Since our earliest days on AlphaBay we have offered multisig: a few weeks ago somebody finally made a multisig order for a 10-strip of Cialis. Alas, he let the order autofinalize -- and so we were given a "market private key," a multisig address beginning in "3" and the vendor, buyer and market public keys used to generate that address. Conspicuously missing was the redeem script.
The Grand Wizard sent a note via AlphaBay support asking about this: in the meantime one of our cabana boys consulted Tech Support Guy Google to see if he could dig up any other information and came up with this gem from DeepDotWeb:
We don't provide help in cashing out the multisig address. You have 2 private keys out of 3, so you are supposed to know the rest. If you lose your private key, it's too bad.
Well, all righty then.
After a bit more research, the Grand Wizard was able to recreate the multisig address using Bitcoin XT:
createmultisig 2 [key1, key2, key3]
This generated the same multisig address and, hence, the same redeem script. From there the Grand Wizard went to coinb.in, created a new transaction which moved the funds in question out of that multisig address into the Grand Wizard's Vaults, signed the redeem script using the GWL AB Private Key and the AlphaBay market private key, and collected the funds.
And all that could have been avoided if AB had simply provided the signed redeem script like every other 2-of-3 multisig implementation we've ever used.
Oh, in the meantime our support ticket was answered:
Message sent by BigMuscles (Moderator) on February 15, 2016 at 16:02:
You must wait few time all processing withdraw transactions will be finalized
The Grand Wizard is resisting the temptation to reply "How is multisigg withdrawn? How Wiz get paid?"
When I picture Alpha Bay support responding to tickets.. http://imgur.com/VzbV2Zi