

This issue appears similar to #23 but I use LederWallet and restarting has no effect.

The support for the nano s is quite nice, any plans on integrations with trezor?

Hi, I view the contract and find out that the removeOwner and addOwner action is not a majority, but the wallet owner can decide which address to add and remove. That means if someone is the wallet owner, who can remove all other owners, then execute any transactions.

Is that correct? or I misunderstood that?

I think a better idea is that the addOwner and removeOwner function should use the majority system or even need everyone's agreement, then if the wallet owner is compromised, the whole wallet is still temporarily safe.

I noticed an issue in function getTransactionIds of the MultiSigWallet contract: if the from argument is greater than the to argument the subtraction on line 366 will overflow, creating a very large array. Independently, this would also result in the subsequent loop not terminating for a very long time.

I would suggest that you add more parameter validation at the beginning of the method body to prevent this (e.g., require(from <= to) or require(from < to) depending on the intended semantics).

It would be helpful if the web wallet https://wallet-website.gnosis.pm states (and links to) the version of the contract that it uses for each wallet/s.

it is a bit strange to call nvm install stable and nvm use stable in travis.yml

shouldn't that be defined by the node_js: section?

dist: trusty
language: node_js
node_js:
  - "iojs"
  - "7"
sudo: required
before_install:
  - sudo apt-get update && sudo apt-get install -y libusb-1.0-0-dev
  - . $HOME/.nvm/nvm.sh
  - nvm install stable
  - nvm use stable
  - export CHROME_BIN=chromium-browser
  - export DISPLAY=:99.0
  - sh -e /etc/init.d/xvfb start  
install: npm install && cd dapp && npm install && cd ..
script:
- npm run test-dapp
- npm run test

Hi there,

Not sure if this wallet code is still a viable option but i'm trying to use it as a basis of my multisigwallet and i'm getting a few errors while trying to test the code in mist.
i'm using the code as found on - https://github.com/gnosis/MultiSigWallet/blob/master/contracts/MultiSigWallet.sol

After updating the pragma and all the instances of "throw" to "revert()" the following error when tryingto compile the MultiSigWallet.sol file in mist is.

This declaration shadows a builtin symbol.
Transaction tx = transactions[transactionId];
^------------^
,

This references line 241.

thanks in advance for your feedback.

Hello guys,

Very impressed by your job here!

Just install your multisgWallet dapp on windows and I had an issue.
I fixed it on my side but I think it would be interesting to share it for the future windows users.
If you get "'.' is not recognize as an internal or external command" -screenshot- during the postinstall just change in the dapp/package.json the line :
"postinstall": "./node_modules/bower/bin/bower install && ./node_modules/grunt/bin/grunt ngtemplates",
by
"postinstall": "node ./node_modules/bower/bin/bower install && node ./node_modules/grunt/bin/grunt ngtemplates",

Cheers,

Exporting a key stays stuck in Executing on OSX. It can be cancelled but the key can never export.

EDIT: Bug also exists on Windows.

Now withdraw has no gasprice interface. . .

Further to my previous report.
The fact that executeTransaction is callable by anyone gives rise to real attacks.
Consider this scenario:

1. An ICO contract where admin can pause and resume sale.
2. Admin is a 1-out-of-2 multisig. I.e., there are 2 admins. Each can pause and resume sale.
3. When calling pause the function throws if already in pause mode.

Potential attack I:

1. ICO must be paused and both admins call the pause function. (Second call fails).
2. Admin fixes some things in the ICO and resumes it.
3. Malicious attacker calls executeTransaction for the second call. As a result, the ICO is paused.

Potential attack II:
ICO with different prices and a cap for every price.
User participates in an ICO with price 7, but exceeds cap and tx fails.
After 1 day, a new cap for price 8 is allocated.
User tx can be replayed and force him to buy with higher price.
In theory, this could happen even before user had the chance to revoke his tx.