My expectation is that the hacker might still be able to steal coins, even without the 4th seed, because having 2 seeds is sufficient to sign transactions. They could, in theory, brute force or search the blockchain to identify wallet-related addresses and initiate transactions.
Am I missing any critical considerations here about the security of multi-signature wallets in this case?
More information about P2SH or P2WSH should help.
Some Pointers:
- Each of your MultiSig address are just the hash of your redeem script (witness script for SegWit).
- The Unspent Transaction Outputs (UTXO) from your "receive transactions" only contain that hash.
- Your "Redeem Script" that contains all the cosigners' public keys (four in your case) is required to spend your UTXOs along with the signatures.
The hash of the provided redeem script should match the hash in the to-be-spent UTXO when being verified by Bitcoin nodes to be accepted/relayed/mined. - Given that hash is nearly impossible to reverse to get the redeem script,
the only way to get the missing fourth pubKey is to search it from your "send transactions" since your "receive transactions" don't have the redeem script.
Why does he have to know the address in that case, can't he just brute force and test all the transactions in the mempool, or is that impossible?
He can do that, it's not impossible and certainly doable with the right software and hardware.
He'll just need to search for P2[W]SH inputs containing a combination of the three derived pubkeys (
of the same index) from the three available extended public keys.