What Are Multisig Wallets?
Readers considering multi-signature wallets will find it helpful to study their advantages and disadvantages
Artwork by Crystal Le
A multi-signature wallet is one of the advanced security tools available to cryptocurrency users. Yet, many investors do not use them because they do not understand how multi-signature, or multisig, wallets work.
There is also a false narrative that multi-signature wallets eliminate all security risks associated with holding cryptocurrency. Although multisig wallets provide remarkable security, some high-profile breaches, such as Ronin Network’s $625 million hack, have come from compromised multisig wallets, where the private keys were stored improperly.
Read on to learn what a multisig wallet is and why they are considered a must-have for storing digital assets in a corporate setup, as well as the available types of multisig wallets and the advantages and disadvantages of adopting these solutions.
What is a multi-signature wallet?
A multi-signature wallet is a cryptocurrency wallet that requires multiple signatures — instead of just one — to execute each transaction. The signatures are associated with different cryptographic private keys, while a defined threshold of keys must sign a transaction to validate it.
The workflow of a multisig wallet is the same irrespective of the number of signers. Any parties to a multisig wallet can initiate a transaction signed with their private key. However, the transaction is displayed as pending until other parties sign it.
Multisig wallets may implement an N-of-N setup where all signatories must validate a transaction before. The similar example is a 2-of-2 method where two parties must validate a transaction for it to be considered valid.
Alternatively, an N-of-M setting requires a specific subset of signers to approve a transaction. Using a 3-of-4 wallet as an example, three out of four signers must validate the transaction for it to be executed.
In either case, it is essential to distribute multisig private key access among distinct entities. A multisig setup where a single entity holds multiple private keys and stores them in a single location is essentially the same as a single-key wallet. The ideal scenario is giving access to entities in a way that a single security breach does not lead to the loss of two or more keys.
Many blockchains integrate functionality that enables users to implement multi-signature wallets. Cryptocurrency exchanges and custodians also implement multisig wallets and store associated private keys in diverse locations to protect client assets.
Why use a multisig wallet?
When used properly, a multisig wallet offers extra security by eliminating the single point of failure risk associated with having one private key. It makes it difficult for hackers to steal funds from a wallet, because they must have the different keys to complete any action.
A multisig feature is especially desirable in a corporate or organizational structure. For instance, a decentralized autonomous organization (DAO) may distribute its multisig wallet key access among distinct ecosystem projects actively contributing to its development. These members must approve new smart contract upgrades or fund transfers for purposes approved by the DAO. Keyholders must be selected carefully, mindful of the possibility of collusion.
Some security-conscious investors may choose to adopt a multisig wallet as an extra layer of security to cold wallets. Such implementation means that users must complete several steps to authorize transfers and may choose to extend responsibility to a trusted third party, such as a family member or an attorney.
Types of multi-signature wallets
- 1-of-2 signatures: A 1-of-2 setup is one of the most basic forms of multisig storage. The user binds two private keys to a single wallet, allowing anyone holding either key to approve transactions. This setup is ideal for a small business where either of two founders can transfer funds and trust is established through contractual and personal relations. A 1-of-2 setup is also a useful personal backup solution, as users can recover funds even if they lose one private key.
- 2-of-3 signatures: This multisig wallet requires two out of three registered signers to complete a transaction. It is useful for escrow transactions and also implemented by cryptocurrency custodians as an additional security measure. In the latter use case, the company may hold two of the keys with one securely stored offline and the other held online to make the signing process easier. The third key is delegated to a trusted blockchain security company, which may be required if the crypto custodian loses one of its keys.
- 3-of-5 signatures: This is a more robust multisig setup that requires three out of five signatures to validate transactions. It is useful for a corporate structure where several decision makers must approve transfers. As long as over 50% of the parties consent to the decision, then they can approve fund transfers. As with other forms of multi-signature setups, delegating signatures to entities in diverse geographical locations could improve security.
- Hosted vs. unhosted: A hosted multisig wallet is one created with a third-party platform such as Coinbase Custody or BitGo. These entities secure cryptocurrencies using institutional-grade solutions, while giving clients access to multi-signature functionality. Thus, clients register approved signatories and define signature thresholds for fund transfers. An unhosted multisig wallet (also known as self-hosted wallet, or simply a wallet) is one where the individual or organization holds the private keys, instead of using a trusted third-party. The setup process for unhosted wallets is usually more complex as users require security-optimized infrastructure and best practices. However, the user enjoys greater convenience and eliminates the counterparty risk associated with third-parties.
Advantages of multisig wallets
Multi-signature wallets offer several unique benefits to users. They also serve specific use cases that are generally considered out of reach for single-key wallets.
Multisig wallets are synonymous with increased security and peace of mind. This is especially important given the growing security concerns in the cryptocurrency space and the irreversibility of blockchain transactions. With a multisig wallet, users can rest assured that the odds of a hacker acquiring all associated private keys are low.
A multisig wallet also provides a backup option. As long as the setup does not require all signatures to validate transactions, users can easily recover their wallets if one or more private keys goes missing. New signatures can also be added to further distribute ownership and improve security.
Multi-signature wallets are ideal for escrowed transactions. They guarantee that each party will fulfill their obligations once the agreed terms are met. Using the example of a 2-of-3 multisig, the buyer could deposit funds in a wallet with a promise to release the funds to the seller as soon as the purchased goods are received and deemed satisfactory.
The seller also holds a key alongside a trusted third party used as the final signatory to the multisig contract. Both buyer and seller could sign to confirm the trade as soon as the conditions are met. However, the third party could release the funds to either buyer or seller if the other party breaches the contract terms.
Two-factor authentication (2FA)
Multi-signature wallets provide a form of two-factor authentication (2FA) because eligible signers must validate any pending transaction before approval. Users can easily halt any malicious actor that gains unauthorized access to an associated key and revoke their access. This security feature is further strengthened by keeping the private keys in multiple locations or with different individuals.
Cooperation between multiple parties
A multisig wallet is perfect for an organizational setup where two or more parties must consent to make business decisions. This is especially helpful in an era where an increasing number of strangers meet online to pursue common objectives, such as a DAO.
A multisig wallet checkmates power abuse, gives parties a sense of responsibility and ensures no one can transfer funds without requisite approval. This feature also doubles as voting rights, because signing a transaction represents approval of the business decision.
Disadvantages of multisig wallets
The security provided by multisig wallets come at the cost of convenience. This trade-off makes multisig wallets less ideal for certain scenarios.
Users give up speed for security when they choose to use a multisig wallet. It could take anywhere from a few hours to days to execute a transaction from a multisig wallet, with factors such as the number of signatories and geographical boundaries limiting their usage. These limitations make multisig wallets less convenient for emergencies or routine payments.
Users require more than basic security knowledge and practices to adopt multisig wallets. The setup process may require consulting a third-party wallet provider, installing specific software, or purchasing dedicated equipment such as multiple hardware wallets and safe boxes. These requirements are relatively complex for the average crypto investor and are one of the key factors impeding the adoption of multi-signature wallets.
Fund recovery and custodian
Compared to single-key storage, it takes considerably longer and requires more coordination to recover funds stored in a multisig wallet. Further, N-of-N setups fail to provide a backup or recovery solution for rare situations where one of the signers is unavailable.
Meanwhile, entities that choose the relatively easier multisig wallet hosted with a third-party custodian expose themselves to counterparty risk. A security breach at the third-party custodian could have far reaching consequences.
Should I use multisig?
Multi-signature wallets are an excellent way to protect your digital assets. However, they are not perfect. You should only use a multisig wallet if you understand cryptocurrencies and consider yourself knowledgeable with advanced operations security (OpSec). That said, multisig users enjoy a greater sense of security and immunity from most basic risks associated with storing cryptocurrencies.
Multisignature wallets: A secure standard for crypto storage
A multisig wallet eliminates the single-point of failure risk faced by most cryptocurrency investors. Both individual and corporate investors can adopt different multisig setups depending on their specific needs.
Readers considering multi-signature wallets will find it helpful to study their advantages and disadvantages. That way, they can make research-driven decisions on the best options to provide the highest level of security for their digital assets.
Don’t miss the next big story – join our free daily newsletter.